Attending: Nicole Roy, Chris Phillips,Judith Bush, Scott Cantor, Mary McKee, Gabor Eszes, Phil Smart, Gary Windham, David Huebner

Agenda

  1. Agenda bash and ask for scribes
    1. Chris Phillips, Gabor
  2. Reminder our two goals – communicating changes to the community so we can be prepared; communicating with FedID CG to improve long term outcomes for R&E authentication and authorization use cases
  3. Sam’s feedback - update from Philip
    1. Philip: how can we help as a community on scale and prop 4?
    2. Sam Goto: would it help us to have a 3-hour focused discussion about specific topics?
    3. Philip: yes, probably, we’ll decide as a group and send some technical folks
  4. Chris’s feedback
    1. Our efforts to spread awareness about our use-cases and problems are helpful for the WG, they’re admitting learning new things and understanding some of their starting assumptions were wrong
    2. Yet, no clear consensus in WG about how to move forward and/or course correct
    3. We’ve created a proposal that isn’t a github change/PR of bite-sized changes, so perhaps harder to discuss and understand
    4. The comments on Props 4 and 5 are raising additional issues
  5. Discussion:
    1. Scott: if you don’t have a good solution, don’t solve it. Unfortunate that we’re having to dissuade browser vendors to avoid making a mess out of discovery by solving it badly
  6. Mondays meeting take aways
    1. WG understands that their initial assumptions may have been wrong, they heard our concerns
    2. How do we turn this into action?
    3. Sam doesn’t really want to solve Discovery, he’s okay with us solving it instead, i.e. loosely coupled instead of in the protocol/browser
    4. Mozilla wants to impose an initial trust consent exchange and then “get out of the way”, yet…
    5. The current FedCM protocol does get in the way; trust model clash and protocol message timing
    6. The WG thinks that they’re solving user consent, yet there are no good solutions to persisting the user consent decision for each involved endpoint and communication pattern
    7. Sam Goto (Google) is willing to work with us, whereas Mozilla doesn’t have resources to work with us on this. Let’s work with Sam and prototype something.
      1. Suggestion → engage with Sam on the suggestion of 3hrs session



Discussion of moving the document into github from w3c conversation on how to do the incremental updates:

Chris: Great conversation today.. my question at the tail end of the call is how can we track the particular items we talked about  to ensure we have captured the points in a fashion that is sufficient. It’s tough in our current mode. I observe numerous items in the issue tracker and don’t know if all are open or actionable and if we should open new ones. What pattern yields us the best result is my desire but don’t know what that is for the work just yet. (edited to kill my long sentences ) (edited) 

2 replies

Heather Flanagan  3 days ago

I think it depends. For items very specifically related to the new proposals, I think keeping them in thread makes sense. Where they suggest changes to FedCM or where they make sense to pull out as a concrete smaller step, then we should create a new issue. Does that make sense, @Chris Phillips? @Sam Goto?

Chris Phillips  3 days ago

I agree it depends. Additional suggestion to consider: promote the proposal (item 4 and item 5 to each a file in  https://github.com/fedidcg/proposals/ (e.g. idp-sp-storageAPI.md, offloadingtrust.md).

Rationale: there are numerous items in an issue that are important in their own right and could be called out, dialogued in the thread, then gain closure (fixed, resolved by item Y etc).  There are a lot of things wrapped up in the an issue that get lost in the threaded dialogue.

benefit: easier tracking of things and audit on sections changes (provisio: leave some commit remarks to issue tracker ), improves readability (the file is the proposal, issues are created referencing it), able to diff versions

drawback: more overhead doing commits/edits, creates more issues in tracker BUT they can be referenced discretely as can other issues. unsure who has commit privileges

Chris scribe today Mar30: no response as of yet.

Advocacy on phased approach mindset.

Communication Discussion:

  • How can we collect information for the audiences in a useful fashion?


Message need to send: 

  • existential threat on 3rd party cookies but there is a bigger thing here.


Judith: identifying resources (Gary, Phil) that may 

Discussion: 

  • How to work on the proposal – 
    • Await for feedback ‘can we just make this a markdown thing and refer to it that way to capture the items as discrete issues against it rather than comments..



Engagement / next steps:

  1. Curate proposal 4 for further refinement
  2. Send a small technical team to work with Sam on developing proposal 4
  3. IIW?
  4. Develop communications for our own community about what’s changing and our positions on it. Distinct from e.g. Heather’s advocacy by including more specifics and what we’re doing in response.


Parking lot:

3 Slack

4 Meetings

6 GitHub document



References



Livescribe Minutes

IIW: Sam, Cameron, present could follow up

Update from Phil:

  • Sought 
    • priority on things
    • Where to go with tickets
  • Offered help on scaling the discovery portion
    • SamG: would it be helpful to have a 3h focused session?
    • Observations: small group is more likely to advance things
  • No labels