Re: [webauthn] Why does WebAuthn require a challenge when asking the client to register a new credential? (#1355)

@emlun can you clarify
> The challenge does have some value for the other attestation statement formats, though.

Is the server generated random challenge only used for "Android Key Attestation Statement Format" and "FIDO U2F Attestation Statement Format" as 
    type: str
    challenge: str
    origin: str
    crossorigin: bool

GitHub Notification of comment by boogerlad
Please view or discuss this issue at using your GitHub account

Sent via github-notify-ml as configured in

Received on Thursday, 28 October 2021 04:21:22 UTC