<kpaulh> +present

<kpaulh> ah, thanks :)

<weiler> scribenick: angelo

I will scribe until 10:30

We are discussing https://github.com/w3c/webauthn/pull/379

Tony: if Mike does the change and Jeff approves, can we possibly merge the PR?

JeffH: sure

Angelo: since the idea originally came from Google (Kim), it'd be great if someone from Google can look at it

Kim: I can take a look at it

https://github.com/w3c/webauthn/pull/460

There's a slight issue that bit 1 is reserved by Google.

The bit is used by Google to determine if the info comes from wireless protocol or not

Alexei: we at google find values in it. We are fine with documenting the bit but we aren't sure if others are interested

Tony: what are the use cases?

Alexei: a lot of traffic comes from shared IP. In those shared IP environment, we may think of them as less trust worthy

MikeJ: what if statement would the RP write for this?

Alexei: most RPs these days have a risk engine. So it's not exactly one if statement.

<Rolf> How does that relate to the "wireless" aspect as mentioned before?

JeffH: so this is a data point to be used by the risk engine
... we should really document it

It'd be great if Alexei can add a PR for it

Alexei: what I am concerned is a human dense environment

<Rolf> So essentially: wireless means more risky. If that is used in internet café then it is a bad combination?

Christiaan: android HID is a higher priority

JeffH: has Yubico implemented this bit?

Alexei: google has its own applet so that's how we implemented it

Wireless means wireless, bluetooth, and NFC

Wireless means wifi, bluetooth, and NFC

<jeffh> weiler kim may be on speaker phone with other googlers

<jeffh> doh!

When the authenticator sends the credentials, it would add the bit in there

Christiaan: it'd be up to the vendor to decide how they want to treat bit 1

decision: leave the bit as bit 2 for now. JeffH has more comments on it.

MikeJ will address the comments from jeff

<Rolf> No objections from my side.

The word 'user verification' is really long. MikeJ: is it ok if I add a comment that when it is transmitted over the wire, the word is 'UV'

Changing on the wire is better to do now

<Rolf> Do that fix now. It is little work.

My later meeting is pushed to a later date. I can continue scribing for now

Mke: I will add changes to change 3 names

https://github.com/w3c/webauthn/pull/514

514 does what we discussed in March

514 changes from our key data structure from our current ad-hoc structure

514 gives us a standard alg representation

Back in the call in March, we agreed to do this

JeffH: it'd be problematic for U2F backward compat

JC: not really. we already had to convert things to do U2F backward compat
... this would solve other underlying issues
... how much did the cdd actually change?
... how much would the cdd actually change?
... i will go through the PR and add comments on them

https://github.com/w3c/webauthn/pull/515

valid domain is a defined term in the whatwg html world

JeffH: I will have to chase down the spec to make sure I am right
... I would like to review the PR
... we just wanted to make sure what is merged is good

all pull requests cover all the issues

379 is not quite ready yet

After all the pull requests that cover the issues are merged, we can publish the new WD-06

<jeffh> yes, there seems to be group agreement to the above.

Sam wants to have a few minutes to talk about WebEX

If you're joining over call, webex may be more aggressive at kicking you out

The new link and passwords will be changed

The chair needs to make sure to close the call if sam is not there

The agenda mail will no longer include the link to webex

Another trivia is that we are in the process of rechartering until we go to the AC

John is working on the rechartering and has submitted the application

Question: after CR is submitted, new change will require new tests written

Question: after CR is submitted, new change will require new explicit tests written

JC: it sounds like a good idea

Sam: maybe we are close to a time to invite others to read this spec

the privacy interest group is particularly interested

Tony: I will respond to his 11 points. But I don't think there's any action item for us. It's probably because there's some confusion

Maybe next week, we will have a WD06 published

MikeJ: unless someone knows how to change Travis CI, I will make the references to IETF as just text

<jeffh> adios :)

<weiler> trackbot, end meeting

This is scribe.perl Revision: 1.152  of Date: 2017/02/06 11:04:15  
Check for newer version at http://dev.w3.org/cvsweb/~checkout~/2002/scribe/

Guessing input format: Irssi_ISO8601_Log_Text_Format (score 1.00)

Default Present: weiler, jfontana, jcj_moz, nadalin, christiaan, dirk, kim, selfissued, AkshayKumar, Rolf, jeffh, present, angelo, kpaulh, John_Bradley, alexei-goog
Present: AkshayKumar John_Bradley Rolf alexei-goog angelo christiaan dirk jcj_moz jeffh jfontana kpaulh nadalin selfissued weiler
Found ScribeNick: angelo
Inferring Scribes: angelo

WARNING: No "Topic:" lines found.

Agenda: https://lists.w3.org/Archives/Public/public-webauthn/2017Aug/0004.html
Found Date: 02 Aug 2017
Guessing minutes URL: http://www.w3.org/2017/08/02-webauthn-minutes.html
People with action items: 

WARNING: Input appears to use implicit continuation lines.
You may need the "-implicitContinuations" option.


WARNING: No "Topic: ..." lines found!  
Resulting HTML may have an empty (invalid) <ol>...</ol>.

Explanation: "Topic: ..." lines are used to indicate the start of 
new discussion topics or agenda items, such as:
<dbooth> Topic: Review of Amy's report