W3C

- DRAFT -

Web Authentication Working Group Teleconference

30 Aug 2017

Agenda

See also: IRC log

Attendees

Present
Rolf, jeffh, gmandyam, jcj_moz, weiler, WD, AkshayKumar, battre, Ibrahim, jfontana, angelo, kpaulh, Christiaan, nadalin, WD07
Regrets
Chair
nadalin, jfontana
Scribe
jeffh

Contents

<jfontana> test

scribenick jeffh

tony: pls reg for tpac. webauthn is thur, webappsec is mon & tue

https://www.w3.org/2017/11/TPAC/#registration

tony: WD07 Open PR #498 ?

<Rolf> wait for @domenic to review

<kpaulh> I'm here with Christiaan

<jfontana> Tony : 539 which is Rolf's

https://github.com/w3c/webauthn/pull/539

rolf: describes how sig counter ought to be handled by RP
... suggests further polishing that could be done

<jfontana> rolf: not ready to be merged, needs one more round. I will clean up

rolf: this is not ready to be merged, needs another round of editing and reviewing. review lines 2521 & before. changes after that are not stable as yet

<Rolf> decision to be made: where to handle U2F compatibility (1) in WebAuthn spec or (2) in CTAP spec. At this time my notes reflect (1). But (2) will likely be better.

https://github.com/w3c/webauthn/milestone/13

jeffh: all the issues I'm assigned to are "on the stack" - several will be closed by pr #498, then need to just do the others

<jcj_moz> jcj_moz: 507 probably covered by PR 539

<jcj_moz> jcj_moz: I need to still review it

<Rolf> PR 539 is intended to cover issue #507.

tony: issue #292

<Rolf> PR 539 is intended to cover 125 as well

jeffh: that's part of the "cancel" hairball...

angelo: yes, am working on that...

the "cancel" hairball -- issues #292, #380, #537, another?

angelo: yes, there's a way to do this in whatwg specs but there's a couple aspects of this am trying to figure out....

<jfontana> Tony: ....we have #316

<jfontana> jeffH part of the cancel hairball

s/another ?/ #316, another?/

<jfontana> tony: #453....suppose to go ahead and close this one; on Rolf's suggestion

rolf entered a comment on it yesterday: https://github.com/w3c/webauthn/issues/453#issuecomment-325582425

jyasskin: ok, so discussion in PR #539 supersedes the discussion in this issue. all decisions are getting made in #539.

https://github.com/w3c/webauthn/issues/538

angelo: yes, we did discuss this but it doesnt seem to be in notes anywhere.
... suggests we can close this.

jyasskin: there is probably a subtle difference in the order things get checked, some chance for error msg refering to incorrect dict member, so it would be a little cleaner to mark as 'required' in IDL dictionary, but it is not big deal.

gmandyam: wonders about usefulness of the RP displayname....

<gmandyam> displayName cannot be definitively matched to ID by the user agent, so what is the point of it?

angelo: believes we have adequately discussed this, will add comment to issue, and will close this

gmandyam: for RP to provide friendly name in addition to RP ID (hostname) on display controlled by authenticator, if any

https://github.com/w3c/webauthn/pull/539

jyasskin: AGL is arguing that the sig counter is a priv leak. some authnrs will not support it cuz it reqs root. suggests the sig counter could just be a random field as long as RPs know to ignore it.
... rolf suggests that if we want authnr-supplied nonce, should have sep field rather than repurpose this counter field. if want RP to ignore this field, simply make all zero.

rolf: have lots of authnrs already fielded that support sig counter. sig counter is effective clone detection for RPs.. there is a way to protect against the priv leak by maintaining sig cntr per RP.
... good reasons to create nonce on every createCred
... if attacker can control the to-be-signed data, can then aid a diff pwr analysis attack -- there's a paper about this
... if authnr adds random # to tbs data, it fouls up the diff pwr analysis.
... for registration, it is the attestation key at risk, for getAssn, its the user public key at risk

gmandyam: argues that there is some way for RP to figure out if the sig cntr is being used as counter or a nonce

rolf: argues that there is not a backwards compatibility issue because fielded authnrs are largely un-patchable, and we "are free" to add an authnr nonce field to webauthn/CTAP2 authnrs
... we can add the nonce to the end of the authenticatorData.

jyasskin: need to verify that adding the nonce actually fixes the sec problem, the issue being whether it is added to the beginning or end of authnrData

rolf: notes that we cant add it to the very begining because it would break the bkwards compat with U2F

jyasskin: subtopic per AGL: sign counter issue

rolf: <missed it>

jyasskin: thinks AGL not convinced by Rolf's argument

gmandyam: <questions aspects of usefulness of sign cntr>

rolf: <explains how cloned-detection alg works based on the sign cntr>

gmandyam: <again questions value of sign cntr and the alg for detecting cloning>

cbrand: is the sign cntr worth the potential priv leak?
... at this point, yes, goog will continue to use the sign cntr
... ie if the authnr supports it, we will factor it in

https://github.com/w3c/webauthn/milestone/3

issue https://github.com/w3c/webauthn/issues/199

<gmandyam> Sign. counter that increments across RP

<gmandyam> Sign. counter that increments across RP

tony: that is for Level 2 for now -- if folks disagree they can push back

<gmandyam> Sign. counter that increments across RP's can be used to mask a cloned authenticator from a given RP. RP A could detect sign. counter increment that occurred due to RP B assertion, even though sig counter did not increment for RP A's assertion

https://github.com/w3c/webauthn/issues/204

<gmandyam> Sign. counter is only one indication of authenticator cloning, and a weak one at best

angelo and jcj_moz yes, this is a concern and we need to discuss

https://github.com/w3c/webauthn/issues/210

internationalization checklist and self-review thereof

jyasskin: thinks the issues here are for user-visible text items. the implication that we might need to add fields for text direction et al, but such additions would be (largely) bkwards compatible, except for things that are sent to the authnr.... this needs someone to sit down and analyze the spec

<weiler> New charter is out for AC review. Please have AC reps approve it.

<weiler> trackbot, end meeting

Summary of Action Items

Summary of Resolutions

[End of minutes]
Minutes formatted by David Booth's scribe.perl version 1.152 (CVS log)
$Date: 2017/08/30 18:13:20 $

Scribe.perl diagnostic output

[Delete this section before finalizing the minutes.]
This is scribe.perl Revision: 1.152  of Date: 2017/02/06 11:04:15  
Check for newer version at http://dev.w3.org/cvsweb/~checkout~/2002/scribe/

Guessing input format: Irssi_ISO8601_Log_Text_Format (score 1.00)

Succeeded: s/read/review/
Succeeded: s/507/issue #507/
FAILED: s/another ?/ #316, another?/
Succeeded: s/changes/notes/
Default Present: Rolf, jeffh, gmandyam, jcj_moz, weiler, WD, AkshayKumar, battre, Ibrahim, jfontana, angelo, kpaulh, Christiaan, nadalin
Present: Rolf jeffh gmandyam jcj_moz weiler WD AkshayKumar battre Ibrahim jfontana angelo kpaulh Christiaan nadalin WD07
No ScribeNick specified.  Guessing ScribeNick: jeffh
Inferring Scribes: jeffh
Agenda: https://lists.w3.org/Archives/Public/public-webauthn/2017Aug/0250.html
Found Date: 30 Aug 2017
Guessing minutes URL: http://www.w3.org/2017/08/30-webauthn-minutes.html
People with action items:
[End of scribe.perl diagnostic output]