From 5ca6250ef1d31e91a889f97faa16269ee5d221be Mon Sep 17 00:00:00 2001 From: Jan-Erik Rediger Date: Fri, 6 Mar 2015 18:25:30 +0100 Subject: [PATCH] Fixed small mistake in authentication step --- _posts/2015-03-06-u2f-demo-application.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/_posts/2015-03-06-u2f-demo-application.md b/_posts/2015-03-06-u2f-demo-application.md index cbce43d..f5b597a 100644 --- a/_posts/2015-03-06-u2f-demo-application.md +++ b/_posts/2015-03-06-u2f-demo-application.md @@ -42,7 +42,7 @@ The key is now registered for use with this origin and appId. 2. This data is sent to the browser, including the `appId` 3. The browser forwards this data to the key, including the origin 4. The key is activated by human interaction, it then creates a signature of a hash of the `appId`, a counter value and a hash of the provided challenge and origin. This signature and the counter value is sent back to the browser, which submits it to the server -5. The browser verifies the signature using the previously saved public key and verifies that the counter value is larger than any previously seen counter for this key handle. +5. The server verifies the signature using the previously saved public key and verifies that the counter value is larger than any previously seen counter for this key handle. If all runs through the user is successfully authenticated based on his key.