Re: [webauthn] Assertion signatures: raw or ASN.1 wrapped? (#1829) from Matthew Miller via GitHub on 2023-01-11 (public-webauthn@w3.org from January 2023)

From: Matthew Miller via GitHub <sysbot+gh@w3.org>
Date: Wed, 11 Jan 2023 20:32:26 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-1379450255-1673469144-sysbot+gh@w3.org>

Turns out the ASN.1 wrapping for ECDSA signatures is for historical U2F reasons. [The spec calls this out as such](https://www.w3.org/TR/webauthn-2/#sctn-signature-attestation-types):

> Note: As CTAP1/U2F [authenticators](https://www.w3.org/TR/webauthn-2/#authenticator) are already producing signatures values in this format, CTAP2 [authenticators](https://www.w3.org/TR/webauthn-2/#authenticator) will also produce signatures values in the same format, for consistency reasons.

Given this context, there's not really anything to be done here without risking breaking compatibility with U2F authenticators.

-- 
GitHub Notification of comment by MasterKale
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1829#issuecomment-1379450255 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Wednesday, 11 January 2023 20:32:28 UTC