Skip to content

Release Notes 1.15.0

CEP 1.15.0 includes new features and resolve an issue.

What’s New?

Implementation of BLUETOOTH_ESEC:1

The new Bluetooth authentication method, BLUETOOTH_ESEC:1, has been implemented.

Serial Number Entity for FIDO2 and U2F Methods

The CEP now allows mandatory input for the serial number of FIDO2 and UF2 authenticators If enabled by the CEP_FIDO2_REQUIRE_SERIAL_NUMBER parameter.

Optional Strict Handling of Public Suffixes for FIDO2

In some environments, customers are using private domains even for FIDO2 authentication. The FIDO2 specification mandates the use of public DNS suffixes for the RP_ID. This will be enforced by the CEP unless disabled with the parameter CEP_FIDO2_PUBLIC_SUFFIX_ONLY.

Leaked Password Database Validation

Password validation against leaked password databases has been implemented and can be enabled by the CEP_COMPROMISED_PASSWORD_CHECK parameter.

Resolved Issues

Issues

  • CEP demonstrated an offline authentication option for the Smartphone method, even though offline authentication had been disabled in AA.