<wseltzer> Nadalin: no meetings Sept 18 and 25
no mtgs 18th and 25th september due to TPAC and FIDO mtgs
Wendy: new charter underway, should be open for review soon. Existing charter extended to carry through review period.
<wseltzer> Draft charter to be sent for AC review, https://www.w3.org/2019/08/web-authentication-charter.html
PR review...
909 - on hold for FIDO
966 - to be moved to WD03
1250 - editorial, ongoing
1256 - edge team still invetigating, on hold
<Jfontana_> I present+
1264 - waiting for 1275 to land
1270 - ongoing
<Jfontana_> No audio
1275 - landing, so 1264 also
hey @Jfontana, do you want to take over? I am stand-in irc scribe
<Jfontana_> I can't hear the call
1284 - AGL - says JeffH reports in progress
1288 - JeffH ok, Akshay and JohnB to review
Untriaged Issues....
1283 - close no action, advice provided
1285 - AGL and Akshay suggested that these icons are not currently used by the user-agents and that it is unlikely the browsers would ever retrieve href icons and would only display if data URLs. Common suggestion is to recommend that if these are to be used, they be data urls.
1285 - nadalin assigned JC
1286 - akshay explained issue of default timeout of 15 seconds during enrollment for bio authenticators that take some time to enroll. Requesting increased default.
agl - ok with larger floor timeout
james, nsteele - Duo currently use 60 second timeout
akshay - issue driven by in-line bio enrollment on first use of token
agl - suggests short timeout for get assertion, and longer for get credential.
<nsteele> specific to UV, rather than just UP
akshay to continue looking into it
1287 - agl, chrome sets credProtect to 2 by default, and don't plan to change this.
johnb - RP's could explicitly set credProtect, but easier said than done
sweeden - suggested that RP's should be given the right to accept attestations containing unsolicited extensions subject to "their policy"
johnb - the MUST existed in the spec so that if future extensions which changed what should happen at the RP were not understood by the RP, then the message should not be processed at all
all: general agreement that the MUST should be relaxed
further discussion on idea that clientDataJSON could be annotated by browser to indicate extensions that the browser has added itself
sweeden - to do PR for relaxing MUST requirement
akshay - separate discussion on credProtect defaults
nadalin - asked JC for update on FeaturePolicy. JC - working with webappsec, continuing conversation.
call closed
This is scribe.perl Revision: 1.154 of Date: 2018/09/25 16:35:56 Check for newer version at http://dev.w3.org/cvsweb/~checkout~/2002/scribe/ Guessing input format: Irssi_ISO8601_Log_Text_Format (score 1.00) Succeeded: s/rragent, draft minutes//G Present: nsteele Nadalin nmooney Akshay jcj_moz John_Bradley sbweeden jbarclay agl wseltzer No ScribeNick specified. Guessing ScribeNick: sweeden Inferring Scribes: sweeden WARNING: No "Topic:" lines found. Agenda: https://lists.w3.org/Archives/Public/public-webauthn/2019Aug/0163.html WARNING: No date found! Assuming today. (Hint: Specify the W3C IRC log URL, and the date will be determined from that.) Or specify the date like this: <dbooth> Date: 12 Sep 2002 People with action items: WARNING: Input appears to use implicit continuation lines. You may need the "-implicitContinuations" option. WARNING: No "Topic: ..." lines found! Resulting HTML may have an empty (invalid) <ol>...</ol>. Explanation: "Topic: ..." lines are used to indicate the start of new discussion topics or agenda items, such as: <dbooth> Topic: Review of Amy's report WARNING: IRC log location not specified! (You can ignore this warning if you do not want the generated minutes to contain a link to the original IRC log.)[End of scribe.perl diagnostic output]