test
trackbot, start telcon
<trackbot> Meeting: Web Authentication Working Group Teleconference
<trackbot> Date: 18 July 2018
<scribe> scribe: john
<weiler> scribenick: jfontana
tony: IBM has been loing at the spec
jeffH: have they added issues.
tony: yes.
... they will be at interop next week
july 27
https://github.com/w3c/webauthn/pull/994
https://github.com/w3c/webauthn/pull/999
selfissue: wondering why text was left out
jeffH: crux of issue, incorrect to have text in that paragraph
tony: jeffH can merge #999 and emil can merge #994
https://github.com/w3c/webauthn/pull/998
selfissue: looking at this now
tony: if mike approves we can get it merged.
jeffH: we are still discussing it
tony: if yo agree, merge it
https://github.com/w3c/webauthn/pull/997
jeffH: good to go
tony: as far as issues, want to look at are open technical ones.
selfissue: #997 PR is OK
tony: emil, merge, yes.
https://github.com/w3c/webauthn/issues/621
akshay: I do not see a problem here, an jeff tell me intended behavour
jeffH: it is transaction
confirmation.
... I think the objection by ??? is less about security and
more about use case.
jbradley: is there a use case for this make credential, I can't think of one
jeffH: think it is use case objection
akshay: if some use case, i want to show this on the authenticator
jeffH: i don't see a technical
reason to disallow it
... more of a use case
jbradley: only reason may be , we
might get an inconsistency.
... might be easier to say, it does not work, if you want to
use it do make then use credential
akshay: if spec says both, then have to support both
jbradley: seems extereme to approve stuff not all authenticators will use
akshay: i can see use case...
jbradley: it is about signing
somethign for the transaction and getting something back
... using it to display arbitrary text is not the intent of the
spec.
... it is for payments.
akshay: Ok.
... if it is only used by payments and they have no use for it,
we can remove it.
... jeffH do you think we should remove it
jeffH: we could put on a restriction on it for at authetication time to confirm a transaction
jbradley: are yo really getting a
transaction confirmation. that is a slippery thing
... from non-repudiation point of view it might have different
semantics
jeffH adding note to issue
akshay: I am fine using it just
for make assertion
... need to solve as soon as possible
elundberg: I can do it.
jeffH: leave #621 open - I put a comment in there.
tony: why?
jeffH: we made decision and ti si snote. now do PR to implement the decision
akshay: close #631 if we write a PR
jeffH: agreed
tony" so this is a breaking change
scribe: from spec
perspective
... we are adding , if this is new.....
tony: somebody could try this and the question is, if they don't support addition what will happen
selfissue: I will argue it is not
a breaking change.
... it will be ignored if you try to use it at make cred time,
but may work at get assertion time. it is not a breaking
change.
jeffH: do we need to argue or go on
elundberg: I opened an issue.
https://github.com/w3c/webauthn/issues/712
jeffH: it is probably ready to merge. I need to add some to it.
tony: when
jeffH: it will get merged soon
https://github.com/w3c/webauthn/issues/750
jeffH: reply from Boris. I need
to ask ... we are still working this
... we need to get the browser guys into it. what are they
actually doing. think this is a spec level bug
... two aspects to this. I have a long comment I made 16 days
ago
... we should change our spec web authN where we say required
we should say we should say they get default values. take
required key word off and give a default value
... then a separate issue is this magic algorithm in cred
managment.
... we have a spec level issue. and we need to open another
issue. this is detailed stuff
... they are not causing issues, but would be good to hear from
browser folks
akshay: I will look at it.
https://github.com/w3c/webauthn/issues/905
parts 1 and 3 have been close
akshay: we can close it?
elundberg: i think kso
#863 helps close this. linked in thread
https://github.com/w3c/webauthn/issues/985
tony: jeffH was gong to open PR
jeffH: I need to do that
akshay: we are closing #905
tony: I beleive so
... those are the remaining issues.
... I think we have path to clsoe 621 and 712
elundberg is taking #621
tony: other issues to discuss, outside the technical ones we discussed. editorial
akshay: what did we decide on #985
it is an issue
jeffH: I need to do a PR
slefissue: I want to take about 972. I don't understand it.
https://github.com/w3c/webauthn/issues/972
apowers: I put together the text
selfissue: can you make the test
a PR
... I will assign it to you.
tony: others?
akshay: #851, we were moving to
to v2, but it has not been done yet
... #876
selfissued: it is technical. I just labeled it.
akshay: I think we need Google's input on this. assign to adam?
jeffH: angelo was going to chat
with christiaan
... akshay can you do that.
akshay: re-direct to me and I will get help if I can't solve it
assigned to akshay
tony: jeffH what do you want to do with #996
https://github.com/w3c/webauthn/issues/996
jeffH: it reference three HTML
specs, should it just be one
... i was asking for wendy and sam to put on this. i am waving
a flag here.
tony: we need to get the
technical one closed by next call and go for updated RD and
resovle editorial before we go for PS
... have to be resolved or will miss Oct. for our PR
mode.
... so we need to get these things finalized.
akshay: is #1001 a level 2 issue
selfissued: it needs to be labeled and given a milestone
tony: it is level 2
selfissue: need to label #764
akshay: #988
tony: that is moved to level 2
selfissue: #733 it is not labeled
https://github.com/w3c/webauthn/issues/733
jeffH: this in the accessibility court.
selfissue: can we assign this to someone?
jeffH: assign it to him.
akshay: can we assign a milestone to #988
jeffH: i don't think it is a problem..
tony: anything else
selfissue: #1000 does not have an assignee.
elundberg: at this point nothing to do for #1000
https://github.com/w3c/webauthn/issues/1000
tony: assigned to elundberg
This is scribe.perl Revision: 1.152 of Date: 2017/02/06 11:04:15 Check for newer version at http://dev.w3.org/cvsweb/~checkout~/2002/scribe/ Guessing input format: Irssi_ISO8601_Log_Text_Format (score 1.00) Present: John_Bradley akshay apowers elundberg jeffh jfontana nadalin Ketan Regrets: weiler Found Scribe: john Found ScribeNick: jfontana WARNING: No "Topic:" lines found. Found Date: 18 Jul 2018 People with action items: WARNING: No "Topic: ..." lines found! Resulting HTML may have an empty (invalid) <ol>...</ol>. Explanation: "Topic: ..." lines are used to indicate the start of new discussion topics or agenda items, such as: <dbooth> Topic: Review of Amy's report WARNING: IRC log location not specified! (You can ignore this warning if you do not want the generated minutes to contain a link to the original IRC log.)[End of scribe.perl diagnostic output]