Hello,
For interoperability reasons, we are implementing a converter between v2 and v3.
We have the following questions.
Thank you in advance,
Regards!
Question 1:
In the metadata v2 there is a field denoted as "operatingEnv" [1] which states:
> Description of the particular operating environment that is used for the Authenticator. These are specified in [2].
In v3 [3], however, seems that this field has been entirely removed. Is this correct?
If it is correct, and the "operatingEnv" key has been removed in V3, which default value should we use when converting from a metadata V3 to a metadata V2?
Refs:
[3] https://fidoalliance.org/specs/mds/fido-metadata-statement-v3.0-ps-20210518.html
==============================
Question 2:
In the metadata v2 there is a field denoted as " isSecondFactorOnly" [1] of type required Boolean, which states:
> Indicates if the authenticator is designed to be used only as a second factor, i.e. requiring some other authentication method as a first factor (e.g. username+password).
In the examples for v3, this information seems to be still included:
"The Authenticator is a pure second factor authenticator." c.f. example 5.2 U2F [2].
Could you please indicate where this information is in the metadata statement? Is it implied as a constraint from another field?
A comparison of the v3 example 5.1 and 5.2, where only the second one is said to be a pure second factor.
Refs:
[2] https://fidoalliance.org/specs/mds/fido-metadata-statement-v3.0-ps-20210518.html#u2f-example
[3]https://fidoalliance.org/specs/mds/fido-metadata-statement-v3.0-ps-20210518.html#uaf-example
==============================
Question 3:
In the metadata v2 there is a field denoted "userVerificationDetails" [1] which is required to be a list of "VerificationMethodDescriptor" [2].
The same exists for metadata v3 [3,4]
Going into detail in V3 "userVerification", a field of "VerificationMethodDescriptor", presents values [5] that are not present in V2 [6]: the values are `USER_VERIFY_PASSCODE_EXTERNAL 0x00000800` and `USER_VERIFY_PATTERN_EXTERNAL 0x00001000`.
Which default value we should use if we want to convert the missing values?
Refs:
Thank you again,
best regards
--
Dr. Ing. MATTIA ZAGO, PhD
Solutions Architect
Monokee s.r.l.
+39 049 29 70 297 · +39 345 08 04 389 www.monokee.com · Via Zenti Fortunato, 8 – Rovereto (TN)
--
You received this message because you are subscribed to the Google Groups "FIDO Dev (fido-dev)" group.
To unsubscribe from this group and stop receiving emails from it, send an email to fido-dev+u...@fidoalliance.org.
To view this discussion on the web visit https://groups.google.com/a/fidoalliance.org/d/msgid/fido-dev/f5af359d-0e0b-4296-8a76-ac7eb51574d3n%40fidoalliance.org.
Emil Lundberg
Software Engineer | Yubico
To view this discussion on the web visit https://groups.google.com/a/fidoalliance.org/d/msgid/fido-dev/CAM4nT5JoP2rB5MEezYvm2vygjkeaoVMhjpiEMWnF4xt%2B3f_kxw%40mail.gmail.com.