<wseltzer> scribenick: vgb

tony: review PRs. Start with #344

Kim: just made changes to address last comments, ready now

JeffH: will approve shortly

tony: #348
... still some issues there

jcj_moz: waiting for new commits from Angelo

Tony: #375

JeffH: still working on understanding feedback
... this is not a rush
... #377 is fixing bugs per review in collaboration with jyasskin

jyasskin: ok with me

jcj_moz: will review this later today

Tony: #378

vgb: Had some comments, waiting for Angelo
... #379 is the same status

Rolf: #381 is cleanup of DAA parts. Please review

vgb and jeffh: will do today

alexei-goog: would like to hear from Kim about the cancel issue
... many pages do complex things without navigating
... in this type of situation, the page may want to cancel operations on such a non-navigation page change

kpaulh: added this use case to the issue
... agree that browser-level changes could be handled by the browser not by the page
... talked to jyasskin earlier about whether promises could be cancellable

<rbarnes> http://memedad.com/memes/1131466.jpg

kpaulh: fetch is creating an abort operation that can be initiated by a cancellation handle

jyasskin: this is part of a larger rethink about adding cancellation to promises (or a pattern achieving the same effect)
... we should study what fetch is doing

<alexei-goog> https://goo.gl/photos/SssLA8aPR8EJQXQp7

<alexei-goog> rbarnes: *nice*!

jeffh: that seems like it would add a lot of machinery

kpaulh: still kicking this around - is the use case real enough to justify this complexity

tony: should move faster on ctap-affecting issues
... so we don't slow progress on that spec

vgb: of the tagged issues, is #366 the big one?

tony: may be more, this is just what we have identified so far.
... should go through and tag any others we see

selfissued: about #366, COSE is almost ready and should be used

vgb: seems to be a lot of optional fields, should we define a profile?

selfissued: yes, we could

apowers: will off-the shelf parsers work with COSE? things like negative indexes in there.

selfissued: those are explicitly allowed, it's all valid CBOR and should just work
... RSA draft is on the fast track in IETF and should be ready for last call in Chicago later this month.
... if CTAP takes a dependency that will help argue for hurrying it up

tony: there is also #362

vgb: should this be a CTAP issue?
... from the pov of the wire protocol it's just a bunch of bits
... it is the application above webauthn that cares

tony: issue #270. more about extensions, which are still hanging. what should we do?

selfissued: will look at this after finishing IETF tasks

tony: will still need to figure out where we want to go with extensions. not a lot of support from browser vendors for these in initial implementations, so should we hold up the core spec for them?

selfissued: as long as we agree on the overall extension semantics, which specific extensions are supported is not important

jeffh: extensions discussion is worse than california traffic

alexei-goog: can we define extensions in the spec as a separable unit, and punt the discussion on whether to keep or remove?

jeffh: that's how it is today
... in agreement that this is not the most burning issue

tony: credential mgmt issue. we heard mkwst's view but not yet any follow up on the list

jeffh: have some thoughts

<gmandyam> (Assuming I understand his suggestion correctly) - agree with alexei-goog, re: extensions

jyasskin: believe there is a design proposal in progress

jeffh: mkwst was hoping to get out a proposal before the call, so should be imminent
... he sent a note to the webappsec list

domenic: have written a draft but should be able to share by end of week

<battre> I'll use IRC

<battre> we have a draft that Mike wants to take another look tomorrow

<battre> should have something to share tomorrow or on Friday

<battre> <EOM>

<battre> Sounds good

<gmandyam> Re; credman - never received an answer to my question on the mailing list, https://lists.w3.org/Archives/Public/public-webauthn/2017Mar/0157.html

tony: will put it on the agenda for next week, hope mkwst can attend

<battre> I don't know. I hope so

<jyasskin> On the topic of strange things outside Google offices: http://boingboing.net/2014/07/25/on-google-campus-a-dinosaur-i.html

<weiler> trackbot, end meeting

This is scribe.perl Revision: 1.152  of Date: 2017/02/06 11:04:15  
Check for newer version at http://dev.w3.org/cvsweb/~checkout~/2002/scribe/

Guessing input format: Irssi_ISO8601_Log_Text_Format (score 1.00)

Default Present: rbarnes, nadalin, weiler, rolf, wseltzer, battre, gmandyam, jcj_moz, JeffH, vgb, apowers, jyasskin, christiaan, alexei, alexei-goog, kpaulh, jfontana, selfissued, Ketan
Present: JeffH Ketan alexei alexei-goog apowers christiaan gmandyam jcj_moz jfontana jyasskin kpaulh nadalin rbarnes rolf selfissued vgb weiler wseltzer
Found ScribeNick: vgb
Inferring Scribes: vgb

WARNING: No "Topic:" lines found.

Agenda: https://lists.w3.org/Archives/Public/public-webauthn/2017Mar/0247.html
Found Date: 15 Mar 2017
Guessing minutes URL: http://www.w3.org/2017/03/15-webauthn-minutes.html
People with action items: 

WARNING: No "Topic: ..." lines found!  
Resulting HTML may have an empty (invalid) <ol>...</ol>.

Explanation: "Topic: ..." lines are used to indicate the start of 
new discussion topics or agenda items, such as:
<dbooth> Topic: Review of Amy's report