Re: the new registry, I talked to Mike Jones, one of the experts for the WebAuthn registry, during IETF 114 and asked if an attestation format that is not organic to WebAuthn would be acceptable in the WebAuthn registry (the example I gave was Yubikey PIV attestations). The answer was no. This is what led to the decision to define a new registry. Note, I asked relative to the https://www.ietf.org/id/draft-wallace-lamps-key-attestation-ext-01.html draft but sharing registries between that draft and the ACME draft makes sense.
I doubt any real specifics on registry management have been defined but could imagine the new registry overlapping to a large degree. From: Acme <[email protected]> on behalf of Ionut Mihalcea <[email protected]> Date: Wednesday, September 14, 2022 at 9:38 AM To: "[email protected]" <[email protected]> Subject: [Acme] Statement formats for device attestation Hi all, I had a question related to the ongoing draft on device attestation [1], more specifically I was interested in the attestation statement formats and the new registry intended for them [2]. I was curious whether the plan is to keep closer ties and alignment with the W3C and their WebAuthentication spec, or whether the naming and references are just a way to simplify the groundwork, and subsequent statement formats will have virtually no relationship to the the original ones from WebAuthn. I’m asking this with a mind towards the reusability of these registries for other types of protocols (e.g., TLS [3]), but that’d be a follow-up discussion. Best wishes, Ionut [1] https://www.ietf.org/archive/id/draft-bweeks-acme-device-attest-01.html [2] https://www.ietf.org/archive/id/draft-bweeks-acme-device-attest-01.html#name-attestation-statement-forma [3] https://datatracker.ietf.org/doc/html/draft-fossati-tls-attestation-01 IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you. _______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
_______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
