See also: IRC log
<kpaulh> +present
<kpaulh> ah, thanks :)
<weiler> scribenick: angelo
I will scribe until 10:30
We are discussing https://github.com/w3c/webauthn/pull/379
Tony: if Mike does the change and Jeff approves, can we possibly merge the PR?
JeffH: sure
Angelo: since the idea originally came from Google (Kim), it'd be great if someone from Google can look at it
Kim: I can take a look at it
https://github.com/w3c/webauthn/pull/460
There's a slight issue that bit 1 is reserved by Google.
The bit is used by Google to determine if the info comes from wireless protocol or not
Alexei: we at google find values in it. We are fine with documenting the bit but we aren't sure if others are interested
Tony: what are the use cases?
Alexei: a lot of traffic comes from shared IP. In those shared IP environment, we may think of them as less trust worthy
MikeJ: what if statement would the RP write for this?
Alexei: most RPs these days have a risk engine. So it's not exactly one if statement.
<Rolf> How does that relate to the "wireless" aspect as mentioned before?
JeffH: so this is a data point to
be used by the risk engine
... we should really document it
It'd be great if Alexei can add a PR for it
Alexei: what I am concerned is a human dense environment
<Rolf> So essentially: wireless means more risky. If that is used in internet café then it is a bad combination?
Christiaan: android HID is a higher priority
JeffH: has Yubico implemented this bit?
Alexei: google has its own applet so that's how we implemented it
Wireless means wireless, bluetooth, and NFC
Wireless means wifi, bluetooth, and NFC
<jeffh> weiler kim may be on speaker phone with other googlers
<jeffh> doh!
When the authenticator sends the credentials, it would add the bit in there
Christiaan: it'd be up to the vendor to decide how they want to treat bit 1
decision: leave the bit as bit 2 for now. JeffH has more comments on it.
MikeJ will address the comments from jeff
<Rolf> No objections from my side.
The word 'user verification' is really long. MikeJ: is it ok if I add a comment that when it is transmitted over the wire, the word is 'UV'
Changing on the wire is better to do now
<Rolf> Do that fix now. It is little work.
My later meeting is pushed to a later date. I can continue scribing for now
Mke: I will add changes to change 3 names
https://github.com/w3c/webauthn/pull/514
514 does what we discussed in March
514 changes from our key data structure from our current ad-hoc structure
514 gives us a standard alg representation
Back in the call in March, we agreed to do this
JeffH: it'd be problematic for U2F backward compat
JC: not really. we already had to
convert things to do U2F backward compat
... this would solve other underlying issues
... how much did the cdd actually change?
... how much would the cdd actually change?
... i will go through the PR and add comments on them
https://github.com/w3c/webauthn/pull/515
valid domain is a defined term in the whatwg html world
JeffH: I will have to chase down
the spec to make sure I am right
... I would like to review the PR
... we just wanted to make sure what is merged is good
all pull requests cover all the issues
379 is not quite ready yet
After all the pull requests that cover the issues are merged, we can publish the new WD-06
<jeffh> yes, there seems to be group agreement to the above.
Sam wants to have a few minutes to talk about WebEX
If you're joining over call, webex may be more aggressive at kicking you out
The new link and passwords will be changed
The chair needs to make sure to close the call if sam is not there
The agenda mail will no longer include the link to webex
Another trivia is that we are in the process of rechartering until we go to the AC
John is working on the rechartering and has submitted the application
Question: after CR is submitted, new change will require new tests written
Question: after CR is submitted, new change will require new explicit tests written
JC: it sounds like a good idea
Sam: maybe we are close to a time to invite others to read this spec
the privacy interest group is particularly interested
Tony: I will respond to his 11 points. But I don't think there's any action item for us. It's probably because there's some confusion
Maybe next week, we will have a WD06 published
MikeJ: unless someone knows how to change Travis CI, I will make the references to IETF as just text
<jeffh> adios :)
<weiler> trackbot, end meeting
This is scribe.perl Revision: 1.152 of Date: 2017/02/06 11:04:15 Check for newer version at http://dev.w3.org/cvsweb/~checkout~/2002/scribe/ Guessing input format: Irssi_ISO8601_Log_Text_Format (score 1.00) Default Present: weiler, jfontana, jcj_moz, nadalin, christiaan, dirk, kim, selfissued, AkshayKumar, Rolf, jeffh, present, angelo, kpaulh, John_Bradley, alexei-goog Present: AkshayKumar John_Bradley Rolf alexei-goog angelo christiaan dirk jcj_moz jeffh jfontana kpaulh nadalin selfissued weiler Found ScribeNick: angelo Inferring Scribes: angelo WARNING: No "Topic:" lines found. Agenda: https://lists.w3.org/Archives/Public/public-webauthn/2017Aug/0004.html Found Date: 02 Aug 2017 Guessing minutes URL: http://www.w3.org/2017/08/02-webauthn-minutes.html People with action items: WARNING: Input appears to use implicit continuation lines. You may need the "-implicitContinuations" option. WARNING: No "Topic: ..." lines found! Resulting HTML may have an empty (invalid) <ol>...</ol>. Explanation: "Topic: ..." lines are used to indicate the start of new discussion topics or agenda items, such as: <dbooth> Topic: Review of Amy's report[End of scribe.perl diagnostic output]