<selfissued> (What does present+ do? I do it because others do it.)

I will scribe

<weiler> scribe: angelo

We will start reviewing the PRs and all implementer-related issues so that we can start having feedbacks

Angelo: I think the elephant in the room is the CredMan merge. Everyone is thinking about it. Let's start talking about it.

<kspaulh> I'm muted

MikeW: I don't have much update from the last time.

mkwst: I am confident we have most everything in the present credential managment (credman) spec draft.

For example, there are questions about whether the API should be in nested frame, et.c

mkwst: I believe PR has everything in place to give the direction.

<jeffh> angelo: is in favor of PR #384 -- makes interface more clean overall -- tho concerned about timing

<gmandyam> Is there a redline of the webauthn spec with PR 384 incorporated that is available?

<jeffh> ...we need to merge soon and start polishing

mkwst: I believe there are enough details there

J.C.: the shape of the PR is ready

Tony: J.C. would you implement CredMan?

J.C.: yes

<jeffh> jcj_moz: we are supportive of the change... altho we have not committed to impl'g credman, if webauthn depends on it, then is more simple decision

Tony: I am concerned about changes from CredMan trickle down and impact the spec

Angelo: I am in favor of the change. Of course I am concerned about the timeline. But I believe to avoid further delaying timeline, we should go ahead and merge it.

mkwst: CredMan is fairly stable given that the API has been adopted by websites.

<jeffh> mkwst: believes that the present credman is firm enough for webauthn to build upon

mkwst: the main change about credman is extensions

Giri: I am concerned about the extensions point

mkwst: the current spec doesn't dictate what the UI looks like but just recommends it. It has alg that may impose limitation on the UI.

Giri: requireUserMediation is not in the same scope as the rest.

JeffH: I'd prefer having a detailed review

<Rolf> mkwt: The user mediation in credential selection only is there to make sure the user is involved. If the user is involved in webauthn that might be sufficient for that.

Tony: I propose we have by the end of the week for people to propose concrete proposal. Otherwise we will merge this

<jcj_moz> Note for posterity: jeffh's transcription is more accurate for me than angelo's re: CredMan. We're not committing to implementing CredMan at this time.

We are going through all the issues marked as priority implementer

Tony: would #60 be ready to close if we do the merge

165 + 166: doesn't matter to Edge or Firefox. Feel free to make the change.

JeffH: 167 it probably doesn't matter.

Angelo: I agree

For 210 it impacts UI rather than API so I don't think it matters.

219: JC without Richard here, I don't know how to resolve this.

Tony: Jeff, Wendy and I talked to him. It will be 3 weeks until he decides whether he will come back to this.

JC: what we at Mozilla to get out of this is just to get this is to get more explanation. Plus this would be partially resolved by CredMan
... I will add comments on 219 and close 219

For 233: it doesn't impact the API. I just wanted to add more formal text but that's it.

Therefore I remove the priority-implementation from 233

249: Jeff will contact Boris to resolve this. It will likely be resolved once we slap SameObject on it

We are looking at 250

250: Jeff: if we merge CredMan, this will be automatically resolved.

255: Jeff will make this
... Jeff will fix this

260, 259, 255 are all assigned to Jeff

278: this is just polishing. Angelo is totally fine with doing this. But overall this doesn't impact implementation.

283: mkwst 283 seems related to another cancel change. It seems like would be resolved once fetch is integrated.

285: everyone seems to agree on this. It's just the matter of doing it.

296: JeffH: it's mine.
... mkwst: no opinion what to call it.

<jeffh> jeffh: want to enable UAF smartphones to be CTAP clients

<jeffh> ...for example

302: we are ok with doing it
... JeffH: Vijay seems to still have some issues with it.

316: Angelo + Jeff both agree it matters

Angelo: I am assuming JC believe so too

316: JC self-assigned it

327, 326: jeff will make the change

328: that has to do with ScopedCred once the CredMan merge is done.

331: Angelo: I am ok with punting it. I feel like people who have a more vested interest in the phone-related scenario should push for this

if they feel it is necessary

337: JeffH: I don't think it is necessary

<jcj_moz> thnks mkwst

337: Dirk and Richard haven't proposed a new change. Windows is shipping a server side library to help reduce developer burden. We should be ready to close it.

This is scribe.perl Revision: 1.152  of Date: 2017/02/06 11:04:15  
Check for newer version at http://dev.w3.org/cvsweb/~checkout~/2002/scribe/

Guessing input format: Irssi_ISO8601_Log_Text_Format (score 1.00)

Succeeded: s/the spec/the present credential managment (credman) spec draft/
Present: Rolf angelo apowers gmandyam jcj_moz jeffh kspaulh mkwst nadalin samsrinivas selfissued weiler
Found Scribe: angelo
Inferring ScribeNick: angelo

WARNING: No "Topic:" lines found.

Agenda: https://lists.w3.org/Archives/Public/public-webauthn/2017Apr/0011.html
Found Date: 05 Apr 2017
Guessing minutes URL: http://www.w3.org/2017/04/05-webauthn-minutes.html
People with action items: 

WARNING: Input appears to use implicit continuation lines.
You may need the "-implicitContinuations" option.


WARNING: No "Topic: ..." lines found!  
Resulting HTML may have an empty (invalid) <ol>...</ol>.

Explanation: "Topic: ..." lines are used to indicate the start of 
new discussion topics or agenda items, such as:
<dbooth> Topic: Review of Amy's report