19:03:39 <RRSAgent> RRSAgent has joined #webauthn
19:03:39 <RRSAgent> logging to https://www.w3.org/2021/05/05-webauthn-irc
19:03:41 <Zakim> RRSAgent, make logs Public
19:03:43 <Zakim> Meeting: Web Authentication WG
19:03:44 <wseltzer> Agenda: https://lists.w3.org/Archives/Public/public-webauthn/2021May/0023.html
19:03:53 <wseltzer> wseltzer has changed the topic to: 5 May https://lists.w3.org/Archives/Public/public-webauthn/2021May/0023.html
19:04:40 <wseltzer> present+
19:07:39 <jfontana> tony: TPAC. Group meeting. We can do that. Virtual
19:08:02 <jfontana> present+
19:08:03 <dveditz> dveditz has joined #webauthn
19:08:13 <dveditz> present+
19:08:49 <jfontana> https://github.com/w3c/webauthn/pull/1609
19:09:06 <jfontana> elundberg: likely a typo
19:09:14 <jfontana> tony: merge
19:09:21 <jfontana> https://github.com/w3c/webauthn/pull/1607
19:09:43 <jfontana> elundberg: editorial. fix date.
19:10:33 <jfontana> https://github.com/w3c/webauthn/pull/1600
19:10:37 <jfontana> akshay: looks fine.
19:10:40 <matthewmiller> matthewmiller has joined #webauthn
19:10:49 <jfontana> tony: merge
19:11:03 <jfontana> https://github.com/w3c/webauthn/pull/1599
19:11:09 <jfontana> tony: any issues.
19:11:34 <jfontana> https://github.com/w3c/webauthn/pull/1586
19:13:09 <jfontana> agl: do 1585 first
19:13:13 <jfontana> https://github.com/w3c/webauthn/pull/1585
19:13:23 <jfontana> jeffH: merged
19:13:29 <jfontana> https://github.com/w3c/webauthn/pull/1586
19:13:34 <jfontana> jeffH: merged.
19:13:44 <jfontana> https://github.com/w3c/webauthn/pull/1576
19:14:03 <jfontana> jeffH: may want to mark as draft. this will be on-going discusson
19:14:14 <jfontana> dtony: mark it as draft.
19:14:35 <jfontana> https://github.com/w3c/webauthn/pull/1425
19:14:46 <jfontana> jeffH: this is another on-going discussion
19:14:56 <jfontana> elundberg: next step may be more reviews.
19:15:36 <jfontana> ..should see how it interacts with #1546, depends on how it is addressed
19:16:02 <jfontana> .. might become a special case. need to consider this
19:16:37 <jfontana> ..figure out #1546 and then go on to next one. #1425
19:19:10 <jfontana> tony: issues to look at.
19:19:30 <jfontana> https://github.com/w3c/webauthn/issues/1608
19:20:51 <jfontana> akshay: looks like they want web authn for all crypto
19:21:25 <jfontana> lundberg: have external apps and add signatures.
19:21:36 <jfontana> jbradley: we have  a tension around privacy
19:21:47 <jfontana> ...audience restricted to origin.
19:21:59 <jfontana> ...don't know origin of blockchain
19:22:25 <jfontana> ...how would we do this with a FIDO assertion?
19:23:29 <jfontana> ...these are legit use cases, but open can of worms and not being thought through
19:23:50 <jfontana> ...we can stop this in the browser
19:25:47 <jfontana> ...managing certificates is hard. not sure we want to go there
19:28:09 <jfontana> ...why invent something new, if there is something else we can use.
19:28:30 <jfontana> agl: we have no intent to expand past authentication use cases
19:28:44 <jfontana> jbradley: should be hardware backed for web crypto.
19:28:54 <jfontana> ...??
19:29:52 <jfontana> agl: I don't think web authn will be the way we expose native apps
19:31:00 <jfontana> ...this issue is too ambitious. aa full-feature to talk to native apps is not web authn territory.
19:31:34 <jfontana> dwaite: could be privacy implications
19:32:01 <jfontana> jbradley: we need to understand the web cyrpto intent
19:32:43 <jfontana> jbradley: sounds like not huge move to expand web authn
19:33:21 <jfontana> ...if folks want web crypto, maybe that is worked on somewhere else
19:33:57 <jfontana> akshay: this is authtication.
19:34:33 <jfontana> ...UV is another issue, do people care about that.
19:36:32 <jfontana> wendy: this group has avoided some issues by the carefully scoped work.
19:37:35 <jeffh> see also: https://github.com/w3c/webauthn/issues/1595#issuecomment-816970977 for links to Hardware-backed Security Services Community Group, whose unfinished draft report takes a stab at a WebCrypto-linked Secure Credential Storage API.
19:38:00 <jfontana> DanV: focus on this group has been helpful. Just because we talk to hardware doesn't mean everyone should get access.
19:38:15 <jfontana> ...Web Authn is not a general anything.
19:38:33 <jfontana> agl: a statemen will be helpful
19:38:48 <jfontana> agl: not here, not , not ever
19:39:34 <jfontana> tony: you will write statement and close?
19:39:39 <jfontana> jeffH: yes
19:40:37 <jfontana> https://github.com/w3c/webauthn/issues/1603
19:40:55 <jfontana> elundberg: this is a duplicate, we should close
19:40:58 <jfontana> tony: yes.
19:41:30 <jfontana> https://github.com/w3c/webauthn/issues/1680
19:42:17 <jfontana> correction: https://github.com/w3c/webauthn/issues/1608
19:43:29 <jfontana> https://github.com/w3c/webauthn/issues/1601
19:43:50 <jfontana> jeffH: invites user to select UV modality
19:43:57 <jfontana> aakshay: close
19:44:14 <jfontana> tony: close
19:46:58 <jeffh> s/user/RP/
19:50:22 <jfontana> https://github.com/w3c/webauthn/issues/1580
19:50:33 <jfontana> agl: should close
19:51:04 <jfontana> jbradley: I will close
19:55:07 <jfontana> tony: adjourn
20:02:40 <wseltzer> rrsagent, draft minutes
20:02:40 <RRSAgent> I have made the request to generate https://www.w3.org/2021/05/05-webauthn-minutes.html wseltzer
23:25:13 <Zakim> Zakim has left #webauthn