|
|
|
|
|
|
by lxgr
2179 days ago
|
|
|
Care to elaborate how attestation is privacy infringing? As far as I understand, private attestation is a specific design goal of WebAuthN, achieved by either sharing an attestation credential with at least 100 000 instances of a given authenticator or via cryptographic means. There have been instances of authenticator vendors getting this wrong, but I remember reading that browsers will detect it and strip any attestation response in this case. |
|
|
Is that extreme? Yes, but the upside to giving out attestation data just isn't there in most scenarios. It's like I have to step over broken glass to get a stale bagel. Yes these boots mitigate the risk from the glass very well but I don't even want a stale bagel anyway.
There are some scenarios where attestation makes sense. If you issued every one of your employees a genuine Yubico Yubikey then I guess it could make sense to insist on checking with attestation that nobody is using some homebrew device they built instead. But for general use? Even the tiny risk isn't justified, so it should be "off".
Here's someone much smarter than me proposing something you could do if you really care about the features from attestation but don't want people to give up privacy. If you insist on offering stale baked goods, here is how to clear up that glass:
https://www.imperialviolet.org/2019/01/01/zkattestation.html