See also: IRC log
<jcj_moz> scribenick: jcj_moz
tony: Welcome back to the
regularly scheduled calls, jcj_moz
... Open PRs, so we're continuing with PR #379
... Angelo, have you been able to update this?
Angelo: I'll do so later today
tony: That leaves us with
#460
... This is assigned to Mike Jones, but he's busy with IETF
next week
<weiler> https://github.com/w3c/webauthn/pull/460
Angelo: I don't think Mike talked to me after last week's meeting
tony: OK
<weiler> "Adds requireUserVerification option in AuthenticatorSelectionCriteria "
<weiler> https://github.com/w3c/webauthn/pull/498
tony: That leaves us with PR
#498
... the Algorithm fixup.
... Is Jeff here?
No, he couldn't be here this week or next due to IETF
Tony: OK.
... There are 16 open issues for WD-06 :
https://github.com/w3c/webauthn/issues?q=is%3Aopen+is%3Aissue+milestone%3AWD-06
... #278... Angelo, you hadn't had a chance to finish this
up?
Angelo: I have not, unfortunately
tony: #283 which is also Angelo
Angelo: Those two should be solved w/ one PR
tony: #292 which has Angelo and Jeff on it
Angelo: I'll work with Jeff on that one
tony: #460 is Jeff's,
too...
... Also tied to #498
<going through issues list>
tony: jcj_moz, can you resolve last comment on #474?
jcj_moz: Yes, will do
tony: #485 is addressed by PR
#379
... We should talk about #254
jcj_moz: Not an issue in practice in Firefox
Angelo: This seems to be a spec correctness issue rather than a real tech issue
jcj_moz: I *think* this is all
immutable data anyway (once page loads) so it shouldn't be a
spec compat issue
... This seems to be not as critical for WD-06 as it might have
seemed
tony: So this could move to WD-07?
<battre> https://github.com/w3c/webappsec-credential-management/pull/93
jcj_moz: It seems like not even a point of contention - we needed the values/origin and copied them to the Runnable
angelo: Yeah, we have clear guidelines on how to code these sorts of things
tony <commented on issue 254>
tony: We need at least 2 interop
impls to get to CR, and I'd like to set a timeline
... so we can see if it's realistic to be at CR by TPAC in
November
... I sent a note out to the 3 browser vendors
... and got a response from jcj_moz
... at the WD-05 level
Rolf: This is at WD-05, right?
tony: That's what JC
implemented
... and I gather that's what Edge is implementing
... Would like to get a rough estimate from the chrome team
<angelo> I will scribe for now
<weiler> scribenick: angelo
Edge is working on an implementation that is based on WD-05. We typically ship the API first behind a flag, turn it on by default for small group of insiders, and then eventually ship to all Windows 10 users.
JC: Firefox doesn't have infinite resources too. We are working on WD-05, testing to make sure the implementation works well, and then move to next major draft (likely CR).
Alexei: I thought our plan is to not ship WD-05 publicly but just use it for interop.
JC: we will not ship the WD-05 publicly but will have the hardware out of the door.
Alexei: for some of the developers, it's concerning that the gap between the implementation and the draft is getting big.
JC: +1
Tony: at one point, the spec will have to converge.
Angelo: we will likely have a more stablized version by Sept.
Alexei: we should have a framework for how the interop testing.
<apowers> to be clear: CTAP 1.0 = U2F; CTAP 2.0 = the CBOR-based protocol
Alexei: angelo what do you think?
Angelo: our initial implementation will have Hello and CTAP working. Given that CTAP is designed to be backwards compatible with U2F, our implementation will likely work with U2F.
Alexei: SGTM
JC: there's a nice library that fakes U2F hardware.
Tony: so we're looking at interop at Sept?
<jcj_moz> J.C.'s test site- https://webauthn.bin.coffee/
<jcj_moz> Rust U2F implementation- https://github.com/jcjones/u2f-hid-rs/
<jcj_moz> will send emails too
JC: we can do interop right now. We can use soft-token to do interop testing.
Angelo: Alexei, when can you guys do interop?
Alexei: we don't plan to do soft token and will jump straight to hardware. I will echo with Domenic here that we don't usually do much timeline estimate. If I have to guess, I'd say it's around end of year.
Domenic: is there a shared test repo?
Angelo: Adam Powers wrote a small web platform test. We should pull him in when we start interop testing.
<wseltzer> no meeting next week, resume on the 26th
Tony: no meeting next week. See you the week after
<apowers> Adam Powers is working on better WPTs too :)
This is scribe.perl Revision: 1.152 of Date: 2017/02/06 11:04:15 Check for newer version at http://dev.w3.org/cvsweb/~checkout~/2002/scribe/ Guessing input format: Irssi_ISO8601_Log_Text_Format (score 1.00) Present: battre weiler Rolf jcj_moz wseltzer apowers jfontana nadalin angelo Ibrahim kpaulh alexei-goog Found ScribeNick: jcj_moz Found ScribeNick: angelo Inferring Scribes: jcj_moz, angelo Scribes: jcj_moz, angelo ScribeNicks: jcj_moz, angelo WARNING: No "Topic:" lines found. Found Date: 12 Jul 2017 Guessing minutes URL: http://www.w3.org/2017/07/12-webauthn-minutes.html People with action items: WARNING: No "Topic: ..." lines found! Resulting HTML may have an empty (invalid) <ol>...</ol>. Explanation: "Topic: ..." lines are used to indicate the start of new discussion topics or agenda items, such as: <dbooth> Topic: Review of Amy's report[End of scribe.perl diagnostic output]