Re: [webauthn] Add and prefer fully-specified COSE algorithm identifers in test vectors (#2290) from philomathic_life via GitHub on 2025-05-07 (public-webauthn@w3.org from May 2025)

From: philomathic_life via GitHub <sysbot+gh@w3.org>
Date: Wed, 07 May 2025 15:38:11 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-2859084536-1746632287-sysbot+gh@w3.org>

> But note that in general, the `alg` attribute of the attestation (when present) may be different from the `alg` of the credential public key.

Of course. I was referring to self attestation specifically since the private key used to sign the payload is the same as the credential private key thus should use the same identifier (and the spec mandates that the identifier used be the same as the identifier used in the COSE key portion of the attested credential data). Thanks for the additional tests!

-- 
GitHub Notification of comment by zacknewman
Please view or discuss this issue at https://github.com/w3c/webauthn/pull/2290#issuecomment-2859084536 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Wednesday, 7 May 2025 15:38:12 UTC