FIDO conformance test : Root certificate in the x5c chain #683
suren-khatana
started this conversation in
Troubleshooting
Replies: 1 comment
-
|
Hello @suren-khatana, sorry for the delayed response. It's probably an issue I introduced with #650 when I was trying to add support for intermediate certs as trust anchors for attestation verification. I'll take a look in the next few days and probably make an issue to fix this to bring the library back into conformance. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
I am running a FIDO conformance test again my server and I am bit confused with the following test case :
F-10 Send ServerAuthenticatorAttestationResponse with FULL "packed" attestation, with attStmt.x5c containing full chain, and check that server returns an errorSample attestation response from the tool :
As
SimpleWebAuthnis FIDO certified , I wonder how does it work since by looking at validateCertificatePath , it seems that root certificates are allowed in the x5c chain where as the FIDO test tool expect that test case to fail.Any insights will be appreciated.
Beta Was this translation helpful? Give feedback.
All reactions