-
Notifications
You must be signed in to change notification settings - Fork 167
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
rename "attestation data" to be "attested credential" #393
Comments
I think we should do this, since it will be clearer. |
+1 |
part of fixing this is where we say..
..to rather say something like..
..because the former is incorrect in that it is saying the attstnObj's format is determined by the attestation statement format, where it is actually only a component of the attstnObj that varies per attestation stmt format. |
Agreed. |
Confirmed at the WG that this doesn't impact API interface. |
As suggested in w3c#393.
Presently it is difficult to trace through the spec and find where amongst the returned Attestation Object lies the
credential
(returned by authenticatorMakeCredential()). and it is not intuitive to search the text for "attestation data" when looking for the credential object and its components that's created as a result of makeCredential() (or likely-soon-to-be create()).See figure 3 -- the returned credential object and its components is presently
AttestationObject.AuthData.AuthenticatorData.{AAGUID, cred PK length, credential id, credential public key}
, however one cannot simply textually search the spec and figure this out (yet), because most all of that mega-datastructure is defined in tables (without names for the components) and is not specified in webIDL and thus not hyperlinked. Figure 3 is the only way to presently really figure it out.Although aspects of this will be resolved by PR #384, other aspects depend on resolution of #233. Part of resolving #233 ought to be renaming "attestation data" to be (i suggest) "attested credential (attestedCredential)" or perhaps "attested credential data (attestedCredentialData)" . Note that we are using the term "attested credential public key" in section Credential Attestation (presently 5.3).
The text was updated successfully, but these errors were encountered: