Meeting minutes
thank you, Wendy
Charter: what is the target date for approval?
https://
tony: waiting for Mike to get on the call. Looks like he stated his concern in writing.
https://
jeff: I will put a flag on this, I said my peace
https://
elundberg: t his is a work in progresss
tony: shane, are your issues answered?
shane: I will check it again.
https://
tony: work in progress?
jeff: yes, in progress
https://
tony: work in progress
?
elundberg: yes, in progress
https://
elundberg: This would merge into PR #1621.
… wnat to do as part of #1621
jeff: yes, we should do this.
selfissue: I will look at it
jbradley: I will look
https://
agl: think we should wait to end, things will change
Addison: happy to discuss
tony: what do you want us to do?
addision: work out right guidance for language metadata
… some editorial problems
agl: no one is going to implement it
addision: lets work out best way to fix the metadata issue
agl: do PR for the old chain.
… there is one field and can only be one.
… we were trying to accommodate everything you specified.
addison: what is the best way to start
agl: we will adopt what you recommend
… I could trun something into a PR
addison: Ok
… I want to make sure we don't recommend something is a non-starter
agl: it is unlikely for chrome to implement this.
… we have not heard concerns
… I only speak for chrome
jbradley: some issues. RP has to know what serialization
addison: if we come up with proposed it looks like it needs to be a single field
jbradley: we cold have a metadata field
tony: Addision can you open a new PR? Do you want this in a first working draft
tony: we will deal with the five issues after that
<selfissued> I requested changes to the tokenBinding PR in https://
addsion: let us know if you have questions or issues.
… we will track
https://
akshay: we want to do this at scale.
… #1614 is very much separated into its own issue, because it talks about syncing keys
… this is more about how you do the recovery
… #1640 more about RPs
tony: we haven't had this issue like web payments have, but we have had lots of discussion with Anders
… leave this open
https://
agl: the answer is in #1637
… lets wait for comments then we can resolve
https://
tony: this is Anders
agl: #1637 may resolve this
… help resolve this
https://
agl: this is quite large, people need time to read
… goal is to use web authn to replace passwords
… we think backup in on phones. we layout design of how phones can be used an authenticators
… there are ecosystems. apple, android, windows, etc.
tony: this is across ecosystems
agl: you could send assertion across eco-systems
… see useful changes in web authn
… largest one is conditional UI
… we are updating it.
… adding auto complete
… we think this makes sense
… bits to fill in - want transport in assertion
… what we are saying we will tell websites to put cred IDs in exclude list.
… we will tell website valid state error
… re-authentication is best prractice.
… upgrade to web-authn is a suggestion; read
… akshay has a follow-up and people should read that.
MMiller: lot of these things are addressed, there are some mentions of specific options; are we getting in realm of magical options
… do these options work, that is a question
… report signaling, intent is they are immediate signals to help sync authnticators
agl: I think these options make sense, I don' t think they are magical
agl: whole issues assume discoverable credentials, think this is best for consumers
<jeffh> https://
akshay: has soem concerns, discoverable vs. non-discover; preventing intentional overwrites, but most of signals here we support
… we do have some differences of opinions
… and for some definitions
… by and large we looked at issues, and we noted some patterns we need to solve
… it is mostly about mass adoption.
tony: time frame, seems like big change
agl: we will work on getting everything discussed, some will be longer than others.
… want this to land this calendar year
elundberg: this seems like a reasonable ides, we have to look at it.
jbradley: we should talk about what durable means.
tony: when do we run out of re-charter time
wendy: Dec. 31
tony: what is target date?
… want end of august
akshay: we want to start sooner, sooner the better
tony: try to close on charter at the next meeting.
*minutes updated