<scribe> scribe: fontana
<wseltzer> -> TPAC Fukuoka, next week https://www.w3.org/2019/09/TPAC/schedule.html
<wseltzer> -> WebAuthn schedule for TPAC https://lists.w3.org/Archives/Public/public-webauthn/2019Sep/0072.html
tony: also joint meetings with Web Payments and Web Payments Security Interest Group.
Duo will present on Wednesday un-conference
tony: anything else on TPAC
... if you have updates, send
... added time to discuss account recovery
... set on TPAC agenda
... #909 on hold
... moving #909 to WD-03
https://github.com/w3c/webauthn/pull/1250
akshay: getting more questions
than answers
... need to look closer at this.
... will finish by TPAC.
https://github.com/w3c/webauthn/pull/1276
tony: still blocked
https://github.com/w3c/webauthn/pull/1298
elundb erg: need more reviewers
selfissue: can you help
... sure
tony: it is an editorial
https://github.com/w3c/webauthn/pull/1299
tony: akshay will help
review
... should be just editorial change
... at face to face, #1250 #1256 #1298 and #1299 closed
... any questions on PR?
no
moving to issues
tony: jeff do you want to skip all editorials
jeffH: yes I have 10 and we can skip
tony: will these make wd-02
jeffH: more important wok is in cred man
shane: will these amke wd-02
tony: want to get to point at
TPAC we close open PR and triage what we want in wd-02
... close out publice review
shane: so no target date
tony: there is, on WD-02. wrap up
by end of year. to get to CR, by end of year.
... we will need at least 3 drafts, WD's, to feel comfortable
with a CR
akshay: so two more working drafts
tony: I want a wd-02 after TPAC,
then one before holidays, then work toward CR at beginning of
year.
... there are some un-triaged issues to handle
https://github.com/w3c/webauthn/issues/1291
tony: is ithe wd-2 or 3
elundberg: yes, i think 3. so of these are vague
https://github.com/w3c/webauthn/issues/1292
agl: we are a bit worried about
this. if this doesn't align, don't know what that means
... i want a PR by TPAC to look at this. want to look at
Apple's issues. we can discuss at TPAC
... in some form, I will have something by the friday
T
tpac meeting
https://github.com/w3c/webauthn/issues/1293
agl: unsure of motive on this. think it breaks things
akshay: what is this?
agl: there is user gesture. Apple
is worried about the outcome of this issue.
... android has not said they are worried about this.
... they are uncomfortable about this.
correction: apple is uncomfortable with the issue
agl: there are cases that will break for us if we did this
JDJ_Moz: i want to talk to other RPs
nick: this would break for DUO
the issue is Requiring user gesture to call WebAuthn API
tony: this is key to discuss at TPAC
https://github.com/w3c/webauthn/issues/1294
tony: some discussion also in FIDO
akshay: I want to understand the use case.
agl: I have to leave. read my
comments on the bug on Apple issue.
... I would not fight them over Lightning.
jbradley: I am pushing for it, because google wants it in.
agl: I have not been able to talk to Christiaan
jeffh: the other thing to note.
comment in issue, is hinting that apple differentiation between
lightning and other things may go away.
... but I am not sure.
akshay: I will re-read this item.
<wseltzer> [agl departs]
akshay: have to think about all the OS versions.
jbradley: we think apple will support w
web authn on iOS, just when
jbradley: HID over iOS does not work right now
tony: no issues other than that.
jbradley: there are some things we can do to signal to RP
https://github.com/w3c/webauthn/issues/1296
tonhy: we will do this face to
face.
... will this break anybody?
akshay: we have a mix of
authenticators, I would preferto do this in the browser.
... we need to clarify.
tony: we want to make this
consistent
... this is normative change
jeffH: try to fix the inconsistencies here.
tony: akshay you want it handled in thet browsers?
akshay: that is initial reaction
jeffH: consider if it is browser job to do truncation
https://github.com/w3c/webauthn/issues/1297
shane: think google has more of a
vested interest than I do.
... I think this can close with no action, but maybe keep it
open until Google can comment
jeffH: yes, google will think about this.
tony: where do we stand on #1199
https://github.com/w3c/webauthn/issues/1199
akshay: it is not clear. not as simple as we thought
jeffH: move to wd-03 l2
akshay: yes, this is very tricky
jeffH: agreed
tony: what about https://github.com/w3c/webauthn/issues/1285
... does anyone do this today
akshay: no
shane: this is one thing I put in my user profiles, but when I thought no browser supported, I thought why do we have it.
jeffH: i am trying to find my notes. we have discussed.
nick: could be used by RP on the page
akshay: is antoher use case with
mobile, and if they can show it.
... removing is too extreme right tnow
jeffH: we talked about this
yesterday. various ways to approach for fixing
... could be draconian, and restrict to data URLs
... there are subtle but important consideration.
elundberg: restricting it to data URLs would make it practically unusable with limited-hardware authenticators.
jeffH: lot going on to get this right. it is under specified or mis-specified
tony: this takes us through all the technical issues we haven
jeffH: waiting for PR on #1286
akshay will make a comment in #1286
wseltzer: we will have dial-in for TPAC
shane: can you add instructions for that.
tony: adjourn
This is scribe.perl Revision: 1.154 of Date: 2018/09/25 16:35:56 Check for newer version at http://dev.w3.org/cvsweb/~checkout~/2002/scribe/ Guessing input format: Irssi_ISO8601_Log_Text_Format (score 1.00) Succeeded: s/restrict to roaming authenticators/make it practically unusable with limited-hardware authenticators/ Default Present: wseltzer, jfontana, nsteele, nmooney, Akshay, David_Turner, David_Waite, elundberg, jcj_moz, nadalin, agl, sbweeden, pasan, selfissued, jbarclay, jeffh Present: wseltzer jfontana nsteele nmooney Akshay David_Turner David_Waite elundberg jcj_moz nadalin agl sbweeden pasan selfissued jbarclay jeffh No ScribeNick specified. Guessing ScribeNick: jfontana Found Scribe: fontana WARNING: No "Topic:" lines found. WARNING: No meeting title found! You should specify the meeting title like this: <dbooth> Meeting: Weekly Baking Club Meeting Agenda: https://lists.w3.org/Archives/Public/public-webauthn/2019Sep/0100.html WARNING: No date found! Assuming today. (Hint: Specify the W3C IRC log URL, and the date will be determined from that.) Or specify the date like this: <dbooth> Date: 12 Sep 2002 People with action items: WARNING: No "Topic: ..." lines found! Resulting HTML may have an empty (invalid) <ol>...</ol>. Explanation: "Topic: ..." lines are used to indicate the start of new discussion topics or agenda items, such as: <dbooth> Topic: Review of Amy's report WARNING: IRC log location not specified! (You can ignore this warning if you do not want the generated minutes to contain a link to the original IRC log.)[End of scribe.perl diagnostic output]