W3C home > Mailing lists > Public > public-webauthn@w3.org > July 2020

Re: [webauthn] Provide the public key in `AuthenticatorAttestationResponse` (#1363)

From: Craig Francis via GitHub <sysbot+gh@w3.org>
Date: Mon, 20 Jul 2020 11:59:09 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-660983330-1595246348-sysbot+gh@w3.org>
@agl Thanks for adding these methods to the spec and Chrome Canary.

The JS to [create](https://github.com/craigfrancis/webauthn-tidy/blob/main/new/js/create.js?ts=4) and [get](https://github.com/craigfrancis/webauthn-tidy/blob/main/new/js/check.js?ts=4) is considerably easier now (well, they will be when available everywhere, or I get the time to create a polyfill).

The only minor annoyance is creating uint8array, and parsing array buffers, so they can be JSON friendly; but I don't think that's something that can be easily changed.

As to the choice of DER Encoding, I think you're right, it's much better than PEM, as that's just adding on an extra layer, which isn't too difficult if you're using `openssl_pkey_get_public()` in PHP:

    $pem  = '-----BEGIN PUBLIC KEY-----' . "\n";
    $pem .= wordwrap($der, 64, "\n", true) . "\n";
    $pem .= '-----END PUBLIC KEY-----';

GitHub Notification of comment by craigfrancis
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1363#issuecomment-660983330 using your GitHub account
Received on Monday, 20 July 2020 11:59:11 UTC

This archive was generated by hypermail 2.4.0 : Monday, 20 July 2020 11:59:12 UTC