- From: DannyNiu/NJF via GitHub <sysbot+gh@w3.org>
- Date: Wed, 28 Feb 2024 11:27:08 +0000
- To: public-webauthn@w3.org
dannyniu has just created a new issue for https://github.com/w3c/webauthn: == Numbering in the step needs update in 7.1. Registering a New Credential == Step 24 in Section 7.1. Registering a New Credential refers to Step 21 and 22 for verification result and trust path respectively, where those are changed and are step 22 and 23 now. ## Proposed Change 24. Assess the attestation trustworthiness using the outputs of the [verification procedure](https://w3c.github.io/webauthn/#verification-procedure) in [step **22**](https://w3c.github.io/webauthn/#reg-ceremony-verify-attestation), as follows: If [no attestation](https://w3c.github.io/webauthn/#none) was provided, verify that [None](https://w3c.github.io/webauthn/#none) attestation is acceptable under [Relying Party](https://w3c.github.io/webauthn/#relying-party) policy. If [self attestation](https://w3c.github.io/webauthn/#self-attestation) was used, verify that [self attestation](https://w3c.github.io/webauthn/#self-attestation) is acceptable under [Relying Party](https://w3c.github.io/webauthn/#relying-party) policy. Otherwise, use the X.509 certificates returned as the [attestation trust path](https://w3c.github.io/webauthn/#attestation-trust-path) from the [verification procedure](https://w3c.github.io/webauthn/#verification-procedure) to verify that the attestation public key either correctly chains up to an acceptable root certificate, or is itself an acceptable certificate (i.e., it and the root certificate obtained in [Step **23**](https://w3c.github.io/webauthn/#reg-ceremony-attestation-trust-anchors) may be the same). Please view or discuss this issue at https://github.com/w3c/webauthn/issues/2030 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Wednesday, 28 February 2024 11:27:10 UTC