fido-alliance/how-to-fido

Issues

• CTAP2.1 - Smartphone as a FIDO2 roaming authenticator via BLE

  #43 opened 5 months ago by chunsfire
  0

• The reason for that RK is mandatory

  #16 opened 4 years ago by keikoit
  18

• Incorrect "Client to Authenticator Protocol (CTAP)" specification canonical URL

  #42 opened a year ago by kael
  0

• HTML FIDO 2.2 draft spec is literally unreadable in dark mode

  #41 opened 2 years ago by micolous
  0

• Use of exclude list while bootstraping.

  #29 opened 4 years ago by akshayku
  6

• various broken links and broken formatting

  #37 opened 3 years ago by equalsJeffH
  0

• port to Bikeshed?

  #36 opened 3 years ago by equalsJeffH
  0

• Add guidance for unenrollment / revocation?

  #35 opened 3 years ago by ianbjacobs
  0

• footnotes ought to be explicitly linked

  #33 opened 4 years ago by equalsJeffH
  1

• internal links to section headings do not work

  #32 opened 4 years ago by equalsJeffH
  2

• consider expanding remit to "how to use CredMan API for everything and migrate user base to WebAuthn/FIDO"

  #31 opened 4 years ago by equalsJeffH
  0

• discuss RP ID and how the RP may declare it such that creds are valid for subdomains

  #30 opened 4 years ago by equalsJeffH
  0

• Use of cookies and local storage for remembering registered user credentials

  #27 opened 4 years ago by eldanb
  0

• Not-user-verifying Platform Authenticator

  #20 opened 4 years ago by keikoit
  2

• Document needs scoping and positioning the profile at the start

  #25 opened 4 years ago by sbweeden
  2

• Add a White Paper reference to Account Recovery Practice

  #19 opened 4 years ago by j-hayakawa
  2

• Reason why it is not recommended requiring a second factor during reauthentication?

  #9 opened 4 years ago by ankoro73
  4

• Definition of reauthentication

  #1 opened 4 years ago by maxhata
  4

• Reason why UVPA not recommended as second factors for account bootstrapping ?

  #5 opened 4 years ago by maxhata
  2

• Recommendation on attestation

  #4 opened 4 years ago by maxhata
  3

• "convenient reauthentication UX" vs. "phishing-resistant 2nd factor"

  #3 opened 4 years ago by maxhata
  3

• caBLE with QR code

  #18 opened 4 years ago by keikoit
  1

• Case of login without usename

  #17 opened 4 years ago by keikoit
  3

• Ideal Recommendations

  #7 opened 4 years ago by akshayku
  13

• Reason why UVPA not recommended for account bootstrapping

  #14 opened 4 years ago by danyao
  0

• Expand README.md and add contribution guidelines

  #12 opened 4 years ago by dturnerx
  0

• Observations on HowToFIDO

  #8 opened 4 years ago by sbweeden
  2

• Confusing use of words, "bootstrap sign-ins”

  #6 opened 4 years ago by maxhata
  0

• Overall scoping

  #2 opened 4 years ago by maxhata
  0