- 2016.10.14 - Added endpoints for whitelisting AAID, and Facet Ids
- 2016.05.20 - Added wiki page for Maven build and Tomcat setup/run (using CLI only)
- 2016.03.28 - Started wiki pages
- 2016.02.23
- 2016.01.16
The main goal is the passwordless authentication experience
- Simple to authenticate using biometrics readings, such as fingerprint
- More secure authentication using the cryptography
- Standardize the messages, and the message exchange sequence
- Standardize the way how biometric authenticators are receiving requests and giving out responses
- Define how cryptography can be used to secure messages that are exchanged
- Identifying all required data that needs to be part of the protocol messages
- Correct implementation of message exchange sequence
- Correct implementation of cryptography sign/verify operations
- Correct implementation of encoding/decoding of the messages
- Number of successful application of the protocol is high
- Number of protocol adaptations in comparing with password authentication is higher
- Number of security bugs equal to zero
The code presented here is divided into three groups:
- fido-uaf-core - UAF protocol implementation
- fidouaf - UAF server, a Jersey service application for demoing UAF protocol implementation use
- RP Client App - Android relying party client app for demoing UAF server