- From: Firstyear via GitHub <sysbot+gh@w3.org>
- Date: Wed, 31 Mar 2021 22:47:14 +0000
- To: public-webauthn@w3.org
If anything the language around counter handling could be tightened up. For example > This is a signal that the authenticator may be cloned, i.e. at least two copies of the credential private key may exist and are being used in parallel. Relying Parties should incorporate this information into their risk scoring. Whether the Relying Party updates storedSignCount in this case, or not, or fails the authentication ceremony or not, is Relying Party-specific. Here, the risk is that people may store the sign count in the situation it has stepped backwards. The greater risk is that when signCount < storedSignCount, if the signCount was tampered with and set to 0, and the RP then persisted that then there is a risk that counter may not be checked again in the future. I think if anything, the language in this section could be improved to state that it is *not* recommended to store a sign count when it goes backwards. But the signCount is a useful check. -- GitHub Notification of comment by Firstyear Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1590#issuecomment-811514969 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Wednesday, 31 March 2021 22:47:15 UTC