============================
Glossary
============================

.. glossary::

    AAGUID
      An Authenticator Attestation Global Unique Identifier (AAGUID) is a 128-bit identifier representing make and model for a group of FIDO2 authenticators that share the same :term:`authenticator metadata <Authenticator Metadata>`.  The AAGUID allows a service provider to determine which attestation root certificate chain to treat as trusted for a specific attestation statement, without revealing information that can be used to track an individual authenticator.
      AAGUIDs are typically written out as a 32-character hexadecimal string, sometimes with dashes after the 8th, 12th, 16th and 20th digits.  For example, the AAGUID for the YubiKey 5 NFC is d7781e5d-e353-46aa-afe2-3ca49f13332a. 

    Authenticator Metadata
      Authenticator metadata is information about authenticator which helps relying parties or identity providers support authenticators with different capabilities, manufactured by different vendors.  This information includes the :term:`AAGUID`, a certificate chain that can be used to validate attestation statements, and information about how the authenticator can be connected (USB, NFC or Bluetooth) as well as what extensions are supported.

    MDS
      FIDO Metadata Service (MDS) is a service provided by the FIDO Alliance that defines a uniform, vendor-agnostic method for looking up FIDO :term:`authenticator metadata <Authenticator Metadata>` by its :term:`AAGUID`.  Additional information about the FIDO Metadata Service can be found at the FIDO Alliance: https://fidoalliance.org/metadata/