Security/CryptoEngineering: Difference between revisions

Jump to navigation Jump to search

Security/CryptoEngineering (view source)

Revision as of 01:06, 8 November 2017

33 bytes removed ,  8 November 2017
→‎Web Authentication: Add https://webauthn.io
(Add a mission statement)
(→‎Web Authentication: Add https://webauthn.io)
Line 54: Line 54:
* 2017 (late): Update to the Candidate Recommendation of the WebAuthn JS API.
* 2017 (late): Update to the Candidate Recommendation of the WebAuthn JS API.
** [https://bugzilla.mozilla.org/show_bug.cgi?id=1384776 Bug 1384776]
** [https://bugzilla.mozilla.org/show_bug.cgi?id=1384776 Bug 1384776]
* 2017 (late) / 2018: Support USB HID CTAP devices on desktop platforms. (Exact version TBD)
* 2018: Support USB HID CTAP devices on desktop platforms. (Exact version TBD)
** [https://github.com/jcjones/u2f-hid-rs/issues/33 u2f-hid-rs Issue #33]
** [https://github.com/jcjones/u2f-hid-rs/issues/33 u2f-hid-rs Issue #33]
* 2018: Support U2F hardware for Firefox for Android.
* 2018: Support U2F hardware for Firefox for Android.
Line 61: Line 61:
All of the above dates are for landing in Firefox Nightly.  
All of the above dates are for landing in Firefox Nightly.  


'''Goal''': permit use of U2F tokens via a user-controllable preference (not on by default) in Firefox 56 or 57 (Done in '''Firefox 57'''), and Web Authentication (on by default) in Firefox 58 or 59. (See [[RapidRelease/Calendar]])
'''Goal''': permit use of U2F tokens via a user-controllable preference (not on by default) in Firefox 56 or 57 (Done in '''Firefox 57'''), and Web Authentication (on by default) in Firefox 59 or 60. (See [[RapidRelease/Calendar]])


=== Using U2F / WebAuthn ===
=== Using U2F / WebAuthn ===
Line 73: Line 73:
   MOZ_LOG="webauthnmanager:5, webauth_u2f:5, webauth_u2f:5, u2fkeymanager:5, u2fhidtoken:5, u2fmanager:5" ~/Desktop/NightlyDebug.app/Contents/MacOS/firefox
   MOZ_LOG="webauthnmanager:5, webauth_u2f:5, webauth_u2f:5, u2fkeymanager:5, u2fhidtoken:5, u2fmanager:5" ~/Desktop/NightlyDebug.app/Contents/MacOS/firefox


This build supports WebAuthn WD-05 and U2F v1.1 using hardware tokens. It has been tested at:
==== Useful testing sites ====
 
U2F:
* https://u2fdemo.appspot.com/
* https://u2fdemo.appspot.com/
* https://github.com/
* https://github.com/
* https://u2f.bin.coffee/
* https://u2f.bin.coffee/
* https://demo.yubico.com/u2f
* https://demo.yubico.com/u2f
* https://webauthn.bin.coffee/wd-05/
 
Web Authentication:
* https://webauthn.bin.coffee/
* https://webauthn.io/


It does not work on Facebook or Google Accounts; there are issues beyond browser detection that haven't been analyzed yet.
It does not work on Facebook or Google Accounts; there are issues beyond browser detection that haven't been analyzed yet.
Jcjones
122

edits

Retrieved from "https://wiki.allizom.org/Special:MobileDiff/1183667"

Navigation menu