Re: [FIDO-DEV] Digest for fido-dev@fidoalliance.org - 2 updates in 1 topic
38 views
Skip to first unread message
Aman Mume
Mar 24, 2023, 6:59:27 PM3/24/23
to fido...@fidoalliance.org
All apps
From: fido...@fidoalliance.org <fido...@fidoalliance.org>
Sent: Saturday, March 25, 2023 1:58:35 AM
To: Digest recipients <fido...@fidoalliance.org>
Subject: [FIDO-DEV] Digest for fido...@fidoalliance.org - 2 updates in 1 topic
Sent: Saturday, March 25, 2023 1:58:35 AM
To: Digest recipients <fido...@fidoalliance.org>
Subject: [FIDO-DEV] Digest for fido...@fidoalliance.org - 2 updates in 1 topic
- MDS Versions - 2 Updates
|
J B <spi...@gmail.com>: Mar 24 10:23AM -0700
Hi all, I'm looking for some help understanding the " authenticatorVersion " and the "*firmwareVersion*" field of "*authenticatorGetInfo*" in the MDS file. 1. What exactly is the authenticator version? 1. Is this just a value arbitrarily assigned by the manufacturer to identify a product version? 2. When should it be updated? I see that it must be incremented if a major security issue is resolved, but see no guidance outside that. 3. Can this use semantic versioning or integers only? 2. What should be done with firmwareVersion? 1. Does this need to be included in the MDS? 2. If so which version should be reported if there are devices with multiple firmware versions in circulation? Thanks! |
|
<rlind...@noknok.com>: Mar 24 08:09PM +0100
>What exactly is the authenticator version? See https://fidoalliance.org/specs/mds/fido-metadata-statement-v3.0-ps-20210518.html#dom-metadatastatement-authenticatorversion - especially the past paragraph. > What should be done with firmwareVersion? See above. Von: fido...@fidoalliance.org <fido...@fidoalliance.org> Im Auftrag von J B Gesendet: Freitag, 24. März 2023 18:23 An: FIDO Dev (fido-dev) <fido...@fidoalliance.org> Betreff: [FIDO-DEV] MDS Versions Hi all, I'm looking for some help understanding the " authenticatorVersion " and the "firmwareVersion" field of "authenticatorGetInfo" in the MDS file. 1. Is this just a value arbitrarily assigned by the manufacturer to identify a product version? 2. When should it be updated? I see that it must be incremented if a major security issue is resolved, but see no guidance outside that. 3. Can this use semantic versioning or integers only? 2. What should be done with firmwareVersion? 1. Does this need to be included in the MDS? 2. If so which version should be reported if there are devices with multiple firmware versions in circulation? Thanks! -- You received this message because you are subscribed to the Google Groups "FIDO Dev (fido-dev)" group. To unsubscribe from this group and stop receiving emails from it, send an email to fido-dev+u...@fidoalliance.org <mailto:fido-dev+u...@fidoalliance.org> . To view this discussion on the web visit https://groups.google.com/a/fidoalliance.org/d/msgid/fido-dev/bfa1160c-bd16-4f96-97e1-0d21a1217571n%40fidoalliance.org <https://www.google.com/url?q=https://groups.google.com/a/fidoalliance.org/d/msgid/fido-dev/bfa1160c-bd16-4f96-97e1-0d21a1217571n%2540fidoalliance.org?utm_medium%3Demail%26utm_source%3Dfooter&source=gmail-imap&ust=1680283399000000&usg=AOvVaw1ObKL7YAwYZa6pP0xOlwF-> . |
|
You received this digest because you're subscribed to updates for this group. You can change your settings on the
group membership page. To unsubscribe from this group and stop receiving emails from it send an email to fido-dev+u...@fidoalliance.org. |
Reply all
Reply to author
Forward
0 new messages