- From: Ki-Eun Shin via GitHub <sysbot+gh@w3.org>
- Date: Tue, 03 Oct 2023 02:26:28 +0000
- To: public-webauthn@w3.org
After reading Android key attestation related docs, I'm thinking that the key description may have both `teeEnforced` and `softwareEnforced` at the same time. See the following links: - https://source.android.com/docs/security/features/keystore/implementer-ref#get_key_characteristics So, the current implementation you've provided is valid per the spec. Our implementation has similar validation logics. -- GitHub Notification of comment by Kieun Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1980#issuecomment-1744064497 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Tuesday, 3 October 2023 02:26:29 UTC