Re: [webauthn] Mechanism for encoding *direction* metadata may need more work (#1644)

A unique encoding should be expected here since the context is quite bespoke: a single binary field, stored on limited external hardware that can truncate the string at an arbitrary byte boundary >= 64 bytes.

The reason for putting the RLM/LRM at the end is to a) clearly mark them as not part of the original string and b) to provide truncation indication as noted in https://github.com/w3c/webauthn/issues/1645

I said on the call of 2021-07-14 that I would revert the changes to this section but, having review the issues filed, I no longer think that's the correct direction (no pun intended). I don't see clear alternatives presented that conform with the limitations of the context. It's completely understood that it would be nice to have separate fields for this metadata, but that's not the reality that we're faced with. There are millions of security keys out in the world that don't work that way.

Some of the filed issues note non-breaking screwups in the description that should be fixed. But I don't yet see a better idea for the overall structure of encoding this information.

-- 
GitHub Notification of comment by agl
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1644#issuecomment-882913473 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Monday, 19 July 2021 22:56:04 UTC