W3C home > Mailing lists > Public > public-webauthn@w3.org > March 2021

Re: [webauthn] Make signature counters a MAY ? (#1590)

From: Firstyear via GitHub <sysbot+gh@w3.org>
Date: Wed, 31 Mar 2021 22:47:14 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-811514969-1617230833-sysbot+gh@w3.org>
If anything the language around counter handling could be tightened up. For example 

> This is a signal that the authenticator may be cloned, i.e. at least two copies of the credential private key may exist and are being used in parallel. Relying Parties should incorporate this information into their risk scoring. Whether the Relying Party updates storedSignCount in this case, or not, or fails the authentication ceremony or not, is Relying Party-specific.

Here, the risk is that people may store the sign count in the situation it has stepped backwards. The greater risk is that when signCount < storedSignCount, if the signCount was tampered with and set to 0, and the RP then persisted that then there is a risk that counter may not be checked again in the future. 

I think if anything, the language in this section could be improved to state that it is *not* recommended to store a sign count when it goes backwards. But the signCount is a useful check. 



-- 
GitHub Notification of comment by Firstyear
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1590#issuecomment-811514969 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Wednesday, 31 March 2021 22:47:15 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:43 UTC