Re: [webauthn] Choosing An Attestation Statement Format? (#1659) from Shane Weeden via GitHub on 2021-08-06 (public-webauthn@w3.org from August 2021)

From: Shane Weeden via GitHub <sysbot+gh@w3.org>
Date: Fri, 06 Aug 2021 06:37:51 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-894038377-1628231869-sysbot+gh@w3.org>

To answer your question, there is not. 

In practical use, the RP doesn't get to decide and every authenticator I've seen supports just one type for mainstream WebAuthn use (e.g. packed-basic). Regarding the example you used, I've only ever seen fido-u2f attestations when using authenticators or clients that don't support CTAP2. 

Do you have a specific use case where you think an individual authenticator *should* support more than one attestation statement format? 

-- 
GitHub Notification of comment by sbweeden
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1659#issuecomment-894038377 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Friday, 6 August 2021 06:37:53 UTC