Re: [webauthn] PublicKeyCredentialParameters can't select curve (E.g. ed448) (#1446)

We punted this to level three (i.e. a future version):

The history is that JOSE started out fully specifying signature algorithms (i.e. JOSE defines ES256 as “ECDSA using P-256 and SHA-256”). On the assumption that COSE is just JOSE with CBOR, the underlying protocol between the client and security keys only expressed a preference list of COSE algorithm identifiers.

However, as noted, COSE subtly changed the meaning of ES256 to let the curve be an independent degree of freedom. (And JOSE has started doing that too for new algorithm registrations.)

We also have the reality that ECDSA with P-256 and SHA-256 dominates the WebAuthn ecosystem and any authenticator that tried to be technically correct and return an ES256 key that used a curve other than P-256 simply isn't going to function with most sites. Thus we've nailed down ES* to mean the obvious thing. I don't think there's sufficient utility in mismatching hash functions and curves to worry about that.

Ed25519 is newer but, as far as anyone in the group knows, all authenticators that support -8 always use Ed25519. On the server side, Ed25519 is more common than Ed448 and, if we didn't nail it down, we would just have the same problem: use of X448 wouldn't, practically speaking, work because sites would specify -8 but only accept Ed25519.

We could either define a different COSEAlgorithmIdentifier for X448 (which wouldn't need a WebAuthn change) or, as you suggest, support more fields in the parameters. But, since clients have to translate the parameters into the underlying security key protocol, that needs changes to that protocol too. It, too, is currently feature frozen for the next version.

Hopefully that explains why we punted this for now.

-- 
GitHub Notification of comment by agl
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1446#issuecomment-653078859 using your GitHub account

Received on Thursday, 2 July 2020 15:37:23 UTC