See also: IRC log
<trackbot> Date: 11 January 2017
<rbarnes> is nadalin here?
<rbarnes> is he "me"?
<jcj_moz> scribenick: angelo
I will scribe
Everyone please register for the F2F
We just reviewed 317. The browser vendors are mostly in support of the PR
We are looking at the PR 319 now
319 is related to 314 because they both solve the same problem.
<jcj_moz> JeffH: https://bugzilla.mozilla.org/show_bug.cgi?id=1329764#c1
JC raised the point that the two algorithms referenced in 319 and 314 are in fact different
In particular, what we want here is an algorithm to check if the RP ID is a legitimate domain
One of the suggestions from bugzilla is we should just abandon RP ID and use post message
That's a discussion that we had months ago and it is not wise to revisit the same discussion over and over again
We are looking at #321 now
321 now makes all attestation formats CBOR encoded
321 contains a new section that describes what RP needs to do to decode attestation
In previous spec, attestation statement was used in everywhere. This PR renames all the elements with more specific terms to distinguish different objects.
Rolf raised a few suggestions about this PR. Vijay will make changes accordingly after the PR
<Rolf> those comments are recorded in the PR 321.
<JeffH> "files changed 1" pr#314: https://github.com/w3c/webauthn/pull/321/files
We are going through a line-to-line walkthrough of PR 321
<JeffH> now down at new line 1100
<JeffH> sorry 1189
These changes touch on many issues and Vijay noted 11 issues in the PR
After this PR is made in, we may be able to close on a good number of issues
We are now at 1233
We are discussing credential attestation change around 1300
We are now at around line 1394
<JeffH> line 1508
We are now at around 1600s
<JeffH> line 1679
We are now at around line 1800
This is the last major change made by this PR
A valuable exercise would if the U2F implementers can read through this PR
Does anyone want to volunteer reviewing this PR?
This PR may be a more than one week review