passkey attestation blob in registration response

Privacy & Security General
testuser7 OP
Created 3w
Replies 1
Boosts 0
Views 275
Participants 2

Hello,

Is it correct that right now when any passkey-provider prepares the passkey registration ceremony response with attestation, iOS strips off the attestation before handing over response-assertion to the client.

Does this stripping off of attestation have to do anything with the BS and BE flags that are populated by passkey-provider ? Meaning, is it correct statement that iOS removes the attestation blob from the response if the BE and BS flags are set to zero ??

Answered by Apple Designer in 793255022

The passkey provider API does not modify the responses returned to it. It does apply some validation logic to those responses, but anything that doesn't pass the validation will return an error to the passkey provider. If it passes, it will go through unmodified.

Replies  1
Boosts  0
Views  275
Participants  2
Apple Designer OP
Apple
3w
Recommended

The passkey provider API does not modify the responses returned to it. It does apply some validation logic to those responses, but anything that doesn't pass the validation will return an error to the passkey provider. If it passes, it will go through unmodified.

0
passkey attestation blob in registration response
First post date Last post date
 
 
Q