-
Notifications
You must be signed in to change notification settings - Fork 5
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Updated PRF Compatibility Section #82
Conversation
README.md
Outdated
|
||
| Operating System | Authenticator | Transport | PRF Compatibility | | ||
|------------------|----------------------|---------------|--------------------| | ||
| Linux | YubiKey | USB | ✔ | |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
As an authenticator, any FIDO security key should work, as long as it supports the CTAP hmac-secret extension.
I tested with a Solo key (v1). Perhaps we should also maintain a table with verified authenticators?
See also https://opotonniee.github.io/fido-mds-explorer/ for entries where metadataStatement.authenticatorGetInfo.extensions
includes hmac-secret
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If I understand correctly, we should rename the 'YubiKey' to 'Security Key' to make it more inclusive and reflective of various compatible security key models.
As for the new table for verified authenticators, are you suggesting that we should list different security key models that have been tested? This would differ from the current table, which display prf compatibility by OS and authenticator category.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Perhaps use the term fido security key for now, and add a comment that any security key should work, provided it supports hmac-secret.
We could also refer to
https://opotonniee.github.io/fido-mds-explorer/
where hmac-secret support is listed under metadataStatement > authenticatorGetInfo > extensions
Looks good to me! |
This update introduces refined transport names for clarity and adds a detailed compatibility table for each operating system and browser combination.
In reference to issue #81
PRF Compatibility Support by Operating System and Latest Browser Versions
PRF Compatibility Scenarios
Feel free to provide suggestions or improvements.