test
Toy: where does PR stand, talked to PLH over the holiday, he can update.
<plh> https://www.w3.org/2019/01/webauthn-extensions.html
PLH;extensions. good news is the info. presented over holidays, I met with director and provisionally he said it looks like you have everything
scribe: I put in link to document
that is public (see above).
... it is very vague in terms of implementation but that is
because of confidentiality
... the FIDO Alliance provided a list of tests and those mapped
to extensions
... Tony provided implementation that was passing those tests -
so we have multi-implementations of those extensions
... location extension is not tested by the UAF test.
... the location extension uses the Coordinates
... so I believe that closes the extensions work.
jeffH: so the answer is we addressed the extensions?
tony: yes.
... there is one last hurdle and that is the platform
tests.
PLH: I tested, and AGL started to look at platforms results. I would be more comfortable if someone else looks at these.
tony: this is from a post by AGL on Dec. 19th. It is on the mailing list
<plh> https://lists.w3.org/Archives/Public/public-webauthn/2018Dec/0091.html
christiaan: AGL is not here, but I excahnged email with him, he thinks the analysis is correct
<plh> https://lists.w3.org/Archives/Public/public-webauthn/2018Dec/0089.html
tony: I will ask JC about it .
and I will ask Akshay
... JC can you find this particular note. I will review all
those tests. I have not done that yety.
... so Google believes that AGLs post is correct.
PLH: we did not find anything incorrect in the specification
tony: so this comes down to the
implementations themselves, so we fix the bugs there.
... in the implemetations.
PLH: as soomn as we have verfication, i will clean results and respond to the request from the director.
tony: so what is the next date
PLH: so we hit PR, we ask for reveiw from membership
tony: what is date of that approval from diretor
PLH: director is waiting for
me.
... then he can say 'yes"
... a few days after. we have 20 days for advisory
committee.
... and assuming this review goes well, within a week after
that we should can go to recommendation.
... I have been putting our comm folks on all the
communications
... if we do a press release, I would expect our comm team to
do outreach
... review is 28 days
tony: the extensions will stay
normative; like they are in the spec today
... that was the delay. we needed to get the testing
information in order
PLH: it would be a month and a half to have it a recommendation.
tony: need to get the tests results in from JC and Akshay
PLH: hopefully they can get that done on Friday.
JCJ_MOZ: I can look at thi son Friday.
tony: need to look at some issues
we have on Level 2
... level one looks wrapped up and we should be in
recommendation in a month and half.
... we do have #1082
... Mike Jones can you look at this also.
... if the approvals come in , does anyone have issue with
merging this
JeffH: I have said lets merge and clean up at level 2
tony: any issues for merging after reviews are in.
jeffH: I guess in september, I
was waiting for any disagreement with the work
... so I am clearing it.
tony: so elundberg can you merge
it
... this is just editorial
PLH: should i take my snapshot after the merge
tnoy: yes.
tony: #1126 and #1120 also have
some editorial issues
... looks like #1120 is approved
https://github.com/w3c/webauthn/pull/1120
https://github.com/w3c/webauthn/pull/1126
selfissue: I am going to merge this #1082
https://github.com/w3c/webauthn/pull/1082
tony: #1120 and #1126 have been merged.
JeffH: looking at #1118. I have to think about this. If this is just for clarity - lets do it later.
tony: I believe this closes the last of the PRs
<plh> https://github.com/w3c/webauthn/milestone/11
PLH: we have two issues for
PropRec
... #1088 #1122
... we can take care of these
jeffH: elundberg can we address
these in level 2
... #1088 #1122
elundberg: yes, I think this is taken care of.
jeffH: so do we punt it to level 2
tony: what is your opinion , jeff
JeffH: yes, we can punt it.
tony: so what will we do with #1088
elundberg: talking about #1095
selfissue: let's assign to level 2
tony: done.
... so this should clear us
<plh> https://github.com/w3c/webauthn/issues/1117
PLH: what about #1117
elunberg: this goes along with #1118
PLH: OK
tony: we have others for level 2,
#1125, #1124
... those are issues
<plh> https://github.com/w3c/webauthn/issues/996
tony: we don't have any pull requests, a few that are not classified
PHL: and #996
... in my spare time I am working on this.
jeffH: so we have no more un-assinged Issues, should we do the same with PR
tony: we have two PRs not
assigned.
... so punting this to level 2
... #653 also moving to level 2. it is process issue
Yuriy: #1093 - that was moved to level 2, but it is just a typo.
jeff: so that is an argument to just merge it.
tony: OK. does anyone have any issues with it.
selfissue: it is normative. if it is wrong we should fix it.
jcj_moz: it is wrong but it is
referred to it in the spec
... hold on, we are not actually linking
... this is fix that....it is normative and we are wrong.
selfissue: so JC can you merge it?
jbradley: the google documentation is wrong, we have it right
yuriy: I am looking at there
documentation, they mention nonce but not what type it is
... the respone from this is base64
selfissue: we shoujld merge it.
christiaan: we should merge it.
selfissue: who is doing the
merge
... JC is doing it.
PHL: is this testable? the fact if you use base 64 you willbe using the wrong one?
jcj_MOZ: it won't be easy to write a web test for this
yuriy: I don't think it will hard
to have SafetyNet checks.
... only issue to to decode the JOWT and the body of the
JOT
PHL: not asking to write a test here, just want to know if it is possible.
self-issue: i want to discuss #1004, it is marked PR
<plh> https://github.com/w3c/webauthn/milestone/12
tony: mike it is closed.
... no there are notes.
self-issue: it is REC milestone.
yuriy: it is PR that was closed.
selfissue: #1004 is open.
jeffH: we are delaing with this in credman spec. this was just open as our tracking that credman is dealing with thsi
selfissue: what is status
jeffH: it is moving along.
... I need to make a few changes in CredMan and I will work on
it
... sorry I haven't done that yet
selfissue: when we hit REC, credman has to be in sync
jeffH: right. so we need to spend time to bring CredMan up to Candidate Rec. that is our intention
selfissue: thanks
tony: any other concerns, Mike.
selfissue: looking
PHL: can we close #106
tony: I will close
selfissue: #876, I want to talk about it because it is normative
tony: I think that is also a CredMan thing
JeffH: nothing needs to be changed on the webauthn side
selfissue: I believe the rest of things in Rec milestone are level 2, except for those identified as CredMan
PHL: are there blocking issues
for REC - those in CredMan
... I want to understand
JeffH: does Cred Man need to be at CR in order to do to Rec in Webauthn
PHL: yes, if there are some things you need in specification, but a statement from the other working group will need input.
jeffH: so the latter approach, a comment from WebApp Sec (Cred Man) is OK
PHL: yes.
... need a statement from them.
... get it on the record. that would be great.
JeffH: you bet
tony: closes meeting.
<scribe> chair: Fontana
add title: Web Authentication WG
trackbot, end meeting
This is scribe.perl Revision: 1.154 of Date: 2018/09/25 16:35:56 Check for newer version at http://dev.w3.org/cvsweb/~checkout~/2002/scribe/ Guessing input format: Irssi_ISO8601_Log_Text_Format (score 1.00) Succeeded: s/???/Coordinates/ Succeeded: s/PHL/PLH/g Present: jcj_moz jfontana WARNING: Fewer than 3 people found for Present list! No ScribeNick specified. Guessing ScribeNick: jfontana Inferring Scribes: jfontana WARNING: No "Topic:" lines found. Agenda: https://lists.w3.org/Archives/Public/public-webauthn/2019Jan/0001.html Found Date: 09 Jan 2019 People with action items: WARNING: No "Topic: ..." lines found! Resulting HTML may have an empty (invalid) <ol>...</ol>. Explanation: "Topic: ..." lines are used to indicate the start of new discussion topics or agenda items, such as: <dbooth> Topic: Review of Amy's report WARNING: IRC log location not specified! (You can ignore this warning if you do not want the generated minutes to contain a link to the original IRC log.)[End of scribe.perl diagnostic output]