16:18:03 RRSAgent has joined #webauthn 16:18:03 logging to http://www.w3.org/2017/10/18-webauthn-irc 16:18:05 RRSAgent, make logs public 16:18:05 Zakim has joined #webauthn 16:18:07 Meeting: Web Authentication Working Group Teleconference 16:18:07 Date: 18 October 2017 16:18:43 regrets+ weiler 16:58:11 jeffh has joined #webauthn 17:01:18 akshayku has joined #webauthn 17:01:31 elundberg has joined #webauthn 17:01:35 present+ jcj_moz 17:01:41 present+ 17:03:01 present+ 17:03:37 selfissued has joined #webauthn 17:04:59 email arrived, look for it, "New W3C Web AuthN Meeting Coordinates" 17:05:57 It's saying "the meeting will start when Adam Powers arrives" 17:06:10 gmandyam has joined #webauthn 17:06:24 present+ gmandyam 17:06:24 present+ 17:07:00 selfissued: The GotoMeeting John just sent to the list? 17:07:07 waiting for organizer? 17:07:16 I'm getting waiting for organizer, waiting on jfontana 17:07:50 jeffh, selfissued, gmandyam: https://global.gotomeeting.com/join/418535189 new link 17:08:05 ...since it's already on the public list 17:08:44 There on the "Even newer W3C Web AuthN dial-in for 10/18" at https://global.gotomeeting.com/join/418535189 17:10:06 ok i'm on 17:11:04 scribenick: elundberg 17:11:30 starting with PR #636 17:11:42 https://github.com/w3c/webauthn/pull/636 17:11:51 jfontana_ has joined #webauthN 17:13:59 We have moved the meeting dial in here https://global.gotomeeting.com/join/205778085 AC: 205-778-085 17:14:22 chair: jfontana_ 17:15:32 gmandyam: We already got a similar PR and the group then decided it was not necessary 17:17:19 akshayku: We are not ready for privacy CA 17:17:49 see also: https://github.com/w3c/webauthn/issues/628#issuecomment-337662680 17:18:09 gmandyam: We want to see trust anchor part of the selection criteria at some point, but not necessary right now 17:20:47 jeffh: Propose postponing #636 and #628 to level 2 17:22:12 #636 and #628 left open and postponed to level 2 milestone 17:22:37 https://github.com/w3c/webauthn/issues/624 17:23:26 also https://github.com/w3c/webauthn/pull/633 17:23:48 jeffh: Approve merging 17:24:09 #633 merged, #624 closed 17:24:19 https://github.com/w3c/webauthn/pull/498 17:24:25 jeffh: This is still in progress 17:26:53 jeffh: Let's merge this and then wrap up in a follow-up issue 17:26:56 mkwst_: Approve merging; this gets a lot of issues fixed 17:26:57 I agree with merging #498 soon and doing the other operation in a second PR 17:27:01 https://github.com/w3c/webauthn/pull/620 17:27:08 This closes so many things we should proceed 17:28:10 jeffh: I need to review this, please don't merge #620 just yet 17:29:09 https://github.com/w3c/webauthn/pull/544 17:29:18 We should be able to merge #620 before the next call 17:30:11 jcj_moz: Review comments require changes 17:30:18 jcj_moz: We could move this to CR 17:30:42 jeffh: We need to do this and we need to do this right 17:31:42 https://github.com/w3c/webauthn/pull/653 17:32:31 jeffh: Marking #653 for CR 17:33:03 jeffh: I've reviewed https://github.com/w3c/webauthn/pull/651 and have some comments on it 17:33:10 jeffh: I'll take care of it and close it 17:34:02 jeffh: Those who have been working on the exclude credentials list please review that this is correct 17:34:46 https://github.com/w3c/webauthn/pull/643 17:35:28 gmandyam: This is an implementation consideration 17:35:53 gmandyam: It's a CR milestone 17:36:36 https://github.com/w3c/webauthn/pull/641/files 17:37:08 I don't understand the details, but it reads fine 17:37:47 jeffh will review #641 17:38:15 jeffh: I stuck #639 on WD07 because I think it's ready to go 17:39:35 https://github.com/w3c/webauthn/issues/537 17:40:20 angelo: This needs work, some tricky stuff 17:40:41 https://github.com/w3c/webauthn/issues/536 17:40:48 Angelo will look at #537 in the next few days 17:40:56 jeffh: This is fixed by #498 17:41:09 jeffh: Hopefully we can merge that later today 17:41:58 akshayku: #506 and #507 have been around a long time, we should close them 17:43:02 akshayku: CTAP says put all zeroes 17:43:29 jeffh: #506 is closed by #539 which has been merged 17:43:38 jeffh: #507 likewise 17:43:50 https://github.com/w3c/webauthn/issues/629 17:44:26 jeffh: Tony has been claiming that we won't do this for CR, perhaps not level 1 17:45:28 jeffh: If I understand correctly, we'll won't support the RP telling the authenticator whether to do UP or UV 17:47:39 akshayku: I think we can mark #629 for next version 17:49:50 akshayku will comment and close #629 17:50:34 https://github.com/w3c/webauthn/issues/116 17:50:56 jcj: This is related to #537 17:51:13 https://github.com/w3c/webauthn/issues/554 17:51:41 jeffh: I want this closed 17:52:18 #554 closed 17:52:29 https://github.com/w3c/webauthn/issues/574 17:53:27 JC: #574 doesn't match what any of the browsers are doing 17:53:28 jcj_moz: This is a dupe of #613 and #574 17:54:45 JC: We should say that the list should be re-processed whenever an authenticator is hot-plugged 17:54:49 jcj_moz: I think we could write a PR that ignores the bigger issue for WD07, and just changes the text to something wishy-washy that allows hotplugging. Underspecified, but compatible with what browsers are currently doing 17:55:29 jeffh: Can the spec language be informed by FF's implementation? 17:55:59 jcj_moz: I'm not sure about how to write it, but I can try writing a PR 17:55:59 JC will write at PR 17:57:52 https://github.com/w3c/webauthn/issues/560 17:58:01 https://github.com/w3c/webauthn/pull/639 17:58:29 elundberg: jeffh has approved, if noone objects we can merge this 17:59:39 jcj_moz: I'll review and merge 18:00:23 someone help me operate the bots please? 18:00:52 rrsagent, draft minutes 18:00:52 I have made the request to generate http://www.w3.org/2017/10/18-webauthn-minutes.html jcj_moz 18:01:37 thanks jcj_moz 18:02:33 present+ akshayku jfontana_ 18:02:58 present+ angelo 18:03:03 rrsagent, draft minutes 18:03:03 I have made the request to generate http://www.w3.org/2017/10/18-webauthn-minutes.html jcj_moz 18:13:09 RRSAgent, make logs public