Changes

Security/CryptoEngineering

324 bytes added, 13:56, 15 January 2019

→‎Web Authentication: update dates

* 2017 (late): Update to the Candidate Recommendation of the WebAuthn JS API.

** [https://bugzilla.mozilla.org/show_bug.cgi?id=1384776 Bug 1384776]

* ~~2018~~2019: Support USB HID CTAP devices on desktop platforms. (Exact version TBD)

** [https://github.com/jcjones/u2f-hid-rs/issues/33 u2f-hid-rs Issue #33]

* ~~2018~~2019: Support U2F hardware for Firefox for Android.

** [https://github.com/jcjones/u2f-hid-rs/issues/42 u2f-hid-rs Issue #42]

=== Using U2F / WebAuthn ===

~~Enable the preferences~~ WebAuthn is enabled by default. To enable U2F as well, enable this preference in '''about:config''':

* security.webauth.u2f

* security.webauth.webauthn

Enabling debugging (example for OSX):

MOZ_LOG="webauthnmanager:5, webauth_u2f:5, webauth_u2f:5, u2fkeymanager:5, u2fhidtoken:5, u2fmanager:5" ~/Desktop/NightlyDebug.app/Contents/MacOS/firefox

Enabling the soft token:

In '''about:config''' enable:

* security.webauth.webauthn_enable_softtoken

This currently stops the use of USB tokens, as the soft token always answers first. To see its code, check https://searchfox.org/mozilla-central/source/dom/webauthn/U2FSoftTokenManager.cpp#151.

==== Useful testing sites ====

Jcjones

122

edits

Changes

Security/CryptoEngineering

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

How to Contribute

MozillaWiki

Around Mozilla

Tools