See also: IRC log
I will contribute
<weiler> scribenick: jfontana
No issues on 498
https://github.com/w3c/webauthn/pull/544
https://github.com/w3c/webauthn/pull/545
JCJ_moz is not present
Angelo: it's ready. But let's wait til jeffH can look at it and merge it
topic 546 https://github.com/w3c/webauthn/pull/546
Christiaan: suggests to merge this PR. No disagreement
Angelo: it does not break anything
Alexei: there are some typos. I will fix and merge in.
tony. this is not a big issue right?
Alexei: it is not a big issue if everyone agrees to merge this in.
Alexei; merging
dirk, we are not sending this over the wire
alexei: updated and merged.
direK: think the concern if someone put PII in the field
dirk: wa yI see this, we have to
clean up some of things that fell through the cracks and one
thing is that we are forgetting to pass ID back to RP
... PII has many definitions
... we could in the spec say when you pass in this value make
sure it is not one of those things that can be user
identified.
wseltzer: offering a legal point
of view
... question will you be sharing PII with someone you were not
expecting
christiaan: only one who will see info. is RP. the wire is not in scope here
akshay: is the solution that we can put anything in here?
JYasskin: we need to alert RP to this issue and let them choose accordingly.
rolf: how is this solved in u2f today
christiaan: u2f does not have this issue
Jyasskin: if userID is PII, then credential name is PII. RP can treat it that way.
wseltzer: some RPs would rather not see PII
tony: put note in there to say
privacy consideration section should be updated. with note
about sharing PII with some you were not expecting to share it
with
... we still are pending the FIDO thing to finish before we
merge this one. lets hold off and get the FIDO issue
resolved
Christiaan: that sounds perfect.
some open issues hanging around
tony: tryign to triage some
issues. i'm moving editorial, non-normative to public
recommendation
... trying to get us to CR and not worrying so much about
editorial, non-normative
... want to make you aware
these are both about u2f attestation
Rolf: they are good to go in my opinon
tony: these are the cancel and about issues. #383 is part of that
about should be "abort"
Rolf: ready to be merged
tony: Dirk opened up 544. asked mjones to look at this one
dirk dropped off
current topic is https://github.com/w3c/webauthn/issues/557
Alexei: dirk's comment shouldn't public key be at top of attestation. that is what the first statement on 557 is.
alexei will clear up incorrect language to clarify. Will verify with Dirk.
tony: so no issue with this if we
clear up the language?
... can someone create a PR for this one.
alexei: yes.
akshay: authenticators don't need to change.
alexei: correct
tony: no call the week of Sept. 25
adjourn
<weiler> tony: remember to have AC reps vote on the re-charter. John will chair next week, 20 Sept. No call 27 Sept.
This is scribe.perl Revision: 1.152 of Date: 2017/02/06 11:04:15 Check for newer version at http://dev.w3.org/cvsweb/~checkout~/2002/scribe/ Guessing input format: Irssi_ISO8601_Log_Text_Format (score 1.00) Present: weiler wseltzer AkshayKumar Alexei kpaulh battre jfontana ketan Rolf nadalin ChristiaanBrand dmitriz jyasskin angelo Regrets: jcj_moz Found ScribeNick: jfontana Inferring Scribes: jfontana Agenda: https://lists.w3.org/Archives/Public/public-webauthn/2017Sep/0211.html Found Date: 13 Sep 2017 Guessing minutes URL: http://www.w3.org/2017/09/13-webauthn-minutes.html People with action items: WARNING: Input appears to use implicit continuation lines. You may need the "-implicitContinuations" option.[End of scribe.perl diagnostic output]