W3C home > Mailing lists > Public > public-webauthn@w3.org > July 2020

Re: [webauthn] Unclear whether compressed curve points need to be supported by RPs (#1447)

From: Arian van Putten via GitHub <sysbot+gh@w3.org>
Date: Wed, 01 Jul 2020 19:32:28 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-652606812-1593631947-sysbot+gh@w3.org> 
Lets also add language that you need to **explicitly validate** any public key to make sure it's on the curve to stop invalid curve attacks

-- 
GitHub Notification of comment by arianvp
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1447#issuecomment-652606812 using your GitHub account
Received on Wednesday, 1 July 2020 19:32:30 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:41 UTC