Re: [webauthn] Does signing the credential public key with the attestation private key prove to the RP that the user owns the credential private key? (#1679) from boogerlad via GitHub on 2021-10-28 (public-webauthn@w3.org from October 2021)

From: boogerlad via GitHub <sysbot+gh@w3.org>
Date: Thu, 28 Oct 2021 17:28:07 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-954051997-1635442085-sysbot+gh@w3.org>

I see. Then signing the credential public key with the attestation private key does **NOT** prove to the RP that the user owns the credential private key. It is just based on trust?

-- 
GitHub Notification of comment by boogerlad
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1679#issuecomment-954051997 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Thursday, 28 October 2021 17:28:09 UTC