See also: IRC log
<weiler> present?
<wseltzer> https://github.com/w3c/webauthn/issues/527
<CR01> selfissued: making isPlatformAuthenticatorAvailable an attribute doesn't work as it cannot have UI then.
There are very few controversy around isPlatformAuthenticatorReady.
<CR01> Thanks.
<jeffh> sorry, there's a fair bit of controversy re how isPlatformAuthenticatorReady is specified
<CR01> not resolving a promise doesn't seem to be a good approach
Sorry I am getting caught up on the scribe
<CR01> porposal: merge 523 and fix the example
Kim: I am in agreement with resolving https://github.com/w3c/webauthn/pull/523
JC: I am in agreement with https://github.com/w3c/webauthn/pull/523
JeffH: 523 isn't too well written.
Tony: Mike, can you take a look at the grammar issue
<CR01> Close but don't merge 528
Mike: I will take a look at the grammar side.
We will close https://github.com/w3c/webauthn/pull/528.
We're looking at https://github.com/w3c/webauthn/pull/525
525 registers numbers for the 3 RSA signature algorithms instead of strings
In 525, one of the algorithm becomes -255
JeffH: I haven't read the PR yet
but I count on MikeJones who is the expert on the COSE and IANA
registry
... In a PR that was recently merged, we changed algorithm
identifer from WebCrypto identifiers to typedef identifiers
In COSE spec, you are allowed to use either small integer or small string to register algorithms
MikeJ: I agree there's a testing thing with using strings
John: I am generally in supportive of making strings into integers
JC: Are we adding constants? Would browsers have to handle it?
MikeJ: we probably want to do that in the future
Tony: everyone seems in agreement with merging 525
After the two PRs (https://github.com/w3c/webauthn/pull/525 and https://github.com/w3c/webauthn/pull/528), I will start publishing WD06
We're starting to look at WD07
We are looking at https://github.com/w3c/webauthn/pull/498, which is a pull request for WD07
Tony: I am wondering whether it would make into WD07
JeffH: Yes, I believe so. There's a standing PR on CredMan.
498 is a possible breaking change
JC: I am not sure if this is a breaking change.
<jeffh> jeffh: folks have had to already workaround/address the issues in pr #489 and credman
jc: oh yeah there's an old conversation around whether we want to make it an valid domain or an origin.
Angelo: I will take a closer look at 489 later this week.
<CR01> all 498 not 489?
<jeffh> above discussion wrt PR #498
<jeffh> angelo: now issues discussion - want to discuss issue #458
<jeffh> angelo: domains change on web or are nominally equivalent from the perspective of the domains admins eg google.com and youtube.com
angelo: I am hoping people can propose ideas to help address problems in 458
<CR01> Digital Asset Links (https://developers.google.com/digital-asset-links/v1/getting-started) are similar to original FIDO TrustedFacets lists.
JeffH: At U2F and UAF era, we didn't want to do federal identity management
<CR01> FIDO decided at that time to stay out of federation - and hence do not allow credentials to be shared across domains.
JeffH: if one of the implementers
wants to do something for their special deployment, that's
fine. But the problem is how we want to standardize in
W3C
... the user of digital asset links is also not available on
the credman spec but only with Chrome's implementation.
<jyasskin> 1+
Before, people's favored solution has been to use federation.
<CR01> small companies sometimes prefer a more lightweight method than federation
<jeffh> jyasskin: olddomain.com has creds there, visit newdomain.com, get redirected to olddomain.com, get cred, then redirect back to newdomain.com
One of the possible solutions is to use OpenID connect.
<jeffh> angelo: <relates use case(s) where using federation to address domain changes is troublesome>
<jeffh> jbradley: in fed world have seen use of federation to address these cases. tho have had discussions with google about a priori mapping of domains....
Another challenge is if IDPs themselves decide to change their domain
Another challenge is if IDPs themselves decide to change their own domains
<jeffh> christiaan: sounds like a federation issue to me
<jeffh> angelo: foo.com federates to login.live.com, bar.com feds with google.com, but same IDP controls both, want to merge everything into one domain. dont want old domains to remain and confuse users. so eventually have live.com to point to the right place.
<wseltzer> https://github.com/w3c/webauthn/issues/458
Perhaps we can talk about this another day. Federation seems to be the commone issue here.
I am not a fan of digital asset links myself but I was hoping someone can propose some ideas that could work better than those
Akshay created a PR in FIDO-2 world to address CTAP and U2F compat
MikeJ: The intention for that PR is to address the compat. Other folks on the call who are also part of that WG should review this.
In the WebAuthn spec, the authenticator model is very hand-wavy. The CTAP spec has the concrete model.
JC: why do I have to look at WebAuthn?
The CTAP WG and U2F WG are merged together.
jc: I am just worried I may have implemented the wrong thing.
JeffH: that's not well thought out yet. Having the implementers writing code would help work this through.
This is scribe.perl Revision: 1.152 of Date: 2017/02/06 11:04:15 Check for newer version at http://dev.w3.org/cvsweb/~checkout~/2002/scribe/ Guessing input format: Irssi_ISO8601_Log_Text_Format (score 1.00) Succeeded: s/slightlyoff/selfissued/ Present: weiler jbradley wseltzer dmitriz jcj_moz kpaulh AkshayKumar jfontana nadalin selfissued jeffh jyasskin ChristiaanBrand angelo apowers rolf No ScribeNick specified. Guessing ScribeNick: angelo Inferring Scribes: angelo WARNING: No "Topic:" lines found. Found Date: 09 Aug 2017 Guessing minutes URL: http://www.w3.org/2017/08/09-webauthn-minutes.html People with action items: WARNING: Input appears to use implicit continuation lines. You may need the "-implicitContinuations" option. WARNING: No "Topic: ..." lines found! Resulting HTML may have an empty (invalid) <ol>...</ol>. Explanation: "Topic: ..." lines are used to indicate the start of new discussion topics or agenda items, such as: <dbooth> Topic: Review of Amy's report[End of scribe.perl diagnostic output]