W3C home > Mailing lists > Public > public-webauthn@w3.org > June 2020

[webauthn] new commits pushed by agl

From: Adam Langley via GitHub <sysbot+gh@w3.org>
Date: Wed, 03 Jun 2020 19:14:45 +0000
To: public-webauthn@w3.org
Message-ID: <push-b463fc898a36d28b26b0d469352946e0fea21024-1591211684-sysbot+gh@w3.org>

The following commits were just pushed by agl to https://github.com/w3c/webauthn:

* Specify more about COSE algorithms.

[COSEAlgorithmIdentifiers](https://w3c.github.io/webauthn/#typedefdef-cosealgorithmidentifier) aren't very specific.

JOSE [defines](https://www.iana.org/assignments/jose/jose.xhtml#web-signature-encryption-algorithms) an algorithm called “ES256” as “ECDSA using P-256 and SHA-256” — which is fine. COSE [also defines](https://www.iana.org/assignments/cose/cose.xhtml#algorithms) an algorithm called “ES256”, except that the COSE version isn't specific to any curve! It's just ECDSA with SHA-256 hashing. COSE only [says](https://tools.ietf.org/html/rfc8152#section-8.1) that “in order to promote interoperability, it is suggested that SHA-256 be used only with curve P-256”. Technically, an authenticator could return a public key over some other curve, although I bet it breaks lots of RPs.

Similarly, COSE defines an algorithm for “EdDSA”, which is commonly interpreted to mean EdDSA with Ed25519. But, technically, it could also mean EdDSA with the much rarer X448.

I think people thought that they were getting JOSE-style precise algorithms with a COSE algorithm identifier, but that's not true. Thus this change nails down some standard assumptions that are (I believe) currently true in all cases anyway.

(See also fido-alliance/fido-2-specs#862.)
  by Adam Langley

* Spelling fix.

Co-authored-by: =JeffH <jdhodges@google.com>
  by Adam Langley

* Merge pull request #1420 from agl/cosealg

Specify more about COSE algorithms.
  by Adam Langley
Received on Wednesday, 3 June 2020 19:14:49 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:40 UTC