Re: [webauthn] Add SM2 Digital Signature Algorithm Support (#1783) from Emil Lundberg via GitHub on 2022-07-26 (public-webauthn@w3.org from July 2022)

From: Emil Lundberg via GitHub <sysbot+gh@w3.org>
Date: Tue, 26 Jul 2022 14:11:42 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-1195537952-1658844701-sysbot+gh@w3.org>

The WebAuthn spec references an external registry of signature algorithms, see [§5.8.5. Cryptographic Algorithm Identifier (typedef COSEAlgorithmIdentifier)](https://www.w3.org/TR/2021/REC-webauthn-2-20210408/#sctn-alg-identifier):

>A [COSEAlgorithmIdentifier](https://www.w3.org/TR/2021/REC-webauthn-2-20210408/#typedefdef-cosealgorithmidentifier)'s value is a number identifying a cryptographic algorithm. The algorithm identifiers SHOULD be values registered in the IANA COSE Algorithms registry [[IANA-COSE-ALGS-REG]](https://www.w3.org/TR/2021/REC-webauthn-2-20210408/#biblio-iana-cose-algs-reg), for instance, -7 for "ES256" and -257 for "RS256".

So they just need to be added to the IANA registry. No change to WebAuthn is needed, unless the new algorithms need additional restrictions like those we have in [§5.8.5](https://www.w3.org/TR/2021/REC-webauthn-2-20210408/#sctn-alg-identifier) for some algorithms.

-- 
GitHub Notification of comment by emlun
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1783#issuecomment-1195537952 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Tuesday, 26 July 2022 14:11:44 UTC