Web Authentication: An API for accessing Scoped Public Key Credentials

1. Introduction

This section is not normative.

This specification defines an API enabling the creation and use of strong, attested, cryptographic scoped, public key-based credentials by web applications, for the purpose of strongly authenticating users. A scoped public key credential is created and stored by an authenticator at the behest of a Relying Party, subject to user consent. Subsequently, the scoped public key credential can only be accessed by origins belonging to that Relying Party. This scoping is enforced jointly by conforming User Agents and authenticators. Additionally, privacy across Relying Parties is maintained; Relying Parties are not able to detect any properties, or even the existence, of credentials scoped to other Relying Parties.

Relying Parties employ the Web Authentication API during two distinct, but related, ceremonies involving a user. The first is Registration, where a scoped public key credential is created on an authenticator, and associated by a Relying Party with the present user’s account (the account may already exist or may be created at this time). The second is Authentication, where the Relying Party is presented with an Authentication Assertion proving the presence and consent of the user who registered the scoped public key credential. Functionally, the Web Authentication API comprises two methods (along with associated data structures): makeCredential() and getAssertiona PublicKeyCredential which extends the Credential Management API [CREDENTIAL-MANAGEMENT-1], and infrastructure which allows those credentials to be used with navigator.credentials.create() and navigator.credentials.get(). The former is used during Registration, and the latter during Authentication.

Broadly, compliant authenticators protect scoped public key credentials, and interact with user agents to implement the Web Authentication API. Some authenticators may run on the same computing device (e.g., smart phone, tablet, desktop PC) as the user agent is running on. For instance, such an authenticator might consist of a Trusted Execution Environment (TEE) applet, a Trusted Platform Module (TPM), or a Secure Element (SE) integrated into the computing device in conjunction with some means for user verification, along with appropriate platform software to mediate access to these components' functionality. Other authenticators may operate autonomously from the computing device running the user agent, and be accessed over a transport such as Universal Serial Bus (USB), Bluetooth Low Energy (BLE) or Near Field Communications (NFC).

1.1. Use Cases

The below use case scenarios illustrate use of two very different types of authenticators, as well as outline further scenarios. Additional scenarios, including sample code, are given later in §11 Sample scenarios.

1.1.1. Registration

• On a phone:

  • User navigates to example.com in a browser and signs in to an existing account using whatever method they have been using (possibly a legacy method such as a password), or creates a new account.

  • The phone prompts, "Do you want to register this device with example.com?"

  • User agrees.

  • The phone prompts the user for a previously configured authorization gesture (PIN, biometric, etc.); the user provides this.

  • Website shows message, "Registration complete."

1.1.2. Authentication

• On a laptop or desktop:

  • User navigates to example.com in a browser, sees an option to "Sign in with your phone."

  • User chooses this option and gets a message from the browser, "Please complete this action on your phone."

• Next, on their phone:

  • User sees a discrete prompt or notification, "Sign in to example.com."

  • User selects this prompt / notification.

  • User is shown a list of their example.com identities, e.g., "Sign in as Alice / Sign in as Bob."

  • User picks an identity, is prompted for an authorization gesture (PIN, biometric, etc.) and provides this.

• Now, back on the laptop:

  • Web page shows that the selected user is signed-in, and navigates to the signed-in page.

1.1.3. Other use cases and configurations

A variety of additional use cases and configurations are also possible, including (but not limited to):

• A user navigates to example.com on their laptop, is guided through a flow to create and register a credential on their phone.

• A user obtains an discrete, roaming authenticator, such as a "fob" with USB or USB+NFC/BLE connectivity options, loads example.com in their browser on a laptop or phone, and is guided though a flow to create and register a credential on the fob.

• A Relying Party prompts the user for their authorization gesture in order to authorize a single transaction, such as a payment or other financial transaction.

2. Conformance

This specification defines criteria for a Conforming User Agent: A User Agent MUST behave as described in this specification in order to be considered conformant. Conforming User Agents MAY implement algorithms given in this specification in any way desired, so long as the end result is indistinguishable from the result that would be obtained by the specification’s algorithms. A conforming User Agent MUST also be a conforming implementation of the IDL fragments of this specification, as described in the “Web IDL” specification. [WebIDL-1]

This specification also defines a model of a conformant authenticator (see §5 WebAuthn Authenticator model). This is a set of functional and security requirements for an authenticator to be usable by a Conforming User Agent. As described in §1.1 Use Cases, an authenticator may be implemented in the operating system underlying the User Agent, or in external hardware, or a combination of both.

2.1. Dependencies

This specification relies on several other underlying specifications, listed below and in Terms defined by reference.

Base64url encoding

The term Base64url Encoding refers to the base64 encoding using the URL- and filename-safe character set defined in Section 5 of [RFC4648], with all trailing '=' characters omitted (as permitted by Section 3.2) and without the inclusion of any line breaks, whitespace, or other additional characters.

CBOR

A number of structures in this specification, including attestation statements and extensions, are encoded using the Compact Binary Object Representation (CBOR) [RFC7049].

CDDL

This specification describes the syntax of all CBOR-encoded data using the CBOR Data Definition Language (CDDL) [CDDL].

Credential Management

The API described in this document is an extension of the Credential concept defined in [CREDENTIAL-MANAGEMENT-1].

DOM

DOMException and the DOMException values used in this specification are defined in [DOM4].

ECMAScript

%ArrayBuffer% is defined in [ECMAScript].

HTML

The concepts of current relevant settings object, origin, opaque origin, relaxing the same-origin restriction, and the Navigator interface and is a registrable domain suffix of or is equal to are defined in [HTML51HTML52].

Web Cryptography API

The AlgorithmIdentifier type and the method for normalizing an algorithm are defined in Web Cryptography API §algorithm-dictionary.

Web IDL

Many of the interface definitions and all of the IDL in this specification depend on [WebIDL-1]. This updated version of the Web IDL standard adds support for Promises Promises, which are now the preferred mechanism for asynchronous interaction in all new web APIs.

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119].

3. Terminology

ASCII case-insensitive match

A method of testing two strings for equality by comparing them exactly, code point for code point, except that the codepoints in the range U+0041 .. U+005A (i.e. LATIN CAPITAL LETTER A to LATIN CAPITAL LETTER Z) and the corresponding codepoints in the range U+0061 .. U+007A (i.e. LATIN SMALL LETTER A to LATIN SMALL LETTER Z) are also considered to match.

Assertion

See Authentication Assertion.

Attestation

Generally, a statement that serves to bear witness, confirm, or authenticate. In the WebAuthn context, attestation is employed to attest to the provenance of an authenticator and the data it emits; including, for example: credential IDs, credential key pairs, signature counters, etc. Attestation information is conveyed in attestation objects. See also attestation statement format, and attestation type.

Attestation Certificate

A X.509 Certificate for the attestation key pair used by an Authenticator authenticator to attest to its manufacture and capabilities. At registration time, the authenticator uses the attestation private key to sign the Relying Party-specific credential public key (and additional data) that it generates and returns via the authenticatorMakeCredential operation. Relying Parties use the attestation public key conveyed in the attestation certificate to verify the attestation signature. Note that in the case of self attestation, the authenticator has no distinct attestation key pair nor attestation certificate, see self attestation for details.

Authentication

The ceremony where a user, and the user’s computing device(s) (containing at least one authenticator) work in concert to cryptographically prove to an Relying Party that the user controls the private key associated with a previously-registered scoped public key credential (see Registration). Note that this includes employing user verification.

Authentication Assertion

The cryptographically signed AuthenticationAssertion AuthenticatorAssertionResponse object returned by an authenticator as the result of a authenticatorGetAssertion operation.

Authenticator

A cryptographic device used by a WebAuthn Client to (i) generate a scoped public key credential and register it with a Relying Party, and (ii) subsequently used to cryptographically sign and return, in the form of an Authentication Assertion, a challenge and other data presented by a Relying Party (in concert with the WebAuthn Client) in order to effect authentication.

Authorization Gesture

Essentially the same as user verification.

An authorization gesture is a physical interaction performed by a user with an authenticator as part of a ceremony, such as registration or authentication. By making such an authorization gesture, a user provides consent for (i.e., authorizes) a ceremony to proceed. This may involve user verification if the employed authenticator is capable, or it may involve a simple test of user presence.

Biometric Recognition

The automated recognition of individuals based on their biological and behavioral characteristics [ISOBiometricVocabulary].

Ceremony

The concept of a ceremony [Ceremony] is an extension of the concept of a network protocol, with human nodes alongside computer nodes and with communication links that include UIuser interface(s), human-to-human communication, and transfers of physical objects that carry data. What is out-of-band to a protocol is in-band to a ceremony. In this specification, Registration, and Authentication are ceremonies, and user verification are an authorization gesture is often a component of those ceremonies.

Client

See Conforming User Agent.

Conforming User Agent

A user agent implementing, in conjunction with the underlying platform, the Web Authentication API and algorithms given in this specification, and handling communication between Authenticators authenticators and Relying Parties.

Credential Public Key

The public key portion of an Relying Party-specific credential key pair, generated by an authenticator and returned to an Relying Party at registration time (see also scoped public key credential). The private key portion of the credential key pair is known as the credential private key. Note that in the case of self attestation, the credential key pair is also used as the attestation key pair, see self attestation for details.

Registration

The ceremony where a user, a Relying Party, and the user’s computing device(s) (containing at least one authenticator) work in concert to create a scoped public key credential and associate it with the user’s Relying Party account. Note that this includes employing user verification.

Relying Party

The entity whose web application utilizes the Web Authentication API to register and authenticate users. See Registration and Authentication, respectively.

Note: While the term Relying Party is used in other contexts (e.g., X.509 and OAuth), an entity acting as a Relying Party in one context is not necessarily a Relying Party in other contexts.

Relying Party Identifier

RP ID

An identifier for the Relying Party on whose behalf a given registration or authentication ceremony is being performed. Scoped Public Key credentials can only be used for authentication by the same entity (as identified by RP ID) that created and registered them. By default, the RP ID for a WebAuthn operation is set to the current origin specified by the relevant settings object’s origin of the CredentialsContainer object. This default can be overridden by the caller subject to certain restrictions, as specified in §4.1.1 3 Create a new credential - makeCredential(PublicKeyCredential’s \[[Create]](options) method and §4.1.2 4 Use an existing credential - getAssertion(PublicKeyCredential::[[DiscoverFromExternalSource]](options) method.

Scoped Public Key Credential

Generically, a credential is data one entity presents to another in order to authenticate the former’s identity [RFC4949]. A WebAuthn scoped public key credential is a { identifier, type } pair identifying authentication information established by the authenticator and the Relying Party, together, at registration time. The authentication information consists of an asymmetric key pair, where the public key portion is returned to the Relying Party, which stores it in conjunction with the present user’s account. The authenticator maps the private key to the Relying Party’s RP ID and stores it. Subsequently, only that Relying Party, as identified by its RP ID, is able to employ the scoped public key credential in authentication ceremonies, via the getAssertion get() method. The Relying Party uses its copy of the stored public key to verify the resultant Authentication Assertion.

Test of User Presence

TUP

A test of user presence is a simple form of authorization gesture and technical process where a user interacts with an authenticator by (typically) simply touching it (other modalities may also exist), yielding a boolean result. Note that this does not constitute user verification because TUP, by definition, is not capable of biometric recognition, nor does it involve the presentation of a shared secret such as a password or PIN.

Client-side-resident Credential Private Key

A Client-side-resident Credential Private Key is stored either on the client platform, or in some cases on the authenticator itself, e.g., in the case of a discrete first-factor roaming authenticator. Such client-side credential private key storage has the property that the authenticator is able to select the credential private key given only an RP ID, possibly with user assistance (e.g., by providing the user a pick list of credentials associated with the RP ID). By definition, the private key is always exclusively controlled by the Authenticator. In the case of a Client-side-resident Credential Private Key, the Authenticator might offload storage of wrapped key material to the client platform, but the client platform is not expected to offload the key storage to remote entities (e.g. RP Server).

Client-Side

This refers in general to the combination of the user’s platform device, user agent, authenticators, and everything gluing it all together.

User Consent

User consent means the user agrees with what they are being asked, i.e., it encompasses reading and understanding prompts. User verification encompasses the means employed by the user to indicate An authorization gesture is a ceremony component often employed to indicate user consent.

User Verification

The technical process by which an authenticator locally authorizes the invocation of the authenticatorMakeCredential and authenticatorGetAssertion operations, . User verification may be instigated through various authorization gesture modalities; for example, through a touch plus pin code, a password entry, a gesture or biometric recognition (e.g., presenting a fingerprint) , or other modality. [ISOBiometricVocabulary]. The intent is to be able to distinguish individual users. Note that invocation of said the authenticatorMakeCredential and authenticatorGetAssertion operations implies use of key material managed by the authenticator. Note that for security, user verification and use of credential private keys must occur within a single logical security boundary defining the authenticator.

User Verified

Upon successful completion of a user verification process, the user is said to be "verified".

WebAuthn Client

Also referred to herein as simply a client. See also Conforming User Agent.

4. Web Authentication API

This section normatively specifies the API for creating and using scoped public key credentials. The basic idea is that the credentials belong to the user and are managed by an authenticator, with which the Relying Party interacts through the client (consisting of the browser and underlying OS platform). Scripts can (with the user’s consent) request the browser to create a new credential for future use by the Relying Party. Scripts can also request the user’s permission to perform authentication operations with an existing credential. All such operations are performed in the authenticator and are mediated by the browser and/or platform on the user’s behalf. At no point does the script get access to the credentials themselves; it only gets information about the credentials in the form of objects.

In addition to the above script interface, the authenticator may implement (or come with client software that implements) a user interface for management. Such an interface may be used, for example, to reset the authenticator to a clean state or to inspect the current state of the authenticator. In other words, such an interface is similar to the user interfaces provided by browsers for managing user state such as history, saved passwords and cookies. Authenticator management actions such as credential deletion are considered to be the responsibility of such a user interface and are deliberately omitted from the API exposed to scripts.

The security properties of this API are provided by the client and the authenticator working together. The authenticator, which holds and manages credentials, ensures that all operations are scoped to a particular origin, and cannot be replayed against a different origin, by incorporating the origin in its responses. Specifically, as defined in §5.2 Authenticator operations, the full origin of the requester is included, and signed over, in the attestation object produced when a new credential is created as well as in all assertions produced by WebAuthn credentials.

Additionally, to maintain user privacy and prevent malicious Relying Parties from probing for the presence of credentials belonging to other Relying Parties, each credential is also associated with a Relying Party Identifier, or RP ID. This RP ID is provided by the client to the authenticator for all operations, and the authenticator ensures that credentials created by a Relying Party can only be used in operations requested by the same RP ID. Separating the origin from the RP ID in this way allows the API to be used in cases where a single Relying Party maintains multiple origins.

The client facilitates these security measures by providing correct origins and RP IDs to the authenticator for each operation. Since this is an integral part of the WebAuthn security model, user agents MUST only expose this API to callers in secure contexts, as defined in [secure-contexts].

The Web Authentication API is defined by the union of the Web IDL fragments presented in the following sections. A combined IDL listing is given in the IDL Index. The API is defined as a part of the Navigator interface:

4.1.

PublicKeyCredential Interface

The PublicKeyCredential interface inherits from Credential [CREDENTIAL-MANAGEMENT-1], and contains the attributes that are returned to the caller when a new credential is created, or a new assertion is requested.

[SecureContext]
interface WebAuthenticationPublicKeyCredential {: Credential {
  Promise<ScopedCredentialInfo> makeCredential( readonly attribute ArrayBuffer      Account     rawId;
    readonly attribute AuthenticatorResponse response;
    readonly attribute AuthenticationExtensions clientExtensionResults;
        accountInformation,
        sequence<ScopedCredentialParameters> cryptoParameters,
        BufferSource                         attestationChallenge,
        optional ScopedCredentialOptions     options
    );

    Promise<AuthenticationAssertion> getAssertion(
        BufferSource                    assertionChallenge,
        optional AssertionOptions       options
    );
};

This interface has two methods, which are described in the following subsections.

};

id

This attribute is inherited from Credential, though PublicKeyCredential overrides Credential's getter, instead returning the base64url encoding of the data contained in the object’s [[identifier]] internal slot.

rawId

This attribute returns the ArrayBuffer contained in the [[identifier]] internal slot.

response, of type AuthenticatorResponse, readonly

This attribute contains the authenticator's response to the client’s request to either create a public key credential, or generate an authentication assertion. If the PublicKeyCredential is created in response to create(), this attribute’s value will be an AuthenticatorAttestationResponse, otherwise, the PublicKeyCredential was created in response to get(), and this attribute’s value will be an AuthenticatorAssertionResponse.

clientExtensionResults, of type AuthenticationExtensions, readonly

This attribute contains a map containing extension identifier → client extension output entries produced by the extension’s client extension processing.

[[type]]

The PublicKeyCredential interface object's [[type]] internal slot's value is the string "public-key".

Note: This is reflected via the type attribute getter inherited from Credential.

[[discovery]]

The PublicKeyCredential interface object's [[discovery]] internal slot's value is "remote".

[[identifier]]

This internal slot contains an identifier for the credential, chosen by the platform with help from the authenticator. This identifier is used to look up credentials for use, and is therefore expected to be globally unique with high probability across all credentials of the same type, across all authenticators. This API does not constrain the format or length of this identifier, except that it must be sufficient for the platform to uniquely select a key. For example, an authenticator without on-board storage may create identifiers containing a credential private key wrapped with a symmetric key that is burned into the authenticator.

PublicKeyCredential's interface object inherits Credential's implementation of [[CollectFromCredentialStore]](options) and [[Store]](credential), and defines its own implementation of [[DiscoverFromExternalSource]](options) and [[Create]](options).

4.1.1. CredentialRequestOptions Extension

To support obtaining assertions via navigator.credentials.get(), this document extends the CredentialRequestOptions dictionary as follows:

partial dictionary CredentialRequestOptions {
    PublicKeyCredentialRequestOptions? publicKey;
};

4.1.2. CredentialCreationOptions Extension

To support registration via navigator.credentials.create(), this document extends the CredentialCreationOptions dictionary as follows:

partial dictionary CredentialCreationOptions {
    MakeCredentialOptions? publicKey;
};

4.1.3. Create a new credential - PublicKeyCredential’s \[[Create]](options) method

PublicKeyCredential's interface object's implementation of the [[Create]](options) method allows scripts to call navigator.credentials.create() to request the creation of a new credential key pair and PublicKeyCredential, managed by an authenticator. The user agent will prompt the user

• Any calls to getAssertion() that do not specify allowList will not result in the older credential being offered to the user.

• Any calls to getAssertion() that specify the older credential in the allowList may also not result in it being offered to the user.

for consent. On success, the returned promise will be resolved with a

This method takes the following parameters:

PublicKeyCredential containing an AuthenticatorAttestationResponse object.

Note: This algorithm is synchronous; the Promise resolution/rejection is taken care of by navigator.credentials.create().

This method accepts a single argument:

options

This argument is a CredentialCreationOptions object whose options["publicKey"] member contains a MakeCredentialOptions object specifying how the credential is to be made.

When this method is invoked, the user agent MUST execute the following algorithm:

1. Assert: options["publicKey"] is present.

2. Let options be the value of options["publicKey"].

3. If any of the name member of options.rp, the name member of options.user, the displayName member of options.user, or the id member of options.user are not present, return a TypeError simple exception.

4. If the timeout member of options is present, check if its value lies within a reasonable range as defined by the platform and if not, correct it to the closest value lying within that range. Set adjustedTimeout to this adjusted value. If the timeout

1. member of options is not present, then set adjustedTimeout to a platform-specific default.

2. Let

1. global be the PublicKeyCredential interface object's environment settings object’s global object.

2. Let callerOrigin be the origin specified by this PublicKeyCredential interface object's relevant settings object. If callerOrigin is an opaque origin,

1. return a DOMException whose name is "NotAllowedError", and terminate this algorithm.

2. If the

1. id member of options.rp is not present, then set rpId to callerOrigin.

1. Otherwise:

   1. Let effectiveDomain be the callerOrigin’s effective domain.

   2. If effectiveDomain is null, then return a DOMException whose name is "SecurityError" and terminate this algorithm.

   3. If options.rp.id is not a registrable domain suffix of and is not equal to effectiveDomain, return a DOMException whose name is "SecurityError", and terminate this algorithm.

Process each element of cryptoParameters using the following steps, to produce a new sequence normalizedParameters.

1. 1. Set rpId to options.rp.id.

2. Let normalizedParameters be a new list whose items are pairs of PublicKeyCredentialType and a dictionary type (as returned by normalizing an algorithm).

3. For each current of options.parameters:

   1. If current.type does not contain a

1. 1. PublicKeyCredentialType supported by this implementation, then

1. 1. continue.

   2. Let normalizedAlgorithm be the result of normalizing an algorithm [WebCryptoAPI], with alg set to current.algorithm and op set to

1. 1. "generateKey

1. 1. ". If an error occurs during this procedure, then

1. 1. continue.

   2. Append the pair of current.type and

1. 1. normalizedAlgorithm to

1. 1. normalizedParameters.

2. If

1. normalizedParameters is empty and

1. options.parameters is not empty, cancel the timer started in step 2,

1. return a DOMException whose name is "NotSupportedError", and terminate this algorithm.

2. Let clientExtensions be a new map and let authenticatorExtensions be a new map.

3. If the extensions member of options is present,

1. then for each extensionId → clientExtensionInput of options.extensions:

   1. If extensionId is not supported by this client platform or is not a registration extension,

For each authenticator in currentlyAvailableAuthenticators: asynchronously invoke the authenticatorMakeCredential operation on that authenticator with rpId, clientDataHash, accountInformation, normalizedParameters, excludeList and clientExtensions as parameters. Add a corresponding entry to issuedRequests.

1. 1. then continue.

   2. Set clientExtensions[extensionId] to clientExtensionInput.

   3. If extensionId is not an authenticator extension, then continue.

   4. Let authenticatorExtensionInput be the (CBOR) result of running extensionId’s client extension processing algorithm on clientExtensionInput. If the algorithm returned an error, continue.

   5. Set authenticatorExtensions[extensionId] to the base64url encoding of authenticatorExtensionInput.

2. Let collectedClientData be a new CollectedClientData instance whose fields are:

   challenge

   The base64url encoding of options.challenge

   origin

   The unicode serialization of rpId

   hashAlg

   The recognized algorithm name of the hash algorithm selected by the client for generating the hash of the serialized client data

   tokenBinding

   The Token Binding ID associated with callerOrigin, if one is available.

   clientExtensions

   clientExtensions

   authenticatorExtensions

   authenticatorExtensions

3. Let clientDataJSON be the JSON-serialized client data constructed from collectedClientData.

4. Let clientDataHash be the hash of the serialized client data represented by clientDataJSON.

5. Let currentlyAvailableAuthenticators be a new ordered set consisting of all authenticators available on this platform.

6. Let selectedAuthenticators be a new ordered set.

7. If currentlyAvailableAuthenticators is empty, return a DOMException whose name is "NotFoundError", and terminate this algorithm.

8. If options.authenticatorSelection is present, iterate through currentlyAvailableAuthenticators and do the following for each authenticator:

   1. If attachment is present and its value is not equal to authenticator’s attachment modality, continue.

   2. If requireResidentKey is set to true and the authenticator is not capable of storing a Client-Side-Resident Credential Private Key, continue.

   3. Append authenticator to selectedAuthenticators.

9. If selectedAuthenticators is empty, return a DOMException whose name is "ConstraintError", and terminate this algoritm.

10. Let issuedRequests be a new ordered set.

11. For each authenticator in currentlyAvailableAuthenticators:

    1. Let excludeList be a new list.

    2. For each credential C in options.excludeList:

       1. If C.transports is not empty, and authenticator is connected over a transport not mentioned in C.transports, the client MAY continue.

       2. Otherwise, Append C to excludeList.

    3. In parallel, invoke the authenticatorMakeCredential operation on authenticator with rpId, clientDataHash, options.rp, options.user, normalizedParameters, excludeList, and authenticatorExtensions as parameters.

    4. Append authenticator to issuedRequests.

12. Start a timer for adjustedTimeout milliseconds. Then execute the following steps in parallel. The task source for these tasks is the dom manipulation task source.

13. While issuedRequests is not empty, perform the following actions depending upon the adjustedTimeout timer and responses from the authenticators:

    If the adjustedTimeout timer expires,

1. For each

1. authenticator in issuedRequests invoke the authenticatorCancel operation on

1. authenticator and remove

1. authenticator from

1. issuedRequests.

1. If any authenticator returns a status indicating that the user cancelled the operation,

1. 1. Remove authenticator from issuedRequests.

   2. For each remaining

1. 1. authenticator in issuedRequests invoke the authenticatorCancel operation on

1. 1. authenticator and remove

1. 1. it from

1. 1. issuedRequests.

   If any authenticator returns an error status,

1. Remove authenticator from issuedRequests.

1. If any authenticator indicates success

1. ,

   1. Remove

1. 1. authenticator from issuedRequests.

1. 1. Let attestationObject be a new ArrayBuffer, created using global’s %ArrayBuffer%, containing the bytes of the value returned from the successful authenticatorMakeCredential operation (which is attObj, as defined in §5.3.4 Generating an Attestation Object).

   2. Let id be attestationObject.authData.attestation data.credential ID (see §5.3.1 Attestation data and §5.1 Authenticator data).

   3. Let value be a new PublicKeyCredential object associated with global whose fields are:

      [[identifier]]

      id

      response

      A new AuthenticatorAttestationResponse object associated with global whose fields are:

      clientDataJSON

      A new ArrayBuffer, created using global’s %ArrayBuffer%, containing the bytes of clientDataJSON.

      attestationObject

      attestationObject

      clientExtensionResults

      A new AuthenticationExtensions object containing the extension identifier → client extension output entries created by running each extension’s client extension processing algorithm to create the client extension outputs, for each client extension in clientDataJSON.clientExtensions.

   4. For each remaining authenticator in issuedRequests invoke the authenticatorCancel operation on

1. 1. authenticator and remove

1. 1. it from

1. 1. issuedRequests.

1. 1. Return value and terminate this algorithm.

1. Return a DOMException whose name is "NotAllowedError"

1. .

During the above process, the user agent SHOULD show some UI to the user to guide them in the process of selecting and authorizing an authenticator.

4.1.

4. Use an existing credential -

PublicKeyCredential::[[DiscoverFromExternalSource]](options) method

4.2.

Authenticator Responses (interface

AuthenticatorResponse)

Authenticators respond to relying party requests by returning an object derived from the AuthenticatorResponse interface:

[SecureContext]
interface ScopedCredentialInfoAuthenticatorResponse {
    readonly    attribute ArrayBuffer   clientDataJSON;
    readonly    attribute ArrayBuffer   attestationObject;
};

4.2.1. Information about Public Key Credential (interface AuthenticatorAttestationResponse)

The AuthenticatorAttestationResponse interface represents

the authenticator's response to a client’s request for the creation of a new public key credential. It contains information about the new credential that can be used to

identify it for later

use, and

metadata that can be used by the Relying Party to assess the

characteristics of the credential during registration.

[SecureContext]
interface AuthenticatorAttestationResponse : AuthenticatorResponse {
    readonly attribute ArrayBuffer attestationObject;
};

4.

2.2. Web Authentication Assertion (interface AuthenticatorAssertionResponse)

The AuthenticatorAssertionResponse interface represents an authenticator's response to a client’s request for generation of a new authentication assertion given the Relying Party's challenge and optional list of credentials it is aware of. This response contains a cryptographic signature proving possession of the credential private key, and optionally evidence of user consent to a specific transaction.

[SecureContext]
interface AuthenticatorAssertionResponse : AuthenticatorResponse {
    readonly attribute ArrayBuffer      authenticatorData;
    DOMStringreadonly attribute ArrayBuffer        name;
    DOMString          imageURL;
signature;
};

4.3. Parameters for Credential Generation (dictionary

PublicKeyCredentialParameters)

dictionary ScopedCredentialParametersPublicKeyCredentialParameters {
    required ScopedCredentialTypePublicKeyCredentialType  type;
    required AlgorithmIdentifier   algorithm;
};

4.

4. User Account Parameters for Credential Generation (dictionary

PublicKeyCredentialUserEntity)

dictionary ScopedCredentialOptionsPublicKeyCredentialUserEntity : PublicKeyCredentialEntity {
    unsignedDOMString longdisplayName;
};

4.5. Options for Credential Creation (dictionary MakeCredentialOptions)

dictionary MakeCredentialOptions {
    required PublicKeyCredentialEntity rp;
    required PublicKeyCredentialUserEntity user;

    timeout;required BufferSource    USVString                     challenge;
    required sequence<PublicKeyCredentialParameters> rpIdparameters;

   sequence<ScopedCredentialDescriptor> excludeListunsigned =long [];     Attachment                  timeout;
    sequence<PublicKeyCredentialDescriptor> excludeList;
  attachment  AuthenticatorSelectionCriteria       authenticatorSelection;
    AuthenticationExtensions             extensions;
};

4.5.1. Entity Description

The PublicKeyCredentialEntity dictionary describes a user account or a relying party with which a credential is associated.

dictionary PublicKeyCredentialEntity {
    DOMString id;
    DOMString name;
    USVString icon;
};

4.5.2. Authenticator Selection Criteria

Relying Parties may use the AuthenticatorSelectionCriteria dictionary to specify their requirements regarding authenticator attributes.

dictionary AuthenticatorSelectionCriteria {
    Attachment    attachment;
    boolean       requireResidentKey = false;
};

4.5.

3. Credential Attachment enumeration (enum Attachment)

enum Attachment {
    "platform",
    "cross-platform"
};

Clients may communicate with authenticators using a variety of mechanisms. For example, a client may use a platform-specific API to communicate with an authenticator which is physically bound to a platform. On the other hand, a client may use a variety of standardized cross-platform transport protocols such as Bluetooth (see §4.

8.

4 Credential Transport enumeration (enum ExternalTransport)) to discover and communicate with cross-platform attached authenticators. Therefore, we use Attachment to describe an authenticator's attachment modality. We define authenticators that are part of the client’s platform as having a platform attachment, and refer to them as platform authenticators. While those that are reachable via cross-platform transport protocols are defined as having cross-platform attachment, and refer to them as roaming authenticators.

• platform attachment - the respective authenticator is attached using platform-specific transports. Usually, authenticators of this class are non-removable from the platform.
• cross-platform attachment - the respective authenticator is attached using cross-platform transports. Authenticators of this class are removable from, and can "roam" among, client platforms.

This distinction is important because there are use-cases where only platform authenticators are acceptable to a Relying Party, and conversely ones where only roaming authenticators are employed. As a concrete example of the former, a credential on a platform authenticator may be used by Relying Parties to quickly and conveniently reauthenticate the user with a minimum of friction, e.g., the user will not have to dig around in their pocket for their key fob or phone. As a concrete example of the latter, when the user is accessing the Relying Party from a given client for the first time, they may be required to use a roaming authenticator which was originally registered with the Relying Party using a different client.

4.6.

Options for Assertion Generation (

dictionary PublicKeyCredentialRequestOptions)

The PublicKeyCredentialRequestOptions dictionary supplies get() with the data it needs to generate an assertion. Its challenge member must be present, while its other members are optional.

dictionary PublicKeyCredentialRequestOptions {
    readonlyrequired attributeBufferSource ScopedCredential  credential;     readonly attribute ArrayBuffer       clientDataJSONchallenge;
    readonly attribute ArrayBuffer       authenticatorData;
    readonly attribute ArrayBuffer       signature;
};

Scoped credentials produce a cryptographic signature that provides proof of possession of a private key as well as evidence of user consent to a specific transaction. The structure of these signatures is defined as follows.

The authenticatorData attribute contains the serialized data returned by the authenticator. See §5.1 Authenticator data.

dictionary AssertionOptions {
    unsigned long                        timeout;
    USVString                            rpId;
    sequence<ScopedCredentialDescriptorPublicKeyCredentialDescriptor> allowList = [];
    AuthenticationExtensions             extensions;
};

challenge, of type BufferSource

This member represents a challenge that the selected authenticator signs, along with other data, when producing an authentication assertion.

timeout, of type unsigned long

This optional member specifies a time, in milliseconds, that the caller is willing to wait for the call to complete.

The value is treated as a hint, and may be overridden by the platform.

rpId, of type USVString

This optional member specifies the relying party identifier claimed by the caller. If

omitted,

its value will be

the ASCII serialization of the CredentialsContainer object’s relevant settings object's origin.

allowList, of type sequence<PublicKeyCredentialDescriptor>, defaulting to None

This optional member contains a list of PublicKeyCredentialDescriptor object representing public key credentials acceptable to the caller, in decending order of the caller’s preference

(the first item in the list is the most preferred credential, and so on down the line).

extensions, of type AuthenticationExtensions

This optional member contains additional parameters requesting additional processing by the client and authenticator. For example, if transaction confirmation is sought from the user, then the prompt string

might be included

as an extension.

4.

7. Authentication

Extensions (

typedef AuthenticationExtensions)

dictionary AuthenticationExtensions {
}typedef record<DOMString, any> AuthenticationExtensions;

This is a dictionary containing zero or more WebAuthn extensions, as defined in §8 WebAuthn Extensions. An extension is an additional parameter that can be passed to the getAssertion() method and triggers some additional processing by the client platform and/or the authenticator.If the caller wishes to pass extensions to the platform, it MUST do so by adding one entry per extension to this dictionary with the extension identifier as the key, and the extension’s value as the value (see §8 WebAuthn Extensions for details)AuthenticationExtensions instance can contain either client extensions or authenticator extensions, depending upon context.

4.

8. Supporting Data Structures

The scoped public key credential type uses certain data structures that are specified in supporting specifications. These are as follows.

4.

8.1. Client data used in WebAuthn signatures (dictionary

CollectedClientData)

The client data represents the contextual bindings of both the Relying Party and the client platform. It is a key-value mapping with string-valued keys. Values may be any type that has a valid encoding in JSON. Its structure is defined by the following Web IDL.

dictionary ClientDataCollectedClientData {
    required DOMString           challenge;
    required DOMString           origin;
    required AlgorithmIdentifier DOMString           hashAlg;
    DOMString                    tokenBinding;
    AuthenticationExtensions     extensionsclientExtensions;
    AuthenticationExtensions     authenticatorExtensions;
};

4.

8.2. Credential Type enumeration (enum

PublicKeyCredentialType)

enum ScopedCredentialTypePublicKeyCredentialType {
    "ScopedCredpublic-key"
};

4.

8.3.

Credential

This interface contains the attributes that are returned to the caller when a new credential is created, and can be used later by the caller to select a credential for use.

Descriptor (dictionary PublicKeyCredentialDescriptor)

dictionary PublicKeyCredentialDescriptor {
    required ScopedCredentialTypePublicKeyCredentialType type;
    required BufferSource id;
    sequence<Transport>   transports;
};

This dictionary contains the attributes that are specified by a caller when referring to a credential as an input parameter to the makeCredentialcreate() or getAssertionget() method methods. It mirrors the fields of the ScopedCredential PublicKeyCredential object returned by these the latter methods.

4.

8.

4. Credential Transport enumeration (enum ExternalTransport)

enum Transport {
    "usb",
    "nfc",
    "ble"
};

4.

8.

5. Cryptographic Algorithm Identifier (type AlgorithmIdentifier)

A string or dictionary identifying a cryptographic algorithm and optionally a set of parameters for that algorithm. This type is defined in [WebCryptoAPI].

5. WebAuthn Authenticator model

The API defined in this specification implies a specific abstract functional model for an authenticator. This section describes the authenticator model.

Client platforms may implement and expose this abstract model in any way desired. However, the behavior of the client’s Web Authentication API implementation, when operating on the authenticators supported by that platform, MUST be indistinguishable from the behavior specified in §4 Web Authentication API.

For authenticators, this model defines the logical operations that they must support, and the data formats that they expose to the client and the Relying Party. However, it does not define the details of how authenticators communicate with the client platform, unless they are required for interoperability with Relying Parties. For instance, this abstract model does not define protocols for connecting authenticators to clients over transports such as USB or NFC. Similarly, this abstract model does not define specific error codes or methods of returning them; however, it does define error behavior in terms of the needs of the client. Therefore, specific error codes are mentioned as a means of showing which error conditions must be distinguishable (or not) from each other in order to enable a compliant and secure client implementation.

In this abstract model, the authenticator provides key management and cryptographic signatures. It may be embedded in the WebAuthn client, or housed in a separate device entirely. The authenticator may itself contain a cryptographic module which operates at a higher security level than the rest of the authenticator. This is particularly important for authenticators that are embedded in the WebAuthn client, as in those cases this cryptographic module (which may, for example, be a TPM) could be considered more trustworthy than the rest of the authenticator.

Each authenticator stores some number of scoped public key credentials. Each scoped public key credential has an identifier which is unique (or extremely unlikely to be duplicated) among all scoped public key credentials. Each credential is also associated with a Relying Party, whose identity is represented by a Relying Party Identifier (RP ID).

Each authenticator has an AAGUID, which is a 128-bit identifier that indicates the type (e.g. make and model) of the authenticator. The AAGUID MUST be chosen by the manufacturer to be identical across all substantially identical authenticators made by that manufacturer, and different (with probability 1-2^-128 or greater) from the AAGUIDs of all other types of authenticators. The RP MAY use the AAGUID to infer certain properties of the authenticator, such as certification level and strength of key protection, using information from other sources.

The primary function of the authenticator is to provide WebAuthn signatures, which are bound to various contextual data. These data are observed, and added at different levels of the stack as a signature request passes from the server to the authenticator. In verifying a signature, the server checks these bindings against expected values. These contextual bindings are divided in two: Those added by the RP or the client, referred to as client data; and those added by the authenticator, referred to as the authenticator data. The authenticator signs over the client data, but is otherwise not interested in its contents. To save bandwidth and processing requirements on the authenticator, the client hashes the ClientData client data and sends only the result to the authenticator. The authenticator signs over the combination of this clientDataHashthe hash of the serialized client data, and its own authenticator data.

The goals of this design can be summarized as follows.

• The scheme for generating signatures should accommodate cases where the link between the client platform and authenticator is very limited, in bandwidth and/or latency. Examples include Bluetooth Low Energy and Near-Field Communication.

• The data processed by the authenticator should be small and easy to interpret in low-level code. In particular, authenticators should not have to parse high-level encodings such as JSON.

• Both the client platform and the authenticator should have the flexibility to add contextual bindings as needed.

• The design aims to reuse as much as possible of existing encoding formats in order to aid adoption and implementation.

Authenticators produce cryptographic signatures for two distinct purposes:

1. An attestation signature is produced when a new credential is created, and provides cryptographic proof of certain properties of the credential and the authenticator. For instance, an attestation signature asserts the type of authenticator (as denoted by its AAGUID) and the public key of the credential. The attestation signature is signed by an attestation key, which is chosen depending on the type of attestation desired. For more details on attestation, see §5.3 Credential Attestation.

2. An assertion signature is produced when the authenticatorGetAssertion method is invoked. It represents an assertion by the authenticator that the user has consented to a specific transaction, such as logging in, or completing a purchase. Thus, an assertion signature asserts that the authenticator which possesses a particular credential private key has established, to the best of its ability, that the human who is requesting this transaction is the same human who consented to creating that particular credential. It also provides additional information that might be useful to the caller, such as the means by which user consent was provided, and the prompt that was shown to the user by the authenticator.

The formats of these signatures, as well as the procedures for generating them, are specified below.

5.1. Authenticator data

The authenticator data structure , authenticatorData, encodes contextual bindings made by the authenticator. These bindings are controlled by the authenticator itself, and derive their trust from the Relying Party’s Party's assessment of the security properties of the authenticator. In one extreme case, the authenticator may be embedded in the client, and its bindings may be no more trustworthy than the ClientData client data. At the other extreme, the authenticator may be a discrete entity with high-security hardware and software, connected to the client over a secure channel. In both cases, the Relying Party receives the authenticator data in the same format, and uses its knowledge of the authenticator to make trust decisions.

The authenticator data has a compact but extensible encoding. This is desired since authenticators can be devices with limited capabilities and low power requirements, with much simpler software stacks than the client platform components.

The encoding of authenticator data structure is a byte array of 37 bytes or more, as follows.

The RP ID is originally received from the client when the credential is created, and again when an assertion is generated. However, it differs from other client data in some important ways. First, unlike the client data, the RP ID of a credential does not change between operations but instead remains the same for the lifetime of that credential. Secondly, it is validated by the authenticator during the authenticatorGetAssertion operation, by verifying that the RP ID associated with the requested credential exactly matches the RP ID supplied by the client.

The TUP flag SHALL be set if and only if the authenticator detected a user through an authenticator specific gesture. The RFU bits in the flags byte SHALL be set to zero.

For attestation signatures, the authenticator MUST set the AT flag and include the attestation data. For authentication signatures, the AT flag MUST NOT be set and the attestation data MUST NOT be included.

If the authenticator does not include any extension data, it MUST set the ED flag in the first byte to zero, and to one if extension data is included.

The figure below shows a visual representation of the authenticator data structure.

authenticatorData

Note that the authenticatorData authenticator data describes its own length: If the AT and ED flags are not set, it is always 37 bytes long. The attestation data (which is only present if the AT flag is set) describes its own length. If the ED flag is set, then the total length is 37 bytes plus the length of the attestation data, plus the length of the CBOR map that follows.

5.2. Authenticator operations

A client must connect to an authenticator in order to invoke any of the operations of that authenticator. This connection defines an authenticator session. An authenticator must maintain isolation between sessions. It may do this by only allowing one session to exist at any particular time, or by providing more complicated session management.

The following operations can be invoked by the client in an authenticator session.

5.2.1. The authenticatorMakeCredential operation

This operation must be invoked in an authenticator session which has no other operations in progress. It takes the following input parameters:

• The caller’s RP ID, as determined by the user agent and the client.

• The clientDataHash, which is the hash of the serialized ClientData and is client data, provided by the client.

• The Account information provided by the Relying Party relying party's PublicKeyCredentialEntity.

• The ScopedCredentialType user account’s PublicKeyCredentialEntity.

• The PublicKeyCredentialType and cryptographic parameters requested by the Relying Party, with the cryptographic algorithms normalized as per the procedure in Web Cryptography API §algorithm-normalization-normalize-an-algorithm.

• A list of ScopedCredential PublicKeyCredential objects provided by the Relying Party with the intention that, if any of these are known to the authenticator, it should not create a new credential.

• Extension data created by the client based on the extensions requested by the Relying Party.

• The requireResidentKey parameter of the options.authenticatorSelection dictionary.

When this operation is invoked, the authenticator must perform the following procedure:

• Check if all the supplied parameters are syntactically well-formed and of the correct length. If not, return an error code equivalent to UnknownError and terminate the operation.

• Check if at least one of the specified combinations of ScopedCredentialType PublicKeyCredentialType and cryptographic parameters is supported. If not, return an error code equivalent to NotSupportedError and terminate the operation.

• Check if a credential matching any of the supplied ScopedCredential PublicKeyCredential identifiers is present on this authenticator. If so, return an error code equivalent to NotAllowedError and terminate the operation.

• If the requireResidentKey flag is set to true and the authenticator cannot store a Client-side-resident Credential Private Key, return an error code equivalent to ConstraintError and terminate the operation.

• Prompt the user for consent to create a new credential. The prompt for obtaining this consent is shown by the authenticator if it has its own output capability, or by the user agent otherwise. If the user denies consent, return an error code equivalent to NotAllowedError and terminate the operation.

• Once user consent has been obtained, generate a new credential object:

  • Generate a set of cryptographic keys using the most preferred combination of ScopedCredentialType PublicKeyCredentialType and cryptographic parameters supported by this authenticator.

  • Generate an identifier for this credential, such that this identifier is globally unique with high probability across all credentials with the same type across all authenticators.

  • Associate the credential with the specified RP ID and the user’s account identifier user.id.

  • Delete any older credentials with the same RP ID and user.id that are stored locally in the authenticator.

• If any error occurred while creating the new credential object, return an error code equivalent to UnknownError and terminate the operation.

• Process all the supported extensions requested by the client, and generate an authenticatorData structure the authenticator data with attestation data as specified in §5.1 Authenticator data. Use this authenticatorData authenticator data and the clientDataHash received from hash of the serialized client data to create an attestation object for the new credential using the procedure specified in §5.3.4 Generating an Attestation Object. For more details on attestation, see §5.3 Credential Attestation.

On successful completion of this operation, the authenticator returns the attestation object to the client.

5.2.2. The authenticatorGetAssertion operation

This operation must be invoked in an authenticator session which has no other operations in progress. It takes the following input parameters:

• The caller’s RP ID, as determined by the user agent and the client.

• The clientDataHash, which is the hash of the serialized ClientData and is client data, provided by the client.

• A list of credentials acceptable to the Relying Party (possibly filtered by the client).

• Extension data created by the client based on the extensions requested by the Relying Party.

When this method is invoked, the authenticator must perform the following procedure:

• Check if all the supplied parameters are syntactically well-formed and of the correct length. If not, return an error code equivalent to UnknownError and terminate the operation.

• If a list of credentials was supplied by the client, filter it by removing those credentials that are not present on this authenticator. If no list was supplied, create a list with all credentials stored for the caller’s RP ID (as determined by an exact match of the RP ID).

• If the previous step resulted in an empty list, return an error code equivalent to NotAllowedError and terminate the operation.

• Prompt the user to select a credential from among the above list. Obtain user consent for using this credential. The prompt for obtaining this consent may be shown by the authenticator if it has its own output capability, or by the user agent otherwise.

• Process all the supported extensions requested by the client, and generate an authenticatorData structure the authenticator data without attestation data as specified in §5.1 Authenticator data. Concatenate this authenticatorData authenticator data with the clientDataHash received from hash of the serialized client data to generate an assertion signature using the private key of the selected credential as shown below. A simple, undelimited concatenation is safe to use here because the authenticatorData authenticator data describes its own length. The clientDataHash hash of the serialized client data (which potentially has a variable length) is always the last element.

• If any error occurred while generating the assertion signature, return an error code equivalent to UnknownError and terminate the operation.

On successful completion, the authenticator returns to the user agent:

• The identifier of the credential used to generate the signature.

• The authenticatorData authenticator data used to generate the signature.

• The assertion signature.

If the authenticator cannot find any credential corresponding to the specified Relying Party that matches the specified criteria, it terminates the operation and returns an error.

If the user refuses consent, the authenticator returns an appropriate error status to the client.

5.2.3. The authenticatorCancel operation

This operation takes no input parameters and returns no result.

When this operation is invoked by the client in an authenticator session, it has the effect of terminating any authenticatorMakeCredential or authenticatorGetAssertion operation currently in progress in that authenticator session. The authenticator stops prompting for, or accepting, any user input related to authorizing the canceled operation. The client ignores any further responses from the authenticator for the canceled operation.

This operation is ignored if it is invoked in an authenticator session which does not have an authenticatorMakeCredential or authenticatorGetAssertion operation currently in progress.

5.3. Credential Attestation

Authenticators must also provide some form of attestation. The basic requirement is that the authenticator can produce, for each credential public key, attestation information that can be verified by a Relying Party. Typically, this information contains a signature by an attestation private key over the attested credential public key and a challenge, as well as a certificate or similar information providing provenance information for the attestation public key, enabling a trust decision to be made. However, if an attestation key pair is not available, then the authenticator MUST perform self attestation of the credential public key with the corresponding credential private key. All this information is returned by the authenticator any time a new credential is generated, in the form of an attestation object. The relationship of authenticator data and the attestation data, attestation object, and attestation statement data structures is illustrated in the figure below.

An important component of the attestation object is the credential attestation statement. This is a specific type of signed data object, containing statements about a credential itself and the authenticator that created it. It contains an attestation signature created using the key of the attesting authority (except for the case of self attestation, when it is created using the private key associated with the credential). In order to correctly interpret an attestation statement, a Relying Party needs to understand two aspects of the attestation:

1. The attestation statement format is the manner in which the signature is represented and the various contextual bindings are incorporated into the attestation statement by the authenticator. In other words, this defines the syntax of the statement. Various existing devices and platforms (such as TPMs and the Android OS) have previously defined attestation statement formats. This specification supports a variety of such formats in an extensible way, as defined in §5.3.2 Attestation Statement Formats.

2. The attestation type defines the semantics of the attestation statement and its underlying trust model. It defines how a Relying Party establishes trust in a particular attestation statement, after verifying that it is cryptographically valid. This specification supports a number of attestation types, as described in §5.3.3 Attestation Types.

In general, there is no simple mapping between attestation statement formats and attestation types. For example the "packed" attestation statement format defined in §7.2 Packed Attestation Statement Format can be used in conjunction with all attestation types, while other formats and types have more limited applicability.

The privacy, security and operational characteristics of attestation depend on:

• The attestation type, which determines the trust model,

• The attestation statement format, which may constrain the strength of the attestation by limiting what can be expressed in an attestation statement, and

• The characteristics of the individual authenticator, such as its construction, whether part or all of it runs in a secure operating environment, and so on.

It is expected that most authenticators will support a small number of attestation types and attestation statement formats, while Relying Parties will decide what attestation types are acceptable to them by policy. Relying Parties Party will also need to understand the characteristics of the authenticators that they trust, based on information they have about these authenticators. For example, the FIDO Metadata Service [FIDOMetadataService] provides one way to access such information.

5.3.1. Attestation data

Attestation data is added to the authenticatorData authenticator data when generating an attestation object for a given credential. It has the following format:

            pubKey = $pubKeyFmt

            ; All public key formats must include an alg name
            pubKeyTemplate = { alg: text }
            pubKeyTemplate .within $pubKeyFmt

            pubKeyFmt /= rsaPubKey
            rsaPubKey = { alg: rsaAlgName, n: biguint, e: uint }
            rsaAlgName = "RS256" / "RS384" / "RS512" / "PS256" / "PS384" / "PS512"

            pubKeyFmt /= eccPubKey
            eccPubKey = { alg: eccAlgName, x: biguint, y: biguint }
            eccAlgName = "ES256" / "ES384" / "ES512"

5.3.2. Attestation Statement Formats

As described above, an attestation statement format is a data format which represents a cryptographic signature by an authenticator over a set of contextual bindings. Each attestation statement format is defined by the following attributes:

• Its attestation statement format identifier.

• The set of attestation types supported by the format.

• The syntax of an attestation statement produced in this format, defined using CDDL for the extension point $attStmtFormat defined in §5.3.4 Generating an Attestation Object.

• The procedure for computing an attestation statement in this format given the credential to be attested, the authenticatorData authenticator data structure containing the authenticator data for the attestation, and a clientDataHashthe hash of the serialized client data.

• The procedure for verifying an attestation statement, which takes as inputs the authenticatorData authenticator data structure containing the authenticator data claimed to have been used for the attestation and the clientDataHash hash of the client’s contextual bindingsserialized client data, and returns either:

  • An error indicating that the attestation is invalid, or

  • The attestation type, and the trust path of the attestation. This trust path is either empty (in case of self-attestation), a DAA root an identifier of a ECDAA-Issuer public key (in the case of Direct Anonymous Attestation ECDAA), or a set of X.509 certificates.

The initial list of supported attestation statement formats is in §7 Defined Attestation Statement Formats.

5.3.3. Attestation Types

WebAuthn supports multiple attestation types:

Basic Attestation

In the case of basic attestation [UAFProtocol], the authenticator’s attestation key pair is specific to an authenticator model. Thus, authenticators of the same model often share the same attestation key pair. See §5.3.5.1 Privacy for futher information.

Self Attestation

In the case of self attestation, also known as surrogate basic attestation [UAFProtocol], the Authenticator doesn’t have any specific attestation key. Instead it uses the authentication key itself to create the attestation signature. Authenticators without meaningful protection measures for an attestation private key typically use this attestation type.

Privacy CA

In this case, the Authenticator owns an authenticator-specific (endorsement) key. This key is used to securely communicate with a trusted third party, the Privacy CA. The Authenticator can generate multiple attestation key pairs and asks the Privacy CA to issue an attestation certificate for it. Using this approach, the Authenticator can limit the exposure of the endorsement key (which is a global correlation handle) to Privacy CA(s). Attestation keys can be requested for each scoped public key credential individually.

Note: This concept typically leads to multiple attestation certificates. The attestation certificate requested most recently is called "active".

Elliptic Curve based Direct Anonymous Attestation (DAAECDAA)

In this case, the Authenticator receives direct anonymous attestation (DAA]) credentials from a single DAA-Issuer. These DAA credentials are used along with blinding to sign the attestation data. The concept of blinding avoids the DAA credentials being misused as global correlation handle. WebAuthn supports DAA using elliptic curve cryptography and bilinear pairings, called ECDAA (see [FIDOEcdaaAlgorithm]) in this specification. Consequently we denote the DAA-Issuer as ECDAA-Issuer (see [FIDOEcdaaAlgorithm]).

5.3.4. Generating an Attestation Object

This section specifies the algorithm for generating an attestation object for any attestation statement format.

In order to construct an attestation object for a given credential using a particular attestation statement format, the authenticator MUST first generate an authenticatorData structurethe authenticator data.

The authenticator MUST then run the signing procedure for the desired attestation statement format with this authenticatorData authenticator data and the client-supplied clientDataHash hash of the serialized client data as input, and use this to construct an attestation statement in that attestation statement format.

Finally, the authenticator MUST construct the attestation object as a CBOR map with the following syntax:

attObj = {
            authData: bytes,
            $$attStmtType
         }

attStmtTemplate = (
                      fmt: text,
                      attStmt: bytes
                  )

; Every attestation statement format must have the above fields
attStmtTemplate .within $$attStmtType

The semantics of the fields in the attestation object are as follows:

fmt

The attestation statement format identifier associated with the attestation statement. Each attestation statement format defines its identifier.

authData

The authenticator data used to generate the attestation statement.

attStmt

The attestation statement constructed above. The syntax of this is defined by the attestation statement format used.

5.3.5. Security Considerations

5.3.5.1. Privacy

Attestation keys may be used to track users or link various online identities of the same user together. This may be mitigated in several ways, including:

• A WebAuthn Authenticator authenticator manufacturer may choose to ship all of their devices with the same (or a fixed number of) attestation key(s) (called Basic Attestation). This will anonymize the user at the risk of not being able to revoke a particular attestation key should its WebAuthn Authenticator be compromised.

• A WebAuthn Authenticator may be capable of dynamically generating different attestation keys (and requesting related certificates) per origin (following the Privacy CA approach). For example, a WebAuthn Authenticator can ship with a master attestation key (and certificate), and combined with a cloud operated privacy CA, can dynamically generate per origin attestation keys and attestation certificates.

• A WebAuthn Authenticator can implement Elliptic Curve based direct anonymous attestation (see [FIDOEcdaaAlgorithm]). Using this scheme, the authenticator generates a blinded attestation signature. This allows the Relying Party to verify the signature using the DAA root ECDAA-Issuer public key, but the attestation signature doesn’t serve as a global correlation handle.

5.3.5.2. Attestation Certificate and Attestation Certificate CA Compromise

When an intermediate CA or a root CA used for issuing attestation certificates is compromised, WebAuthn Authenticator authenticator attestation keys are still safe although their certificates can no longer be trusted. A WebAuthn Authenticator manufacturer that has recorded the public attestation keys for their devices can issue new attestation certificates for these keys from a new intermediate CA or from a new root CA. If the root CA changes, the Relying Parties must update their trusted root certificates accordingly.

A WebAuthn Authenticator attestation certificate must be revoked by the issuing CA if its key has been compromised. A WebAuthn Authenticator manufacturer may need to ship a firmware update and inject new attestation keys and certificates into already manufactured WebAuthn Authenticators, if the exposure was due to a firmware flaw. (The process by which this happens is out of scope for this specification.) If the WebAuthn Authenticator manufacturer does not have this capability, then it may not be possible for Relying Parties to trust any further attestation statements from the affected WebAuthn Authenticators.

If attestation certificate validation fails due to a revoked intermediate attestation CA certificate, and the Relying Party’s Party's policy requires rejecting the registration/authentication request in these situations, then it is recommended that the Relying Party also un-registers (or marks with a trust level equivalent to "self attestation") scoped public key credentials that were registered after the CA compromise date using an attestation certificate chaining up to the same intermediate CA. It is thus recommended that Relying Parties remember intermediate attestation CA certificates during Authenticator registration in order to un-register related Scoped Credentials public key credentials if the registration was performed after revocation of such certificates.

If a DAA an ECDAA attestation key has been compromised, it can be added to the RogueList (i.e., the list of revoked authenticators) maintained by the related DAAECDAA-Issuer. The Relying Party should verify whether an authenticator belongs to the RogueList when performing DAAECDAA-Verify (see section 3.6 in [FIDOEcdaaAlgorithm]). For example, the FIDO Metadata Service [FIDOMetadataService] provides one way to access such information.

5.3.5.3. Attestation Certificate Hierarchy

A 3-tier hierarchy for attestation certificates is recommended (i.e., Attestation Root, Attestation Issuing CA, Attestation Certificate). It is also recommended that for each WebAuthn Authenticator device line (i.e., model), a separate issuing CA is used to help facilitate isolating problems with a specific version of a device.

If the attestation root certificate is not dedicated to a single WebAuthn Authenticator device line (i.e., AAGUID), the AAGUID should be specified in the attestation certificate itself, so that it can be verified against the authenticatorData authenticator data.

6. Relying Party Operations

Upon successful execution of a makeCredentialcreate() or getAssertionget() call, the Relying Party’s Party's script receives a ScopedCredentialInfo or AuthenticationAssertion structure respectively PublicKeyCredential containing an AuthenticatorAttestationResponse or AuthenticatorAssertionResponse structure, respectively, from the client. It must then deliver the contents of this structure to the Relying Party server, using methods outside the scope of this specification. This section describes the operations that the Relying Party must perform upon receipt of these structures.