18:54:33 RRSAgent has joined #webauthn 18:54:33 logging to https://www.w3.org/2021/03/03-webauthn-irc 18:54:35 RRSAgent, make logs Public 18:54:36 Meeting: Web Authentication WG 18:54:38 Agenda: https://lists.w3.org/Archives/Public/public-webauthn/2021Mar/0004.html 19:58:00 jfontana has joined #webauthn 19:59:46 sounds like a warning :-) 19:59:56 present+ 20:00:09 nsteele has joined #webauthn 20:00:18 s/sounds like a warning :-)// 20:00:25 present+ 20:00:27 dveditz has joined #webauthn 20:01:18 present+ 20:02:21 selfissued has joined #webauthn 20:02:25 nina has joined #webauthn 20:02:49 present+ 20:03:50 present+ 20:05:30 present+ 20:05:50 Tony: does L2 supersede or does L1 stay around 20:05:55 agl: yes. 20:06:04 elundberg has joined #webauthn 20:06:08 tony: supersede means depricate 20:06:36 present+ agl, Nadalin, akshaykumar, davidturner, jeffh, johnbradley, dveditz, elundberg, matthewmiller, nina, raerivera, sbweeden, timcappalli 20:07:05 agl: there are no users for the extensions, L1 20:07:13 selfissue: we should deprecate 20:07:25 ...normal part of process. 20:07:41 q+ 20:07:50 tony: we don't change the L1 spec, we don't have a pointer 20:08:02 PROPOSED: L2 Supersedes L1 20:08:16 RESOLVED: L2 Supersedes L1 20:08:27 ...so we want to go supersede. 20:08:44 q- 20:08:46 wendy: the patent policies for L1 remain in place. 20:09:05 bradley: reference in IANA registry. 20:09:15 tony: nothing left for CR 20:09:27 ... some open issues for L3, 20:09:38 ... I have not finished the charter. 20:09:45 ...a draft will be posted. 20:10:18 ...we are not merging any pull requests, just sorting out what we have. 20:11:17 matthewmiller has joined #webauthn 20:11:58 ...https://github.com/w3c/webauthn/pulls/1232 20:12:34 https://github.com/w3c/webauthn/pull/1232 20:14:26 elundberg: if we do this, we should keep in the RP updates 20:14:55 selfissue: for this to work you would have to update all Web authn clients to do this 20:15:02 agl: agents and servers, yes 20:15:08 selfissue: close and say will not do 20:15:19 agl: needs more explaining, justification 20:15:32 tony: nick will you do this and close it? 20:15:36 jericks has joined #webauthn 20:15:37 nickS: yes 20:16:02 nickS: I don't know if Rolf has any interest in taking this on 20:16:14 tony: he can re-open if he wants. 20:16:38 https://github.com/w3c/webauthn/pull/1425 20:16:48 elundberg: no updates right now. 20:18:02 https://github.com/w3c/webauthn/pull/1576 20:18:10 jeffH: still interested 20:18:32 https://github.com/w3c/webauthn/issue/1570 20:18:53 tony: talking about payments in general. 20:19:33 URL correction: https://github.com/w3c/webauthn/issues/1570 20:19:54 https://github.com/w3c/webauthn/issues/1569 20:20:26 agl: we have a whole series of issues on github. boil down to re-auth does not work 20:20:46 tony: shold re-auth be in level 3 20:21:00 agl: it does not work, but might want to address in L3 20:21:16 tony: can we get a generic issue on this one. 20:21:26 jeffH: we could add something to the charter. 20:21:32 present+ davidwaite, jericks 20:21:43 ...a blanket issue to cover all of them 20:21:58 bradley: we support re-auth, it is about improving or streamlining 20:22:18 agl: it's a bad UX 20:22:43 https://github.com/w3c/webauthn/issues/1568 20:23:41 akshay: we need #1569 #1567 #1559 all of these 20:24:19 bradley; need to look at #554. what to do now that token binding is dead 20:24:26 #1554 20:24:32 https://github.com/w3c/webauthn/issues/1554 20:25:40 JeffH: HSTS was a patch, we are defaulting to secure connections 20:26:30 https://github.com/w3c/webauthn/issues/1546 20:26:41 agl: multiple keys, yes, interested 20:26:54 selfissue: MSFT supports as well 20:27:03 ... could be used for recovery or migration 20:27:18 tony: non modal UI 20:27:22 jeffH: yes. 20:28:01 https://github.com/w3c/webauthn/issues/1462 20:28:15 tony: does anyone not support going ahead with this 20:28:18 silence 20:29:45 https://github.com/w3c/webauthn/issues/1381 20:30:26 mattM: I guess I can take this one. 20:30:31 ...sure 20:30:46 NickS: will help coordinate. 20:31:58 https://github.com/w3c/webauthn/issues/969 20:32:33 tony: this was a google one originally 20:33:04 shane: thought platform authenticators are device bound 20:33:11 agl: I think we can close this. 20:33:23 tony: agl can you close 20:33:39 https://github.com/w3c/webauthn/issues/465 20:33:50 jeffH: close it 20:34:30 ..clear out PR and issue 20:34:44 tony: this covers all the major enhancements we want to do. 20:34:48 ...anything else. 20:34:56 bradley: https://github.com/w3c/webauthn/issues/1446 20:35:06 ...don't think it needs to be in charter. 20:35:32 ...a new version of CTAP will catch up to it. 20:43:40 selfissues: fine for charter to include new algorithm work and it does not get done. 20:43:46 agl: should not happen by charter 20:44:04 tony: what do we say in charter; additional curves 20:44:42 bradley: additional work on algorithm agility 20:44:59 tony: this is all I have. 20:46:37 tony: should we pause until PR is done 20:46:47 ...take next week off and meet the following. 20:47:03 ...so meet again on the 17th 20:47:11 ...? 20:47:16 ...concerns? 20:47:47 ...skips the 10th and meet on the 17th 20:47:57 jeffH: sounds fine as proposed. 20:48:13 tony: adjourn 20:49:04 rrsagent, make logs public 20:49:12 rrsagent, draft minutes 20:49:12 I have made the request to generate https://www.w3.org/2021/03/03-webauthn-minutes.html jfontana 20:49:28 chairs: Nadalin, Fontana 20:49:42 Zakim, list attendees 20:49:42 As of this point the attendees have been jfontana, nsteele, wseltzer, selfissued, dveditz, jeffh, agl, Nadalin, akshaykumar, davidturner, johnbradley, elundberg, matthewmiller, 20:49:45 ... nina, raerivera, sbweeden, timcappalli, davidwaite, jericks 20:50:16 web page updated with minutes 20:50:25 Zakim, bye 20:50:25 leaving. As of this point the attendees have been jfontana, nsteele, wseltzer, selfissued, dveditz, jeffh, agl, Nadalin, akshaykumar, davidturner, johnbradley, elundberg, 20:50:25 Zakim has left #webauthn 20:50:33 rrsagent, bye 20:50:33 I see no action items