Tony: we want to take a poll,
survey to start to proceed to CR.
... are we OK to start the preliminary work
... saying we will resolve what we have left.
... any objetion to this movement
<wseltzer> PROPOSED: Move to CR
tony: we have consensus to move to CR?
<wseltzer> [no objections]
RESOLUTION: Move to CR
jeffH: I don't think we are hearing aany objection
jbradley for FIDO spwg 1.4 was shipped off
scribe: asked them to do a mail
ballot
... privacy stuff is going to the next Board meeting.
DTurner: it is going to a mail
vote.
... there is security and privacy votes for the FIDO Board
tony: had joint meeting with
SWPSIG.
... next week our TPAC meeting is scheduled
... Oct 14
... here were questions about our implementation status
... need to rely on Chrome and Edge to see where we stand for
implementation.
agl: we are in pretty good shape. we have public 🔑 and all of that.
tony: if we can get that passed
as a separate browser
... Akshay what is yor status on Chrominum
... very close
... from web authn prespective looks like all the pieces are
there.
... what do we think target date is for implementation
... november
agkl: we can argue we have two browser implementataions
jbradley: which of the extensions may need more implementations for issues like large blob
agl: all the web parts are there and should go through
jbradley: if windows DLL does not block it then we are fine.
agl: large getting fleshed out, uvm went though last time.
shane: what ab out cred prop
agl: should go through
jbradely: only implemetation is chrome on android
agl: yes. for UVM
tony: Akshay is canary is available.
aksahy: yes.
tonhy: is Edge build available
akshay: yes.
agl: it will be a few weeks.
tony: D.Turner, likely have to update the web platform tests.
agl: they should be maintained,mostly chrome folks
nina: that is pretty much up to date.
tny: akshay have you run tests against Edge
nina: they ran against Edge, you can see them online
<nina> https://wpt.fyi/results/webauthn?label=master&label=experimental&aligned&q=webauthn
tony: any other questions on trying to move to CR
jc_moz: can we really count edge
and chrome as to seperate? I don't think is good
precedence
... the goal is interop
tony: they are two separate browsers that share some code.
jc_moz: there is going to be some push back.
agl: they are two separate browsers
jc_moz it was two separate engines.
tony: I don't see where it says that.
jbradley: ... wehn are we likely to see firefox with levele 2 support
jc_moz: I don't have a date
yet.
... I am owkring on it.
... working
shane: what about safari? tech preview
JTan: muy answer much like JC's. we don't have a date for it.
tony: so brings us back to considers as separate
jbradley: or have one of the others completed.
agl: we are not the only working group to work about this.
tony: there has to be some precedence, like shared libraries.
shane: questions on associated
doc. in web authn we refer to IANA registry
... at the moment it does not contain apple, but does not have
nun format.
jeffH; we get that registered by have specification
jeffH; if we s=missed this need to get with iana
scribe: apple format , the new final for attestation format. when we get there we ask IANA to register the new format
tony: we solved some things at
final last time. there is precedence.
... lets go to PRs
https://github.com/w3c/webauthn/pull/1474
alanwaketan: what is the order of landing attestation first and the #1474 again or vice versa
agl: weren't we looking at new type.
jeffH: need to get new pull
request ready
... then land them
alanwaketan: thanks
tony: so we still have to update #1474
jeffH: short answer, yes.
https://github.com/w3c/webauthn/pull/1488
jbradley: mike is on vacation
tony: unless objections, lets
merge.
... OK, no objections
jeffH: merged
tony: so only one PR left.
JTan: apple attestation. it looks good.
jbradley: comments longer than PR
nickS: PR looks fine.
... I would approve after discussion
... I am waiting for this PR before pushing to Web Auth I.O
agl: reading this PR through. does cred cert do the signing?\
jTan: you mean intermediate CA?
agl: does the cred cert accept nonce
jeffh: sing with credential
private key
... sign with...
... discussion on signing
... may need to add more explination on the PR
nicks: described what the action is trying to accomplish.
shane: I have implemented this
also
... another comment in PR. goes along lines of steps for
attestation, but if you look at section 7.1
... step 20 is processed and looks for trust anchor. the ask in
comment and I tend to agree
... should end with returnin statrement format. and then let
step 20 do chain validation.
... all the other attestation that use X5C do that
jTan: I need to read that comment
Shane: why do we have attestation types.
agl: does it have to do with outcome
<jeffh> https://w3c.github.io/webauthn/#sctn-attestation-types
<jeffh> https://w3c.github.io/webauthn/#attestation-type
discussion on attestation...
shane: don't think there is much value is splitting these attestations
jeffh: one of the PRs is to change the name
shane: to what end
jbradley
shane: as we look at the way this
PR should be updated for consistency attestation trust path of
X5C and attestation statement type of anonimization CA
... so I kind of agree with
... Bart's comment
tony: that takes us through
PRs.
... on to issues. ...https:
//github.com/w3c/webauthn/issues/1489
jeffh: low priority
tony: is this something you will do
jeffH: just noting it
... I don't think it would be something to clean-up.
tony: leave unassigned.
... any issues to discuss now that we have Apple
attestation.
... that takes us through technical issues.
... just waiting on editorial issues
jeffH: will solve....or not
jc_moz: I don't think we have two independent implelmentations.
tony: that is one opinion.
... are you objecting?
jc_moz: don't think we need two to go to CR, but is for Recommendation
tony: so we will start discussions
jc_moz: works for me so far.
tony: adjourn.
This is scribe.perl Revision of Date Check for newer version at http://dev.w3.org/cvsweb/~checkout~/2002/scribe/ Guessing input format: Irssi_ISO8601_Log_Text_Format (score 1.00) Present: jeffh jcj_moz jbarclay nina No ScribeNick specified. Guessing ScribeNick: jfontana Inferring Scribes: jfontana WARNING: No "Topic:" lines found. Agenda: https://lists.w3.org/Archives/Public/public-webauthn/2020Oct/0007.html WARNING: No meeting chair found! You should specify the meeting chair like this: <dbooth> Chair: dbooth WARNING: No date found! Assuming today. (Hint: Specify the W3C IRC log URL, and the date will be determined from that.) Or specify the date like this: <dbooth> Date: 12 Sep 2002 People with action items: WARNING: No "Topic: ..." lines found! Resulting HTML may have an empty (invalid) <ol>...</ol>. Explanation: "Topic: ..." lines are used to indicate the start of new discussion topics or agenda items, such as: <dbooth> Topic: Review of Amy's report WARNING: IRC log location not specified! (You can ignore this warning if you do not want the generated minutes to contain a link to the original IRC log.)[End of scribe.perl diagnostic output]