Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Gets worse. Some of it is ASN.1 inside CBOR too. Some of it is custom binary format containing CBOR

The answer is as far as I know:

Backwards compatibility with bad decisions made in U2F

Also; relying on base64url is odd as there are no built in functions in JavaScript to encode and decode it.



> Also; relying on base64url is odd as there are no built in functions in JavaScript to encode and decode it.

I'm probably missing something, but aren't window.atob and window.btoa just that? It's not available in Node though.


btoa is base64 not base64url. And even if it was base64url, it takes a "binary string", so using it on, say, a Uint8Array is non-trivial.


Thank you, I didn't realize the URL safe variant of Base64 had a name and that it was this!




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: