define "self-signed basic attestation type" "SSBasic"

[equalsJeffH]

some authenticators in the wild return, on registration, an attestation certificate that is signed by the private key associated with the public key in the cert. Thus, the attestation certificate is essentially the "(CA) root certificate".

this change defines this sort of attestation as "self-signed basic attestation", "SSBasic" for short.

fixes #1498

---

Preview | Diff

[yackermann]

Need to have a proper impact analysis and collect feedback from certified servers before this change is approved

[ve7jtb]

I think this is reasonable.
My only question is if we should have guidance for creating such a self signed certificate going forward. There are probably some things like making sure the certificate chains to itself, that would be useful for backwards compatibility.

[ve7jtb]

Need to have a proper impact analysis and collect feedback from certified servers before this change is approved

I am not sure that WebAuthn needs to do that. In principal we can support new attestation formats like apple attestation, without first checking what existing Fido servers do.

As long as this behavior fails in a safe way in servers, eg the worst that happens in existing servers is that they consider these attestations invalid, I don't see a problem. New servers will support it like the apple attestation.

[RaeHayward]

Need to have a proper impact analysis and collect feedback from certified servers before this change is approved

I am not sure that WebAuthn needs to do that. In principal we can support new attestation formats like apple attestation, without first checking what existing Fido servers do.

As long as this behavior fails in a safe way in servers, eg the worst that happens in existing servers is that the the attestations are considers invalid, I don't see a problem. New servers will support it like the apple attestation.

Please note that FIDO Alliance is in no way trying to dictate the work of this group and the comment is not our official stance on this topic.
From my perspective I am working to coordinate on our end, as it relates to certification, for a more cohesive ecosystem and understand the changes that we would potentially need to incorporate in order to support that end goal.

[emlun]

I'm not sure how this is qualitatively different from any other Basic attestation. If the RP has the self-signed "root" certificate in its trust store, then it can already just verify the signature as usual, no? Presumably the trust store is indexed by X.509 subject name and the self-signed certificate has identical subject and issuer names, so the RP would just look up a second copy of the same certificate and see a valid signature by the trusted copy. Conversely if the self-signed cert is not in the trust store, then the RP would fail to look it up and thus not trust the signature. So why does this special case need its own category?

[equalsJeffH]

I'm not sure how this is qualitatively different from any other Basic attestation. ... So why does this special case need its own category?

Yes, it may not merit its own attestation type. Perhaps clarifying that an authenticator's "attestation root certificate" (as made available by the authnr's manufacturer) may be the same as the authnr-returned attestation cert, and can be "verified" by either a byte-by-byte comparison or verifying the signature, is sufficient.

As it turns out, the FIDO Metadata Statement spec allows for such self-signed attestation certificates.

[jcjones]

We shouldn't need a new attestation type here. Self-signed should be usable with Basic, or we can add clarifications as necessary.

[equalsJeffH]

am closing this given #1499 (review), #1499 (review), and #1499 (comment).