Internet Assigned Numbers Authority
Web Authentication (WebAuthn)
Created
2020-06-11
Last Updated
2023-09-13
Available Formats
[IMG]
XML [IMG]
HTML [IMG]
Plain text
Registries included below
??WebAuthn Attestation Statement Format Identifiers
??WebAuthn Extension Identifiers
WebAuthn Attestation Statement Format Identifiers
Registration Procedure(s)
Specification Required
Expert(s)
Mike Jones, Giridhar Mandyam
Reference
[RFC8809]
Available Formats
[IMG]
CSV
WebAuthn Attestation
Statement Format Description Reference Change Controller Notes
Identifier
The "packed" attestation statement format is a [Web Authentication]
WebAuthn-optimized format for attestation. It uses a Section ¡́8.2, Packed
packed very compact but still extensible encoding method. Attestation Statement [W3C_Web_Authentication_Working_Group]
This format is implementable by authenticators with Format
limited resources (e.g., secure elements).
The TPM attestation statement format returns an [Web Authentication]
attestation statement in the same format as the Section ¡́8.3, TPM
tpm packed attestation statement format, although the Attestation Statement [W3C_Web_Authentication_Working_Group]
rawData and signature fields are computed Format
differently.
Platform authenticators on versions "N", and later, [Web Authentication]
android-key may provide this proprietary "hardware attestation" Section ¡́8.4, Android Key [W3C_Web_Authentication_Working_Group]
statement. Attestation Statement
Format
Android-based platform authenticators MAY produce an [Web Authentication]
android-safetynet attestation statement based on the Android SafetyNet Section ¡́8.5, Android [W3C_Web_Authentication_Working_Group]
API. SafetyNet Attestation
Statement Format
[Web Authentication]
fido-u2f Used with FIDO U2F authenticators Section ¡́8.6, FIDO U2F [W3C_Web_Authentication_Working_Group]
Attestation Statement
Format
[Web Authentication]
apple Used with Apple devices' platform authenticators Section ¡́8.8, Apple [W3C_Web_Authentication_Working_Group]
Anonymous Attestation
Statement Format
Used to replace any authenticator-provided [Web Authentication]
none attestation statement when a WebAuthn Relying Party Section ¡́8.7, None [W3C_Web_Authentication_Working_Group]
indicates it does not wish to receive attestation Attestation Statement
information. Format
WebAuthn Extension Identifiers
Registration Procedure(s)
Specification Required
Expert(s)
Mike Jones, Giridhar Mandyam
Reference
[RFC8809]
Available Formats
[IMG]
CSV
WebAuthn Extension Description Reference Change Controller Notes
Identifier
This authentication extension allows WebAuthn Relying [Web Authentication]
appid Parties that have previously registered a credential Section ¡́10.1, FIDO AppID [W3C_Web_Authentication_Working_Group]
using the legacy FIDO JavaScript APIs to request an Extension (appid)
assertion.
This registration extension and authentication [Web Authentication]
extension allows for a simple form of transaction Section ¡́10.2, Simple
txAuthSimple authorization. A WebAuthn Relying Party can specify a Transaction Authorization [W3C_Web_Authentication_Working_Group]
prompt string, intended for display on a trusted Extension (txAuthSimple)
device on the authenticator
This registration extension and authentication
extension allows images to be used as transaction [Web Authentication]
authorization prompts as well. This allows Section ¡́10.3, Generic
txAuthGeneric authenticators without a font rendering engine to be Transaction Authorization [W3C_Web_Authentication_Working_Group]
used and also supports a richer visual appearance than Extension (txAuthGeneric)
accomplished with the webauthn.txauth.simple
extension.
This registration extension allows a WebAuthn Relying
Party to guide the selection of the authenticator that [Web Authentication]
authnSel will be leveraged when creating the credential. It is Section ¡́10.4, [W3C_Web_Authentication_Working_Group]
intended primarily for WebAuthn Relying Parties that Authenticator Selection
wish to tightly control the experience around Extension (authnSel)
credential creation.
This registration extension enables the WebAuthn
Relying Party to determine which extensions the [Web Authentication]
authenticator supports. The extension data is a list Section ¡́10.5, Supported
exts (CBOR array) of extension identifiers encoded as UTF-8 Extensions Extension [W3C_Web_Authentication_Working_Group]
Strings. This extension is added automatically by the (exts)
authenticator. This extension can be added to
attestation statements.
This registration extension and authentication
extension enables use of a user verification index.
The user verification index is a value uniquely [Web Authentication]
identifying a user verification data record. The UVI Section ¡́10.6, User
uvi data can be used by servers to understand whether an Verification Index [W3C_Web_Authentication_Working_Group]
authentication was authorized by the exact same Extension (uvi)
biometric data as the initial key generation. This
allows the detection and prevention of "friendly
fraud".
The location registration extension and authentication [Web Authentication]
loc extension provides the client device's current Section ¡́10.7, Location [W3C_Web_Authentication_Working_Group]
location to the WebAuthn Relying Party, if supported Extension (loc)
by the client platform and subject to user consent.
This registration extension and authentication [Web Authentication]
extension enables use of a user verification method. Section ¡́10.3, User
uvm The user verification method extension returns to the Verification Method [W3C_Web_Authentication_Working_Group]
WebAuthn Relying Party which user verification methods Extension (uvm)
(factors) were used for the WebAuthn operation.
This registration extension allows relying parties to
specify a credential protection policy when creating a [Client to Authenticator
credProtect credential. Additionally, authenticators may choose to Protocol (CTAP)] Section [W3C_Web_Authentication_Working_Group]
establish a default credential protection policy ¡́12.1 Credential
greater than userVerificationOptional (the lowest Protection (credProtect)
level) and unilaterally enforce such policy.
This registration extension and authentication [Client to Authenticator
extension enables RPs to provide a small amount of Protocol (CTAP)] Section
credBlob extra credential configuration information (the ¡́12.2 Credential Blob [W3C_Web_Authentication_Working_Group]
credBlob value) to the authenticator when a credential (credBlob)
is made.
This client platform-only extension provides for [Client to Authenticator
largeBlobKey storage and retrieval of a per-credential key that is Protocol (CTAP)] Section [W3C_Web_Authentication_Working_Group]
used by the client platform when writing and reading ¡́12.3 Large Blob Key
elements in the large-blob array. (largeBlobKey)
[Client to Authenticator
minPinLength This registration extension returns the current Protocol (CTAP)] Section [W3C_Web_Authentication_Working_Group]
minimum PIN length value to the Relying Party. ¡́12.4 Minimum PIN Length
Extension (minPinLength)
This registration extension and authentication [Client to Authenticator
hmac-secret extension enables the platform to retrieve a symmetric Protocol (CTAP)] Section [W3C_Web_Authentication_Working_Group]
secret scoped to the credential from the ¡́12.5 HMAC Secret
authenticator. Extension (hmac-secret)
This registration extension allows WebAuthn Relying [Web Authentication]
appidExclude Parties to exclude authenticators that contain Section ¡́10.2, FIDO AppID [W3C_Web_Authentication_Working_Group]
specified credentials that were created with the Exclusion Extension
legacy FIDO U2F JavaScript API [FIDOU2FJavaScriptAPI]. (appidExclude)
This client registration extension enables reporting [Web Authentication]
credProps of a newly-created credential's properties, as Section ¡́10.4, Credential [W3C_Web_Authentication_Working_Group]
determined by the client, to the calling WebAuthn Properties Extension
Relying Party's web application. (credProps)
This client registration extension and authentication [Web Authentication]
largeBlob extension allows a Relying Party to store opaque data Section ¡́10.5, Large blob [W3C_Web_Authentication_Working_Group]
associated with a credential. storage extension
(largeBlob)
This extension supports the following functionality
defined by the Secure Payment Confirmation API: (1) it
allows credential creation in a cross-origin iframe
(2) it allows a party other than the Relying Party to
use the credential to perform an authentication [Secure Payment
payment ceremony on behalf of the Relying Party, and (3) it Confirmation] Section ¡́5, [W3C_Web_Payments_Working_Group]
allows the browser to identify and cache Secure WebAuthn Extension -
Payment Confirmation credentials. For discussion of "payment"
important ways in which SPC differs from Web
Authentication, see in particular [Secure Payment
Confirmation ¡́10 Security Considerations] and [Secure
Payment Confirmation ¡́11 Privacy Considerations].
Contact Information
ID Name Contact URI Last Updated
[W3C_Web_Authentication_Working_Group] W3C Web Authentication Working Group mailto:public-webauthn&w3.org 2022-02-28
[W3C_Web_Payments_Working_Group] W3C Web Payments Working Group mailto:public-payments-wg&w3.org 2023-09-13
Licensing Terms
Presently we were in a very dark road, and at a point where it dropped suddenly between steep sides we halted in black shadow. A gleam of pale sand, a whisper of deep flowing waters, and a farther glimmer of more sands beyond them challenged our advance. We had come to a "grapevine ferry." The scow was on the other side, the water too shoal for the horses to swim, and the bottom, most likely, quicksand. Out of the blackness of the opposite shore came a soft, high-pitched, quavering, long-drawn, smothered moan of woe, the call of that snivelling little sinner the screech-owl. Ferry murmured to me to answer it and I sent the same faint horror-stricken tremolo back. Again it came to us, from not farther than one might toss his cap, and I followed Ferry down to the water's edge. The grapevine guy swayed at our side, we heard the scow slide from the sands, and in a few moments, moved by two videttes, it touched our shore. Soon we were across, the two videttes riding with us, and beyond a sharp rise, in an old opening made by the swoop of a hurricane, we entered the silent unlighted bivouac of Ferry's scouts. Ferry got down and sat on the earth talking with Quinn, while the sergeants quietly roused the sleepers to horse. Plotinus is driven by this perplexity to reconsider the whole theory of Matter.477 He takes Aristotle¡¯s doctrine as the groundwork of his investigation. According to this, all existence is divided into Matter and Form. What we know of things¡ªin other words, the sum of their differential characteristics¡ªis their Form. Take away this, and the unknowable residuum is their Matter. Again, Matter is the vague indeterminate something out of which particular Forms are developed. The two are related as Possibility to Actuality, as the more generic to the more specific substance through every grade of classification and composition. Thus there are two Matters, the one sensible and the other intelligible. The former constitutes the common substratum of bodies, the other the common element of ideas.478 The general distinction between Matter and Form was originally suggested to Aristotle by Plato¡¯s remarks on the same subject; but he differs325 from his master in two important particulars. Plato, in his Timaeus, seems to identify Matter with space.479 So far, it is a much more positive conception than the ?λη of the Metaphysics. On the other hand, he constantly opposes it to reality as something non-existent; and he at least implies that it is opposed to absolute good as a principle of absolute evil.480 Thus while the Aristotelian world is formed by the development of Power into Actuality, the Platonic world is composed by the union of Being and not-Being, of the Same and the Different, of the One and the Many, of the Limit and the Unlimited, of Good and Evil, in varying proportions with each other. The Lawton woman had heard of an officer's family at Grant, which was in need of a cook, and had gone there. [See larger version] On the 8th of July an extraordinary Privy Council was summoned. All the members, of whatever party, were desired to attend, and many were the speculations as to the object of their meeting. The general notion was that it involved the continuing or the ending of the war. It turned out to be for the announcement of the king's intended marriage. The lady selected was Charlotte, the second sister of the Duke of Mecklenburg-Strelitz. Apart from the narrowness of her education, the young princess had a considerable amount of amiability, good sense, and domestic taste. These she shared with her intended husband, and whilst they made the royal couple always retiring, at the same time they caused them to give, during their lives, a moral air to their court. On the 8th of September Charlotte arrived at St. James's, and that afternoon the marriage took place, the ceremony being performed by the Archbishop of Canterbury. On the 22nd the coronation took place with the greatest splendour. Mother and girls were inconsolable, for each had something that they were sure "Si would like," and would "do him good," but they knew Josiah Klegg, Sr., well enough to understand what was the condition when he had once made up his mind. CHAPTER V. THE YOUNG RECRUITS Si proceeded to deftly construct a litter out of the two guns, with some sticks that he cut with a knife, and bound with pawpaw strips. His voice had sunk very low, almost to sweetness. A soft flurry of pink went over her face, and her eyelids drooped. Then suddenly she braced herself, pulled herself taut, grew combative again, though her voice shook. HoME²Ô¾®Ïè̀«Ê²Ă´ĐÇ×ù
ENTER NUMBET 0016www.hgchain.com.cn
www.jnlpsw.com.cn
meihuaye.org.cn
lhbpxf.com.cn
krdxnp.com.cn
www.hzanqz.com.cn
szwex.com.cn
mydiy21.org.cn
spylkj.com.cn
si4.com.cn