- From: Samuel Weiler <weiler@w3.org>
- Date: Mon, 24 Jul 2017 10:57:27 -0400
- To: Denis Pinkas <denis.w3c@free.fr>, public-webauthn@w3.org
On 7/24/17 10:21 AM, Denis Pinkas wrote: > Hello, > > I am a member of the OAuth WG and of the SAAG WG. I read the draft notes > from the SAAG IETF 99 where a few words > from Sam Weiler (W3C) have been reported: > > WebAuthn making good progress. Trying to get more eyes doing privacy and > security reviews on specs. > Please get in touch with me if you want to keep our WGs from doing > stupid things. > > The terms used by Sam are rather odd: "keep our WGs from doing /stupid > things/" and I am wondering why these terms have been used. > If it was simply to draw our attention, the goal has been reached. The SAAG minutes don't quite capture that I was trying to share two very distinct thoughts. To the extent that's my fault rather than the scribe's, I apologize. I don't think the WebAuthn spec is in terrible shape - indeed, I was trying to report that the WG is moving along nicely. I am, however, trying to recruit reviewers for other W3C specs - our other working groups sometimes suffer from a deficit of privacy- and security-aware eyes reading their specs, and I'm hopeful that some in the IETF security community might be interested in helping us correct that. Thank you for your comments on the WebAuthn spec. I'll leave it to the WG to offer a substantive reply. -- Sam
Received on Monday, 24 July 2017 14:57:33 UTC