[Question] FIDO2 Server Test about MDS3 (FIDO Conformance Tools v1.68)
225 views
Skip to first unread message
양성남
Jun 28, 2022, 2:13:06 AM6/28/22
to FIDO Dev (fido-dev)
Hello
I installed metadata in my database from 5 URL for metadata service test.
I'm testing conformance test for fido server.
Now test case (159) is passed successfully.
After regist our site url to https://mds3.certinfra.fidoalliance.org/ I installed metadata in my database from 5 URL for metadata service test.
So, I'm testing conformance test (6 test case) for metadata service test.
Unfortunately, 2 test case passed, 4 test case failed.
1. P-1 FULL "packed" attestation for a valid MDS metadata (passed)
2. F-1 FULL "packed" attestation for metadata from MDS3 who's status ... (passed)
3. F-2 FULL "packed" attestation for metadata from MDS3 who's signature can not be verified ..... (failed)
4. F-3 FULL "packed" attestation for metadata from MDS3 who's certificate chain can not be verified ..... (failed)
5. F-4 FULL "packed" attestation for metadata from MDS3 who's metadata service intermediate certificate is revoked .... (failed)
6. F-5 FULL "packed" attestation for metadata from MDS3 who's metadata service leaf certificate is revoked .... (failed)
I already checked above 4 test case with verify signing and cert path, revoke list.
I think that certificate, certificate chain and root certificate is valid.
I can't understand which part is wrong.
Please let me know what to do.
Thanks
Ackermann Yuriy
Jun 28, 2022, 2:33:18 AM6/28/22
to 양성남, FIDO Dev (fido-dev)
Please update to 1.7.0 and re-add test tools metadata
--
You received this message because you are subscribed to the Google Groups "FIDO Dev (fido-dev)" group.
To unsubscribe from this group and stop receiving emails from it, send an email to fido-dev+u...@fidoalliance.org.
To view this discussion on the web visit https://groups.google.com/a/fidoalliance.org/d/msgid/fido-dev/6c0a9ceb-fdfb-412d-9137-6f595f9d4db4n%40fidoalliance.org.
Yuriy Ackermann
FIDO, Identity, Standardsskype: ackermann.yuriy
github: @herrjemand
twitter: @herrjemand
medium: @herrjemand
양성남
Jun 28, 2022, 4:38:43 AM6/28/22
to FIDO Dev (fido-dev), Ackermann Yuriy, FIDO Dev (fido-dev), 양성남
I'v update to 1.7.0 and re-add test tools metadata as you mentioned.
Unfortunately, test result is same failed like above.
Unfortunately, test result is same failed like above.
I think that mds test case is verify that authenticator's attestation certificate, certificate chain and metadata's root certificate is valid (sign, cert path, algorithm, valid date, revoke)
however I think that's certificate is all valid.
is that right I think ?
Please let me know what I'm misunderstanding.
Thanks
2022년 6월 28일 화요일 오후 3시 33분 18초 UTC+9에 Ackermann Yuriy님이 작성:
Checo Zavala
Jun 28, 2022, 11:06:18 PM6/28/22
to intelsun...@gmail.com, fido...@fidoalliance.org, ackerma...@gmail.com
To view this discussion on the web visit https://groups.google.com/a/fidoalliance.org/d/msgid/fido-dev/5277d90c-9a82-405c-9ffa-29c288fa6da5n%40fidoalliance.org.
Reply all
Reply to author
Forward
0 new messages