tag Basic attstn occurances w/short name

w3c · Feb 6, 2018 · 54011a3 · 54011a3
1 parent a9f806c
commit 54011a3
Showing 1 changed file with 11 additions and 11 deletions.
diff --git a/index.bs b/index.bs
@@ -2709,7 +2709,7 @@ The initial list of specified [=attestation statement formats=] is in [[#defined
 WebAuthn supports multiple attestation types:
 
 : <dfn>Basic Attestation</dfn> (<dfn>Basic</dfn>)
-:: In the case of basic attestation [[UAFProtocol]], the authenticator's attestation key pair is specific to an
+:: In the case of basic attestation [[UAFProtocol]], the authenticator's [=attestation key pair=] is specific to an
     authenticator model.  Thus, authenticators of the same model often share the same attestation key pair. See
     [[#sec-attestation-privacy]] for futher information.
 
@@ -3020,9 +3020,9 @@ implementable by [=authenticators=] with limited resources (e.g., secure element
         1. Let |authenticatorData| denote the [=authenticator data for the attestation=], 
             and let |clientDataHash| denote the [=hash of the serialized client data=].
 
-        1. If Basic or [=Attestation CA=] attestation is in use, the authenticator produces the |sig| by concatenating |authenticatorData| and
-            |clientDataHash|, and signing the result using an attestation private key selected through an authenticator-specific
-            mechanism. It sets |x5c| to the certificate chain of the attestation public key and |alg| to the algorithm of the
+        1. If [=Basic=] or [=AttCA=] [=attestation=] is in use, the authenticator produces the |sig| by concatenating |authenticatorData| and
+            |clientDataHash|, and signing the result using an [=attestation private key=] selected through an authenticator-specific
+            mechanism. It sets |x5c| to the certificate chain of the [=attestation public key=] and |alg| to the algorithm of the
             attestation private key.
 
         1. If [=ECDAA=] is in use, the authenticator produces |sig| by concatenating |authenticatorData| and |clientDataHash|, and
@@ -3048,7 +3048,7 @@ implementable by [=authenticators=] with limited resources (e.g., secure element
             - Verify that |x5c| meets the requirements in [[#packed-attestation-cert-requirements]].
             - If |x5c| contains an extension with OID 1.3.6.1.4.1.45724.1.1.4 (`id-fido-gen-ce-aaguid`) verify that the value of this
                 extension matches the <code>[=aaguid=]</code> in |authenticatorData|.
-            - If successful, return attestation type Basic and [=attestation trust path=] |x5c|.
+            - If successful, return attestation type [=Basic=] and [=attestation trust path=] |x5c|.
 
         1. If |ecdaaKeyId| is present, then the attestation type is ECDAA. In this case:
             - Verify that |sig| is a valid signature over the concatenation of |authenticatorData| and |clientDataHash| using
@@ -3240,7 +3240,7 @@ the attestation=] is consistent with the fields of the attestation certificate's
 :: android-key
 
 : Attestation types supported
-:: [=Basic Attestation=]
+:: [=Basic=]
 
 : Syntax
 :: An Android key attestation statement consists simply of the Android attestation statement, which is a series of
@@ -3290,7 +3290,7 @@ the attestation=] is consistent with the fields of the attestation certificate's
             [=RP ID=].
         - The value in the `AuthorizationList.origin` field is equal to `KM_TAG_GENERATED`.
         - The value in the `AuthorizationList.purpose` field is equal to `KM_PURPOSE_SIGN`.
-    - If successful, return attestation type Basic with the [=attestation trust path=] set to |x5c|.
+    - If successful, return attestation type [=Basic=] with the [=attestation trust path=] set to |x5c|.
 
 
 ## Android SafetyNet Attestation Statement Format ## {#android-safetynet-attestation}
@@ -3307,7 +3307,7 @@ even if the SafetyNet API is also present.
 :: android-safetynet
 
 : Attestation types supported
-:: [=Basic Attestation=]
+:: [=Basic=]
 
 : Syntax
 :: The syntax of an Android Attestation statement is defined as follows:
@@ -3353,7 +3353,7 @@ even if the SafetyNet API is also present.
     - Verify that the attestation certificate is issued to the hostname "attest.android.com" (see
         [SafetyNet online documentation](https://developer.android.com/training/safetynet/index.html#compat-check-response)).
     - Verify that the `ctsProfileMatch` attribute in the payload of |response| is true.
-    - If successful, return attestation type Basic with the [=attestation trust path=] set to the above attestation certificate.
+    - If successful, return attestation type [=Basic=] with the [=attestation trust path=] set to the above attestation certificate.
 
 
 ## FIDO U2F Attestation Statement Format ## {#fido-u2f-attestation}
@@ -3365,7 +3365,7 @@ This attestation statement format is used with FIDO U2F authenticators using the
 :: fido-u2f
 
 : Attestation types supported
-:: [=Basic Attestation=], [=Self Attestation=], [=Attestation CA=]
+:: [=Basic=], [=Self=], [=AttCA=]
 
 : Syntax
 :: The syntax of a FIDO U2F attestation statement is defined as follows:
@@ -3431,7 +3431,7 @@ This attestation statement format is used with FIDO U2F authenticators using the
     1. Let |verificationData| be the concatenation of (0x00 || |rpIdHash| ||
         |clientDataHash| || |credentialId| || |publicKeyU2F|) (see Section 4.3 of [[!FIDO-U2F-Message-Formats]]).
     1. Verify the |sig| using |verificationData| and |certificate public key| per [[!SEC1]].
-    1. If successful, return attestation type Basic with the [=attestation trust path=] set to |x5c|.
+    1. If successful, return attestation type [=Basic=] with the [=attestation trust path=] set to |x5c|.
 
 ## None Attestation Statement Format ## {#none-attestation}