RE: Refactoring spec into web API and authenticator model from Vijay Bharadwaj on 2016-04-20 (public-webauthn@w3.org from April 2016)

From: Vijay Bharadwaj <vijaybh@microsoft.com>
Date: Wed, 20 Apr 2016 04:16:49 +0000
To: "Hodges, Jeff" <jeff.hodges@paypal.com>
CC: "public-webauthn@w3.org" <public-webauthn@w3.org>
Message-ID: <fa9fd1337fa34c5da2cf718b4dd94c28@microsoft.com>

Yes, in general the intent is to segment the parts that are relevant to the different audiences into different sections. I was trying to keep the new text and references to a minimum but there were some places where it just read funny without the changes (either felt stilted in the new structure, or was stylistically inconsistent between adjacent paragraphs). But broadly speaking, the technical content should not have changed, only the explanatory text and styling. Even the IDL is exactly the same as before though bits have moved around a bit.

Thanks for the initial review, and let me know if you have any more comments on a subsequent reading.

From: Hodges, Jeff [mailto:jeff.hodges@paypal.com]
Sent: Tuesday, April 19, 2016 6:56 PM
To: Vijay Bharadwaj <vijaybh@microsoft.com>
Cc: public-webauthn@w3.org
Subject: Re: Refactoring spec into web API and authenticator model

On 4/18/16, 11:21 PM, "Vijay Bharadwaj" <vijaybh@microsoft.com<mailto:vijaybh@microsoft.com>> wrote:
I just sent out a PR that lays out the approach I alluded to on the previous call. For convenient review, I'm attaching a bikeshed-processed html version to this email. Please take a look and let me know if you have comments or feedback, either by replying to this email or (even better) by commenting on the PR in Github.

Ok, I've skimed through it some, but not in fine detail as yet because there's much spec there, plus you've done some non-trivial surgery including new glue text as well as altering cross-reference types in places  (eg cross-referencing into text rather than into idl).  I'm nominally fine with what I've been able to skim through this evening, tho will need to go through it in more detail.

At a high level, it seems that the intent of section 3 "web authn api" is that it now constitutes the majority of the info that client- and server-side webapp developers ostensibly would need to pay attention to, yes?    and obviously section 4 "WebAuthn Authenticator Model"  is for authnr developers.  this seems overall reasonable to me.

thx, hth,

=JeffH

Received on Wednesday, 20 April 2016 04:17:27 UTC