QR-initiated Transaction Availability in China

133 views
Skip to first unread message

YX

unread,
Sep 5, 2023, 5:14:41 PM9/5/23
to FIDO Dev (fido-dev)
Hi,

We have several customers in China constantly reported issue with the QR code scanning flow (https://fidoalliance.org/specs/fido-v2.2-rd-20230321/fido-client-to-authenticator-protocol-v2.2-rd-20230321.html#hybrid-qr-initiated). 

The behavior that we observed on iOS device was that the the pop-up window would display a "Connecting..." message, and then stuck until timeout. We had suspected that the issue was related to the connection between clients and the tunnel servers (from the specs there are 2 tunnel server domains: "cable.ua5v.com", "cable.auth.com"). 

Wonder if anyone else has encountered the similar issue and any workaround available? Any suggestion is appreciated. 

Thanks.

My1

unread,
Sep 5, 2023, 6:23:02 PM9/5/23
to YX, FIDO Dev (fido-dev)
I personally wonder why it has to go through the cloud in the first place if the point is using bluetooth anyway, but I would assume that cable.ua5v.com gets 100% tampered by the great Firewall of China (a chinese firewall test shows a different ip there) as it seems to be related to google, and cable.auth.com is a CNAME which redirects to an apple subdomain, not sure if these are blocked in china

--
You received this message because you are subscribed to the Google Groups "FIDO Dev (fido-dev)" group.
To unsubscribe from this group and stop receiving emails from it, send an email to fido-dev+u...@fidoalliance.org.
To view this discussion on the web visit https://groups.google.com/a/fidoalliance.org/d/msgid/fido-dev/5e745a78-cba4-430e-bd2d-2a3ba0015016n%40fidoalliance.org.

Tim Cappalli

unread,
Sep 5, 2023, 7:47:26 PM9/5/23
to My1, YX, FIDO Dev (fido-dev)
Cross-Device Authentication does not use Bluetooth for passing the FIDO assertion.

RE: the original question, I don't believe Apple monitors this list, so you may want to open a support case.

Reply all
Reply to author
Forward
0 new messages