ProjectPasskeys: Refactor MDS3 codebase and server config #9111
Assignees
Labels
Comments
MDS Code Base refactoring[TODO] |
yackermann
changed the title
|
These 2 folders Fido2 uses for devices root certs: Should we deprecate related to these folders functionality or there is replacement for this? |
|
There should not be a separate folder for device roots. All checks must be done against metadata @yurem |
|
This is right approach. But how to do this edge cases if device not in MDS3 list yet? For example we also need to add SG roots. |
|
@yurem standard metadata will have the device root. |
shekhar16
added a commit
that referenced
this issue
Aug 26, 2024
Signed-off-by: shekhar16 <[email protected]>
shekhar16
added a commit
that referenced
this issue
Aug 26, 2024
Signed-off-by: shekhar16 <[email protected]>
shekhar16
added a commit
that referenced
this issue
Aug 26, 2024
Signed-off-by: shekhar16 <[email protected]>
Merged
yurem
pushed a commit
that referenced
this issue
Aug 27, 2024
* feat(jans-fido): refactor mds3 codebase and server config Signed-off-by: shekhar16 <[email protected]> * feat(jans-fido): revert rename from docker file #9111 Signed-off-by: shekhar16 <[email protected]> * feat(jans-fido): add metadatarefreshinterval #9111 Signed-off-by: shekhar16 <[email protected]> * feat(jans-fido): changes to refactor metadataservers #9111 Signed-off-by: shekhar16 <[email protected]> --------- Signed-off-by: shekhar16 <[email protected]>
shekhar16
added a commit
that referenced
this issue
Aug 31, 2024
Signed-off-by: shekhar16 <[email protected]>
Closed
shekhar16
added a commit
that referenced
this issue
Sep 2, 2024
Signed-off-by: shekhar16 <[email protected]>
This was referenced Sep 2, 2024
yurem
pushed a commit
that referenced
this issue
Sep 2, 2024
Signed-off-by: shekhar16 <[email protected]>
|
I'm closing this ticket as all are done or having corresponding different tickets. |
moabu
pushed a commit
that referenced
this issue
Nov 7, 2024
* feat(jans-fido): refactor mds3 codebase and server config Signed-off-by: shekhar16 <[email protected]> * feat(jans-fido): revert rename from docker file #9111 Signed-off-by: shekhar16 <[email protected]> * feat(jans-fido): add metadatarefreshinterval #9111 Signed-off-by: shekhar16 <[email protected]> * feat(jans-fido): changes to refactor metadataservers #9111 Signed-off-by: shekhar16 <[email protected]> --------- Signed-off-by: shekhar16 <[email protected]>
moabu
pushed a commit
that referenced
this issue
Nov 7, 2024
Signed-off-by: shekhar16 <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Configuration refactoring
mdsCertsFolder,mdsTocsFolder,authenticatorCertsFolder(ProjectPasskeys: Deprecate folder properties from fidoConfiguration. #9369)metadataUrlsProviderwithmetadataServers[{"url": "https://mds.fidoalliance.org/", "certificate": "...base64 of certificate..."}]metadataRefreshIntervalto allow adjustment of when metadata is refreshedrequestedPartieswithrpId, andorigins#9248userAutoEnrollmenttodebugUserAutoEnrollmentrequestedCredentialTypestoenabledFidoAlgorithmsskipDownloadMdsEnabledtodisableMetadataServiceskipValidateMdsInAttestationEnabledwithattestationModewith values #9332"disabled" means attestation "none"
"monitor" means attestation "direct" but still accept if none return
"enforced" means that credential creation will fail if attestation is not returned
assertionOptionsGenerateEndpointEnabled#9705 ProjectPasskeys: Rework attestation flow, and cred structure #8906The text was updated successfully, but these errors were encountered: