See also: IRC log
<sangrae> I think one of IPCaller is me
<virginie> hi all,
<virginie> virginiejust connected
<JAG> Hi guys
<JAG> I'm on the call
<JAG> JAG = Jon Geater (Trustonic)
<Siva> aadd is siva
<Cathy> +1.925.980.aabb is Cathy Medich
<JAG> @Zakim I am one of the IP callers
<dirkbalfanz> This is Dirk from Google. I'm on the call, too.
<JAG> I have to go at 08:00 I'm afraid
We'll try to keep this quick and painless :)
Unless there's major disagreements
<JAG> @rbarnes the paper attributed to me is actually written by Ilhan Gurel in my team, if that helps ;-)
so if anyone from Mountainview is on call, stay on so we can do last minute logistics
<SartoriMichele> hi everybody, sorry if I'm late :)
<rbarnes> (not sure why i would be producing noise, softphone is muted. maybe silence suppression isn't working)
Virginie: We have 43 papers in Easychair
All papers are in scope
kodonog - you can update
by end of the day?
<nvdbleek> +1
<Karen_> +1
Virginie: All papers accepted, accpeing attendance of all papers?
<Siva> +1
<sangrae> +1
<gram> +1
RESOLUTION: All papers accepted, everyone can attend!
<kodonog> +1
We have a limit of about 70 people in the room I think, so we should be fine - but I'll set up a registration form today since some people who sent in papers might not accept
<Siva> 51....Karen Lu and Kirsty Pearson are repeated twice...
We could so some late statements of interest if some particularly vital folks are missing
Off the top of my head, Dan Boneh and Twitter asked for extensions and it would be good to have them there.
<JeffH> agreed!
Virginie: I think most of the papers can be put in the following categories:
1) WebCrypto v.Next
2) Authentication
(FIDO for example, but also many other techniques and national ID schemes)
3) secure token integration
4) New Security Features for Open Web Platform (Integration of pervasive monitoring-resistance, browser certification, etc.)
Quick presentations of 3-5 people per session
then discussion and break-out if needed
wselzter: Anything that doesn't
fit? Does this sound reasonable?
... at the end of the second day, we need a session at end for
next steps chartering
and should we do break-outs at end or do break-outs throughout session?
<gram> +1 for breakout sessions in the programme
TonyNad: Sounds pretty good
Karen_: All attendees attend all different topics?
<JeffH> topic breakdown looks fine to me at this time
<rbarnes> "Browser security and certification "?
like FIPS certification, not browser certs
Virginie: As much plenary as possible
<rbarnes> ah
Siva: I don't see difference between authentication and secure token integration
<kodonog> how do you best get focus on scoping the future standardization work?
note there are no parallel sessions :)
<rbarnes> kodonog ++
we can do "unconference" breakouts
<Siva> Ah. Got it!
but those can be exhausting and hard to get action items out of
So maybe do break-outs at end of day 1?
and then a big plenary on day 2
30 min. is too short for a breakout
<rbarnes> i don't think the idea of breakouts is super useful
<rbarnes> if we really have a need, we can do them, but they shouldn't be a focus
<JeffH> i tend to agree w/rbarnes
rbarnes: We need a discussion in
plenary for the next steps of the charter
... shouldn't be part of framework
<rbarnes> -1 :)
PROPOSAL: Have breakouts? (+1 for, -1 against)
<nvdbleek> +0
<Siva> -1
<gram> +1 :)
<SartoriMichele> -1
<JAG> -1
<Peter_Cattaneo> -1
<HerveSibert> -1
Wow, no breakouts wins
We can do on an ad-hoc session if needed.
at end of day 1
but we won't put it in schedule officially
<JAG> Sit the break-out fans at the same end of the table at dinner :-)
<JeffH> -1 but qualified that we can do them ad-hoc if it seems at the time it might be useful
<SartoriMichele> can we consider dinner as a breakouts session?
Virginie: We'll do breakouts as needed
<JonGeater> (de-obfuscated my name from JAG)
Virginie: looking at excel spreadsheet
<rbarnes> JonGeater: +1 to dinner break-outs
<rbarnes> "Bar BoFs"
<gram> sit the breakout fans at the same end of the table as Jon for dinner ;-)
I can try to allocate live
<wseltzer> harry: Rather than do it mathematically, I'd walk through the categories and the papers in each
<JonGeater> @gram sorry, I won't be there :-( I'm sending Ilhan (who wrote our position paper)
<wseltzer> ... also look for a diverse set of presentations
<wseltzer> ... not multiple speakers from one company or tech
10 min. is quite short and not realistic
the shortest you can generally get people to do is pecha-kucha
7 min.
<wseltzer> 3 min
rbarnes: Would rather have implementers framing at the beginning rather than at the end.
Virginie: Implementers will be involved at two days, but a take-away would help.
<kodonog> which speakers can best frame the topic
<rbarnes> +1 to getting diversity / representation, as harry & wendy are saying
wseltzer: This is not academic session so its not a best paper prize, but we're trying to get people up on stage, people who can help frame a problem concising and add input we couldn't get from reading paper in advance, stimulate conversation
Siva: Implementers should get centre-stage on what is possible, will help get some reality grounding
<rbarnes> implementors are much more likely to say what they're *not* going to do than what they *are* :)
<virginie> to rbarnes : I am sure you can be creativ, guys... :)
<rbarnes> i would be ok with a brief wrap-up
<rbarnes> front vs. end is not mutually exclusive
So my suggestion is to have browser vendors and implementers frame the beginning, but a "sanity-check" at the end from implementers prevents the next session of chartering for going off deep-end.
So, two sessions - presentations from browser vendors at begiining, and then a sanity check at the end in plenary.
<rbarnes> harry: SGTM
<virginie> looks like rbarnes will be our workshop opening speaker :)
We understand you guys have limited time :)
<rbarnes> "implementor" > "browser vendor"
karenlu: I would agree with having them at the end, but am worried about restricting things too much in the beginning
Virginie: I think Peter Cattaneo's paper framed the problem well
Peter_Catteneo: If you give me 4 mins, I'll stay with him
Virginie: I'd also like rbarnes
in the beginning
... then we'll go through our panels
... that OK?
<Siva> +1
<nvdbleek> +1
<gram> +1
<SartoriMichele> +1
<mete> +1
PROPOSAL: Two opening talks to frame problem, then panels
+1
<kodonog> +1
<dirkbalfanz> +1
<Peter_Cattaneo> +1
RESOLUTION: Richard and Peter to open with framing problems
<JeffH> I note that webapp providers ought to be recognized as "implementors" in the context of higher-level things eg authn that will be constructed on top of this crypto substrate
<Siva> How many papers are selected for presentation?
So Dirk and someone with Microsoft?
<Siva> ok
<wseltzer> +1 JeffH
We had 3 Microsoft - Israel, Mike Jones (Proof of Posssession), and BAL (BigNum)
I'll discuss who makes sense from MS from beginning
<JeffH> what's the category?
Dirk, BAL (BigNum), Israel (Dynamic Discovery), Anders (Certificates)
Kelsey, Nick
Virginie: Kelsey, Nick, Dirk
Kelsey, Nick, Israel or BAL, Dirk
<gram> Kelsey's not on the call but she will be there
<Siva> +q
<Siva> -1
<Siva> sorry
<Siva> +1
<Siva> -q
Kelsey, Nick, Israel or BAL, Dirk, Sangrae
<kodonog> why is the session on the "giant miscellaneous" bucket first?
What is missing in terms of minor features or current low-level WebCrypto v.Next
If anyone is on that panel that can't make it - please tell us now !!
PROPOSAL: Panel on WebCrypto Missing Features: Kelsey, Nick, Israel or BAL, Dirk (we could move to beginnin)
Authentication Panel: Leidos, Ericcsson, Qualcomm, Intercede (already in opening session), Hannes (ARM)
<virginie> note that the FIDO paper was not loaded on the easychair
<Peter_Cattaneo> Chris Williams from Leidos does not plan to attend.
<SartoriMichele> Wendy, I can not access
Authentication: FIDO paper by Brad Hill, Qualcomm paper, Hannes (ARM), Ulrich?
JonGeater: We only want John Mattson once
Siva: SIM
JonGeater - could you tell me what John Mattson paper you preferred??
<JonGeater> harry as papers I prefered 15
<virginie> personnaly I prefer the HTTPS related ones
<virginie> +1 to karen point on national id harmonization whihc is out of scope
<Siva> Recommendation: 36, 14, 21, 28, 29, 12?
<Siva> +1 on Karen's opinion
<JonGeater> They may be hard but they're imporant...
<JeffH> my apologies, I was on PTO for much of the last two months and only returned to work here 2 days ago and have much catching up to do
<virginie> paper 21 is about national ID
<JeffH> how might I see the list of reviews of submitted papers ?
<JeffH> the paper from Brad & myself & others is paper #44 it seems
<virginie> to jeffH : I sent an excell sheet this morning, should be in your mailbox, capturing results of reviews
Detlef?
<JeffH> ok will look
<JonGeater> Guys I'm sorry I have to go. I have to get across town for a conference session
<JeffH> ok, thx, I found it
<JeffH> which paper is being discussed ?
<Siva> Paper 21
<JeffH> easychair isn't allowing me to see the individual papers :-/
What do people think about Bitcoin?
Siva?
Bitcoin paper?
<Siva> yes...
<gram> what paper number is "the bitcoin paper"?
21
<dirkbalfanz> You mean 12?
<virginie> 12 Colin Gallagher. Trans-identical Proposal
<JeffH> harry: ok, i have figured out my easychair difficulties thx
<dirkbalfanz> 12: I don't see a paper (just an abstract) and only a single review.
<virginie> ok, lets drop that one
<dirkbalfanz> Harry keeps saying it got lots of good reviews?
<virginie> authentication : John Mattson (14), FIDO by Brad Hill, Detlef paper (21), ARM (1),
That's looks like a good line-up to me, any objections?
Lots of papers by Kirsty Pearson!
<JeffH> was paper #44 reviewed?
<wseltzer> JeffH, I just uploaded it during the call, because it wasn't there
<JeffH> ah
GSMA (21), Jon Geater (37), Sean Wyes (43), Global Platform (34), SIM (33), Gemalto (20), Bruno Javary (16), Siva/Tyfone (5), SmartCardAlliance (3),
<JeffH> please note that paper #44 is not about FIDO per se, but rather about the lessons we've learned regarding "Strong Authentication In and Beyond the Browser"
<JeffH> ..as the title denotes
<Siva> We should have paper 20
So there's tons of papers here!
<Cathy> Agree we should have paper 20
OK, so Gemalto (20), Siva/Tyfone (5)
<SartoriMichele> I can not speak for conflict of interests ;)
<wseltzer> the Javary paper makes reference to SysApps work on Secure Element
How about keeping Jon Geater (37)
<rbarnes> gotta run. ttyl
<Cathy> GP paper also covers TE and SE
<HerveSibert> GlobalPlatform should present something more concrete on the interfaces it can offer to browsers
<Cathy> Paper 34 from GP with Birnabeu would be good
OK, then add paper 34?
Gemalto, Tyfone, Global Platform, Jon Geater
<Siva> -1 GSMA
<Peter_Cattaneo> +1 GSMA
Paper 21 - GSMA?
<JeffH> so paper 44 too, or are we on a different topic now?
<virginie> to jeffH we are on another topic
<JeffH> which topic?
<virginie> your's will go in authentication
<JeffH> ok
<JeffH> thx
<JeffH> ok great, i didn't see that in the log above
<virginie> this one is secure token integration
\me JeffH - authentication : John Mattson (14), FIDO by Brad Hill, Detlef paper (21), ARM (1),
<JeffH> ok
<Siva> Changing to +1 for GSMA
<virginie> GSMA (21), Jon Geater (37), Sean Wyes (43), Global Platform (34), SIM (33), Gemalto (20), Bruno Javary (16), Siva/Tyfone (5), SmartCardAlliance (3),
<mete> +1 to gsma
<Cathy> +1 to gsma
Sounds like we should keep GSMA
<JeffH> tho i wouldn't characterize #44 as "FIDO" -- rather it's about what we've learned wrt implementing strong authn in browsers and native mobile apps and is generally applicable
<virginie> yeap, lets keep it
<wseltzer> note that each of the papers will be referred to in the program by title and authors
So, secure authentication is: Gemalto, Tyfone, Global Platform, Jon Geater, GSMA
<JeffH> harry that's fine, thx, just making sure the paper's topic is well-understood
Any objections?
<SartoriMichele> :s
<JeffH> how is "secure authn" topic different than "authn" ?
<JeffH> ok, just making sure -- you wrote "secure authn" above hence my question
<JeffH> so this "Web Security New Features" is denoted in the spreadsheet as "new security feature" ?
Mike Jones - proof of possession (8), John Mattson (already presented!) (9), Jonas Andersoon (4), BJ Peng Security Assurances (13),
<JeffH> i am here... :)
<virginie> to jeffH : thanks :)
<wseltzer> it is a useful subject to raise?
<wseltzer> in order to get those questions into the discussion?
<wseltzer> {I have heard interest in that topic, e.g. at the payments workshop)
So, how about Mike Jones, Jonas Anderson, BJ Peng?
Anything missing?
<Siva> +1 on Mike John's paper
<Siva> +1 on Mike Jones's paper
<JeffH> +1 on Mike Jones's paper
<virginie> zakim; who is on the phone
<Siva> Can we get a summary please?
<gram> Given that we don't have many speakers for "security features", could put in the Mattson paper on TLS
The programme will be out, and minutes will be sent
<Siva> Perfect!
<wseltzer> Moderators will have help from the W3C team
Might be good to moderators volunteers now?
<Siva> Cathy should moderate the Integration panel...
<JeffH> I can be a moderator
<wseltzer> and from the Chair
<JeffH> prob shouldn't moderate a panel that I have a paper in tho
<JeffH> which is just the "authn" one
<kodonog> i can moderate if needed
<Siva> i can moderate as well...as last resort
<Karen_> I can do it
Cathy (integration), JeffH (New Security Features), Karen O Donoghue (Smart Token), Karen Lu (Web Crypto)
that's the list of moderators
<Siva> nice job Virginie and harry!
<dirkbalfanz> I think I got dropped off the call.
<Siva> +1 dinner
<nvdbleek> +1 for joined dinner
<Siva> +1 group dinner
<Peter_Cattaneo> +1 dinner
<virginie> +1 group dinner
<gram> +1 dinner
<Karen_> +1 group dinner
<dirkbalfanz> trying to get back on but it says "call is restricted"
<Siva> Google campus looks good.
but Google was just volunteered for dinner :)
<nvdbleek> Are there sugested Hotels?
<dirkbalfanz> I thought Mountain View people were supposed to stay on?
<wseltzer> nvdbleek, working on it
<JeffH> well, those of us who live here don't use hotels here....
<Siva> Bye!
<virginie> bye
<nvdbleek> bye
<Cathy> Thanks !
<gram> bye
Dirk, hold one second and we'll restart
<virginie> still here...
same number, same code
<virginie> ok
<SartoriMichele> bye
<virginie> zakim; P11 is me
<dirkbalfanz> ok I'm back
http://research.microsoft.com/en-us/labs/siliconvalley/visit.aspx
+1 Hilton Garden Inn
I'll ad that.
So you can walk from Avante and Hilton Garden Inn - no highway
warn people - no hotels within walking distance
Ask Phil Windley around dinners
lunch + snack + coffee covered Microsoft
Welcome from Microsoft and Sponsors
This is scribe.perl Revision: 1.138 of Date: 2013-04-25 13:59:11 Check for newer version at http://dev.w3.org/cvsweb/~checkout~/2002/scribe/ Guessing input format: RRSAgent_Text_Format (score 1.00) Succeeded: s/pervasive monitoring/pervasive monitoring-resistance/ Succeeded: s/dinder/dinner/ No ScribeNick specified. Guessing ScribeNick: harry Inferring Scribes: harry WARNING: Replacing list of attendees. Old list: +1.503.704.aaaa New list: karen_oDonoghue Wendy +1.925.285.aaaa Peter_Cattaneo [IPcaller] +1.925.980.aabb Karen +1.650.214.aacc +1.503.704.aadd rbarnes hhalpin Siva Cathy_Medich +33.1.72.60.aaee [Microsoft] +1.503.807.aaff nvdbleek [Paypal] Default Present: karen_oDonoghue, Wendy, +1.925.285.aaaa, Peter_Cattaneo, [IPcaller], +1.925.980.aabb, Karen, +1.650.214.aacc, +1.503.704.aadd, rbarnes, hhalpin, Siva, Cathy_Medich, +33.1.72.60.aaee, [Microsoft], +1.503.807.aaff, nvdbleek, [Paypal] Present: karen_oDonoghue Wendy +1.925.285.aaaa Peter_Cattaneo [IPcaller] +1.925.980.aabb Karen +1.650.214.aacc +1.503.704.aadd rbarnes hhalpin Siva Cathy_Medich +33.1.72.60.aaee [Microsoft] +1.503.807.aaff nvdbleek [Paypal] Siva_Narendra Sangrae Jon_Geater Virginie_Galindo Dirk_Balfanz Graham_Steel Herve_Sibert Mete_Balci Matt_Wood WARNING: No meeting title found! You should specify the meeting title like this: <dbooth> Meeting: Weekly Baking Club Meeting WARNING: No meeting chair found! You should specify the meeting chair like this: <dbooth> Chair: dbooth Got date from IRC log name: 07 Aug 2014 Guessing minutes URL: http://www.w3.org/2014/08/07-crypto-minutes.html People with action items:[End of scribe.perl diagnostic output]