Re: [webauthn] Unclear whether compressed curve points need to be supported by RPs (#1447) from Arian van Putten via GitHub on 2020-07-01 (public-webauthn@w3.org from July 2020)

From: Arian van Putten via GitHub <sysbot+gh@w3.org>
Date: Wed, 01 Jul 2020 19:32:28 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-652606812-1593631947-sysbot+gh@w3.org>

Lets also add language that you need to **explicitly validate** any public key to make sure it's on the curve to stop invalid curve attacks

-- 
GitHub Notification of comment by arianvp
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1447#issuecomment-652606812 using your GitHub account

Received on Wednesday, 1 July 2020 19:32:30 UTC