Re: [webauthn] Make `AuthenticatorAttestationResponseJSON.publicKeyAlgorithm` optional (#2106) from philomathic_life via GitHub on 2024-07-27 (public-webauthn@w3.org from July 2024)

From: philomathic_life via GitHub <sysbot+gh@w3.org>
Date: Sat, 27 Jul 2024 16:56:16 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-2254199552-1722099374-sysbot+gh@w3.org>

As stated in the now closed PR, I think a better approach would be to define a dictionary that requires `authenticatorData`, `publicKey`, and `publicKeyAlgorithm`; and an instance of this dictionary would be optional in `AuthenticatorAttestationResponseJSON`. It seems that it should be an all-or-nothing affair; since as soon as `publicKey` does not exist, an RP has no choice but to parse the COSE key which defeats the purpose of those fields.

-- 
GitHub Notification of comment by zacknewman
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/2106#issuecomment-2254199552 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Saturday, 27 July 2024 16:56:17 UTC