Hello,
I am currently running the FIDO2 Conformance Tool for server validation, and I am facing an issue with handling the User Verification (UV) flag across multiple tests. Specifically, the tool runs a variety of tests, some requiring user verification (userVerification: "required") and others not. However, I am unable to determine when the conformance tool expects the server to enforce user verification and check for the UV flag in the authenticatorData.
The problem I'm encountering is as follows:
I am looking for guidance on how to handle this situation where the tool performs multiple tests, some requiring UV and others not, without knowing in advance which specific tests are running.
Questions:FIDO2 Test: F-4 For authenticator that supports counter: Send ServerAuthenticatorAssertionResponse with authenticatorData.counter is not increased, and check that server returns an error
Any advice or guidance would be greatly appreciated.
Thank you!
--
You received this message because you are subscribed to the Google Groups "FIDO Dev (fido-dev)" group.
To unsubscribe from this group and stop receiving emails from it, send an email to fido-dev+u...@fidoalliance.org.
To view this discussion on the web visit https://groups.google.com/a/fidoalliance.org/d/msgid/fido-dev/8e5beca6-0dd2-4514-8131-0cb990ba3b68n%40fidoalliance.org.