Meeting minutes
discussion of Akshay's concerns wrt the Secure Payment Confirmation SPC discussion, see this comment onwards: https://
Akshay and interested parties will join the WPWG's SPC-webauthn taskforce call in the future inorder to sort this out with SPC folks
Also in attendance, Wendy S., Adam L, Tim C., E. Lundberg, J. Bradley, Akshay K.
Emil: notes that there is sort of a potential de-anonymization attack with the proposed 3d party credentials
… will note these details in a comment on webauthn issue #1667
jbradley: how many "cred types" do we want to allow for at the CTAP layer ?
akshay: use a DWORD of bit flags
agl: "put it in large blob" ie an unecrypted portion of largeBlob. there's considerations with credprotect... ans: dont make payment credentials cred protect level 3
nick steele: he and Matt Miller are putting together material on developer considertations and will submit as an issue before the next meeting 12-Jan-2022
<wseltzer> [Next meeting Jan. 12]