Bug 181948
Summary: | [WebAuthN] Add token binding ID into CollectedClientData | ||
---|---|---|---|
Product: | WebKit | Reporter: | Jiewen Tan <jiewen_tan> |
Component: | WebCore Misc. | Assignee: | pascoe <pascoe> |
Status: | RESOLVED WONTFIX | ||
Severity: | Normal | CC: | alex.gaynor, dwaite, jiewen_tan, jonathan, jschoi, loginllama, pascoe, webkit-bug-importer |
Priority: | P2 | Keywords: | InRadar |
Version: | WebKit Nightly Build | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Bug Depends on: | |||
Bug Blocks: | 181943 |
Jiewen Tan
Add token binding ID into CollectedClientData.
Attachments | ||
---|---|---|
Add attachment proposed patch, testcase, etc. |
Radar WebKit Bug Importer
<rdar://problem/43357285>
login Llama
For reference Token Binding is required by NIST in SP800-63B https://pages.nist.gov/800-63-3/sp800-63b.html
To meet the Verifier Impersonation resistance requirement for authentication at AAL3.
David Waite
Post-level 2 PR removing TokenBinding. https://github.com/w3c/webauthn/pull/1630