Re: [FIDO-DEV] Digest for fido-dev@fidoalliance.org - 3 updates in 3 topics

[Aman Mume]

amanm...@gmail.com

On Tue, 28 Nov, 2023, 1:58 am , <fido...@fidoalliance.org> wrote:

fido...@fidoalliance.org

Google Groups

Topic digest
View all topics

• Question on platform lock-in - 1 Update
• TPM attestation Signature Encoding Error - 1 Update
• When Both platform and roaming authenticator registered in android - 1 Update

Question on platform lock-in

Tim Cappalli <Tim.Ca...@microsoft.com>: Nov 27 04:50PM There is active work to develop a protocol to securely migrate credentials across providers. I can't say whether all providers will implement it, but there are quite a few players, large and small, that are engaged in the work.   tim   From: fido...@fidoalliance.org <fido...@fidoalliance.org> on behalf of Franz Winter <xfw...@gmail.com> Date: Thursday, November 23, 2023 at 06:23 To: FIDO Dev (fido-dev) <fido...@fidoalliance.org> Subject: [FIDO-DEV] Question on platform lock-in   If I go full passkeys on my Apple devices using Apple's Keychain: Would I be able to comfortably do a platform switch to Android in the future?   I understand that I would be able to transfer every single passkey for a specific service, but would I be able to transfer all of them together?   Thank you!   -- You received this message because you are subscribed to the Google Groups "FIDO Dev (fido-dev)" group. To unsubscribe from this group and stop receiving emails from it, send an email to fido-dev+u...@fidoalliance.org<mailto:fido-dev+u...@fidoalliance.org>. To view this discussion on the web visit https://groups.google.com/a/fidoalliance.org/d/msgid/fido-dev/bd8b83e6-55c0-4a09-8f54-2854ccf661den%40fidoalliance.org<https://groups.google.com/a/fidoalliance.org/d/msgid/fido-dev/bd8b83e6-55c0-4a09-8f54-2854ccf661den%40fidoalliance.org?utm_medium=email&utm_source=footer>.

Back to top

TPM attestation Signature Encoding Error

Emil Lundberg <em...@yubico.com>: Nov 27 10:37AM +0100 It could be that the *credential public key* uses RSA with SHA256, but the *attestation key* uses RSA with SHA1. This would mean that you would need to use SHA1 to verify the *attestation signature*, but any subsequent *assertion signatures* must be verified with SHA256.   Would you mind sharing an attestation object that exhibits the issue?   Emil Lundberg   Senior Software Engineer | Yubico <http://www.yubico.com/>         On Fri, Nov 24, 2023 at 11:08 PM Arshad Noor <arsha...@strongkey.com> wrote:

Back to top

When Both platform and roaming authenticator registered in android

hetin k <het...@gmail.com>: Nov 26 11:52PM -0800 When Both platform and roaming authenticator registered in android, android only allow platform authenticator to authenticate and no fallback for roaming authenticator when both platform and roaming authenticator available. IOS allow user to choose in this case.   @AGL, Can you provide any idea on this?

Back to top

You received this digest because you're subscribed to updates for this group. You can change your settings on the group membership page. To unsubscribe from this group and stop receiving emails from it send an email to fido-dev+u...@fidoalliance.org.