W3C home > Mailing lists > Public > public-webauthn@w3.org > December 2018

Re: Qualcomm position- Extensions

From: Maciej Stachowiak <mjs@apple.com>
Date: Thu, 06 Dec 2018 10:54:32 -0800
Message-id: <6731C092-8D9B-451E-8426-614E0009E26C@apple.com>
Cc: mandyam@qti.qualcomm.com, W3C Web Authn WG <public-webauthn@w3.org>
To: Adam Langley <agl@google.com>


> On Dec 6, 2018, at 10:47 AM, Adam Langley <agl@google.com> wrote:
> 
> On Thu, Dec 6, 2018 at 10:43 AM Giridhar Mandyam <mandyam@qti.qualcomm.com <mailto:mandyam@qti.qualcomm.com>> wrote:
> > Note: I believe that only the appid extension would be normative in any case, because that's the only extension with sufficient implementation.
> 
>  
> 
> To clarify:  that was not my recommendation.  I assume that this the above is Google’s recommendation – correct?
> 
> 
> Google is suggesting that we should make all extensions non-normative because it unblocks things and we believe that it doesn't make any difference in practice.
> 
> The alternative is to try and make extensions normative. I could have misunderstood, but I think the issue there was that the W3C wants to see interoperability for normative parts of the spec. But then some extensions defined in the spec would still be non-normative because there are not enough implementations to demonstrate interoperability. In fact, I suspect that only the appid extension meets that bar.

If parts of the spec are optional extensions and could not be made normative because they won’t meet the interoperable implementation requirement in time, wouldn’t it be better to make them separate specs?

I think it is confusing to have text that appears to give requirements for a feature but is labeled non-normative. I don’t think that’s a good way to say “this feature didn’t make it but someday it might”. It doesn’t get that extension itself to be a real standard any faster. In fact, it makes it harder, since to make it a normative standard now requires updating the main specification, rather than a separate extension specification.

Regards,
Maciej

> 
> 
> Cheers
> 
> AGL
>  
>  
> -Giri
> 
>  
> 
> From: Adam Langley <agl@google.com <mailto:agl@google.com>> 
> Sent: Thursday, December 6, 2018 10:41 AM
> To: Giridhar Mandyam <mandyam@qti.qualcomm.com <mailto:mandyam@qti.qualcomm.com>>
> Cc: W3C Web Authn WG <public-webauthn@w3.org <mailto:public-webauthn@w3.org>>
> Subject: Re: Qualcomm position- Extensions
> 
>  
> 
> On Wed, Dec 5, 2018 at 8:18 AM Giridhar Mandyam <mandyam@qti.qualcomm.com <mailto:mandyam@qti.qualcomm.com>> wrote:
> 
> Qualcomm does not recommend changing the current position of the group.  I realize the request below only sought a response if a member company wanted to change the position of the group, but I felt it was important to re-iterate Qualcomm’s position.
> 
>  
> 
> This is consistent with the presentation I made to the W3C Directorate in October – see enclosed.  The recommendations are summarized on slide 10 and reproduced here:
> 
>  
> 
> Continue to keep normative guidance in spec that all extensions are optional
> Follow Sam’s suggestion to specify AAID extension as RECOMMENDED  {“Sam” = Sam Weiler}
> Keep all extension text as normative
> Note: I believe that only the appid extension would be normative in any case, because that's the only extension with sufficient implementation.
> 


Received on Thursday, 6 December 2018 18:55:23 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:58:59 UTC