Matthew Miller
Matthew Miller
This project no longer uses yarn for anything.
It's true that you need to explicitly set `-257` to get Hello to work. At Cisco we've managed to support all known authenticators with just `-7` and `-257` in `pubKeyCredParams`....
And for anyone interested: based on some extensive testing I did a few months back of in-the-wild authenticators, most everything I tested **only** supported `-7` ("ES256"), with the exception of...
I'm going to turn this into an editorial PR that suggests RP's can benefit from wide authenticator support if they support `-7` `-257`. By having it laid out so explicitly...
I'm trying to figure out the best place to put such an editorial blurb. There are currently maybe three places that I see as candidates: 1. Sample code in the...
> ...this is an implementation detail and requires more than just "use these algos" because there is a lot going on. It doesn't help that the spec is prescriptive about...
This project no longer uses yarn or npm for anything.
> In the end, in the absence of attestation/signature, you can simply send the public key over since none of the data can be trusted anyway. @dagnelies i think you'll...
> Basically, because of the generated challenge, you can associate it to the corresponding "receiver". However, the content, with attestation or not, is taken in good faith. It would be...
This file doesn't exist anymore with the recent debut of "v2" of the codebase, so I went ahead and manually got this fix in since all the content was copy-pasted...