Re: [webauthn] The default value of `attestation` member in `PublicKeyCredentialRequestOptions` should be null or must not have default value (#1941) from John Bradley via GitHub on 2023-08-24 (public-webauthn@w3.org from August 2023)

From: John Bradley via GitHub <sysbot+gh@w3.org>
Date: Thu, 24 Aug 2023 17:31:40 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-1692137366-1692898298-sysbot+gh@w3.org>

In our authenticator prototyping we are interpreting none at the ctap2.2 level the same as not requesting an attestation, or the same as CTAP2.1.
For makecredential the attestation would be fmt: "none".

If we need to return fmt: "none" for getAssertion we should sort that out quickly.

The server has no idea what generation of authenticator or Browser is being used so will always need to deal with the case where there is no attestation returned even if the conveyance preference is none.

-- 
GitHub Notification of comment by ve7jtb
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1941#issuecomment-1692137366 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Thursday, 24 August 2023 17:31:42 UTC