17:03:05 <RRSAgent> RRSAgent has joined #webauthn
17:03:05 <RRSAgent> logging to http://www.w3.org/2017/06/28-webauthn-irc
17:03:07 <trackbot> RRSAgent, make logs public
17:03:07 <Zakim> Zakim has joined #webauthn
17:03:09 <trackbot> Zakim, this will be
17:03:09 <Zakim> I don't understand 'this will be', trackbot
17:03:10 <trackbot> Meeting: Web Authentication Working Group Teleconference
17:03:10 <trackbot> Date: 28 June 2017
17:03:17 <weiler> regrets+ weiler
17:05:03 <selfissued> present+
17:05:24 <Rolf> Rolf has joined #webauthn
17:05:26 <battre> present+
17:05:39 <Rolf> present+
17:07:14 <weiler> zakim, who's on the call?
17:07:14 <Zakim> Present: selfissued, battre, Rolf
17:07:34 <jeffh> jeffh has joined #webauthn
17:07:53 <weiler> present+ apowers, angelo, christiaan, jeffh, jfontana, rolf, nadalin
17:08:19 <weiler> present+ IbrahimDamlaj
17:08:32 <selfissued> Reviewing WD-06 PRs
17:08:37 <jeffh> present+ jeffh
17:08:58 <weiler> chair: nadalin, jfontana
17:09:12 <selfissued> PR #379 isPlatformAuthenticatorReady - Angelo waiting for more feedback
17:10:19 <selfissued> PR #460 requireUserVerification option - assigned to Mike - expect to work on this week
17:10:38 <selfissued> PR #495 fixup algs cont 2 - JeffH says ready to merge
17:11:32 <selfissued> Tony asks whether we want to take this breaking change now or delay it
17:12:09 <selfissued> Rolf says that existing implementations can't work in this regard, so we wouldn't be breaking them
17:12:23 <selfissued> JeffH says that we should proceed
17:12:57 <selfissued> Tony: This will break WD-05
17:14:02 <selfissued> Tony: If we want to keep server compatibility, with WD-06 being an incremental add-on, then we could delay this
17:14:11 <selfissued> JeffH: This doesn't affect the server side at all
17:15:36 <selfissued> JeffH: #498 won't affect the server either
17:15:53 <selfissued> JeffH: This is in the browser machinery.  It doesn't affect the signature format.
17:16:44 <selfissued> Angelo: Edge will wait on this because it may take a long time for it to get done
17:17:00 <selfissued> JeffH: Implementer's should focus on the WD-05 Implementer's Draft
17:17:19 <selfissued> Angelo: It's reasonable to fix the algorithm here
17:17:56 <selfissued> JeffH: Responds to Tony saying that #495 is good to go
17:20:08 <selfissued> We will get another review recruited by Dominic Battre and then merge #495
17:20:28 <selfissued> JeffH: #498 builds on #495
17:20:35 <jyasskin> present+ jyasskin
17:21:06 <selfissued> JeffH: There is a bug in threading exposed by #498
17:21:26 <selfissued> ... We can't do some of the things we're doing in the background.  This must be fixed for CR.
17:22:21 <selfissued> ... It would be great to get Mike West and Jeffrey Yasskin to look at #498
17:25:57 <selfissued> Tony: We should cancel the call for the week of IETF
17:27:50 <selfissued> PR #499 Rate Limiting definition - JeffH says ready to merge
17:28:57 <selfissued> Tony: Giridhar can merge this
17:29:56 <selfissued> JeffH: There would be an authenticator considerations section referencing others specs for security and certification information - plus SP 800-63
17:31:18 <selfissued> Angelo: Removing the "required" keyword doesn't change anything
17:32:20 <selfissued> JeffH: Removing "required" doesn't do what you want
17:34:31 <selfissued> Angelo:  This isn't intended to impact any behaviors
17:37:00 <selfissued> Angelo: Replied to Tony that this is not an immediate issue
17:37:08 <selfissued> JeffH: We shoudl punt to CR
17:37:43 <selfissued> PR #501 Merge sample-scenarios with usecase section
17:38:06 <selfissued> JeffH:  I would not do this the way you've done it
17:39:15 <selfissued> JeffH: Vijay was adamant that we don't need decommissioning in the protocol
17:40:26 <selfissued> Angelo: I want to address the TAG review to merge these together
17:40:36 <selfissued> JeffH: There is a separate issue
17:42:01 <selfissued> JeffH: There are multiple audiences for this and the use cases section is currently very high level
17:42:12 <selfissued> ... The current Section 11 is developer oriented
17:42:23 <selfissued> ... I would keep the current use cases section separate
17:42:38 <selfissued> ... Vijay and I thought the roadmap would satisfy the TAG issue
17:42:59 <selfissued> ... I would leave the current use cases section as-is
17:44:28 <selfissued> ... If you deply things, you need to think about decommissioning use cases
17:44:37 <selfissued> s/deply/deploy/
17:46:30 <selfissued> ... Long discussion between Angelo and JeffH about decommissioning, with no clear conclusions
17:47:07 <selfissued> PR #502 requreResidentKey
17:47:19 <selfissued> JeffH: I have a comment on this
17:47:29 <selfissued> ... We need to fix the ordering
17:49:10 <selfissued> ... Why was authenticator selection added to ignored section?
17:50:28 <weiler> weiler has joined #webauthn
17:50:37 <selfissued> Tony: This ends the open PRs for WD-06
17:51:01 <selfissued> ... We many not get #379 closed for WD-06
17:52:05 <battre> present-
17:52:19 <selfissued> #460 we don't have an answer for but will get one in the next few days - hopefully it can be merged
17:52:31 <selfissued> #495 is ready to go after review
17:52:49 <selfissued> #498 needs some additional review but JeffH is OK if it doesn't make WD-06
17:53:09 <selfissued> #499 is ready to go
17:53:19 <selfissued> #500, #501, and #502 are pushed off
17:53:53 <selfissued> Tony: On #379 there is still controversy. Are you OK pushing this off if you can't spend time on it?
17:54:10 <selfissued> Angelo: Let's wait a week and then decide
17:54:33 <selfissued> Tony: We will decide next week whether to push the button for WD-06 or not
17:55:44 <selfissued> Tony: The call on July 12th is questionable due to travel
17:56:04 <selfissued> (Call ends)
17:56:55 <weiler> rrsagent, draft minutes
17:56:55 <RRSAgent> I have made the request to generate http://www.w3.org/2017/06/28-webauthn-minutes.html weiler
17:57:02 <weiler> rrsagent, make log public