You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@@ -4098,7 +4098,7 @@ indicating the type (e.g. make and model) of the authenticator. The AAGUID MUST
authenticators made by that maker, and different (with high probability) from the AAGUIDs of all other types of authenticators. The AAGUID for a given type
of authenticator SHOULD be randomly generated to ensure this. The [=[RP]=] MAY use the AAGUID to infer certain properties of the authenticator, such as
certification level and strength of key protection, using information from other sources. The [=RP=] MAY use the AAGUID to attempt to identify the maker of
the authenticator without performing [=attestation=], but would be unable to trust that inference unless [=attestation=] is performed.
the authenticator without requesting and verifying [=attestation=], but the AAGUID is not provably authentic without [=attestation=].
The primary function of the authenticator is to provide [=WebAuthn signatures=], which are bound to various contextual data. These
data are observed and added at different levels of the stack as a signature request passes from the server to the
