W3C

- DRAFT -

Web Authentication WG

25 Mar 2020

Agenda

Attendees

Present
akshay, armen, davidturner, davidwaite, jeffh, jfontana, John_Bradley, nadalin, selfissued, nina, sbweeden, wseltzer, jfontana_
Regrets
jcj_moz
Chair
nadalin, fontana
Scribe
jfontana_

Contents

Nina: FIDO having bikeshed issues

davidT: use an older version of bikeshed

https://github.com/w3c/webauthn/pulls?q=is%3Aopen+is%3Apr

tony: Low priority

https://github.com/w3c/webauthn/pull/1330

https://github.com/w3c/webauthn/pull/1336

tony: don't think we are there yet.

agl: I think we are there.
... JC and Akshay need to take a look.

tony: we need to land this is FIDO land

agl: it works for U2F authenticators

https://github.com/w3c/webauthn/pull/1375

agl: still pause, need proof it works

https://github.com/w3c/webauthn/pull/1387

nina: it has been approved.

tony: what do we do with the build process

https://github.com/w3c/webauthn/pull/1390

agl: looks like on change. we can merge after taking care of that.

tony: some untriaged PRs

https://github.com/w3c/webauthn/pull/1392

tony: was discussed at face to face - enums

agl: think this is spiritually good some tech that needs to be addressed

tony: jeffH look at this.

https://github.com/w3c/webauthn/pull/1393

agl: build fix, updates python version, david says need something in FIDO land

davidT: see it has been approved must be fine.

tony: can we improve?

wendy: go for it.

tony: jeffh can you approve
... fix for python.

jeffH: land it.

tony: agl merge?

agl: yes

https://github.com/w3c/webauthn/pull/1394

agl: want to split the feature policy and change name. and future call it dash-create

jeffH: I thought I was going to rename them
... with dash create, ddash get

agl: that was my understanding.

tony: we will rename

jeffH: we will modify feature policyu
... I will take a look

https://github.com/w3c/webauthn/pull/1395

agl: this is my homework. worth having group look at this.
... do we want sig counters

akshay: I think we do.

agl: we could put up aaguid
... the public key is the hardest, but others in binary format

tony: this should not break anybody

agl: only adding stuff

jbradley: can ask for direct attestation, but it would be zero

agl: it will match the data.

jbradley: actual data is likely real attestation.
... what is definition of real data.

agl: re-expose data they already had - nothing nerw

shane: there is all sorts of stuff in there like cred ID the authenticator extensions

agl: have ID number, will not touch extensions

shane: as RP developer, I can imagine for simplistic RP without attestation, I likely won't use it.

https://github.com/w3c/webauthn/issues/1377

jeffH: let me take a look at the PR first.

tony: can you open PR for reference if needed

https://github.com/w3c/webauthn/issues/1381

tony: no additional work.

agl: we discussed it yesterday on FIDO call
... if anyone needs a review I can give it.

https://github.com/w3c/webauthn/issues/1385

tony: editorial

shane: I will take a look

https://github.com/w3c/webauthn/issues/1386

jbradley: i'll work on PR

tony: you will keep in UVM

bradley: yes. will see if wee can get two implementations

tony: anything else on this one
... most of what is left is editorial

shane: something from last week on candidate recommendation
... I couldn't find timeline on that
... see milestone LC rec and CR rec and wd03
... try to wrap this up next month to CR and then PR by end of year

https://github.com/w3c/webauthn/issues/1391

tony: I think this has been answered

agl: I think we can close

jeffH: i closed

tony: any other business
... adjorn

adjourn

adjourn

chairs: Nadalin, Fontana

JC, we ended early

Summary of Action Items

Summary of Resolutions

[End of minutes]
Minutes manually created (not a transcript), formatted by David Booth's scribe.perl version 1.154 (CVS log)
$Date: 2020/03/25 19:39:34 $

Scribe.perl diagnostic output

[Delete this section before finalizing the minutes.]
This is scribe.perl Revision: 1.154  of Date: 2018/09/25 16:35:56  
Check for newer version at http://dev.w3.org/cvsweb/~checkout~/2002/scribe/

Guessing input format: Irssi_ISO8601_Log_Text_Format (score 1.00)

Succeeded: s/jeffH #webauthn//
Default Present: akshay, armen, davidturner, davidwaite, jeffh, jfontana, John_Bradley, nadalin, selfissued, nina, sbweeden, wseltzer, jfontana_
Present: akshay armen davidturner davidwaite jeffh jfontana John_Bradley nadalin selfissued nina sbweeden wseltzer jfontana_
Regrets: jcj_moz
No ScribeNick specified.  Guessing ScribeNick: jfontana_
Inferring Scribes: jfontana_

WARNING: No "Topic:" lines found.

Agenda: https://lists.w3.org/Archives/Public/public-webauthn/2020Mar/0070.html

WARNING: No date found!  Assuming today.  (Hint: Specify
the W3C IRC log URL, and the date will be determined from that.)
Or specify the date like this:
<dbooth> Date: 12 Sep 2002

People with action items: 

WARNING: No "Topic: ..." lines found!  
Resulting HTML may have an empty (invalid) <ol>...</ol>.

Explanation: "Topic: ..." lines are used to indicate the start of 
new discussion topics or agenda items, such as:
<dbooth> Topic: Review of Amy's report


WARNING: IRC log location not specified!  (You can ignore this 
warning if you do not want the generated minutes to contain 
a link to the original IRC log.)
[End of scribe.perl diagnostic output]