What is self attestation in WebAuthn, and what is its main limitation?
-
A
The authenticator uses the credential private key as the attestation key, providing no independent verification of the device model
-
B
The authenticator sends its serial number to the relying party, which then queries the manufacturer
-
C
The user self-certifies their identity by entering a PIN during registration
-
D
The relying party generates its own attestation certificate to track users