- From: Ackermann Yuriy <ackermann.yuriy@gmail.com>
- Date: Tue, 28 Jun 2022 17:39:27 +0100
- To: Arnaud Dagnelies via GitHub <sysbot+gh@w3.org>
- Cc: public-webauthn@w3.org
- Message-ID: <CALRyZMq_mG4u4NN-PpH+dR6y3k1SnXt8enaUe7UL9a0Ox7gxGQ@mail.gmail.com>
It is mandatory to support ES256/RS256/RS1/ED25519 On Tue, 28 Jun 2022 at 5:16 PM, Arnaud Dagnelies via GitHub < sysbot+gh@w3.org> wrote: > dagnelies has just created a new issue for https://github.com/w3c/webauthn > : > > == Which "pubKeyCredParams" to use? == > Hi, > > I noticed that during `credentials.create(...)`, if the list does not > contain what the authenticator can provide, the authenticator will not be > included in the list of authenticators to choose from. For example, if you > don't include `"alg":-257`, Windows Hello won't work. > > Now, as a relying party this all sounds a bit like unknown mysteries. > > - the specification says "pick your algorithms" from a [huge list]( > https://www.iana.org/assignments/cose/cose.xhtml#algorithms)! > - no idea which algos the authenticators support > - no idea which algos you really have to support as an RP > > In practice, using this list restricts your choice to a subset of > authenticators available... if you manage to find out which algo is needed. > Also, most RPs are not deeply knowledgeable about which crypto algorithms > is better suited or not. > > So ...are all common authenticators covered by RS256 and ES256? Or should > you as an RP add some more to cover most authenticators? Which ones? > > Please view or discuss this issue at > https://github.com/w3c/webauthn/issues/1757 using your GitHub account > > > -- > Sent via github-notify-ml as configured in > https://github.com/w3c/github-notify-ml-config > > -- Yuriy Ackermann FIDO, Identity, Standards skype: ackermann.yuriy github: @herrjemand <https://github.com/herrjemand> twitter: @herrjemand <https://twitter.com/herrjemand> medium: @herrjemand <https://medium.com/@herrjemand>
Received on Tuesday, 28 June 2022 16:39:53 UTC