diff --git a/CHANGELOG.md b/CHANGELOG.md
index e826f7e..d8d0b60 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,6 +4,12 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## Unreleased
+- Ignore public key credential parameters with an unknown type, as required by
+  the Webauthn spec ([#28][])
+
+[#28]: https://github.com/solokeys/fido-authenticator/issues/28
+
 ## [0.1.1] - 2022-08-22
 - Fix bug that treated U2F payloads as APDU over APDU in NFC transport @conorpp
 - Add config option to skip UP when device was just booted,
diff --git a/src/ctap2.rs b/src/ctap2.rs
index 9be3333..f280b81 100644
--- a/src/ctap2.rs
+++ b/src/ctap2.rs
@@ -198,6 +198,11 @@ impl<UP: UserPresence, T: TrussedRequirements> Authenticator for crate::Authenti
 
         let mut algorithm: Option<SigningAlgorithm> = None;
         for param in parameters.pub_key_cred_params.iter() {
+            // Ignore unknown key types
+            if param.key_type != "public-key" {
+                continue;
+            }
+
             match param.alg {
                 -7 => {
                     if algorithm.is_none() {
@@ -211,15 +216,8 @@ impl<UP: UserPresence, T: TrussedRequirements> Authenticator for crate::Authenti
                 _ => {}
             }
         }
-        let algorithm = match algorithm {
-            Some(algorithm) => {
-                info_now!("algo: {:?}", algorithm as i32);
-                algorithm
-            }
-            None => {
-                return Err(Error::UnsupportedAlgorithm);
-            }
-        };
+        let algorithm = algorithm.ok_or(Error::UnsupportedAlgorithm)?;
+        info_now!("algo: {:?}", algorithm as i32);
 
         // 8. process options; on known but unsupported error UnsupportedOption