Download Specifications

Both UAF (Universal Authentication Framework) and U2F (Universal 2nd Factor) Specifications are listed below and available to download.  For introductory information about the different use cases these two Specifications address and how they work, please refer to the Overview:

 

IF YOU ARE NOT YET A MEMBER OF THE FIDO ALLIANCE, AND YOU WOULD LIKE TO COMMENT ON OUR PUBLIC DRAFT SPECIFICATIONS, PLEASE USE THE CONTACT US FORM.

UAF Specifications

FIDO UAF Complete Specifications
This is a zip file containing the REVIEW DRAFT public snapshot of in-progress FIDO Alliance Universal Authentication Framework (UAF) specs as of 2014-02-09.

download:

/specs/fido-uaf-v1.0-rd-20140209.zip

 

FIDO UAF Architectural Overview
The FIDO UAF Architectural Overview describes the components, protocols, and interfaces that make up the FIDO UAF strong authentication ecosystem.

download:

/specs/fido-uaf-overview-v1.0-rd-20140209.pdf

 

FIDO UAF Protocol Specification
This document defines the flow and content of all UAF protocol messages and presents the rationale behind the design choices.

download:

/specs/fido-uaf-protocol-v1.0-rd-20140209.pdf

 

FIDO UAF Application API and Transport Binding Specification
Describes APIs and an interoperability profile for client applications to utilize FIDO UAF. This includes methods of communicating with a FIDO Client for both Web platform and Android apps, transport requirements, and an HTTPS interoperability profile for sending UAF messages to a compatible server.

download:

/specs/fido-uaf-client-api-transport-v1.0-rd-20140209.pdf

 

FIDO UAF Authenticator-specific Module API
Different UAF authenticators may be connected to a user device via various physical interfaces. The UAF Authenticator-specific module (ASM) is a software interface on top of UAF authenticators which gives a standardized way for FIDO UAF Clients to detect and access the functionality of UAF authenticators. This document describes the internal functionality of ASMs, defines the UAF ASM API and explains how UAF Clients should use it.

download:

/specs/fido-uaf-asm-api-v1.0-rd-20140209.pdf

 

FIDO UAF Authenticator Commands
UAF Authenticators may take different forms. Implementations may range from a secure application running inside tamper-resistant hardware to software-only solutions on consumer devices. This document defines the normative aspects of Authenticator implementations, and also proposes a common, non-normative set of commands implementing UAF functionality.

download:

/specs/fido-uaf-authnr-cmds-v1.0-rd-20140209.pdf

 

FIDO UAF Authenticator Metadata
FIDO Authenticators may have many different form factors, characteristics and capabilities. This document defines a standard means to describe the relevant pieces of information about an Authenticator in order to interoperate with it, or to make risk-based policy decisions about transactions involving a particular authenticator.

download:

/specs/fido-uaf-authnr-metadata-v1.0-rd-20140209.pdf

 

FIDO UAF Registry of Predefined Values
This document defines all the strings and constants reserved by UAF protocols. The values defined in this document are referenced by various UAF specifications.

download:

/specs/fido-uaf-reg-v1.0-rd-20140209.pdf

 

FIDO Security Reference
This document analyzes the FIDO security. The analysis is performed on the basis of the FIDO Universal Authentication Framework (UAF) specification and FIDO Universal 2nd Factor (U2F) specifications as of the date of this publication.

download:

/specs/fido-security-ref-v1.0-rd-20140209.pdf

 

FIDO Technical Glossary
This document defines many of the technical terms and phrases used in FIDO Alliance specifications and documents.

download:

/specs/fido-glossary-v1.0-rd-20140209.pdf

 

FIDO UAF README
This is a README for the fido-uaf-v1.0-rd-20140209 REVIEW DRAFT public snapshot of in-progress FIDO Alliance Universal Authentication Framework (UAF) specs as of 2014-02-09.

download:

/specs/fido-uaf-v1.0-rd-20140209-README.txt

 

U2F Specifications

FIDO U2F Complete Specifications
This is a zip file containing the REVIEW DRAFT public snapshot of in-progress FIDO Alliance Universal 2nd Factor (U2F) specs as of 2014-02-09.

download:

/specs/fido-u2f-v1.0-rd-20140209.zip

 

FIDO U2F Architectural Overview
This overview document describes the various design considerations which go into the protocol in detail and describes the user flows in detail. It describes the layering and intention of each of the detailed protocol documents. It describes the various privacy considerations in the protocol design through the document and summarizes these at the end. READ THIS DOCUMENT FIRST BEFORE READING THE DETAILED DOCS.

download:

/specs/fido-u2f-overview-v1.0-rd-20140209.pdf

 

FIDO U2F Javascript API
This document describes the client side API in the web browser for accessing U2F capabilities. An online service or website can levearge U2F by using this API on the client side and pairing it with a server which can verify U2F messages on the server side. (Later specifications will escribe APIs in non-browser contexts).

download:

/specs/fido-u2f-javascript-api-v1.0-rd-20140209.pdf

 

FIDO U2F Raw Message Formats
This document describes the binary format of request messages which go from the FIDO U2F server to the FIDO U2F token and the binary format of the response messages from the token to the server. These messages are encoded by the browser (FIDO client) for communication over a particular transport (such as USB) to the cryptographic core of the token which performs key generation and signing.

download:

/specs/fido-u2f-raw-message-formats-v1.0-rd-20140209.pdf

 

FIDO U2F USB Framing of APDUs
This document describes how the browser (FIDO client) frames the binary raw messages coming from the javascript API for transport over USB to a U2F token. The binary messages become arguments to APDU commands and responses and these are framed over USB. The choice of APDUs makes it easy to implement U2F tokens backed by standard secure elements which understand APDUs natively. [Later specifications will specify how the javascript APIs frames raw messages over other (non-USB) transports].

download:

/specs/fido-u2f-usb-framing-of-apdus-v1.0-rd-20140209.pdf

 

FIDO U2F Implementation Considerations
This document describes implementation considerations and recommendations for creators of U2F devices and for relying parties implementing U2F support.

download:

/specs/fido-u2f-implementation-considerations-v1.0-rd-20140209.pdf

 

FIDO U2F Application Isolation through Facet Identification
The U2F protocol ensures that the origin foo.com can only exercise a key that was issued for foo.com by the U2F token. foo.com may have an app in non-browser environments and the same portable token may be exercised there too. This document describes how the various embodiments of foo.com (in a browser, in a mobile OS etc) securely assert the same origin to the token.

download:

/specs/fido-u2f-application-isolation-through-facet-identification-v1.0-rd-20140209.pdf

 

FIDO Security Reference
This document analyzes the FIDO security. The analysis is performed on the basis of the FIDO Universal Authentication Framework (UAF) specification and FIDO Universal 2nd Factor (U2F) specifications as of the date of this publication.

download:

/specs/fido-security-ref-v1.0-rd-20140209.pdf

 

FIDO Technical Glossary
This document defines many of the technical terms and phrases used in FIDO Alliance specifications and documents.

download:

/specs/fido-glossary-v1.0-rd-20140209.pdf

 

FIDO U2F README
This is a README for the fido-u2f-v1.0-rd-20140209 REVIEW DRAFT public snapshot of in-progress FIDO Alliance Universal 2nd Factor (U2F) specs as of 2014-02-09.

download:

/specs/fido-u2f-v1.0-rd-20140209-README.txt