RE: 3/23/2016 W3C Web Authentication Agenda from Anthony Nadalin on 2016-03-23 (public-webauthn@w3.org from March 2016)

From: Anthony Nadalin <tonynad@microsoft.com>
Date: Wed, 23 Mar 2016 16:37:04 +0000
To: Adam Powers <adam@fidoalliance.org>, "J.C. Jones" <jjones@mozilla.com>, W3C Web Authn WG <public-webauthn@w3.org>
Message-ID: <BN3PR0301MB123493CEA1C5080CDE7F0F6FA6810@BN3PR0301MB1234.namprd03.prod.outlook.>

In the attestations from the authenticators for starters, for the most part I can’t imagine many RPs giving up general business because they did not use a specific authenticator, I see this as the more discrete case

From: Adam Powers [mailto:adam@fidoalliance.org]
Sent: Wednesday, March 23, 2016 9:34 AM
To: J.C. Jones <jjones@mozilla.com>; W3C Web Authn WG <public-webauthn@w3.org>; Anthony Nadalin <tonynad@microsoft.com>
Subject: RE: 3/23/2016 W3C Web Authentication Agenda

The metadata is fairly important to relying parties for making decisions about which authenticators to trust. Is there an alternative for how they would get that information?

On March 23, 2016 at 9:13:42 AM, Anthony Nadalin (tonynad@microsoft.com<mailto:tonynad@microsoft.com>) wrote:
We should really drop any references to the FIDO metadata service , it’s not required and it is a FIDO run service

From: J.C. Jones [mailto:jjones@mozilla.com]
Sent: Tuesday, March 22, 2016 5:57 PM
To: W3C Web Authn WG <public-webauthn@w3.org<mailto:public-webauthn@w3.org>>
Subject: Re: 3/23/2016 W3C Web Authentication Agenda

All,
As promised, a PR for the more-generic naming is posted. It has some whitespace changes in it as well, so I recommend reviewing using this URL that sets w=1:

https://github.com/w3c/webauthn/pull/48/files?w=1

Generally, the following substitutions were made:

  *   Extensions were renamed from "fido." to "webauth."
  *   CredentialType "FIDO" was renamed to "ScopedUserCredential"
  *   "FIDO Authenticators" are now "WebAuth Authenticators"
  *   "FIDO Credential" and similar are now "Scoped Credential"
  *   "FIDO method" and similar are now "WebAuth method"
  *   "FIDO Relying Party" and similar are now just "Relying Party"
  *   The WebIDL DOM interface is now type "WebAuthentication" and named "webauth"

I did not attempt to change the OIDs, references to the ECDAA specification, or the FIDO Metadata Service (see Issue #47<https://github.com/w3c/webauthn/issues/47>).
Cheers,
J.C.

On Tue, Mar 22, 2016 at 3:05 PM, Alexei Czeskis <aczeskis@google.com<mailto:aczeskis@google.com>> wrote:
I think I promised to start doing the things that were marked as "do it" after the merge.  I'll try to get to some of those tonight.

Thanks!
-Alexei

________________

 . Alexei Czeskis .:. Securineer .:. 317.698.4740<tel:317.698.4740> .

On Tue, Mar 22, 2016 at 2:58 PM, Dirk Balfanz <balfanz@google.com<mailto:balfanz@google.com>> wrote:
Hi there,

I'm afraid I will have to miss certainly the beginning, if not all, of the call tomorrow.

As for the document merge, Jeff pulled the merged doc into master (source is index.src.html, output is index.html). Next step is to delete the three subdirectories webauthn-* (since they contain the old, unmerged sources) in master.

Dirk.

On Tue, Mar 22, 2016 at 9:50 AM Anthony Nadalin <tonynad@microsoft.com<mailto:tonynad@microsoft.com>> wrote:
1. Roll Call
2. Agenda bashing
3. Document merge, status/update
4. Naming issues, update from JC
5. Walk the open issues list
7. A.O.B
8. Adjourn

Please let Richard or I know if there are any other items you would like to see on the agenda.

Received on Wednesday, 23 March 2016 16:37:34 UTC