What does unsigned mean in regards to "unsigned extension outputs"

[Robert Hartman]

The Level 3 Editor's Draft of the WebAuthn specification 

https://w3c.github.io/webauthn/#authenticator-extension-processing

 and the CTAP 2.2 draft (https://fidoalliance.org/specs/fido-v2.2-rd-20230321/fido-client-to-authenticator-protocol-v2.2-rd-20230321.html)  refer to "Unsigned Extension Outputs".   

The specifications state that these extension outputs are generated by an authenticator.  

What does "Unsigned" mean in the context of Extension Outputs?

What is a use case for this feature?

Is there a list of supported "unsigned" extensions being added to specifications?

Thank you 

[Adam Langley]

On Wednesday, September 13, 2023 at 6:03:03 AM UTC-7 Robert Hartman wrote:

The Level 3 Editor's Draft of the WebAuthn specification 

https://w3c.github.io/webauthn/#authenticator-extension-processing

 and the CTAP 2.2 draft (https://fidoalliance.org/specs/fido-v2.2-rd-20230321/fido-client-to-authenticator-protocol-v2.2-rd-20230321.html)  refer to "Unsigned Extension Outputs".   

The specifications state that these extension outputs are generated by an authenticator.  

What does "Unsigned" mean in the context of Extension Outputs?

These extension outputs are not covered by the signature over the authenticatorData.

 

What is a use case for this feature?

Extensions that produce signatures over the authenticatorData themselves, otherwise a signature has to sign itself (which isn't possible).

Also extensions that produce results that should not be sent to the server, e.g. the prf extension at the CTAP2 level.

 

Is there a list of supported "unsigned" extensions being added to specifications?

https://w3c.github.io/webauthn/#sctn-device-publickey-extension, although note https://github.com/w3c/webauthn/pull/1957

Cheers

AGL