This extension allows for recovery credentials to be registered with an RP,
which can be used for account recovery in the case of a lost/destroyed main
authenticator. This is done by associating one or more backup authenticators
with the main authenticator, the latter of which is then able to provide
additional credentials for account recovery to the RP without involving the
backup authenticators. The mechanism of setting this up is outside of the scope
of this extension, however a state
counter is defined as follows:
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# THIS CODE IS PROVIDED AS IS WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING ANY IMPLIED WARRANTIES OF | |
# FITNESS FOR A PARTICULAR PURPOSE, MERCHANTABILITY, OR NON-INFRINGEMENT. | |
#Requires -Modules @{ ModuleName="Microsoft.Graph.Authentication" ; ModuleVersion="2.15.0" } | |
#Requires -Modules @{ ModuleName="Microsoft.Graph.DirectoryObjects"; ModuleVersion="2.15.0" } | |
#Requires -Modules @{ ModuleName="Microsoft.Graph.Identity.SignIns"; ModuleVersion="2.15.0" } | |
#Requires -Modules @{ ModuleName="Microsoft.Graph.Applications" ; ModuleVersion="2.15.0" } | |
#Requires -Modules @{ ModuleName="Microsoft.Graph.Users" ; ModuleVersion="2.15.0" } | |
<# |
-
Meetecho: https://play.conf.meetecho.com/Playout/?session=IETF103-TOKBIND-20181106-0900
-
基本3文書はRFCになった
-
TLS 1.3 → WGLCの準備OK
-
0-RTT
-
0-RTTとToken Bindingについてはこれまで何も言われていなかった。リプレイ攻撃に対して何もできない。0-RTTではToken Bindingを使わないことを推奨
This document has moved; its new address is: https://github.com/Yubico/webauthn-recovery-extension