W3C

– DRAFT –
Web Authentication WG

17 November 2021

Attendees

Present
davidturner, elundberg, jeffh, jfontana, jfontana_, johnbradley, jpascoe, matthewmiller, nadalin, nina, nsteele, ranjivaprasad, sbweeden, timcappalli, wseltzer
Regrets
-
Chair
Fontana, Nadalin
Scribe
jfontana_

Meeting minutes

<wseltzer> nadalin: 1663

<wseltzer> jeffh: I believe I've addressed elundberg's comments

<matthewmiller> https://github.com/w3c/webauthn/pull/1663

<wseltzer> nadalin: 1621

https://github.com/w3c/webauthn/pull/1621

https://github.com/w3c/webauthn/pull/1576

nina: still some comments to be added.

jeffH: other discussion in git-hub
… please review

jeffH: also in credential management PR 155

https://github.com/w3c/webauthn/pull/1425

tony: no resoluitioin

https://github.com/w3c/webauthn/pull/1680

tony: jeffH looked at this?

jeffH: agl is out, he will look when he comes back.

tony: a few untriaged issues

https://github.com/w3c/webauthn/pull/1683

mattM: people wondering how to work with these
… we need the libraries
… native API functionality perhaps

NSteele: others asking about this

mattM: could we tackle this as either bytes or strings
… would it be a ctap thing?

jbradley: don't think we want to touch this with CTAP

mattM: not proposing we touch CTAP

JeffH: higher priority things to do, we would have to see what people come up with

nina: might be better things to work on, because there are JS libraries . But we want a good experience for developers.

tony: leave this one in the un-triaged spot

?
… I will put this in futures.

nsteele: agree we should bet this slated for level 3. better to have it sooner
… put it in milestone objective
… we can start a discussion in the community group.

tony: someone will have to support this before we close out level 3

jeffH: if there is a solid proposal, we can look at it.

https://github.com/w3c/webauthn/issues/1681

jeffH: do we know where caBLE stands now
… work in progress
… further work in FIDO Alliance

tony: may impact FIDO but maybe not webauthn
… triage or futures
… will leave it here for now.

https://github.com/w3c/webauthn/issues/1667

<nsteele> The community group will discuss writing a proposal for https://github.com/w3c/webauthn/pull/1683 at the next meeting

jeffh: forked into a separate issue?

jbradley: desire for cross origin get assertion without iFrame in non-payment context?

jeffH: presently , can do it, so it should be good enough for this point in time

jbradley: this may only be in payments context re: SPC

shane: if can do in iFrame, it might be good enough

jbradely: we need some decision around this.

tony: any other issues to talk about?

nsteele: on #1683, community group will work on it and get back to you

Minutes manually created (not a transcript), formatted by scribe.perl version 159 (Fri Nov 5 17:37:14 2021 UTC).

Diagnostics

Succeeded: s/work on/work on, because there are JS libraries/

No scribenick or scribe found. Guessed: jfontana_

Maybe present: jbradely, jbradley, mattM, shane, tony