tony: we should discuss what to
do with locking in features for L2
... is this proper time. Do we need more L2 features
... are there new features that need to be introduced
selfissue: Bradley says remove
some unused stuff
... ECDAA we should punt it. no one has used it
agl: I have a couple of extensions in mind that could be level 2 one is a secret key and the other blob stuff
elundberg: I have some recovery, backup stuff
Nsteele: we are interested in the blob stuff
tony: when do we say feature
complete.
... do we give it another month
agl: viable
tony: saying end of may could be feature loc
agl: so does that mean landed or PR
jeffH: we do have a label called
feature proposal
... I hear tony saying use that label of its too late at end of
month?
... curious about the mechanics
tony: includes adding and
eliminating stuff
... give it to end of may
akshay: yeah
tony: objections?
jeffH: spwg update
bradley: no comment :-)
jeffH: going to land enterprise
attestation in the spec
... FIDO is going to have to figure out how to deal with
it.
tony: go to PRs
https://github.com/w3c/webauthn/pull/1366
tony: all approved
jeffH: done
tony: no objections
https://github.com/w3c/webauthn/pull/1375
agl: believe it is good to
go
... jc had one comment, I will follow up.
jeffH: I took care of it.
https://github.com/w3c/webauthn/pull/1392
jeffH: trying to finish a review. JC is using the term unset - is that not present or someting else.
agl: what is difference not present and does not exist
jeffH: they are the same.
... this needs more cleanup
https://github.com/w3c/webauthn/pull/1395
agl: I have one round of updates, I need another implementation.
https://github.com/w3c/webauthn/pull/1330
tony: blocked
... no untriaged PRs
Issues
tony: nothing on network tranport
https://github.com/w3c/webauthn/issues/1406
jeffh: this is not like a browser extension
agl: do we want this in the official spec
nickS: authenticates to the extension?
agl: we add some data into the extension
jeffH: we should say something in a note
selfissue: i support this
agl: if ctap references this for RP ID , we should note it
bradkley: in facovr with note on why this is secure
agl: if a note went into detail
it would be a mistake.
... maybe a URL with an explicit default
selfissue: I agree with that. no deep explanation, just say it can be a URI
bradley: does not have to be in-depth, just that broswer validates it.
elundberg: there is some risk of
confusion. there exists documentation specifically talking
about RP ID being just a domain name.
... related to APP ID extension, might cause some
confusion
... not a big problem, somethign to think about
https://github.com/w3c/webauthn/issues/1409
tony: thi is terminology we ewnat
to cleanup
... those are major technical issues that are left
https://github.com/w3c/webauthn/issues/1410
bradley: it is kind of pointless
selfissue: this is not usable without an algorithm identifier
elunberg: was registration in this WG or FIDO
nickS: we started a community group about web authn and we have another meeting.
bradley: I will do a PR on #1410
and remove the algorithm
... we still have activity on web payments side to combine Web
payments and web authn
<wseltzer> WebAuthn Adoption CG
<nsteele> Thanks Wendy!
<wseltzer> email re poll for call times
agl: I have talked with payments folks, some vague out line with routing
bradley: taking info. from browser and using a hash
agl: we could provide a route not with JavaScript. not clear by maybe someone desires that
bradley: could work on some hash in the browser and what is displayed
This is scribe.perl Revision: 1.154 of Date: 2018/09/25 16:35:56 Check for newer version at http://dev.w3.org/cvsweb/~checkout~/2002/scribe/ Guessing input format: Irssi_ISO8601_Log_Text_Format (score 1.00) Succeeded: s/lacks some documentation/there exists documentation specifically talking about RP ID being just a domain name/ Present: jfontana elundberg wseltzer agl akshay bill davidturner eric jbarclay nina rae sbweeden jeffh selfissued No ScribeNick specified. Guessing ScribeNick: jfontana Inferring Scribes: jfontana WARNING: No "Topic:" lines found. Agenda: https://lists.w3.org/Archives/Public/public-webauthn/2020Apr/0142.html WARNING: No date found! Assuming today. (Hint: Specify the W3C IRC log URL, and the date will be determined from that.) Or specify the date like this: <dbooth> Date: 12 Sep 2002 People with action items: WARNING: No "Topic: ..." lines found! Resulting HTML may have an empty (invalid) <ol>...</ol>. Explanation: "Topic: ..." lines are used to indicate the start of new discussion topics or agenda items, such as: <dbooth> Topic: Review of Amy's report WARNING: IRC log location not specified! (You can ignore this warning if you do not want the generated minutes to contain a link to the original IRC log.)[End of scribe.perl diagnostic output]