Adding CDDL to txAuthSimple #724
Conversation
There was a problem hiding this comment.
well, yeah, this is something to clean up, but we have an issue for cleaning up all extension inputs/outputs: #626, and so perhaps this should all be done together?
index.bs
Outdated
| txAuthSimple: tstr, | ||
| ) | ||
| </pre> | ||
|
|
There was a problem hiding this comment.
tho headed in the correct direction IMO (see #725 (comment)).
i am thinking this ought to be spec'd more similarly to how #sctn-generic-txauth-extension does it:
txAuthSimpleArg = ( tstr )
index.bs
Outdated
| txAuthSimple: tstr, | ||
| ) | ||
| </pre> | ||
|
|
There was a problem hiding this comment.
I'm not sure we need this CDDL representation of the extension output. If we were to use something like it, we'd want to go thru and apply the same treatment to all extension definitions IMO.
also I think the CDDL is not quite what we'd want, it'd be more like..
txAuthSimpleRetVal = ( tstr )
...I think (?)
|
reviewed: #724 (review) |
|
Thanks for the review. I have tried to address your comments, and I still am not sure we are there yet. a) extidArg and extidRetVal conventions are fine, in my opinion. They should be specified in https://www.w3.org/TR/webauthn/#sctn-extension-specification, but as far as I can tell they are not. b) I didn't leverage your suggested CDDL notation exactly, because I thought it would be clearer to represent the values as CBOR maps. c) Although it was not the original intent of this PR, should we be more explicit about what is expected in the client extension input? "A single JSON string prompt" seems like it can be interpreted in multiple ways. If you have a suggestion, I can incorporate it into the PR and take care of that as well. |
|
@equalsJeffH Have you reviewed the changes ? |
|
@selfissued Requested change has been made. |
There was a problem hiding this comment.
Looking at this again, I agree with @equalsJeffH 's comments that adding CDDL to one extension just adds entropy to the spec. Why do it for this extension and not the others?
I plan to close this with no action early next week if rationale isn't expressed for keeping it here when it's not anywhere else.
|
@equalsJeffH @selfissued is this one that we just close |
|
@selfissued, @equalsJeffH, @nadalin As per #679, I was assigned to provide CDDL for each extension. My approach has been to do this one at a time. It seems that there is an issue with my approach to this rather than the end goal. |
|
It may be a goal to add CDDL to each extension, but if so, let's create a PR that does that. Adding to some but not others, which is what this PR does, only makes the spec less parallel and more confusing. As such, I think this one should never be merged. It should therefore be closed. |
|
Actually this is exactly the way I did it with loc: see #695. The spec in this regard is already 'imbalanced'. |
|
This can merge now that #765 is merged. We agree this is imbalanced, but the consensus of the WG is that we can just be sure to write CDDL for all the other extensions before publishing the next document. |
|
(Note: When merging this, let's file issues for the remaining CDDL.) |
if using maps, is not the key "txAuthSimpleArg" also part of the CBOR-encoded object? If so, do we really need to transport those bytes down the stack (do they add any value)? The input arg for txAuthSimple is presently stated as:
..which is just a |
As per https://w3c.github.io/webauthn/#sctn-authenticator-extension-processing, "The CBOR authenticator extension input value of each processed authenticator extension is included in the extensions data part of the authenticator request. This part is a CBOR map, with CBOR extension identifier values as keys, and the CBOR authenticator extension input value of each extension as the value." I interpreted the above to mean that the authenticator extension input is always presented to the authenticator as a CBOR map. I agree that this may be inefficient in the case of txAuthSimple, but I don't know how else to interpret the above requirement. |
|
@gmandyam |
|
Sorry for being late to the party, but I had read §9.5 to mean that the whole of the extensions authenticator input - i.e., the inputs for all extensions - is a CBOR map, but the individual extension inputs are not necessarily CBOR maps. The structure of this CBOR map is then analogous to |
|
Please see the text I cited again, this time with a different emphasis: As per https://w3c.github.io/webauthn/#sctn-authenticator-extension-processing, "The CBOR authenticator extension input value of each processed authenticator extension is included in the extensions data part of the authenticator request. This part is a CBOR map, with CBOR extension identifier values as keys, and the CBOR authenticator extension input value of each extension as the value." I don't agree with your interpretation of the above text, because the CBOR map corresponds to "each processed authenticator extension", not to all collective extensions. If this was not the intent of the cited text (which is something that the editors need to address), then they should strongly consider a revision of the above. |
|
This is how I read the grammar in that section - read the emphasized parts as one sentence:
I agree this section needs to be revised regardless of which interpretation is deemed to be correct. I can take a stab at that once we reach consensus here. |
|
upon review I think @emlun is correct here & here (good catch, thx) -- getting @selfissued's input would be good since he did much work on the extensions mechanism. |
equalsJeffH
dismissed
their stale review
agree with @emlun's requested changes.
index.bs
Outdated
| <pre> | ||
| CDDL: | ||
| { | ||
| txAuthSimpleArg: tstr, |
There was a problem hiding this comment.
Please rename txAuthSimpleArg to txAuthSimpleInput
index.bs
Outdated
| <pre> | ||
| CDDL: | ||
| { | ||
| txAuthSimpleRetVal: tstr, |
There was a problem hiding this comment.
Please rename txAuthSimpleRetVal to txAuthSimpleOutput.
|
@gmandyam Where do we stand on this ? |
|
I am fine with the suggestion by @emlun and @equalsJeffH and @selfissued. The latest changes take these into account. I hope the text in https://w3c.github.io/webauthn/#sctn-authenticator-extension-processing will also be revised to better reflect the conclusions reached on this PR. |
|
@emlun I'm not sure which section you're referring to with your comment "I agree this section needs to be revised regardless of which interpretation is deemed to be correct. I can take a stab at that once we reach consensus here." But if you want to create a PR to make something clearer, I'll gladly review it. |
|
@gmandyam So looks like a go to merge |
Preview | Diff