- From: Emil Lundberg via GitHub <sysbot+gh@w3.org>
- Date: Tue, 26 Jul 2022 14:11:42 +0000
- To: public-webauthn@w3.org
The WebAuthn spec references an external registry of signature algorithms, see [§5.8.5. Cryptographic Algorithm Identifier (typedef COSEAlgorithmIdentifier)](https://www.w3.org/TR/2021/REC-webauthn-2-20210408/#sctn-alg-identifier): >A [COSEAlgorithmIdentifier](https://www.w3.org/TR/2021/REC-webauthn-2-20210408/#typedefdef-cosealgorithmidentifier)'s value is a number identifying a cryptographic algorithm. The algorithm identifiers SHOULD be values registered in the IANA COSE Algorithms registry [[IANA-COSE-ALGS-REG]](https://www.w3.org/TR/2021/REC-webauthn-2-20210408/#biblio-iana-cose-algs-reg), for instance, -7 for "ES256" and -257 for "RS256". So they just need to be added to the IANA registry. No change to WebAuthn is needed, unless the new algorithms need additional restrictions like those we have in [§5.8.5](https://www.w3.org/TR/2021/REC-webauthn-2-20210408/#sctn-alg-identifier) for some algorithms. -- GitHub Notification of comment by emlun Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1783#issuecomment-1195537952 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Tuesday, 26 July 2022 14:11:44 UTC