RE: 01/08/2025 W3C Web Authentication Meeting Agenda from Michael Jones on 2025-01-07 (public-webauthn@w3.org from January 2025)

From: Michael Jones <michael_b_jones@hotmail.com>
Date: Tue, 7 Jan 2025 21:03:46 +0000
To: ANTHONY J NADALIN <nadalin@prodigy.net>, 'W3C Web Authn WG' <public-webauthn@w3.org>, "'Phillips, Addison'" <addison@lab126.com>, 'Christiaan Brand' <cbrand@google.com>, 'Ian Jacobs' <ij@w3.org>, Simone Onofri <simone@w3.org>
Message-ID: <PH7PR02MB92928F55B727C374AD19DC40B7112@PH7PR02MB9292.namprd02.prod.outlook.com>

Here's information I've collected about changes between Level 2 and Level 3, which could be used in the required section outlining changes from L2.

WebAuthn Level 3<https://w3c.github.io/webauthn/>

  *   Credential Backup State<https://w3c.github.io/webauthn/#sctn-authenticator-data>
  *   getClientCapabilities method<https://w3c.github.io/webauthn/#sctn-getClientCapabilities>
  *   Conditional Mediation<https://w3c.github.io/webauthn/#sctn-createCredential>
  *   Pseudo-Random Function (PRF) extension<https://w3c.github.io/webauthn/#prf-extension>
  *   Compound Attestation Statement Format<https://w3c.github.io/webauthn/#sctn-compound-attestation>
  *   Set Credential Properties<https://w3c.github.io/webauthn/#sctn-automation-set-credential-properties> (including backup state)
  *   Recommended Range for Ceremony Timeouts<https://w3c.github.io/webauthn/#sctn-timeout-recommended-range>
  *   toJSON  method<https://w3c.github.io/webauthn/#ref-for-dom-publickeycredential-tojson>
  *   parseCreationOptionsFromJSON method<https://w3c.github.io/webauthn/#sctn-parseCreationOptionsFromJSON>
  *   parseRequestOptionsFromJSON method<https://w3c.github.io/webauthn/#sctn-parseRequestOptionsFromJSON>
  *   Related Origins enabling the same RPID to be used across multiple domains<https://w3c.github.io/webauthn/#sctn-related-origins>
  *   Credential creation and request hints as an alternative to authenticator attachments<https://w3c.github.io/webauthn/#enum-hints>
  *   signalCurrentUserDetails method<https://w3c.github.io/webauthn/#sctn-signalCurrentUserDetails>

                                                                Best wishes,
                                                                -- Mike

From: ANTHONY J NADALIN <nadalin@prodigy.net>
Sent: Monday, January 6, 2025 9:30 AM
To: 'Michael Jones' <michael_b_jones@hotmail.com>; 'W3C Web Authn WG' <public-webauthn@w3.org>; 'Phillips, Addison' <addison@lab126.com>; 'Christiaan Brand' <cbrand@google.com>; 'Ian Jacobs' <ij@w3.org>
Subject: 01/08/2025 W3C Web Authentication Meeting Agenda

Here is the agenda for the01/08/2025 W3C Web Authentication WG Meeting, that will take place as a 60 minute teleconference. Remember call is at 12PM  Pacific Time. Reminder that we will be using ZOOM from now on, please make sure you go to Web Authentication bi-weekly (w3.org)<https://www.w3.org/events/meetings/4bab6a90-bdb5-400f-ab87-64a7a852d86a/20230517T150000>

Select scribe please someone be willing to scribe so we can get down to the issues


  1.  Here is the link to the Level 2 Webauthn Recommendation  https://www.w3.org/TR/2021/REC-webaut<https://www.w3.org/TR/2021/REC-webauthn-2-20210408/>

  1.  L3 Target Publication Schedule discussion (SIMONE)

     *   Before publishing WD:  we are missing a section for outlining the changes from L2, as requested by the process and having an example of the one from VS JSONSchema [1]

     *   Before publishing CR and after publishing the WD

        *   Asks for horizontal review (after the WD), giving them a minimum of 28 days
 - Demonstrate implementation, so we need to check if tests are available and, in this case, the situation is already in a good state [2]
[1] https://www.w3.org/TR/2023/WD-vc-json-schema-20231115/#revision-history
[2] https://wpt.fyi/results/webauthn?label=master&label=experimental&aligned

     *

  1.  02/05/2025 WebAuthn Meeting CANCELLED

  1.  03/05/2025 WebAuthn Meeting CANCELLED

  1.  03/19/2025 WebAuthn Meeting CANCELLED

  1.  Canidate Recommendation open pull requests and open issues

 Pull requests * w3c/webauthn<https://github.com/w3c/webauthn/pulls?q=is%3Aopen+is%3Apr+milestone%3A%22L3+Candidate+Recommendation+%22>

1.      Make NOTEs non-normative by emlun * Pull Request #2196 * w3c/webauthn<https://github.com/w3c/webauthn/pull/2196>
2.      Update Use Cases for L3 by timcappalli * Pull Request #2139 * w3c/webauthn (github.com)<https://github.com/w3c/webauthn/pull/2139>
3.      Cleanup: Manual References by timcappalli * Pull Request #2111 * w3c/webauthn (github.com)<https://github.com/w3c/webauthn/pull/2111>



Pull requests * w3c/webauthn (github.com)<https://github.com/w3c/webauthn/pulls?q=is%3Aopen+is%3Apr+no%3Amilestone>
1.      Fix AuthenticationExtensionsAuthenticatorInputs/Outputs CDDL by tidoust * Pull Request #2219 * w3c/webauthn<https://github.com/w3c/webauthn/pull/2219>


Issues * w3c/webauthn (github.com)<https://github.com/w3c/webauthn/issues?q=is%3Aopen+is%3Aissue+milestone%3AL3-WD-02+>
1.

Issues * w3c/webauthn * GitHub<https://github.com/w3c/webauthn/issues?q=is%3Aopen+is%3Aissue+-label%3Astat%3AOnGoing+-label%3Astat%3Apr-open+no%3Amilestone>

           *   Add a method to get all the credentials for a rely party on the client device to support the rely party (website) to limit the number of accounts a user can register * Issue #2222 * w3c/webauthn<https://github.com/w3c/webauthn/issues/2222>


        *

4.   Other open issues or discussions
5.   Adjourn

Received on Tuesday, 7 January 2025 21:03:52 UTC