QR-initiated Transaction Availability in China

[YX]

Hi,

We have several customers in China constantly reported issue with the QR code scanning flow (https://fidoalliance.org/specs/fido-v2.2-rd-20230321/fido-client-to-authenticator-protocol-v2.2-rd-20230321.html#hybrid-qr-initiated). 

The behavior that we observed on iOS device was that the the pop-up window would display a "Connecting..." message, and then stuck until timeout. We had suspected that the issue was related to the connection between clients and the tunnel servers (from the specs there are 2 tunnel server domains: "cable.ua5v.com", "cable.auth.com"). 

Wonder if anyone else has encountered the similar issue and any workaround available? Any suggestion is appreciated. 

Thanks.

[My1]

I personally wonder why it has to go through the cloud in the first place if the point is using bluetooth anyway, but I would assume that cable.ua5v.com gets 100% tampered by the great Firewall of China (a chinese firewall test shows a different ip there) as it seems to be related to google, and cable.auth.com is a CNAME which redirects to an apple subdomain, not sure if these are blocked in china

--
You received this message because you are subscribed to the Google Groups "FIDO Dev (fido-dev)" group.
To unsubscribe from this group and stop receiving emails from it, send an email to fido-dev+u...@fidoalliance.org.
To view this discussion on the web visit https://groups.google.com/a/fidoalliance.org/d/msgid/fido-dev/5e745a78-cba4-430e-bd2d-2a3ba0015016n%40fidoalliance.org.

[Tim Cappalli]

Cross-Device Authentication does not use Bluetooth for passing the FIDO assertion.

RE: the original question, I don't believe Apple monitors this list, so you may want to open a support case.

To view this discussion on the web visit https://groups.google.com/a/fidoalliance.org/d/msgid/fido-dev/CACHSkNrBV54GQ8hAjygUY_%2BeTGSD91q%3DNXDNb18H0Sbuty1CEw%40mail.gmail.com.