19:03:18 RRSAgent has joined #webauthn 19:03:22 logging to https://www.w3.org/2023/08/09-webauthn-irc 19:04:43 Meeting: WebAuthn Bi-Weekly 19:04:53 Chair: Tony Nadalin 19:04:58 Scribe: Nick Steele 19:05:12 TOPIC: Adding meeting times 19:05:39 Discussion around adding 30 minutes to the existing Bi-Weekly meeting, or meeting on a weekly basis 19:06:30 Mike Jones: If we move to weekly, it will conflict with the Verifiable Credential Working Group, which is purposefully staggered to not conflict with WAWG 19:09:30 present+ MikeJones,JohnBradley,AbigailF,ShaneWeeden,DavidWaite,MattMiller,AdamLangley,AndersAberg,IanJacobs,JohnPascoe,EmilLundberg,KosukeKoiwai,TonyEngland,AckshayKumar,PhilippeLeHegaret 19:09:52 present+ TimCappalli 19:10:43 Discussion to move to weekly with different times 19:10:50 this seems to work for most 19:10:55 no objections 19:11:31 ACTION: Tony and Philippe to update calendar to account for weekly meetings with an hour (earlier) offset every 1 week 19:11:45 TOPIC: TPAC Joint Meeting Agenda 19:12:23 Ian Jacobs: The WG is meeting on Monday and Tuesday, when we last met in May, we discussed the following: https://lists.w3.org/Archives/Public/public-payments-wg/2023May/0008.html 19:13:29 Discussion of updates on the topics covered in May 19:14:02 John Grossar from Visa to discuss SPC and WebAuthn at TPAC possibly 19:14:42 IanJacobs: Wanted to discuss PSD3 (on Thurs) but the vibe we got is that EU is not immediately interested in discussion right now 19:15:04 Ian: Push payments fraud has been a topic of interest in the SPCWG lately 19:16:02 Ian: another topic is FedCM. I've reached out to chairs, because in some flows there's concerns around returning user recognition when cookies aren't present and in iFrames 19:16:58 Ian: raising awareness in SPCWG about FedCM concerns, they're willing to show a demo at TPAC, everyone can attend at TPAC but maybe that's too many people 19:19:36 Ian: Bit of a brain dump on what agenda could be for Monday and Tuesday meetings 19:20:04 Tony: could be good to include CG in these meetings 19:20:46 Nick Steele and Matt Miller on call, can use CG timeslots on Monday and Tuesday to discuss some of this agenda 19:22:35 Tuesday Afternoon seems like best time for joint meeting between cg/wg groups 19:22:52 ACTION: Ian to find adequate meeting space 19:23:09 farewell, Ian Jacobs 19:23:11 TOPIC: Standard Agenda 19:23:21 https://github.com/w3c/webauthn/pull/1938 19:25:37 Tim: there isn't anything novel in terms of arguments and generally negative sentiment (via emoji) for this PR 19:27:12 Discussion from Matt Miller on how this differs from existing infernece methods and the definition of passkey. 19:27:39 Matt: It makes sense to have this match the Discoverable Key definition 19:28:14 Kosuke Koiwai posts a link to FIDO internal dovument 19:28:46 Koiwai: This document outlines passkey definition, which is different 19:29:20 TimC: This is a technical document, and the messaging in this document, which is a marketing document, varies from what we want to technically define 19:29:51 JohnBradley: there are some differences between the marketing and technical definitions 19:30:37 AGL and John: Discvoverable is mentioned in document, and for technical intent and purpose is synonymous with discoverable 19:31:27 MattM: Spec should become the source of truth for this, and currently developers will rely on technical docs like MDN 19:32:07 KosukeKoiwai: Google dev documents use the term passkey but then in the API, the use of passkey is not present 19:32:13 AGL: Which API? 19:32:21 Kowwai: Android API 19:32:40 API: We use the term passkey a lot, but we follow the API laid out by WebAuthn 19:33:32 Koiwai: I don't think defining passkey in W3C is good but am not interested in pushing on this 19:34:27 Currently the term passkey does not correspond to an existing reference, but the necessity should appear when another ongoing PR lands 19:37:57 Shane: rhetorically, why should we keep the term? 19:38:49 Steele: The W3C spec should be a source of truth for this term, and providing words that _allude_ to the use of the term passkey is more complex than not using the term passkey 19:40:21 matthewmiller has joined #webauthn 19:40:21 ACTION: Steele to close #1939 19:41:04 Discussion around objections to remove the term passkey and how decisions are made on the standard (decisions are made on the call) 19:41:09 Tim will merge #1936 into #1923 19:41:24 ACTION: Tim will merge #1936 into #1923 19:43:49 ACTION: Matt to point https://github.com/w3c/webauthn/pull/1936 to 1923 19:44:34 https://github.com/w3c/webauthn/pull/1907 19:44:47 Matt: this is ready to merge and approved 19:44:51 selfissued has joined #webauthn 19:44:53 Tony: any issues? 19:44:56 present+ 19:45:31 https://github.com/w3c/webauthn/pull/1932 19:45:53 Tony: shane's issues resolved? 19:46:02 Shane: yes, I resolved 19:46:12 MattM: looking for formal approval here 19:46:29 AGL: I believe you have user.name and user.DisplayName spun around here 19:46:42 I have made the request to generate https://www.w3.org/2023/08/09-webauthn-minutes.html plh 19:47:58 Matt: The usecase I had in my mind was different. In android's case, they use user.DisplayName and it's ambiguous 19:48:36 Discussion around wording in the PR around which name is more ambiguous 19:48:52 absolutely riveting stuff 19:50:55 present+ EmilLundberg, TonyNadalin, DavidWaiter, MikeFist, NickSteele, IanJacobs (web payments), MatthewMiller 19:51:55 Discussion around how some RPs provide user.name's to their accounts and how they should distinguish credentials 19:53:06 MattMiller: is there an example for Display name that can signify what you should put in the case of multi-tenancy/accounts 19:54:11 AGL: perhaps we should've gotten rid of it, Apple has, we have not 19:54:33 TimC: This is something that may be helpful discussion in FIDO UXWG 19:59:08 ACTION: Matt Miller to revisit #1932 20:00:14 TOPIC: Conclusions 20:00:30 Emil: Does someone want to review 1911 real quick 20:00:34 Matt and Tim approved 20:00:51 Tony: We'll meet next wednesday at 11am PT / 2pm ET 20:01:04 Tim: need IDL assistance with #1923 20:01:48 meeting conclusion 20:02:04 Zakim, list participants 20:02:04 As of this point the attendees have been MikeJones, JohnBradley, AbigailF, ShaneWeeden, DavidWaite, MattMiller, AdamLangley, AndersAberg, IanJacobs, JohnPascoe, EmilLundberg, 20:02:07 ... KosukeKoiwai, TonyEngland, AckshayKumar, PhilippeLeHegaret, TimCappalli, selfissued, TonyNadalin, DavidWaiter, MikeFist, NickSteele, (web, payments), MatthewMiller 20:02:11 RRSAgent, make logs public 20:02:20 RRSAgent, generate minutes 20:02:22 I have made the request to generate https://www.w3.org/2023/08/09-webauthn-minutes.html steele 20:02:32 Zakim, bye 20:02:32 leaving. As of this point the attendees have been MikeJones, JohnBradley, AbigailF, ShaneWeeden, DavidWaite, MattMiller, AdamLangley, AndersAberg, IanJacobs, JohnPascoe, 20:02:32 Zakim has left #webauthn 20:02:38 RRSAgent, bye 20:02:38 I see 6 open action items saved in https://www.w3.org/2023/08/09-webauthn-actions.rdf : 20:02:38 ACTION: Tony and Philippe to update calendar to account for weekly meetings with an hour (earlier) offset every 1 week [1] 20:02:38 recorded in https://www.w3.org/2023/08/09-webauthn-irc#T19-11-31 20:02:38 ACTION: Ian to find adequate meeting space [2] 20:02:38 recorded in https://www.w3.org/2023/08/09-webauthn-irc#T19-22-52 20:02:38 ACTION: Steele to close #1939 [3] 20:02:38 recorded in https://www.w3.org/2023/08/09-webauthn-irc#T19-40-21-1 20:02:38 ACTION: Tim will merge #1936 into #1923 [4] 20:02:38 recorded in https://www.w3.org/2023/08/09-webauthn-irc#T19-41-24 20:02:38 ACTION: Matt to point https://github.com/w3c/webauthn/pull/1936 to 1923 [5] 20:02:38 recorded in https://www.w3.org/2023/08/09-webauthn-irc#T19-43-49 20:02:38 ACTION: Matt Miller to revisit #1932 [6] 20:02:38 recorded in https://www.w3.org/2023/08/09-webauthn-irc#T19-59-08