W3C home > Mailing lists > Public > public-webauthn@w3.org > June 2022

Re: [webauthn] Which "pubKeyCredParams" to use? (#1757)

From: Nuno Sung via GitHub <sysbot+gh@w3.org>
Date: Thu, 30 Jun 2022 12:21:42 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-1171151634-1656591698-sysbot+gh@w3.org>
For the RP which want to pass FIDO2 server certification, the 3 algos mentioned above are marked as required,  https://fidoalliance.org/specs/fido-v2.0-rd-20180702/fido-server-v2.0-rd-20180702.html#other
I can't say for FIDO if this is an out-of-date document or any strong opinion here, but for sure it's a little useful to your question about compatibility. Besides, I can't see any other spec or document says for that, except https://github.com/w3c/webauthn/blob/main/index.bs#L2772 for user agent's compatibility.  

And for what algos authenticators can support what, a good approach is to check the FIDO MDS and there is a copy of the latest data under https://github.com/opotonniee/fido-mds-explorer/blob/main/mds.js and that is monthly updated from FIDO MDS3.  You can search for the public information about how many other authenticators can support "alg": -8 or other algos. But obviously, MDS3 is optional and it's only for some authenticator vendors which want to have relative certifications and agree to publish the metadata information.

GitHub Notification of comment by nuno0529
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1757#issuecomment-1171151634 using your GitHub account

Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Thursday, 30 June 2022 12:21:44 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:46 UTC