CTAP Specification Differences

[Robert Hartman]

Sorry for this question.

Does the fidoalliance publish differences or proposed differences between CTAP2 standards. For example, differences between CTAP2 vs CTAP2.1 and CTAP2.1 vs CTAP2.2?

Thank you

[My1]

2.2 not sure but 2.1 added a good bunch of important stuff.

Primarily better support for internal UV (like fingerprints and stuff) like enrolling them within the fido protocol rather than needing special Software.

My favorite addition was the concept of credential management, which allows not only to read out how many resident keys a fido stick can store, but also allows deleting them one at a time instead of needing to wipe the entire thing like it's a cdrw. 

Another addition which isn't unimportant is cred protect which can regulate the access to credentials like disallow using the credential without uv at all. 

Another thing is a flag that allows registering non-resident keys without entering a pin, because in ctap2 registering ALWAYS requires a pin if one is set (with some browsers going down to u2f as a workaround instead) 

There may well be more but these are the 4 most important things ctap 2.1 added

--
You received this message because you are subscribed to the Google Groups "FIDO Dev (fido-dev)" group.
To unsubscribe from this group and stop receiving emails from it, send an email to fido-dev+u...@fidoalliance.org.
To view this discussion on the web visit https://groups.google.com/a/fidoalliance.org/d/msgid/fido-dev/7b7d1219-7f3f-4b78-915e-0659d6bcf379n%40fidoalliance.org.

[Robert Hartman]

I forgot to say thank you for the information. Your input was very helpful.