Overview#

FIDO Authenticator is an Authenticator for FIDO protocols

FIDO Authenticator requires a FIDO Client.

FIDO Authenticator requires a local device such as a Mobile Device or a U2F device

FIDO Authenticator allows a user to Authenticate to a FIDO enabled Relying Party using their different Authentication Methods

FIDO Authenticator needs to be able to:

FIDO Authenticators generate Public Key/Private Key pairs for each website with which they communicate.

Key generation places a high load on computing resources, especially in the case of general purpose CPUs.

Smart Card technology is purpose-built to perform key pair generation quickly, with low power consumption. Because Smart Card technology uses a Secure Element, key pair generation is performed securely and is efficiently protected, even from advanced attacks. Smart Card technology protects Private Keys in hardware with interaction restricted to a limited set of commands and responses.

The FIDO Standards define a common API at the FIDO Client for the local authentication method that the user exercises.

FIDO Authenticator Attestation and Metadata#

FIDO Authenticator modules may register various Metadata properties of the FIDO Authenticator a mds.fidoaliance.org which is a JWT that describes various aspects of the particular FIDO Authenticator

More Information#

There might be more information for this subject on one of the following:

Add new attachment

Only authorized users are allowed to upload new attachments.
« This page (revision-17) was last changed on 04-Apr-2017 10:26 by jim