- From: Dominique Hazael-Massieux <dom@w3.org>
- Date: Tue, 2 Jun 2020 09:17:09 +0200
- To: public-webauthn-adoption@w3.org
Hi, Here are my rough notes from our call yesterday; next call on June 15. Dom --------- ACTIONS: * Dom to create github org to host wireframe project in single repo * Nick to evaluate transfer of webauthn.guide to FIDO * Andrew to evaluate hosting of webauthn.guide in FIDO and other deliverables from the group * Bart to start discussion on how to frame the wireframe project (e.g. single unified UX or not) with pros/cons * Luke to give information on webauthn.dev future Present: Dom, Alex Seigler, Nick, Matthew Miller, Cindy, John Fontana, Andrew Shikiar, David Turner, Luke Walker, Bart Intro: Alex: Identity & Security in EA Matthew: independent contributor Wireframe project: Matthew: coming from dev experience; biggest pain point is casting different type of data (arraybuffer, strings, etc) - it would help if the wireframe project took a position; ArrayBuffers don't transmit as JSON very well. casting should not be something that developers need to think about - standardize on a single approach across frameworks/languages. Nick: super useful input - I can feel that painpoint. agree an "npm install"able library would be useful Matthew: I've published a couple of libraries last week - one for front-end, one for back-end (node) - they're tightly coupled; comes with a one-file express server. FE exposes a single method that takes care of the conversions that are needed Dom: raised set of logistical questions on how to set up the project https://lists.w3.org/Archives/Public/public-webauthn-adoption/2020May/0017.html Nick: single repo helps with ensuring conformance Matthew: agree single repo is better; as todomvc did helped give legitimacy, brand of best practices use PR to help community contributions Nick: the todomvc approach seems OK to me Luke: +1 Matthew: I tried running the conformance tool of the fido alliance - it's an electron app; we can use as inspiration (or possibly re-use) for our CI Andrew: in FIDO, we're looking at empowering web developer with better testing Matthew: it would be good to have a clearer way to report issues on it David: so far, had been set up for formal certification process; we will be revisiting for obvious reasons Dom: single repo then - could be hosted in @w3c Andrew: will need a bit more time to give an answer wrt @fidoalliance FIDO would also be happy to host the Web site Nick: standalone org sounds good to me Matthew: separate org branded for community sounds interesting; W3C & FIDO feels very "enterprisy"; having something less formal might make it less scary / more approachable Nick: compelling argument Dom: what name? easy would be webauthn-adoption, but not very inspiring for our audience Matthew: something like "webauthn developer network"? there may also be a consumer education aspect David: beyond the github org, I think we need a top-level landing page that guide both developers and end-users to the right resources - à la todomvc.com Matthew: +1 Andrew: we need to think carefully about audiences; my impression is that this initiative is focusing on dev community; my sense is that consumers aren't the audience of what we're talking; best practices to deploying organization, yes there is fragmentation - lots of activity in the market around deployment, but it needs coordination we also need to look at it long-term - we need to make sure we have a good understanding of sustainability Matthew: Duo has a great resource that was very useful to me - webauthn.guide Nick: My colleague Suby and I did webauthn.guide and webauthn.io Andrew: but then again, we need to look at the long term Nick: indeed, e.g. webauthn.guide needs to be transfered; could look into transferring it e.g. to FIDO Andrew: will look into possibility on FIDO side Dom: will create separate org + repo and invite members to the org Matthew: will provide node version Bart: how do we approach this? single unified UX, or more freedom per language/framework Dom: can someone lists pros/cons Bart: will do Matthew: webauthn.dev is owned by Yubico Luke: I'll check what the plans for the domain are Nick: Re UX, @@@.info that supports OTP and WebAuthN
Received on Tuesday, 2 June 2020 07:17:12 UTC