New Feature Request
Summary
Problem: When webauthn starts for the first time it needs to warm-up the MDS cache from blob.jwt. When this file is too old the signature validation fails. In that case an exception is thrown. It is not clear that signature validation failed, but not what signature.
Value: Makes finding issues related to MDS metadata validity easier
Proposed Solution
Developer Checklist
To be completed by the developer during implementation.
Testing and QA
Clear cache and test with missing, invalid etc MDS file.
The MDS blob.jwt file can be downloaded from https://mds3.fidoalliance.org/
An old blob.jwt can be found in stepup/webauthn/blob.jwt in the history of the Openconext-devconf repo
New Feature Request
Summary
Problem: When webauthn starts for the first time it needs to warm-up the MDS cache from blob.jwt. When this file is too old the signature validation fails. In that case an exception is thrown. It is not clear that signature validation failed, but not what signature.
Value: Makes finding issues related to MDS metadata validity easier
Proposed Solution
Action:
Impact: Low: affects logging.
Developer Checklist
To be completed by the developer during implementation.
Testing and QA
Clear cache and test with missing, invalid etc MDS file.
The MDS blob.jwt file can be downloaded from https://mds3.fidoalliance.org/
An old blob.jwt can be found in stepup/webauthn/blob.jwt in the history of the Openconext-devconf repo