181948 – [WebAuthN] Add token binding ID into CollectedClientData

RESOLVED WONTFIX Bug 181948

[WebAuthN] Add token binding ID into CollectedClientData

https://bugs.webkit.org/show_bug.cgi?id=181948

Summary [WebAuthN] Add token binding ID into CollectedClientData

Jiewen Tan

Reported 2018-01-22 13:49:55 PST

Add token binding ID into CollectedClientData.

Attachments
Add attachment proposed patch, testcase, etc.

Radar WebKit Bug Importer

Comment 1 2018-08-15 17:07:13 PDT

<rdar://problem/43357285>

Comment 2 2020-07-02 11:49:36 PDT

For reference Token Binding is required by NIST in SP800-63B https://pages.nist.gov/800-63-3/sp800-63b.html To meet the Verifier Impersonation resistance requirement for authentication at AAL3.

David Waite

Comment 3 2021-10-05 17:06:32 PDT

Post-level 2 PR removing TokenBinding. https://github.com/w3c/webauthn/pull/1630

Note You need to log in before you can comment on or make changes to this bug.

Status RESOLVED

Resolution WONTFIX

Priority P2

Severity Normal

Classification Unclassified

Version WebKit Nightly Build

Hardware Unspecified

OS Unspecified

Product WebKit

Component WebCore Misc.

Assignee

pascoe@apple.com

Reported

2018-01-22 13:49 PST

Modified

2022-01-31 15:30 PST History

CC List

8 users Show

URL

Keywords InRadar

Depends on

Blocks

181943

Dependencies

tree graph