Skip to content

Commit

Permalink
Add more complete logic for individual attestation verification via Emil
Browse files Browse the repository at this point in the history
Co-authored-by: Emil Lundberg <[email protected]>
  • Loading branch information
timcappalli and emlun authored Oct 5, 2023
1 parent 108db99 commit e0a4f31
Showing 1 changed file with 11 additions and 1 deletion.
12 changes: 11 additions & 1 deletion index.bs
Original file line number Diff line number Diff line change
Expand Up @@ -6291,7 +6291,17 @@ The "compound" attestation statement format is used to pass multiple, self-conta
:: Not applicable

: Verification procedure
:: For every element in the array, validate the attestation statement based on the verification procedure specified for that format (using the `fmt` identifier). If validation fails for one or more compound attestation statements, [=[RPS]=] should decide the appropriate results based on policy from information they have about the [=authenticators=].
:: Given the [=verification procedure inputs=] |attStmt|, |authenticatorData| and |clientDataHash|, the [=verification procedure=] is
as follows:
1. [=list/For each=] |subStmt| of |attStmt|, evaluate the [=verification procedure=]
corresponding to the [=attestation statement format identifier=] <code>|subStmt|.fmt</code>
with [=verification procedure inputs=] |subStmt|, |authenticatorData| and |clientDataHash|.

If validation fails for one or more |subStmt|, decide the appropriate result based on [=[RP]=] policy.

2. If sufficiently many (as determined by [=[RP]=] policy) [=list/items=] of |attStmt| verify successfully,
return implementation-specific values representing any combination of outputs from successful [=verification procedures=].


# <dfn>WebAuthn Extensions</dfn> # {#sctn-extensions}

Expand Down

0 comments on commit e0a4f31

Please sign in to comment.