New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Divide Security/Privacy Considerations into subsections by audience? #1039
Comments
@emlun This seems like a lot of work to get done prior to PR, all the information is there or should be there so this seems a readability cleanup issue that may be best if done in next level if we can't make the cutoff point here |
Yeah, fair points. It's fine with me if the answer to "should we do this?" ends up being "no". |
this is related to issue #585 |
Consensus on 2018-08-15 WG call was that we would like to do this for L1 if we have time, otherwise punt it to L2. |
We're going to try and work this out externally in a Google Doc and then produce a PR. Anyone who wants to join our crusade, please reach out to @emlun or me. |
One thing that confused me for a moment was the disconnect between these sections:
The biometric section covers only a subset of the user verification section, but it's much more easily found by skimming the table of contents. This may lead a casual reader to wonder whether only biometrics are done locally but a PIN is shared with the RP. |
The Security Considerations and Privacy Considerations sections have grown quite large (9 A4 pages when printed as PDF at the time of writing), and it's not obvious by looking at the table of contents which subsections are relevant to which audiences:
13.1. Cryptographic Challenges
13.2. Attestation Security Considerations
13.2.1. Attestation Certificate Hierarchy
13.2.2. Attestation Certificate and Attestation Certificate CA Compromise
13.3. Security Benefits for WebAuthn Relying Parties
13.3.1. Considerations for Self and None Attestation Types and Ignoring Attestation
13.4. credentialId Unsigned
13.5. Browser Permissions Framework and Extensions
14.1. De-anonymization prevention measures
14.2. Anonymous, scoped, non-correlatable public key credentials
14.3. Authenticator-local biometric recognition
14.4. Attestation Privacy
14.5. Registration Ceremony Privacy
14.6. Authentication Ceremony Privacy
14.7. Privacy between operating system accounts
Perhaps we should divide them into subsections by audience - maybe something like this?
The text was updated successfully, but these errors were encountered: