Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Drop assertion-time attestation. #1997

Merged
merged 4 commits into from
Jan 10, 2024
Merged

Drop assertion-time attestation. #1997

merged 4 commits into from
Jan 10, 2024

Conversation

agl
Copy link
Contributor

@agl agl commented Nov 15, 2023
edited by pr-preview bot
Loading

We don't believe that there's a use for it now. The cases that wish to plumb this sort of data back can do so via other means.

Preview | Diff

Drop assertion-time attestation.
15dad79 
We don't believe that there's a use for it now. The cases that wish to
plumb this sort of data back can do so via other means.
@rlin1
Copy link
Contributor

rlin1 commented Nov 15, 2023

Does that imply that device-bound keys in the "supplemental keys" extension cannot be attested?

@agl
Copy link
Contributor Author

agl commented Nov 15, 2023

Does that imply that device-bound keys in the "supplemental keys" extension cannot be attested?

No, they certainly can be. This change just reduces the number of places that can have attestations at assertion time from three to two.

@emlun emlun self-requested a review November 15, 2023 20:22
@arianvp
Copy link

arianvp commented Nov 16, 2023

Big 👍 for this change. Attestation should be stored at creation time and this simplifies the spec. for DBKs creation time can overlap with assertion time of the main credential so it's still during "creation".

emlun
emlun requested changes Nov 16, 2023
View reviewed changes
index.bs Show resolved Hide resolved
index.bs Show resolved Hide resolved
This was referenced Dec 13, 2023
Merged
Closed
MasterKale
MasterKale requested changes Dec 31, 2023
View reviewed changes
index.bs Show resolved Hide resolved
@MasterKale MasterKale mentioned this pull request Dec 31, 2023
Closed
@lgarron lgarron mentioned this pull request Jan 1, 2024
Open
MasterKale
MasterKale approved these changes Jan 10, 2024
View reviewed changes
Copy link
Contributor

@MasterKale MasterKale left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me.

@emlun
Delete reference to {{AuthenticatorAttestationResponse/attestationObj…
a0cfb6c 
…ect}} added in meta-PR #1812

Originally added in commit 25291de.
emlun
emlun approved these changes Jan 10, 2024
View reviewed changes
Copy link
Member

@emlun emlun left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Heh, I spotted this looking strange in the HTML diff:

screenshot-2024-01-10T13:37:43+01:00

This was added in PR #1818, and apparently Bikeshed now started pulling in {{AuthenticatorAssertionResponse/attestationObject}} as an external ref from the spec database since the member definition no longer exists within the document.

I've pushed commit a0cfb6c which fixes this.

@agl agl merged commit 830e6c0 into main Jan 10, 2024
2 checks passed
@emlun emlun deleted the noatt branch January 10, 2024 20:26
github-actions bot added a commit that referenced this pull request Jan 10, 2024
@agl @github-actions
Merge pull request #1997 from w3c/noatt
45e2740 
SHA: 830e6c0
Reason: push, by agl

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
@emlun emlun mentioned this pull request Jan 10, 2024
Closed
@abergs abergs mentioned this pull request Jan 17, 2024
Closed
@emlun emlun mentioned this pull request Jul 24, 2024
Closed
This was referenced Sep 20, 2024
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@MasterKale MasterKale MasterKale approved these changes

@emlun emlun emlun approved these changes

Assignees

@agl agl

Labels
type:technical
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@agl @rlin1 @arianvp @emlun @MasterKale @nadalin