Bug 181948 - [WebAuthN] Add token binding ID into CollectedClientData
Summary: [WebAuthN] Add token binding ID into CollectedClientData
Status: RESOLVED WONTFIX
Alias: None
Product: WebKit
Classification: Unclassified
Component: WebCore Misc. (show other bugs)
Version: WebKit Nightly Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: pascoe@apple.com
URL:
Keywords: InRadar
Depends on:
Blocks: 181943
  Show dependency treegraph
 
Reported: 2018-01-22 13:49 PST by Jiewen Tan
Modified: 2022-01-31 15:30 PST (History)
8 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Jiewen Tan 2018-01-22 13:49:55 PST 
Add token binding ID into CollectedClientData.
Comment 1 Radar WebKit Bug Importer 2018-08-15 17:07:13 PDT 
<rdar://problem/43357285>
Comment 2 login Llama 2020-07-02 11:49:36 PDT 
For reference Token Binding is required by NIST in SP800-63B https://pages.nist.gov/800-63-3/sp800-63b.html

To meet the Verifier Impersonation resistance requirement for authentication at AAL3.
Comment 3 David Waite 2021-10-05 17:06:32 PDT 
Post-level 2 PR removing TokenBinding. https://github.com/w3c/webauthn/pull/1630