Open JetForMe opened 6 months ago
A lot of WebAuthn and Apple attestation and passkey APIs depend on CBOR encoding of attestation. I think it makes sense to have a thorough and vetted implementation of code to encode and decode the format.
As an example, implementing the server side of App Attestation requires decoding a CBOR: https://developer.apple.com/documentation/devicecheck/validating-apps-that-connect-to-your-server
At least one third-party implementation exists, but this seems to me like a reasonable addition to CryptoKit.
New API Proposal:CBOR Encoding/Decoding
Motivation:
A lot of WebAuthn and Apple attestation and passkey APIs depend on CBOR encoding of attestation. I think it makes sense to have a thorough and vetted implementation of code to encode and decode the format.
Importance:
As an example, implementing the server side of App Attestation requires decoding a CBOR: https://developer.apple.com/documentation/devicecheck/validating-apps-that-connect-to-your-server
Alternatives
At least one third-party implementation exists, but this seems to me like a reasonable addition to CryptoKit.