How to get the whole list of UAF authenticators from metadata service?

[Skybird Le]

Hi, All,

I just get UAF authenticator list from https://mds.fidoalliance.org/, but I found it just has 39 authenticators from 12 vendors. This count is much more less than UAF authenticator and vendor listed in https://fidoalliance.org/certification/fido-certified/. 

I just want to know the reason. Are there some authenticator or vendors invalidated? Where to get whole and latest authenticator metadata list?

[Adam Powers]

Registering metadata in MDS is currently optional — not all UAF authenticator vendors have opted-in to registering their metadata. Also, being certified isn’t required for being listed in MDS, so you may find some vendors in MDS that aren’t listed on the certification page.

An engineer from Gemalto put together this great app for browsing MDS, which may help you identify which authenticators are / aren’t present:

https://fido-mds-parser.appspot.com/

Hope that helps.

Adam

--
You received this message because you are subscribed to the Google Groups "FIDO Dev (fido-dev)" group.
To unsubscribe from this group and stop receiving emails from it, send an email to fido-dev+u...@fidoalliance.org.
To post to this group, send email to fido...@fidoalliance.org.
Visit this group at https://groups.google.com/a/fidoalliance.org/group/fido-dev/.
To view this discussion on the web visit https://groups.google.com/a/fidoalliance.org/d/msgid/fido-dev/ab999fb5-86d1-4f41-a93f-c1ee14c65e53%40fidoalliance.org.

[Skybird Le]

Hi,

In this case, how to get certified UAF authenticator list and verify whether a authenticator is certified. FIDO Server should get MDS from metadata service established by FIDO alliance, this is said by specification. But now if the list includes uncertified authenticator and some certified authenticators are not included, if a server want to validate a authenticator, or a RP server want to only authorize certifified authenticator to access its service, how to do that?

[Skybird Le]

We have a real project, the customer asks only trusted/certified UAF Authenticator can be used. How to do that?

[Ki-Eun Shin]

Hi,

As of now, the best way to get information (metadata) regarding certified authenticators is to contact the authenticator vendors (OEMs, or authenticator vendors).

You may need to sign some contracts for the use of their information.

Some WGs in FIDO Alliance have been trying to solve these issues by vitalizing and refining MDS for practical uses.

Thanks.  

[Skybird Le]

To contact each authenticator vendor is not practical. There should be some place taking the role of the central portal to publish certified UAF Authenticator list in the future. OK, I have to wait for more time.

Thank you very much.

[Ki-Eun Shin]

Everyone knows that's not practical. It will take some times to be mature. The thing is that FIDO Alliance has been trying to solve it. 

[Skybird Le]

OK, thanks.