<selfissued> (whatever that means!)
<scribe> scribenick: weiler
https://github.com/w3c/webauthn/pulls?q=is%3Aopen+is%3Apr+milestone%3A%22Last+Working+Draft%22
nadalin: look at "last working draft" milestone, not CR
<jfontana> tony: we will take care of these issues and get to a CR
agl: straightforward fix; stops our code from crashing
nadalin: JC has approved.
akshay: OK by me.
<jfontana> weiler: I'll let you take it and I can scribe the second half
selfissued: I'll merge
nadalin: if adam signs off on this, that would be everyone.
agl: fine.
... not immediately because of Jeff's suggested, but OK in
principle.
jeffh: <grumbles about working
while on his ski trip>
... take them or leave them.
emil: will merge
<jfontana> jeffH: <praises the quality of the snow>
selfissued: I need emil to make
the proposed changes. not sure which is attr we added and which
is slot w/ same name.
... Need Emil to get the details right.
emil: I'll do it.
jeffh: if we make it an attr we don't need internal slot. i think.
agl: I'll read this today.
selfissued: emil's clarifications teps are needed, but they do not say at the set of ext identifiers should be a subset of the requested one. should I put that back in?
agl: nothing should every add an extension, so checking a subset is valid. reasonable
mike: I'll do that.
jeffh: could be the same sets, right?
mike: yes.
emil: I'll review, also.
mike: I put in a req one week ago
to register COSE values w/ IANA. Jim Schaad, as designated
expert, was obstructionist.
... doesn't think we can register is now. even if we did, he'd
change the numbers.
... reason: no reason describing how to use these w/
COSE.
... I volunteered to write that. we're only using them in
webauthn, not cose.
... security reservations to registering rsa/sha1. I pointed
out this is baked into TPMs; we can't change it
... I think Sean Turner is the right ally. we'll talk to him in
London.
... Jim said should never request specific numbers. I agreed to
list it as TBD w/ requested #'s.
... this PR makes that "TBD" change. I think we should do this
to satisfy Jim's issue re: point-squatting.
... I think there needs to be an in person meeting with Wendy,
Sam, Jim, Sean. I'll get companion draft written.
jeffh: similar to 8230
mike: i've written something similar (8230). won't be hard. sha1 thing is hard. TPM algs/curves - Jim wants both algs and curves to be registered. who can I consult w/ re: TPM curves/algs?
alg: which curves?
mike: I'm planning to make it a w3c spec.
agl: mathematics of pairing curves non-trivial.
mike: I might call on AGL in the coming weeks.
alg: if they want a full spec of
bn256 -.... I have implemented this, purely off of someone
else's implementation. No spec I'm aware of.
... might be 6-12 mo. work.
agl: anyone know of such a spec?
jeff: Rolf.
mike: w3c make have to make request to iana to get these done.
wendy: I'll f/u via email to arrange face-to-face.
nadalin: can we go to CR with this?
agl: who depends on these
#'s?
... ecdsa is ok
mike: every implementation.
weiler: where is this discussion happening?
mike: <goes through list of registrations>
akshay: explains why it's a problem
<Rolf> TPM Algorithm Registry: https://trustedcomputinggroup.org/wp-content/uploads/TCG-_Algorithm_Registry_Rev_1.27_FinalPublication.pdf
weiler: where is this discussion happening?
mike: I included chairs and
wendy. can add you.
... don't speak up yet. until I have other doc, jim has grounds
to not register it.
... I think we should merge this PR.
weiler: we have early assignment; we should be able to get this done but, per request, I'll sit on this 'til I hear from you.
agl: if we get rid of BN curves, does that unblock this?
mike: we need sha1, and Jim has
an issue there.
... Sean might be our ally.
<Rolf> ECDAA impl: see https://github.com/ibm-research/ecdaa
agl: if the thing blocking is BN curves, we should decouple them.
akshay: I'm not using BN curves.
chrome: no planning to use them -
no TPM-backed plans.
... we'd pass them through.
mike: this is TPM2. TPM1 used something else.
akshay: I'll check w/ TPM folks.
Rolf: indicates link above.
<jfontana> Sam, I can take over scribe
<jfontana> emil: need expert review on this
<jfontana> tony: who do we have.
<jfontana> jeffH: Boris ??? Jc Jones
<jfontana> tony: this one could hold us up for a litttle bit
<jfontana> agl: I don't think we need to wit for this.
<jfontana> emil: me too
<jfontana> agl: I don't see actual change in code
<jfontana> tony: we will move it out then
<jfontana> emil: mostly editorial
<jfontana> ...I don't anticipate wide spread confusion
<jfontana> https://github.com/w3c/webauthn/issues/712
<jfontana> tony: emlum has been on thread
<jfontana> https://github.com/w3c/webauthn/issues/784
<jfontana> tony: not worried about this at this time
<jfontana> tony: #806 , we have taken care of this
<jfontana> https://github.com/w3c/webauthn/issues/807
<jfontana> agl: I think it coudl be an array buffer. I can make it that. I don't think there are issues there
<jfontana> selfissue: we do have an array buffer to use
<jfontana> agl: is this client data JSON, we can't put an array buffer in there
<jfontana> agl: so that is why a string and not a array bufer,; they can't live in a JSON world
<jfontana> Selfissue: I will close it on that justification
<jfontana> ...if kim says it has to stay basic64..
<jfontana> selfissue: when is Kim back
<jfontana> christiaan: I saw her the o toher day. I will ask her about #807
<jfontana> tony: that gets us plan to move through PR and issues.
<jfontana> ...and to generate a docuement (CR)
<jfontana> tony: any other outstanding issues as we try to close this?
<jfontana> selfissue: I think we have a plan.
This is scribe.perl Revision: 1.152 of Date: 2017/02/06 11:04:15 Check for newer version at http://dev.w3.org/cvsweb/~checkout~/2002/scribe/ Guessing input format: Irssi_ISO8601_Log_Text_Format (score 1.00) Present: elundberg selfissued nadalin weiler akshay Rolf wseltzer agl jfontana jeffh chistiaan Found ScribeNick: weiler Inferring Scribes: weiler Agenda: https://lists.w3.org/Archives/Public/public-webauthn/2018Feb/0520.html Found Date: 21 Feb 2018 People with action items: WARNING: IRC log location not specified! (You can ignore this warning if you do not want the generated minutes to contain a link to the original IRC log.)[End of scribe.perl diagnostic output]