With version of fido2 1.0.0, the expected return value of ca_lookup has changed and the behavior on empty result as well.
As thus, when the AttestationVerifier is used, it causes to always fail. There is currently no option to disable certificate root checks and just simply verify the signature.
We should probably (at least for now) set the verifier to None on the base view.
With version of fido2
1.0.0, the expected return value ofca_lookuphas changed and the behavior on empty result as well.As thus, when the
AttestationVerifieris used, it causes to always fail. There is currently no option to disable certificate root checks and just simply verify the signature.We should probably (at least for now) set the verifier to
Noneon the base view.