Skip to content
Better HN
Top
Best
Ask
Show
New
Jobs
Search
⌘K
0 points
_1tem
1y ago
0 comments
Save
Share
Attestation statements can be used to restrict WebAuthn use to certain hardware keys only.
0 comments
2 comments · 1 top-level
top
newest
oldest
hamandcheese
1y ago
· 1 in thread
But is there a chain of trust going all the way back to the manufacturer? Or is that simply metadata which could be spoofed?
gruez
1y ago
Yes. That's what attestation is for.
j
/
k
navigate · click thread line to collapse
