[webauthn] Enterprise attestaion is a bool in WebAuthn and an int in CTAP (#1795) from John Bradley via GitHub on 2022-09-07 (public-webauthn@w3.org from September 2022)

From: John Bradley via GitHub <sysbot+gh@w3.org>
Date: Wed, 07 Sep 2022 19:07:13 +0000
To: public-webauthn@w3.org
Message-ID: <issues.opened-1365076402-1662577627-sysbot+gh@w3.org>

ve7jtb has just created a new issue for https://github.com/w3c/webauthn:

== Enterprise attestaion is a bool in WebAuthn and an int in CTAP ==
## Proposed Change

Describe your proposed change. If you have suggested text, please file a corresponding Pull Request.
The current WebAuthn text uses options enterprise to set enterpriseAttestationPossible state to true if present.

In CTAP enterpriseAttestation can have two values 1 for Vendor-facilitated enterprise attestation and 2 for Platform-managed enterprise attestation.  

This might cause confusion if the CTAP2.1 spec is not read closely
Sec 5.1.3 point 20.5 should probably be something like:

Let enterpriseAttestationPossible be an Intiger value, as follows. If options.[attestation](https://w3c.github.io/webauthn/#dom-publickeycredentialcreationoptions-attestation)

is set to [enterprise](https://w3c.github.io/webauthn/#dom-attestationconveyancepreference-enterprise)
Let enterpriseAttestationPossible be 2 if the user agent wishes to support enterprise attestation for options.[rp](https://w3c.github.io/webauthn/#dom-publickeycredentialcreationoptions-rp).[id](https://w3c.github.io/webauthn/#dom-publickeycredentialrpentity-id) (see [Step 8](https://w3c.github.io/webauthn/#CreateCred-DetermineRpId), above). Otherwise 1.

otherwise
Let enterpriseAttestationPossible be absent.


Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1795 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Wednesday, 7 September 2022 19:07:15 UTC