New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add uaf attestation format #408
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nothing against this particular attestation format, but there are getting to be a lot of attestation formats that RPs have to implement. Is there any way to limit the number of formats?
There exist some (relevant) classes of authenticator models in the market. I propose to support the most important ones. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Per my review of PR #407 , we should do what it takes to make it be possible to add the UAF credential type and attestation format in a separate document, rather than requiring that they be added to the WebAuthn spec. That's the approach that I think we should pursue for this one and PR #407 . With adequate registry support, every additional algorithm, etc. need not be continually added to the WebAuthn spec itself.
@selfissued proposed:
While I agree with adding registry support for WebAuthn signature-and-assertion-formats (see #296, #233), I disagree with not merging #407 and #408 in this specific case of UAF because:
If someone later desires to register and have WebAuthn support yet another signature-and-assertion-format, then I agree that the approach they should take is to formally register such and specify it in self-contained specs separate from the present WebAuthn spec. This PR is concise, largely does not affect other portions of the webauthn spec, incorporates some changes that we will need to do any way in order to have the spec properly handle separately-defined assertion-and-signature-formats. We ought to refine this PR and #407 appropriately and merge them for WD-06. Fixes #465 |
Please resolve the discussion in #554 before merging. |
Per 03/07/19 F2F Close |
Preview | Diff