differentiate assertion signatures and attestation signatures #118
Labels
Milestone
Comments
vijaybh
added a commit
that referenced
this issue
Jan 10, 2017
Refactor the attestation section to clean up exposition. Separated out signature verification (per format) from trust chaining (done at higher layer). Created a separate section for specifying key RP operations. Fixes #88. RP registration section defines binding of credentials to user accounts. Fixes #13. RP registration section also defines options in case of registering the same credential to different users. Fixes #12. Cleans up and completes defining the process for verifying assertions, which had already been largely done by @rlin1. Fixes #102. Completes drawing the distinction between assertion and attestation certificates. Fixes #118. Replace "client platform" with "client" in signature format section to avoid confusion. Fixes #209.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
presently the spec uses the unadorned term "signature" in ~80+ places. We have two overall types of signatures -- aka 'signed objects' -- attestations in the makeCredential() flow, and assertions in the getAssertion() flow. Perhaps we should name these two different signature types "assertion signature" and "attestation signature"
The text was updated successfully, but these errors were encountered: