Re: [webauthn] Add and prefer fully-specified COSE algorithm identifers in test vectors (#2290) from Emil Lundberg via GitHub on 2025-05-07 (public-webauthn@w3.org from May 2025)

From: Emil Lundberg via GitHub <sysbot+gh@w3.org>
Date: Wed, 07 May 2025 10:51:35 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-2858100878-1746615093-sysbot+gh@w3.org>

Thanks @zacknewman, good catch! It certainly makes sense that the self attestation case should use the same `alg` for the attestation object as in the credential key. But note that in general, the `alg` attribute of the attestation (when present) may be different from the `alg` of the credential public key. For example, all attestation statements in these test vectors use ESP256 (previously ES256) regardless of the credential key algorithm (this is mostly because EC keys are much easier to generate than RSA keys).

-- 
GitHub Notification of comment by emlun
Please view or discuss this issue at https://github.com/w3c/webauthn/pull/2290#issuecomment-2858100878 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Wednesday, 7 May 2025 10:51:35 UTC