Passkey AAGUID

218 views
Skip to first unread message

Test 1

unread,
Jun 5, 2024, 10:31:58 AMJun 5
to FIDO Dev (fido-dev)
  Hello,
 I'm creating a passkey provider software.
How do we create an AAGUID, and where can I register it once it's created so that my firm name and logo will appear whenever my password manager saves a passkey on a website?


With regards
Calvin 

Tim Cappalli

unread,
Jun 5, 2024, 11:24:05 AMJun 5
to Test 1, FIDO Dev (fido-dev)
Hey there!

Step 1 is to generate an AAGUID
Step 2 is to create a PR for the Passkey Provider AAGUID list (short term directory used by many RPs)
Step 3 is to submit your AAGUID to FIDO MDS (long term directory)

tim

On Wed, Jun 5, 2024 at 10:32 AM Test 1 <testp...@gmail.com> wrote:

This message originated outside your organization.




--
You received this message because you are subscribed to the Google Groups "FIDO Dev (fido-dev)" group.
To unsubscribe from this group and stop receiving emails from it, send an email to fido-dev+u...@fidoalliance.org.
To view this discussion on the web visit https://groups.google.com/a/fidoalliance.org/d/msgid/fido-dev/0cdf5320-ea38-4ed4-9dcc-cf458f6b411dn%40fidoalliance.org.
Message has been deleted

My1

unread,
Aug 13, 2024, 6:18:03 AMAug 13
to Test 1, FIDO Dev (fido-dev), Tim Cappalli
while for testing and stuff that can work, if you actually plan to make a product that's not really advisable, especially as if everyone gets a new random AAGUID, Websites would not be able to know it is your password manager. (also FIDO specs say it has to be the same across authenticators of the same type, which makes sense.)

long story short your AAGUID is basically just a 128-bit sequence formatted in a specific way, how you generate that to begin with does not really matter as long as you 
1) keep it the same on everything once you are done with making it.
2) make sure others dont use it.

but other than that I doubt anyone cares whether you use a browser, a PHP script or flip 128 coins if that's your thing.

Am Di., 13. Aug. 2024 um 09:45 Uhr schrieb Test 1 <testp...@gmail.com>:
Hey Tim
Thank you for the clarification. While looking through documents and online resources, I wondered if it would be acceptable to even produce AAGUID using the browser's built-in crypto library (crypto.randomUUID())?

Test 1

unread,
Aug 27, 2024, 7:06:18 AMAug 27
to FIDO Dev (fido-dev), My1, FIDO Dev (fido-dev), Tim Cappalli, Test 1
Hi,
Regarding the Git and Fido MDS registration procedure, I have one more concern. If I register using my email address, is it possible to modify it later?  

pa...@fidoalliance.org

unread,
Aug 28, 2024, 12:22:50 AMAug 28
to Test 1, FIDO Dev (fido-dev), My1, FIDO Dev (fido-dev), Tim Cappalli

Hello,

Yes, please contact sup...@mymds.fidoalliance.org for such assistance.

 

Thank you,

Paul

 

Paul Heim | Certification Director | FIDO Alliance

T: +1 623-200-3994

pa...@fidoalliance.org | www.fidoalliance.org

 

signature_4152129623

 

Join us Oct. 14-16 in Carlsbad, CA or virtually! Learn more at authenticatecon.com

image001.png
Reply all
Reply to author
Forward
0 new messages