12월 22, 2020

FIDO Certified Servers: Updates for Processing Current Metadata Statements

Yuriy Ackermann, Certification Technical Manager, FIDO Alliance

With the advancement and modifications to specifications and program requirements, certification processes and policies will need to be modified from time-to-time. With the recent changes and publication of the FIDO Authenticator Certification program as they relate to V1.4 of the Security Requirements, and the current FIDO Registry of Values specification, we are recommending currently certified servers make necessary changes.

It is strongly recommended that you update your FIDO2 and UAF servers in order to correctly process current and future metadata statements based on the latest updates to the FIDO Registry of Predefined Values.

The spec changes are as follows:

  • All previous USER_VERIFY methods have been post-fixed with _INTERNAL to identify them explicitly as INTERNAL user verification methods 
    • Example: USER_VERIFY_PRESENCE → USER_VERIFY_PRESENCE_INTERNAL.
  • New USER_VERIFY methods have been added: USER_VERIFY_PASSCODE_EXTERNAL (0x00000800) and USER_VERIFY_PATTERN_EXTERNAL (0x00001000)
  • RS1 or ALG_SIGN_RSASSA_PKCSV15_SHA1_RAW (0x0010) IANA ALG_KEY_COSE “alg” identifier has been changed to -65535

Servers should make the following updates to support these changes:

  • FIDO2 servers: Update pubKeyCredParams to contain -65535 alg
  • FIDO2 and UAF servers: Change old user verification methods values to the new post-fixed values. Example: USER_VERIFY_PRESENCE → USER_VERIFY_PRESENCE_INTERNAL
  • FIDO2 and UAF servers: Run the conformance tools to verify support for these changes

The latest FIDO Registry of Predefined Values is now available in JavaScript.

MORE Announcements


Amazon is Giving Free FIDO Security Keys to AWS Customers to Encourage Better Account Security

By Andrew Shikiar, Executive Director & CMO, FIDO Alliance Leaders...

8월 30, 2021

FIDO Alliance Announces Authenticate 2021 Agenda

Agenda features practical sessions to move past passwords and towards...

8월 17, 2021

FIDO Developer Challenge: Welcoming Teams to the Implementation Stage

By Joon Hyuk Lee, APAC Market Development Director Editor’s Note:...

8월 10, 2021
Download Authn Specs
Sign up for updates!Get news from FIDO Alliance in your inbox.

By submitting this form, you are consenting to receive communications from: FIDO Alliance, 3855 SW 153rd Drive, Beaverton, OR 97003, US, http://www.fidoalliance.org. You can revoke your consent to receive emails at any time by using the unsubscribe link found at the bottom of every email.