You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hence, the ability to
let the Relying Party obtain an Attestation Result in the same
serialization format allows minimizing the code footprint and attack
surface area of the Relying Party, especially if the Relying Party is
a constrained node.
What should this convey to the reader? All I can think of is “get ready for 1,000 different formats”…
If comparing attack surfaces is important here, should it be compared in all the other variations in this document? How do you know it’s even true?
Or should this one be deleted?
The text was updated successfully, but these errors were encountered:
My opinion is this one is just an email response, no change to text:
The industry already has multiple formats today. Multiple is important, expanding the set indefinitely is not intended or good, but if someone (like another SDO) does add another one, RATS can accommodate it.
"should [attack surface] be compared in all the other variations in this document" -> if there's an important requirement that falls out of it yes. But I don't know of one. "how do you know it's even true" -> not sure what "it" refers to but if it is "minimizing code footprint", then it's true that 2 parsers is generally more code than 1 parser (the onus of showing otherwise would be on the person arguing that 2 parsers is less code than 1 parser). "should this one be deleted" -> no.
What should this convey to the reader? All I can think of is “get ready for 1,000 different formats”…
If comparing attack surfaces is important here, should it be compared in all the other variations in this document? How do you know it’s even true?
Or should this one be deleted?
The text was updated successfully, but these errors were encountered: