search

Samyoul / U2F-php-server

Server-side handling of U2F registration and authentication for PHP
BSD 2-Clause "Simplified" License
34 stars 7 forks source link

Thanks! #1

Open apowers313 opened 7 years ago

apowers313 commented 7 years ago

This is great, thanks for writing it!

If you want to run it through the official FIDO test tools, you can get access to them here: https://fidoalliance.org/certification/conformance-self%E2%80%90validation-testing/

Samyoul commented 7 years ago

Thanks for getting in touch, there's a lot more work to do, as you can probably tell. But I've just got the minimum viable functionality sorted. Next steps are completing the php framework extensions. My aim is to make U2F as accessible to as many developers as possible.

Actually I'm surprised anyone found this repo, I've only just wrote it. But I will certainly run this through the FIDO test tools.

On Thu, 15 Dec 2016, 23:31 Adam Powers, notifications@github.com wrote:

This is great, thanks for writing it!

If you want to run it through the official FIDO test tools, you can get access to them here:

https://fidoalliance.org/certification/conformance-self%E2%80%90validation-testing/

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/Samyoul/U2F-php-server/issues/1, or mute the thread https://github.com/notifications/unsubscribe-auth/AFcDGln9ykRf88kguU82xpvKY5niS8Lkks5rIc3UgaJpZM4LOsNp .

apowers313 commented 7 years ago

I've been surprised that there hasn't been a U2F PHP Server so far... nice to see someone finally take a crack at it.

Let me know if there's anything I can do to help.

Samyoul commented 7 years ago

@apowers313 I've been reading through the UTHS User Guide and it seems that you need what the guide calls a UTD .

Looking at the specs for the UTD's calls, it seems straight forward to write one in php. I'll open source mine once I've finished writing and testing it. I can see other's needing to use the functionality in the future for testing their own servers, or validating the functionality of the one in this repo.

Samyoul commented 7 years ago

p.s.

Do you know know what the significance of a formal test (in the context of the UTHS) is?

apowers313 commented 7 years ago

I think that you do the formal test before attending an interop, if you want to actually get the rights to use the "U2F Certified" logo.

menturion commented 6 years ago

+1 Thanks! Very usefull. Do you plan to extend it for supporting FIDO2?