Re: [webauthn] define "self-signed basic attestation type" (#1498) from Arshad Noor on 2020-10-15 (public-webauthn@w3.org from October 2020)

From: Arshad Noor <arshad.noor@strongkey.com>
Date: Wed, 14 Oct 2020 18:08:14 -0700
To: public-webauthn@w3.org
Message-ID: <3cdb687a-2d59-f59f-05f6-332c72fb4237@strongkey.com>

Not sure I understand the benefit of the 2 suggestions, Jeff:

(1) The need to highlight that the Attestation Certificate (AC) is a 
self-signed one (as opposed to one with a certificate-chain). Anyone 
doing  PKIX validation on the AC will realize this is a self-signed 
certificate, so calling it out is not going to add any benefit to the RP 
- or at least I don't see it;

(2) Comparing the AC retrieved from the registration process to the AC 
downloaded from the MDS is superfluous. If the RP has determined the 
AAGUID from the Attestation Object, assuming they trust the MDS, they 
can simply use the AC from the MDS to verify the signature in the 
attestation. If they don't trust the MDS, then they need to trust their 
out-of-band validation processes for that brand of Authenticator. If 
they're not doing that either, then I'm not sure what benefit the 
attestation gives them.

Arshad Noor
StrongKey

On 10/14/20 4:57 PM, =JeffH via GitHub wrote:
> equalsJeffH has just created a new issue for 
> https://github.com/w3c/webauthn:
> 
> == define "self-signed basic attestation type" ==
> some authenticators in the wild return, on registration, an attestation 
> certificate that is signed by the private key associated with the public 
> key in the cert, thus there is no certificate chain. The attestation 
> certificate is _essentially_ the "(CA) root certificate".  Verifying 
> such a certificate can be accomplished by, e.g.: ```
> $ cd /some-directory    # where the cert files reside...
> $ openssl verify -CAfile ./self-signed-cert.pem -CApath /some-directory 
> ./self-signed-cert.pem
> ./self-signed-cert.pem: OK
> ```
> ...though the value of verifying the signature is debatable.  If the RP 
> has obtained the putative "root certificate" via out-of-band means 
> (e.g., via the FIDO Alliance Metadata Service), they can also "verfiy" 
> the returned attestation cert against the putative "root certificate" by 
> a simple byte-by-byte comparison (once the certificates are both 
> represented in the same format, e.g., DER or PEM).
> 
> This key pair is used only for attestation (unlike the present 
> "self-attestation" attstn type, where the user's per-RP key pair is used 
> to construct a one-off per-RP attestation cert) and thus the same 
> attestation cert is returned to all RPs. Thus we ought to define a new 
> attestation type for this.
> 
> Since this is fairly similar to Basic Attestation, I suggest:  
> "Self-signed Basic Attestation"
> 
> Please view or discuss this issue at 
> https://github.com/w3c/webauthn/issues/1498 using your GitHub account
> 
>

Received on Thursday, 15 October 2020 01:08:30 UTC