FIDOアライアンスのユーザー認証仕様の最新版は以下から入手可能です。 FIDOを初めてお使いになる方は、先に進む前にまず「仕様の概要」をご覧になることをお勧めします。
技術的要件を満たすことに加え、FIDOアライアンスは、各デバイスのセキュリティ保証を強化するために実装する必要がある、さらなるセキュリティ要件を策定した。 これらの要件は、「認定オーセンティケータ・レベル」ページの認定オーセンティケータ・プログラムに記載されている。
旧バージョンの仕様書は、UAF1.0仕様書の中国語訳とともに 仕様書アーカイブで見ることができる。 FIDOアライアンス仕様のステータスおよび知的財産権(IPR)はこちらをご覧ください。
FIDOアライアンスは以下の技術仕様を公開しており、実装者は誰でもダウンロードすることができる。 さらに、アライアンスは、fido-dev@fidoalliance.org公開ディスカッション・リストを運営することで、FIDO 認証技術の実装者を支援している。 FIDO仕様の実装に関する質問は、そのフォーラムに投稿してください。
FIDOアライアンスは、読者の便宜のためにPDF形式の仕様書を作成しているが、読者はPDF形式の仕様書でフォーマット上の問題が発生した場合、HTML形式の仕様書を参照することをお勧めする。 まだファイド・アライアンスのメンバーでない方で、公開ドラフト仕様書についてコメントを希望される方は、お問い合わせフォームをご利用ください。
| FIDO2 Specifications | ||
|---|---|---|
| CLIENT TO AUTHENTICATOR PROTOCOL (CTAP) This Proposed Standard document describes the Client-to-Authenticator Protocol (CTAP) which uses USB, NFC, and / or BLE for communication between browsers or platforms and FIDO2 authenticators. CTAP 2.1 Proposed Standard with Errata: HTML | PDF CTAP 2.1 Errata: HTML | PDF CTAP 2.2 Review Draft 02: HTML | PDF | W3C – Web Authentication: An API for accessing Public Key Credentials Level 2 (Webauthn) This specification defines an API enabling the creation and use of strong, attested, scoped, public key-based credentials by web applications, for the purpose of strongly authenticating users. Download: HTML | |
| UAF Specifications | ||
|---|---|---|
| FIDO UAF Complete Specifications This is a zip file containing the FIDO Alliance Universal Authentication Framework (UAF) specification files: Change USB transport to conform to ISO7816-4 NFC (ISO7816-4) support Bluetooth Low Energy support Updated JavaScript 1.1 specification Transports Extension specification Expanded Metadata Service specification to include U2F 1.1 Proposed Standard: Files 1.2 Proposed Standard: Files | FIDO UAF Architectural Overview This overview document describes the various protocol design considerations in detail and also describes the user flows in detail. It describes the layering and intention of each of the detailed protocol documents. You should read this document first if you are new to UAF. 1.1 Proposed Standard: HTML | PDF 1.2 Proposed Standard: HTML | PDF | FIDO UAF Protocol Specification This document defines the message formats and processing rules for all UAF protocol messages. 1.1 Proposed Standard: HTML | PDF 1.2 Proposed Standard: HTML | PDF |
| UAF Application API and Transport Binding Specification This document describes the client-side APIs and interoperability profile for client applications to utilize FIDO UAF. 1.1 Proposed Standard: HTML | PDF 1.2 Proposed Standard: HTML | PDF | FIDO UAF Authenticator-specific Module API This document defines Authenticator-specific Modules and the API provided to the FIDO client by ASMs. 1.1 Proposed Standard: HTML | PDF 1.2 Proposed Standard: HTML | PDF | FIDO UAF Authenticator Commands This document describes Low-level functionality that UAF Authenticators should implement to support the UAF protocol. 1.1 Proposed Standard: HTML | PDF 1.2 Proposed Standard: HTML | PDF |
| FIDO ECDAA Algorithm This document describes how to use Elliptic Curve (EC) Direct Anonymous Attestation (DAA) as a form of secure and private attestation for authenticators. 1.1 Proposed Standard: HTML | PDF 1.2 Review Draft: HTML | PDF 2.0 Implementation Draft: HTML | PDF | FIDO UAF APDU Commands This document defines a mapping of FIDO UAF Authenticator commands to Application Protocol Data Units (APDUs) thus facilitating UAF authenticators based on Secure Elements. 1.1 Proposed Standard: HTML | PDF 1.2 Proposed Standard: HTML | PDF | UAF Registry of Predefined Values This document describes implementation considerations and recommendations for creators of U2F devices and for relying parties implementing U2F support. 1.1 Proposed Standard: HTML | PDF 1.2 Proposed Standard: HTML | PDF |
| FIDO UAF Android This document defines the assertion format “APCV1CBOR” in order to use Android Protected Confirmation for FIDO UAF Transaction Confirmation. 1.2 Proposed Standard: HTML | PDF | FIDO UAF WebAuthentication Assertion Format This document defines the assertion format “WAV1CBOR” in order to use Web Authentication assertions through the FIDO UAF protocol. 1.2 Proposed Standard: HTML | PDF | FIDO UAF ERRATA This errata is being published to address certain issues that have been identified in the UAF v1.1 Specification. All Specifications and errata are required to be approved by the FIDO Board prior to publication. 1.1 Implementation Draft: PDF |
| FIDO Metadata | ||
|---|---|---|
| FIDO Authenticator Metadata Statements This document defines the authenticator metadata. This metadata, in turn, describes FIDO authenticator form factors, characteristics, and capabilities. The metadata is used to inform relying party interactions with, and make policy decisions about, the authenticators. 1.1 Proposed Standard: HTML | PDF 3.0 Proposed Standard: HTML | PDF | FIDO Authenticator Metadata Service Baseline method for relying parties to obtain FIDO Metadata statements. 1.1 Proposed Standard: HTML | PDF 3.0 Proposed Standard: HTML | PDF | |
| FIDO2 and UAF Common Files | |
|---|---|
| FIDO Registry of Predefined Values This document defines all the strings and constants common to all FIDO specifications. 1.1 Proposed Standard: HTML | PDF 2.2 Proposed Standard: HTML | PDF | FIDO AppID and Facet Specification This document defines the scope of user credentials and how a trusted computing base that supports application isolation may make access control decisions about which keys can be used by which applications and web origins. 1.1 Proposed Standard: HTML | PDF 2.1 Proposed Standard: HTML | PDF |
| FIDO Security Reference Provides an analysis of FIDO security based on detailed analysis of security threats pertinent to the FIDO protocols based on its goals, assumptions, and inherent security measures. 1.1 Proposed Standard: HTML | PDF 2.1 Proposed Standard: HTML | PDF | FIDO Technical Glossary Defines the technical terms and phrases used in FIDO Alliance specifications and documents. 1.1 Proposed Standard: HTML | PDF 2.1 Proposed Standard: HTML | PDF |
| FIDO ECDAA Algorithm This document describes how to use Elliptic Curve (EC) Direct Anonymous Attestation (DAA) as a form of secure and private attestation for authenticators. 1.1 Proposed Standard: HTML | PDF 2.1 Proposed Standard: HTML | PDF | |
| U2F SPECIFICATIONS | ||
|---|---|---|
| FIDO U2F Complete Specifications This is a zip file containing the U2F 1.2 Specifications public snapshot of FIDO Alliance Universal 2nd Factor (U2F) specs approved July 11th, 2017. Included in the latest U2F 1.2 specifications are: Change USB transport to conform to ISO7816-4 NFC (ISO7816-4) support Bluetooth Low Energy support Updated JavaScript 1.1 specification Transports Extension specification Expanded Metadata Service specification to include U2F You should read this document first if you are new to U2F. 1.2 Proposed Standard: Files | FIDO U2F Architectural Overview This overview document describes the various design considerations which go into the protocol in detail and describes the user flows in detail. It describes the layering and intention of each of the detailed protocol documents. It describes the various privacy considerations in the protocol design through the document and summarizes these at the end You should read this document first if you are new to U2F. 1.0 Proposed Standard: HTML 1.2 Proposed Standard: PDF 1.2 Proposed Standard: HTML 1.2 Proposed Standard: PDF | FIDO U2F JavaScript API This document describes the client side API in the web browser for accessing U2F capabilities. An online service or website can levearge U2F by using this API on the client side and pairing it with a server which can verify U2F messages on the server side. (Later specifications will describe APIs in non-browser contexts). 1.0 Proposed Standard: HTML 1.2 Proposed Standard: PDF 1.2 Proposed Standard: Files 1.2 Proposed Standard: Files |
| FIDO U2F Raw Message Formats This document describes the binary format of request messages which go from the FIDO U2F server to the FIDO U2F token and the binary format of the response messages from the token to the server. These messages are encoded by the browser (FIDO client) for communication over a particular transport (such as USB) to the cryptographic core of the token which performs key generation and signing. A header file with standard values is also specified. 1.0 Proposed Standard: HTML 1.2 Proposed Standard: PDF 1.2 Proposed Standard: HTML 1.2 Proposed Standard: PDF | FIDO U2F HID Protocol This document describes how the browser (FIDO client) frames the binary raw messages coming from the javascript API for transport over USB-HID to a U2F token. The binary raw messages are described in the ‘FIDO U2F Raw Message Formats’ document. A header file with standard values is also specified. [Later specifications will specify how the javascript APIs frames raw messages over other (non-USB) transports]. 1.0 Proposed Standard: HTML 1.2 Proposed Standard: PDF 1.2 Proposed Standard: HTML 1.2 Proposed Standard: PDF | FIDO U2F Bluetooth® protocol This document describes the communication protocol between a FIDO client and FIDO authenticators over Bluetooth technology and Bluetooth Smart. 1.2 Proposed Standard: HTML 1.2 Proposed Standard: PDF |
| FIDO U2F NFC Protocol This document describes the communication protocol between a FIDO client and FIDO authenticators over Near Field Communication (NFC). 1.2 Proposed Standard: HTML 1.2 Proposed Standard: PDF | FIDO U2F Transport Extensions This standard describes one way relying parties may learn which transports an authenticator supports, by allowing authenticator vendors to embed hardware features as an optional extension in the authenticator’s attestation certificate. 1.2 Proposed Standard: HTML 1.2 Proposed Standard: PDF | FIDO U2F Implementation Considerations This document describes implementation considerations and recommendations for creators of U2F devices and for relying parties implementing U2F support. 1.0 Proposed Standard: HTML 1.0 Proposed Standard: PDF 1.2 Proposed Standard: HTML 1.2 Proposed Standard: PDF |
| FIDO AppID and Facet Specification This document defines the scope of user credentials and how a trusted computing base which supports application isolation may make access control decisions about which keys can be used by which applications and web origins. 1.0 Proposed Standard: HTML 1.0 Proposed Standard: PDF 1.2 Proposed Standard: HTML 1.2 Proposed Standard: PDF | FIDO Security Reference Provides an analysis of FIDO security based on detailed analysis of security threats pertinent to the FIDO protocols based on its goals, assumptions, and inherent security measures. 1.0 Proposed Standard: HTML 1.0 Proposed Standard: PDF 1.2 Proposed Standard: HTML 1.2 Proposed Standard: PDF | FIDO Technical Glossary Defines the technical terms and phrases used in FIDO Alliance specifications and documents. 1.0 Proposed Standard: HTML 1.0 Proposed Standard: PDF 1.2 Proposed Standard: HTML 1.2 Proposed Standard: PDF |
| FIDO U2F Readme This is a README for the U2F 1.2 Implementation Draft public snapshot of the Universal Second Factor (U2F) specs as of July 11, 2017. 1.0 Proposed Standard: TXT 1.2 Proposed Standard: TXT | ||
FIDOの仕様状況と知的財産権(IPR)について
本サイトに掲載されている仕様の知的財産権状況の概要です:
| Specification | Specification Status |
|---|---|
| U2F 1.0 | Proposed Standard Expanded to the World |
| U2F 1.1 | Proposed Standard Expanded to the World |
| U2F 1.2 | Proposed Standard Expanded to the World |
| UAF 1.0 | Proposed Standard Expanded to the World |
| UAF 1.1 | Proposed Standard Expanded to the World |
| FIDO2 Submission to W3C | Proposed Standard Expanded to the World |
| FIDO2 CTAP | Proposed Standard Expanded to the World |
| FIDO Device Onboard 1.0 | Proposed Standard Expanded to the World |
| FIDO Device Onboard 1.1 | Proposed Standard Expanded to the World |
IPRステータスの説明 FIDOアライアンスの仕様は、プレドラフト、ワーキングドラフト、レビュードラフト、プロポーズドスタンダードと様々な段階を経ている。 プロミスとは、FIDOアライアンスメンバー組織が、準拠した実装に対して特許権のロイヤルティフリーライセンスを付与する契約であり、仕様の段階によって適用されるものが異なる。 プロミスは、プレドラフト、ワーキングドラフト、レビュードラフトの仕様段階には適用されない。 プロポーズドスタンダードの段階では、プロミスは関連するテクニカルワーキンググループのFIDOアライアンスメンバー全員によって全世界に提供される。 2020年1月1日以前にProposed Standardとして発行されたFIDOアライアンスの仕様については、Promiseは準拠した実装に対して特許権を主張しないことを誓約するものであり、当時のFIDOアライアンスの全メンバーが全世界に対して提供するものである。 上記は簡単な要約であり、実際の条件はFIDOアライアンス会員規約に記載されており、具体的なケースについてはそちらを参照されたい。
特許通知 FIDOアライアンス会員規約は、一定の条件の下で、会員がプロミスから付与されたクレームの取り下げを行う機会を提供します。 具体的な条件については、FIDOアライアンス会員規約を参照されたい。 取締役会は、本サイトに掲載されたいかなる仕様書に関しても、そのような通知を受け取っていないことを一般に報告する。 これが何を意味するのかについて詳しく知りたい実施者は、我々のIPRサマリーおよび/またはFIDOアライアンス会員規約のセクション6を確認することが推奨される。
