RE: Qualcomm position- Extensions from Giridhar Mandyam on 2018-12-06 (public-webauthn@w3.org from December 2018)

From: Giridhar Mandyam <mandyam@qti.qualcomm.com>
Date: Thu, 6 Dec 2018 18:55:16 +0000
To: Adam Langley <agl@google.com>
CC: W3C Web Authn WG <public-webauthn@w3.org>
Message-ID: <4866bd5ef295481294c52e05152835e3@NASANEXM01C.na.qualcomm.com>

Got it.

> I could have misunderstood, but I think the issue there was that the W3C wants to see interoperability for normative parts of the spec.

As per the background research described in the deck I sent out, this is a requirement for standards-track documents.  But W3C process allows for a WG to request a waiver from the Directorate (normally TBL, currently Ralph), which is also part of my recommendation.

-Giri

From: Adam Langley <agl@google.com>
Sent: Thursday, December 6, 2018 10:47 AM
To: Giridhar Mandyam <mandyam@qti.qualcomm.com>
Cc: W3C Web Authn WG <public-webauthn@w3.org>
Subject: Re: Qualcomm position- Extensions

On Thu, Dec 6, 2018 at 10:43 AM Giridhar Mandyam <mandyam@qti.qualcomm.com<mailto:mandyam@qti.qualcomm.com>> wrote:
> Note: I believe that only the appid extension would be normative in any case, because that's the only extension with sufficient implementation.

To clarify:  that was not my recommendation.  I assume that this the above is Google’s recommendation – correct?

Google is suggesting that we should make all extensions non-normative because it unblocks things and we believe that it doesn't make any difference in practice.

The alternative is to try and make extensions normative. I could have misunderstood, but I think the issue there was that the W3C wants to see interoperability for normative parts of the spec. But then some extensions defined in the spec would still be non-normative because there are not enough implementations to demonstrate interoperability. In fact, I suspect that only the appid extension meets that bar.

Cheers

AGL

-Giri

From: Adam Langley <agl@google.com<mailto:agl@google.com>>
Sent: Thursday, December 6, 2018 10:41 AM
To: Giridhar Mandyam <mandyam@qti.qualcomm.com<mailto:mandyam@qti.qualcomm.com>>
Cc: W3C Web Authn WG <public-webauthn@w3.org<mailto:public-webauthn@w3.org>>
Subject: Re: Qualcomm position- Extensions

On Wed, Dec 5, 2018 at 8:18 AM Giridhar Mandyam <mandyam@qti.qualcomm.com<mailto:mandyam@qti.qualcomm.com>> wrote:
Qualcomm does not recommend changing the current position of the group.  I realize the request below only sought a response if a member company wanted to change the position of the group, but I felt it was important to re-iterate Qualcomm’s position.

This is consistent with the presentation I made to the W3C Directorate in October – see enclosed.  The recommendations are summarized on slide 10 and reproduced here:

  *   Continue to keep normative guidance in spec that all extensions are optional
  *   Follow Sam’s suggestion to specify AAID extension as RECOMMENDED  {“Sam” = Sam Weiler}
  *   Keep all extension text as normative
Note: I believe that only the appid extension would be normative in any case, because that's the only extension with sufficient implementation.

Received on Thursday, 6 December 2018 18:55:41 UTC