<jfontana> Agenda
<jfontana> https://lists.w3.org/Archives/Public/public-webauthn/2019Oct/0041.html
<scribe> scribenick: jcj_moz
jfontana: Charter is still out
for review. Hopefully we'll know more in the coming
days/weeks.
... Tony's not here today, he's tied up in Minnesota
... so let's run through the pull requests and issues
... We're hoping we can get WD-02 in the next three weeks. So
let's see what we think we can get done, and if something looks
like it needs to get punted, we can move it to -03
... so let's start with the PRs - 653
· https://github.com/w3c/webauthn/pull/653
jeffh: This is ongoing and we don't need to spend time on it today. Donno if it should go to -03
jcj_moz: I think it's ok to go to -03 because until we actually can do new web platform tests, we can't enforce it
jfontana: 1250. Akshay's on this, looks ready to merge
Akshay: This looks fine, but we'll open a new issue related
jfontana: 1276...
· https://github.com/w3c/webauthn/pull/1276
jeffh: I'm working on the credential management spec first, and then we can deal with this. Trying to handle in the -02 timeframe
jfontana: https://github.com/w3c/webauthn/pull/1299
jeffh: We can merge this
jfontana: 1307
... Emil, you have approval on this, are there roadblocks?
jeffh: Mike's working on this,
and I had 1 suggestion for rewriting a sentence and moving it
...
... other than that I guess it's okay
... comment indicates there's a change to CBOR
... don't know if that affects anything we're doing at this
time
... as far as I know this text is correct but I'm not 100%
positive
jfontana: Emil, did you review it?
Emil: I don't know. I looked at the editorial
Akshay: Let's wait for Mike to come back
jfontana: Sounds logical. He's
assigned to it.
... 1310 - was merged and closed?
jeffh: yes
jfontana: 1312 https://github.com/w3c/webauthn/pull/1312
agl: I just ticked approve, looks good to me
emil: We might be good to merge?
jcj_moz: looks good
jeffh: looks good
Emil: we merge it?
jfontana: yeah
... https://github.com/w3c/webauthn/pull/1313
Emil: This probably needs a bunch of reviews from a bunch of different perspectives. It doesn't really change anything, but maybe? It covers what happens if you make a credential with UV and use it without UV, and get basic assumptions into writing
agl: I think this reflects reality
jeffh: I will review it
jcj_moz: I will also
jfontana: that's all the PRs, so
onto the issues
... a lot of these are editorial, Jeff I guess that means
you.
jeffh: I'd suggest we look at
technical labeled ones for WD-02
... and don't worry about the editorial ones
jeffh: it looks like there are 11
technical issues, 2 have aPR open
... so I'd start with 1285 and work up from there
jfontana: 1285 then
jcj_moz: will get to this PR next week
jfontana: 1260
... wait 1286
https://github.com/w3c/webauthn/issues/1286
Akshay: I'll have a PR by next week
agl: https://github.com/w3c/webauthn/issues/1294
jeffh: The Apple folks have
written in here their perspective of what we agreed on at
TPAC
... so we're holding this open
... and we'll wait to see what develops
jfontana: https://github.com/w3c/webauthn/issues/1296
agl: PR next week
jfontana: You think it can still come down to WD-02?
agl: It's plausible, and if it doesn't, it doesn't matter
Shane: ditto 1297
https://github.com/w3c/webauthn/issues/1302
jeffh: Boris
jcj_moz: This is 3rd in line for me prioritize
jeffh: there may be no spec changes
jcj_moz: we probably just need a
test, and then we all fix it
... maybe we need a label and a PR for updating web platform
tests
Nina: Working to improve that situation
jeffh: cool
jcj_moz: I don't think this
matters what draft it goes into, but it does need to
happen
... Do we want to make a label for Web Platform Tests?
jeffh: sure
... You're doing that?
jcj_moz: no I am scribing
jfontana: https://github.com/w3c/webauthn/issues/1303
<wseltzer> jcj_moz: Mozilla and I worry about invisible iframes confusing the user
jcj_moz: I have this in draft form locally
agl: I'm not sure what utility
making them visible yields
... they can make htem white on a white background and what is
the point
jeffh: another ask
agl: make the argument that this is disabled-by-default
jbradley: This may come from
payment issues, and could prompt something worse for privacy
like the facet list again
... The main place where this might be used is payments in
Europe where a merchant needs to collect an authentication from
the bank, and they don't want to display the bank's page or
can't because of EU banking regulations
... but they still need to do strong customer auth as the law
requires
... otherwise they want to destroy the non-correlatability and
instead embed webauthn directly in the merchant's site so it's
correlatable
jfontana: Let's go back to the editorials
agl: We had one un-triaged
... 1314
https://github.com/w3c/webauthn/issues/1303
Emil: This is something that
confused me among all the extensions
... I think if you look closely it's unambiguous so it's not
high priority
... so if someone could confirm my understanding, then we
can
... confirm or punt
jeffh: will review
agl: Who authored the extension?
<wseltzer> https://github.com/w3c/webauthn/issues/1314
agl: I think it is unambiguous, but ...
jeffh: it's (passed as) essentially a blob
agl: if you imagine the CBOR type
that is represented by this WebIDL type then it's essentially
correct but ...
... it seems okay to me --ish, aside from that annoyance about
the types
... Emil, do you want to close this, make the changes?
Emil: I can make the changes if
someone can confirm that I have the correct understanding
... I can try to check with whoever authored the extension to
make sure I have the correct understanding
jfontana: I'd say punt to -03
agl: alright
jfontana: Did we tackle
1260?
... This is the editorial, https://github.com/w3c/webauthn/issues/1260?
jeffh: This is just among the low-priority editorial items
jfontana: That's kind of what we have left
jeffh: I don't think we need to
walk through them
... nobody seems to be screaming about any of them
... I submitted most of them, and in a perfect world we'd fix
them, but nobody's screaming about them so we don't need to
talk about them
jfontana: I think then we're
pretty much done
... Thanks everybody
[[ closing out ]]
<Jiewen> Thank you.
jfontana: What about https://github.com/w3c/webauthn/issues/1292
jcj_moz: That's the one Ricky and I were planning to address with a simplified interface
Ricky: Yeah
jeffh: moved to WD-03
jfontana: thanks
nina: PR on the wpt repo to add the webdriver API to the tests
[[ feedback loop ]]
Nina: They should at least run in Chrome for now
<Jiewen> Sorry, not sure what was going on...
This is scribe.perl Revision: 1.154 of Date: 2018/09/25 16:35:56 Check for newer version at http://dev.w3.org/cvsweb/~checkout~/2002/scribe/ Guessing input format: Irssi_ISO8601_Log_Text_Format (score 1.00) Present: jfontana jeffh nsteele wseltzer Akshay jcj_moz elundberg eric Jiewen rmondello sbweeden dturner agl nina Regrets: Nadalin Found ScribeNick: jcj_moz Inferring Scribes: jcj_moz WARNING: No "Topic:" lines found. Agenda: https://lists.w3.org/Archives/Public/public-webauthn/2019Oct/0041.html WARNING: No date found! Assuming today. (Hint: Specify the W3C IRC log URL, and the date will be determined from that.) Or specify the date like this: <dbooth> Date: 12 Sep 2002 People with action items: WARNING: No "Topic: ..." lines found! Resulting HTML may have an empty (invalid) <ol>...</ol>. Explanation: "Topic: ..." lines are used to indicate the start of new discussion topics or agenda items, such as: <dbooth> Topic: Review of Amy's report WARNING: IRC log location not specified! (You can ignore this warning if you do not want the generated minutes to contain a link to the original IRC log.)[End of scribe.perl diagnostic output]