[webauthn] impl guidelines for signature counter from =JeffH via GitHub on 2016-06-09 (public-webauthn@w3.org from June 2016)

From: =JeffH via GitHub <sysbot+gh@w3.org>
Date: Thu, 09 Jun 2016 22:55:48 +0000
To: public-webauthn@w3.org
Message-ID: <issues.opened-159526723-1465512947-sysbot+gh@w3.org>

equalsJeffH has just created a new issue for 
https://github.com/w3c/webauthn:

== impl guidelines for signature counter ==
from: 
https://lists.w3.org/Archives/Public/public-webauthn/2016Jun/0070.html
the spec lacks description of the significance, use, and management of
 the signature counter. 
<blockquote>
Searching for ³counter² across the entire document only shows a few
definitions of counters, not any description of their use. [...]
And what about for assertion signatures  every time an authenticator
asserts it should grab the last counter, bump it, sign it, and store 
the
new value?
</blockquote>
e.g., there could be some further language in the spec (eg Impl 
guidelines and sec considerations) regarding the signature counter.
see also: #116 



Please view or discuss this issue at 
https://github.com/w3c/webauthn/issues/125 using your GitHub account

Received on Thursday, 9 June 2016 22:55:50 UTC