See also: IRC log
<wseltzer> scribenick: vgb
tony: review PRs. Start with #344
Kim: just made changes to address last comments, ready now
JeffH: will approve shortly
tony: #348
... still some issues there
jcj_moz: waiting for new commits from Angelo
Tony: #375
JeffH: still working on
understanding feedback
... this is not a rush
... #377 is fixing bugs per review in collaboration with
jyasskin
jyasskin: ok with me
jcj_moz: will review this later today
Tony: #378
vgb: Had some comments, waiting
for Angelo
... #379 is the same status
Rolf: #381 is cleanup of DAA parts. Please review
vgb and jeffh: will do today
alexei-goog: would like to hear
from Kim about the cancel issue
... many pages do complex things without navigating
... in this type of situation, the page may want to cancel
operations on such a non-navigation page change
kpaulh: added this use case to
the issue
... agree that browser-level changes could be handled by the
browser not by the page
... talked to jyasskin earlier about whether promises could be
cancellable
<rbarnes> http://memedad.com/memes/1131466.jpg
kpaulh: fetch is creating an abort operation that can be initiated by a cancellation handle
jyasskin: this is part of a
larger rethink about adding cancellation to promises (or a
pattern achieving the same effect)
... we should study what fetch is doing
<alexei-goog> https://goo.gl/photos/SssLA8aPR8EJQXQp7
<alexei-goog> rbarnes: *nice*!
jeffh: that seems like it would add a lot of machinery
kpaulh: still kicking this around - is the use case real enough to justify this complexity
tony: should move faster on
ctap-affecting issues
... so we don't slow progress on that spec
vgb: of the tagged issues, is #366 the big one?
tony: may be more, this is just
what we have identified so far.
... should go through and tag any others we see
selfissued: about #366, COSE is almost ready and should be used
vgb: seems to be a lot of optional fields, should we define a profile?
selfissued: yes, we could
apowers: will off-the shelf parsers work with COSE? things like negative indexes in there.
selfissued: those are explicitly
allowed, it's all valid CBOR and should just work
... RSA draft is on the fast track in IETF and should be ready
for last call in Chicago later this month.
... if CTAP takes a dependency that will help argue for
hurrying it up
tony: there is also #362
vgb: should this be a CTAP
issue?
... from the pov of the wire protocol it's just a bunch of
bits
... it is the application above webauthn that cares
tony: issue #270. more about extensions, which are still hanging. what should we do?
selfissued: will look at this after finishing IETF tasks
tony: will still need to figure out where we want to go with extensions. not a lot of support from browser vendors for these in initial implementations, so should we hold up the core spec for them?
selfissued: as long as we agree on the overall extension semantics, which specific extensions are supported is not important
jeffh: extensions discussion is worse than california traffic
alexei-goog: can we define extensions in the spec as a separable unit, and punt the discussion on whether to keep or remove?
jeffh: that's how it is
today
... in agreement that this is not the most burning issue
tony: credential mgmt issue. we heard mkwst's view but not yet any follow up on the list
jeffh: have some thoughts
<gmandyam> (Assuming I understand his suggestion correctly) - agree with alexei-goog, re: extensions
jyasskin: believe there is a design proposal in progress
jeffh: mkwst was hoping to get
out a proposal before the call, so should be imminent
... he sent a note to the webappsec list
domenic: have written a draft but should be able to share by end of week
<battre> I'll use IRC
<battre> we have a draft that Mike wants to take another look tomorrow
<battre> should have something to share tomorrow or on Friday
<battre> <EOM>
<battre> Sounds good
<gmandyam> Re; credman - never received an answer to my question on the mailing list, https://lists.w3.org/Archives/Public/public-webauthn/2017Mar/0157.html
tony: will put it on the agenda for next week, hope mkwst can attend
<battre> I don't know. I hope so
<jyasskin> On the topic of strange things outside Google offices: http://boingboing.net/2014/07/25/on-google-campus-a-dinosaur-i.html
<weiler> trackbot, end meeting
This is scribe.perl Revision: 1.152 of Date: 2017/02/06 11:04:15 Check for newer version at http://dev.w3.org/cvsweb/~checkout~/2002/scribe/ Guessing input format: Irssi_ISO8601_Log_Text_Format (score 1.00) Default Present: rbarnes, nadalin, weiler, rolf, wseltzer, battre, gmandyam, jcj_moz, JeffH, vgb, apowers, jyasskin, christiaan, alexei, alexei-goog, kpaulh, jfontana, selfissued, Ketan Present: JeffH Ketan alexei alexei-goog apowers christiaan gmandyam jcj_moz jfontana jyasskin kpaulh nadalin rbarnes rolf selfissued vgb weiler wseltzer Found ScribeNick: vgb Inferring Scribes: vgb WARNING: No "Topic:" lines found. Agenda: https://lists.w3.org/Archives/Public/public-webauthn/2017Mar/0247.html Found Date: 15 Mar 2017 Guessing minutes URL: http://www.w3.org/2017/03/15-webauthn-minutes.html People with action items: WARNING: No "Topic: ..." lines found! Resulting HTML may have an empty (invalid) <ol>...</ol>. Explanation: "Topic: ..." lines are used to indicate the start of new discussion topics or agenda items, such as: <dbooth> Topic: Review of Amy's report[End of scribe.perl diagnostic output]