FIDO conformance testing requires RP's to fail registration response verification if an authenticator's AAGUID does not correspond to a registered metadata statement. This has always seemed particularly onerous to me, and I've never managed to find a good reason for why this is the case, so I'm finally adding in a flag to MetadataService.initialize() that allows RP admins to continue with verification anyway.
FIDO conformance testing requires RP's to fail registration response verification if an authenticator's AAGUID does not correspond to a registered metadata statement. This has always seemed particularly onerous to me, and I've never managed to find a good reason for why this is the case, so I'm finally adding in a flag to
MetadataService.initialize()that allows RP admins to continue with verification anyway.This addresses #155.