Add User Public Key as alias of Credential Public Key (#830)

* Add User Public Key as alias of Credential Public Key * Mention user private key in credential private key definition prose * Also reference FIDO UAF in mention of user private key * Make the new note a Note:
w3c · Mar 28, 2018 · 61ee7ce · 61ee7ce
1 parent d2c3c35
commit 61ee7ce
Showing 1 changed file with 5 additions and 1 deletion.
diff --git a/index.bs b/index.bs
@@ -424,12 +424,16 @@ The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "S
     [=[RPS]=] do not need to distinguish these two [=Credential ID=] forms.
 
 : <dfn>Credential Public Key</dfn>
+: <dfn>User Public Key</dfn>
 :: The public key portion of a [=[RP]=]-specific <dfn>credential key pair</dfn>, generated by an [=authenticator=] and
     returned to a [=[RP]=] at [=registration=] time (see also [=public key credential=]). The private key portion of the
     [=credential key pair=] is known as the <dfn>credential private key</dfn>. Note that in the case of [=self
     attestation=], the [=credential key pair=] is also used as the [=attestation key pair=], see [=self attestation=]
     for details.
 
+    Note: The [=credential public key=] is referred to as the [=user public key=] in FIDO UAF [[UAFProtocol]], and in FIDO U2F
+    [[FIDO-U2F-Message-Formats]] and some parts of this specification that relate to it.
+
 : <dfn>Human Palatability</dfn>
 :: An identifier that is [=human palatability|human-palatable=] is intended to be rememberable and reproducible by typical human
     users, in contrast to identifiers that are, for example, randomly generated sequences of bits [[EduPersonObjectClassSpec]].
@@ -3517,7 +3521,7 @@ This attestation statement format is used with FIDO U2F authenticators using the
 
     Generate a Registration Response Message as specified in [[FIDO-U2F-Message-Formats]] section 4.3, with the application parameter set to the
     SHA-256 hash of the [=RP ID=] associated with the given credential, the challenge parameter set to |clientDataHash|, and the key handle
-    parameter set to the [=credential ID=] of the given credential. Set the raw signature part of this Registration Response Message (i.e., without the user public key,
+    parameter set to the [=credential ID=] of the given credential. Set the raw signature part of this Registration Response Message (i.e., without the [=user public key=],
     key handle, and attestation certificates) as |sig| and set the attestation certificates of
     the attestation public key as |x5c|.