![]() ![]() ![]() The Big PictureĬTAP2 and WebAuthn define an abstraction layer that creates an ecosystem for strongly authenticated credentials. The WebAuthentication (aka WebAuthn) spec lives at W3C (where the browser makers meet) while the Client-to-Authenticator (aka CTAP2) spec lives at the FIDO Alliance (where hardware and platform folks have joined to solve the problem of Fast IDentity Online). To understand how FIDO2 authenticators work, you need knowledge of two specifications in two different standards bodies. We will start with the industry standards perspective, and then at the end we will summarize how Microsoft implements the various roles. But what are the actual pieces of the puzzle and how do they fit? Read on for the big picture of how the W3C WebAuthn and FIDO2 CTAP2 specifications interact. This one relying party enables standards-based passwordless authentication at Xbox, Skype, and more. This is a great week to be working in Identity Standards, as we at Microsoft celebrate the release of our first ever WebAuthn Relying Party. ![]()
0 Comments
Leave a Reply. |