-
Notifications
You must be signed in to change notification settings - Fork 166
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
SafetyNet Attestation Clarifications #968
Comments
|
|
@arshadnoor writes in #950 (comment):
|
@arshadnoor's comment ought to be a separate issue? |
@leshi @christiaanbrand Maybe we should add requirement that assertion timestamp must be not older than 1 or 5 minutes? |
@apowers313 seems best handled in a best practice guide and not in the main specification |
From my original comment:
|
@christiaanbrand can you clarify what is the purpose of the |
@apowers313 @herrjemand can this be closed with #1093 merged? |
@emlun Google team needs to clarify the meaning of "ver" verification step. Any feedback @christiaanbrand @leshi @kpaulh ? |
This is still not clear and I haven't been able to find any documentation on it. |
I think #1170 fixes all these problems except |
Splitting off the SafetyNet conversation from #950, as requested during the last call.
I think the questions are:
ver
and how is it verified and / or used during verification?nonce
(not part of Attestation validation issues #950, but perhaps some clarification is needed)?cc: @agl @christiaanbrand @leshi @kpaulh
The text was updated successfully, but these errors were encountered: