1 Scope
2 References
3 Definitions
3.1 Terms defined elsewhere
3.2 Terms defined in this Recommendation
4 Abbreviations and acronyms
5 Conventions
6 Relationship to other specifications
7 Protocol structure and overview
8 Authenticator API
8.1 authenticatorMakeCredential (0x01)
8.2 authenticatorGetAssertion (0x02)
8.3 authenticatorGetNextAssertion (0x08)
8.4 authenticatorGetInfo (0x04)
8.5 authenticatorClientPIN (0x06)
8.6 authenticatorReset (0x07)
8.7 authenticatorBioEnrollment (0x09)
8.8 authenticatorCredentialManagement (0x0A)
8.9 authenticatorSelection (0x0B)
8.10 authenticatorLargeBlobs (0x0C)
8.11 authenticatorConfig (0x0D)
8.12 Prototype authenticatorBioEnrollment (0x40) (For backwards
compatibility with "FIDO_2_1_PRE")
8.13 Prototype authenticatorCredentialManagement (0x41) (For
backwards compatibility with "FIDO_2_1_PRE")
9 Feature-specific descriptions and actions
9.1 Enterprise attestation
9.2 Always require user verification
9.3 Authenticator certifications
9.4 Set minimum PIN length
10 Message encoding
10.1 Command codes
10.2 Status codes
10.3 Utility functions
11 Mandatory features
12 Interoperating with CTAP1/U2F authenticators
12.1 Framing of U2F commands
12.2 Using the CTAP2 authenticatorMakeCredential
Command with CTAP1/U2F authenticators
12.3 Using the CTAP2 authenticatorGetAssertion
Command with CTAP1/U2F authenticators
12.4 Cross-version credential compatibility
13 Transport-specific bindings
13.1 Secure protocol implementation
13.2 USB human interface device (USB HID)
13.3 ISO7816 and Near Field Communication (NFC)
13.4 Bluetooth Smart / Bluetooth Low Energy Technology
14 Defined extensions
14.1 Credential Protection (credProtect)
14.2 Credential Blob (credBlob)
14.3 Large blob Key (largeBlobKey)
14.4 Minimum PIN Length Extension (minPinLength)
14.5 HMAC Secret Extension (hmac-secret)
Annex A – Terms defined by reference
Appendix I – IDL Index
Bibliography