[minutes] 2020-08-24

While looking into the agenda for our next planned meeting, I realized I
forgot to send the minutes from our call on the 24th - here they come.

Our next meeting is planned this Monday (Sep 7th), which is a US
holiday; given the majority of participants are based in the US, I
wonder if we should push it to the 14th instead - please let me know
(sorry I didn't notice this during our discussion on the 24th).

Dom

---

Nick: wrapping up design doc
 starting to set up web site
 looking at Netlify for deployment on the domain name via FIDO
 trying to wrap up this week

 design doc is trying to look at how to set up the repo
 one branch for site, one branch for software

Dom: should it be separate repos rather than branches?

MM: sounds like docs vs examples; maybe not so much overlap
  keeping repos separate can help with CI build times too

Nick: makes sense

---

CI/Test suite

Matthew: CI inspired by FIDO conformance test suite
 [demo of running the PoC CI test]
 modular by design, with as many tests as we want
 could have FIDO + WebAuthn-specific RPs

Yuri: if you're developing your own tests, no need for special
agreements from FIDO

Matthew: if our tests resemble many of the FIDO tests, is that a problem?

Yuri: no

Matthew: if we had a WebAuthn conformance tool, would we want to mean
something?

Yuri: WebAuthn WG has a conformance test for browsers
 the servers are not WebAuthn servers, they are FIDO2 servers

Tony: current WebAuthn WG test suite is focused on browers, but that
could change

Tony: this could be used as a conformance tool for server-side libraries?

Matthew: absolutely - goal would be put this out as a Docker file that
can help automatically run your server against

Alex: right; e.G. in github action CI

Tony: would this include crypto libraries?

Dom: let's have this released as a github repo then :)

Nick: I can help with Docker stuff if needed

Received on Friday, 4 September 2020 06:44:19 UTC