W3C home > Mailing lists > Public > public-webauthn@w3.org > June 2022

Re: [webauthn] Which "pubKeyCredParams" to use? (#1757)

From: Nuno Sung via GitHub <sysbot+gh@w3.org>
Date: Thu, 30 Jun 2022 12:21:42 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-1171151634-1656591698-sysbot+gh@w3.org>
For the RP which want to pass FIDO2 server certification, the 3 algos mentioned above are marked as required,  https://fidoalliance.org/specs/fido-v2.0-rd-20180702/fido-server-v2.0-rd-20180702.html#other
I can't say for FIDO if this is an out-of-date document or any strong opinion here, but for sure it's a little useful to your question about compatibility. Besides, I can't see any other spec or document says for that, except https://github.com/w3c/webauthn/blob/main/index.bs#L2772 for user agent's compatibility.  

And for what algos authenticators can support what, a good approach is to check the FIDO MDS and there is a copy of the latest data under https://github.com/opotonniee/fido-mds-explorer/blob/main/mds.js and that is monthly updated from FIDO MDS3.  You can search for the public information about how many other authenticators can support "alg": -8 or other algos. But obviously, MDS3 is optional and it's only for some authenticator vendors which want to have relative certifications and agree to publish the metadata information.

-- 
GitHub Notification of comment by nuno0529
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1757#issuecomment-1171151634 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Thursday, 30 June 2022 12:21:44 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:46 UTC