This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthor

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note

Page References

Incoming links Outgoing links
WebAuthn Attestation
WebAuthn Attestation

Version management

Difference between version and

At line 1 added 49 lines
!!! Overview
[{$pagename}] is an [Attestation] implemented within [Web Authentication API] ([WebAuthN]) to attest to the [provenance] of an [authenticator] and the [data] it emits
[{$pagename}] statement is conveyed in an attestation object during [Credential Enrollment] including, for example: [credential] IDs, [credential] [key] pairs, [Digital Signature] counters, etc. [{$pagename}] defines [attestation] formats used to validate [FIDO] [Authenticators], uses [FIDO2] [credentials], and associated [User Verification Methods] which is similar to and could be mapped as [Authentication Context Class] to [federation] servers or other conditional/adaptive [authentication] systems.
!! Attestation Certificate [Example]
Attestation Certificate (attestnCert) [Example]
{{{
Version: 3 (0x2)
Serial Number: 1918419690 (0x7258c2ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN = Yubico U2F Root CA Serial 457200631
Validity
Not Before: 2014-08-01T00:00:00
Not After: 2050-09-04T00:00:00
Subject: CN=Yubico U2F EE Serial 14803321578
Subject Public Key Info:
Public-Key: (256 bit)
pub:
04:a2:b0:39:93:22:54:31:9d:41:fa:48:54:d5:7c:a1:8d:eb:
69:cc:9b:3e:4d:81:ae:39:9f:32:3e:81:16:43:99:ef:2a:95:
14:67:3d:15:7c:ec:bf:b5:f0:bc:c7:89:08:53:ee:55:cf:3f:
1a:20:66:f4:d5:13:9b:93:8b:31:0b
Curve: secp256r1
X509v3 extensions:
1.3.6.1.4.1.41482.1.2 (YubiKey NEO):
Signature Algorithm: sha256WithRSAEncryption
bc:cc:1a:f9:0b:7b:95:78:18:d5:55:a4:33:71:6a:60:16:ac:
ed:cb:31:32:c3:41:0f:36:61:64:10:6c:23:d9:2a:b0:6c:5d:
1c:2c:b6:92:9a:d4:21:48:aa:2a:3a:f3:ae:53:89:3a:6a:a1:
40:ca:e9:32:65:93:15:3d:92:aa:00:fd:15:87:4b:02:32:94:
4c:ce:90:ef:11:98:ce:de:fe:a0:87:96:7c:6c:80:e6:b5:00:
09:e4:1d:a7:9c:82:f2:56:97:3b:0c:0e:ed:6a:3d:dd:52:b6:
73:34:c0:fc:bf:e6:d8:8c:a7:53:b1:92:7f:43:34:2c:b6:c7:
b0:20:f9:28:14:e2:11:46:da:ad:6b:48:b0:90:41:62:5f:f7:
30:47:5d:48:17:e5:12:19:c4:07:29:40:68:31:7e:b9:24:ff:
67:63:a0:f3:43:75:c7:a6:53:83:dd:b1:d4:38:7b:02:8b:63:
2a:05:95:3e:d5:f2:8e:ad:02:69:34:fd:30:f1:c0:50:a5:29:
3f:86:c5:53:9b:b5:22:19:6f:c5:1a:bc:6b:20:a5:df:a4:67:
c2:18:80:8a:0f:10:8c:7e:e5:8a:22:c8:6e:d0:78:cf:d2:91:
21:a3:00:17:d4:bb:35:a6:27:b6:4a:82:b7:f9:51:21:62:d9:
0e:15:12:ea
}}}
shows X509v3 extensions: 1.3.6.1.4.1.41482.1.2 (YubiKey NEO) indicates that the Authenticator [Metadata] can be located within the [FIDO Alliance Metadata Service]
!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthorTop