tony: wd03 published
... wd-04 end of sept., end of oct. put out CR and Proposed by end of Dec.
jbradley: ctap2 work trying to sync with Web Authn
... was discussion in SPWG to change privacy principle.
... could impact CTAP2
tony: issues. any update on Apple attstation
https://github.com/w3c/webauthn/issues/1453
JTan: waiting for lawyers.
... you can test it now.
tony: any questions
shane: when requesting direct attestation I was getting an error.
JTan: we can discuss offline
tony: when you get permission you will create a PR
JTan: yes.
https://github.com/w3c/webauthn/issues/1457
jbradley: relates to Apple platform authenticator on iOS
... not sure what to do about it.
tony: Msft is changing its behavior
akshay: I can't guarantee what we will do.
tony: will you change?
JTan: will not change right now, not sure in the futuree
agl: it could change in 14.1
... OK, nothing looking forward
tony: we should leave it.
shane: this is about FIDO spec not working\
... makes implementation of RP less consistent
agl: we highlighted, we can't change the world. we need help there
tony: we don't change spec here, and hope people don't change their implementations
agl: we don't have to back up to CTAP
... we could add a note
... but that ages quickly.
tony: do we move this to future level
... Apple won't make deadline
jbradley: do we revert the changes to web authn spec
tony: so move to next level or close
shane: we need consistency
jeffH: spec could be moree clear #1459
jbradly: look at $1459
jeffH: section 5.4.4, does not use discoverable language. should be updated
https://github.com/w3c/webauthn/issues/1459
agl: update language, tweak wording elsewhere
elundberg: did update terms, but not use of terms
jeffh: we are not using new language around resident kehys
... we ought to clarify is what I am hearing from agl
agl: I am open to changing things around.
tony: so do #1459 and not #1457
afgl: nod toward #1457
... it does happen
jeffh: we should note down sides
tony: agl can yo craft a PR to cover both.
agl: I will do next week
jbradley: problem here is need to track creation of credentials
https://github.com/w3c/webauthn/issues/1441
JeffH: I will clean-up
tony: jbradley, you adding some wording
jbradley: yes.
tony: some un-traiaged
https://github.com/w3c/webauthn/issues/1462
agl: this is mozilla objections to PR extension.
... not worth sinking the spec ovre.
akshay: I like this extenison
... I want it in web auth, addresses web crypto
tony: so both google and msdft are in favor of keeping this
JTan: pseudo-random function. I need to review this
tony: does anyone want to take this one over?
agl: we should give him another week, but we might need some help
tony: I will move it into WD-04
https://github.com/w3c/webauthn/issues/1463
agl: hope to get consensus on specifics, and put note in spec mentioning this.
tony: see this an editorial
agl: yes, but with guidancee
tony: any other issues to discuss
... are we going to leave this, close it. moves to level three and someone with look at it. https://github.com/w3c/webauthn/issues/1396
jeffH: all the editors in draft; RFC 8809 eminent
tony: when do we see completion with this in ITF
selfissue: this week
... this is IETF to be clear
<selfissued> The registries are at https://www.iana.org/assignments/webauthn/webauthn.xhtml
<selfissued> draft-hodges-webauthn-registries will be RFC 8809
tony: adjourn