- From: Daniel Micay via GitHub <sysbot+gh@w3.org>
- Date: Thu, 20 Apr 2023 01:06:02 +0000
- To: public-webauthn@w3.org
We intend to eventually have our own device which would use our own attestation root both for the TEE and secure element keystores along with providing our own implementation of the remote key provisioning service. At the moment, we provide a reverse proxy for Google's key attestation service. MIT-licensed code for generating and verifying key attestations available at https://github.com/GrapheneOS/Auditor/blob/main/app/src/main/java/app/attestation/auditor/AttestationProtocol.java which is based on the Apache 2 licensed key attestation parsing code extracted from the Android CTS with some changes to provide security with arbitrary length chains. We had to support arbitrary length chains due to remote key provisioning and we also had to add support for using app generated attest purpose keys, which was the feature we requested a couple years earlier. The verification code is shared with our server implementation. -- GitHub Notification of comment by thestinger Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1819#issuecomment-1515567870 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Thursday, 20 April 2023 01:06:04 UTC