IRC log of webauthn on 2017-09-13
Timestamps are in UTC.
- 16:48:03 [RRSAgent]
- RRSAgent has joined #webauthn
- 16:48:03 [RRSAgent]
- logging to http://www.w3.org/2017/09/13-webauthn-irc
- 16:48:05 [trackbot]
- RRSAgent, make logs public
- 16:48:05 [Zakim]
- Zakim has joined #webauthn
- 16:48:07 [trackbot]
- Meeting: Web Authentication Working Group Teleconference
- 16:48:07 [trackbot]
- Date: 13 September 2017
- 16:49:29 [weiler]
- agenda: https://lists.w3.org/Archives/Public/public-webauthn/2017Sep/0211.html
- 16:49:44 [weiler]
- weiler has changed the topic to: agenda: https://lists.w3.org/Archives/Public/public-webauthn/2017Sep/0211.html
- 16:50:00 [weiler]
- present+ weiler
- 17:02:25 [Rolf]
- Rolf has joined #webauthn
- 17:04:34 [WD07]
- WD07 has joined #webauthn
- 17:05:15 [jfontana]
- jfontana has joined #webauthn
- 17:06:10 [kpaulh]
- kpaulh has joined #webauthn
- 17:09:22 [jfontana]
- I will contribute
- 17:09:37 [weiler]
- scribenick: jfontana
- 17:09:59 [jfontana]
- No issues on 498
- 17:10:11 [jfontana]
- Topic: 593
- 17:11:20 [wseltzer]
- present+
- 17:11:58 [jfontana]
- topic: 544
- 17:12:05 [ketan]
- ketan has joined #webauthn
- 17:12:15 [jfontana]
- https://github.com/w3c/webauthn/pull/544
- 17:12:18 [weiler]
- present+ AkshayKumar, Alexei, kpaulh, battre, jfontana, ketan, Rolf, nadalin, ChristiaanBrand
- 17:12:41 [jfontana]
- topic: 545. Angelo thinks it is ready to go. JC has a question posted.
- 17:12:54 [jfontana]
- https://github.com/w3c/webauthn/pull/545
- 17:13:17 [jfontana]
- JCJ_moz is not present
- 17:14:10 [weiler]
- regrets: jcj_moz
- 17:14:20 [jfontana]
- Angelo: it's ready. But let's wait til jeffH can look at it and merge it
- 17:14:38 [jfontana]
- topic 546 https://github.com/w3c/webauthn/pull/546
- 17:14:46 [weiler]
- rrsagent, draft minutes
- 17:14:46 [RRSAgent]
- I have made the request to generate http://www.w3.org/2017/09/13-webauthn-minutes.html weiler
- 17:15:01 [weiler]
- rrsagent, make log public
- 17:15:26 [jfontana]
- Christiaan: suggests to merge this PR. No disagreement
- 17:15:40 [jfontana]
- Angelo: it does not break anything
- 17:16:17 [dmitriz]
- dmitriz has joined #webauthn
- 17:17:18 [jfontana]
- Alexei: there are some typos. I will fix and merge in.
- 17:17:45 [jfontana]
- topic: https://github.com/w3c/webauthn/pull/553
- 17:17:58 [jfontana]
- tony. this is not a big issue right?
- 17:18:19 [jfontana]
- Alexei: it is not a big issue if everyone agrees to merge this in.
- 17:18:26 [jfontana]
- Alexei; merging
- 17:18:50 [jfontana]
- topic: https://github.com/w3c/webauthn/pull/555
- 17:19:10 [jfontana]
- dirk, we are not sending this over the wire
- 17:19:41 [jfontana]
- alexei: updated and merged.
- 17:19:58 [jfontana]
- topic: https://github.com/w3c/webauthn/pull/558
- 17:22:58 [jfontana]
- direK: think the concern if someone put PII in the field
- 17:24:56 [jfontana]
- dirk: wa yI see this, we have to clean up some of things that fell through the cracks and one thing is that we are forgetting to pass ID back to RP
- 17:25:07 [weiler]
- present+ dmitriz
- 17:26:44 [jfontana]
- dirk: PII has many definitions
- 17:26:51 [wseltzer]
- q+
- 17:27:51 [weiler]
- ack ws
- 17:28:03 [jfontana]
- dirk: we could in the spec say when you pass in this value make sure it is not one of those things that can be user identified.
- 17:28:27 [jfontana]
- wseltzer: offering a legal point of view
- 17:28:48 [jfontana]
- wseltzer: question will you be sharing PII with someone you were not expecting
- 17:29:10 [jfontana]
- christiaan: only one who will see info. is RP. the wire is not in scope here
- 17:29:36 [jyasskin]
- q+
- 17:30:08 [jfontana]
- akshay: is the solution that we can put anything in here?
- 17:31:43 [weiler]
- present+ jyasskin
- 17:31:49 [weiler]
- ack jy
- 17:32:18 [jfontana]
- JYasskin: we need to alert RP to this issue and let them choose accordingly.
- 17:32:50 [jfontana]
- rolf: how is this solved in u2f today
- 17:33:00 [jfontana]
- christiaan: u2f does not have this issue
- 17:34:12 [jfontana]
- Jyasskin: if userID is PII, then credential name is PII. RP can treat it that way.
- 17:34:39 [jfontana]
- wseltzer: some RPs would rather not see PII
- 17:35:15 [jfontana]
- tony: put note in there to say privacy consideration section should be updated. with note about sharing PII with some you were not expecting to share it with
- 17:37:08 [jfontana]
- tony: we still are pending the FIDO thing to finish before we merge this one. lets hold off and get the FIDO issue resolved
- 17:37:15 [jfontana]
- Christiaan: that sounds perfect.
- 17:37:25 [jfontana]
- some open issues hanging around
- 17:38:23 [jfontana]
- tony: tryign to triage some issues. i'm moving editorial, non-normative to public recommendation
- 17:39:16 [jfontana]
- tony: trying to get us to CR and not worrying so much about editorial, non-normative
- 17:39:22 [jfontana]
- tony: want to make you aware
- 17:40:08 [jfontana]
- topic: https://github.com/w3c/webauthn/issues/507
- 17:40:16 [jfontana]
- topic: https://github.com/w3c/webauthn/issues/506
- 17:40:28 [jfontana]
- these are both about u2f attestation
- 17:40:41 [jfontana]
- Rolf: they are good to go in my opinon
- 17:41:51 [jfontana]
- topic: https://github.com/w3c/webauthn/issues/506
- 17:42:09 [jfontana]
- tony: these are the cancel and about issues. #383 is part of that
- 17:42:41 [jfontana]
- about should be "abort"
- 17:44:15 [jfontana]
- topic: 125 addressed by 507 and 579
- 17:44:25 [jfontana]
- Rolf: ready to be merged
- 17:46:22 [jfontana]
- topic: 548. mjones is looking at this one.
- 17:46:54 [jfontana]
- tony: Dirk opened up 544. asked mjones to look at this one
- 17:47:38 [jfontana]
- topic: 557. can dirk explain
- 17:47:42 [jfontana]
- dirk dropped off
- 17:48:01 [jfontana]
- current topic is https://github.com/w3c/webauthn/issues/557
- 17:49:39 [jfontana]
- Alexei: dirk's comment shouldn't public key be at top of attestation. that is what the first statement on 557 is.
- 17:51:13 [jfontana]
- alexei will clear up incorrect language to clarify. Will verify with Dirk.
- 17:51:24 [jfontana]
- tony: so no issue with this if we clear up the language?
- 17:51:36 [jfontana]
- tony: can someone create a PR for this one.
- 17:51:41 [jfontana]
- alexei: yes.
- 17:52:15 [jfontana]
- akshay: authenticators don't need to change.
- 17:52:21 [jfontana]
- alexei: correct
- 17:53:26 [weiler]
- present+ angelo
- 17:53:54 [weiler]
- rrsagent, draft minutes
- 17:53:54 [RRSAgent]
- I have made the request to generate http://www.w3.org/2017/09/13-webauthn-minutes.html weiler
- 17:57:37 [weiler]
- chair: nadalin
- 18:01:12 [jfontana]
- tony: no call the week of Sept. 25
- 18:01:19 [jfontana]
- adjourn
- 18:01:30 [weiler]
- tony: remember to have AC reps vote on the re-charter. John will chair next week, 20 Sept. No call 27 Sept.
- 18:01:34 [weiler]
- rrsagent, draft minutes
- 18:01:34 [RRSAgent]
- I have made the request to generate http://www.w3.org/2017/09/13-webauthn-minutes.html weiler