- From: Kazuyuki Ashimura <ashimura@w3.org>
- Date: Tue, 12 Dec 2017 01:19:36 +0900
- To: Public Web of Things IG <public-wot-ig@w3.org>, public-wot-wg@w3.org
available at:
https://www.w3.org/2017/12/04-wot-sec-minutes.html
also as text below.
Thanks a lot for taking these minutes, Michael Koster!
BTW, as confirmed below, now gh-pages setting is available for the
wot-security GitHub repository and we can access the draft document
by visiting:
https://w3c.github.io/wot-security/
Kazuyuki
---
[1]W3C
[1] http://www.w3.org/
- DRAFT -
WoT Security
04 Dec 2017
[2]Agenda
[2] https://www.w3.org/WoT/IG/wiki/IG_Security_WebConf#Agenda
Attendees
Present
Kaz_Ashimura, Michael_McCool, Elena_Reshetova,
Michael_Koster, Zoltan_Kis, Tomoaki_Mizushima,
Barry_Leiba
Regrets
Chair
McCool
Scribe
mjkoster
Contents
* [3]Topics
1. [4]previous minutes
2. [5]schedule for 2nd draft W3C note
3. [6]NDSS paper deadline
4. [7]publication of the W3C note
5. [8]issues review
6. [9]https local
7. [10]Next steps for next publication
* [11]Summary of Action Items
* [12]Summary of Resolutions
__________________________________________________________
<kaz> scribenick: mjkoster
previous minutes
<kaz> [13]prev minutes
[13] https://www.w3.org/2017/11/20-wot-sec-minutes.html
mccool: any objections to accepting the minutes?
minutes accepted
schedule for 2nd draft W3C note
second draft mid-january
NDSS paper deadline
mccool: submitted and updated the abstract
... will continue to update until the deadline
... there is a review version
[14]https://github.com/mmccool/ndss-wot-sec/blob/submission-1/n
dss-wot-sec.pdf
[14] https://github.com/mmccool/ndss-wot-sec/blob/submission-1/ndss-wot-sec.pdf
the submission-1 branch contains the review draft
mccool: removed examples in order to get the length under the
limit
... added local links as a fifth issue
... does the structure of five issues make sense?
... the five things are a mixed bag, but we can't restructure
the document massively at this point
... maybe we can fix up the wording
... need to have someone to do a critical review of the paper
<McCool>
[15]https://github.com/mmccool/ndss-wot-sec/blob/submission-1/n
dss-wot-sec.pdf
[15] https://github.com/mmccool/ndss-wot-sec/blob/submission-1/ndss-wot-sec.pdf
Barry Leiba volunteered
mccool: review from the POV of a conference reviewer for this
wprkshop
... schedule one more meeting before the Friday deadline
publication of the W3C note
mccool: what is the status of the publication?
kaz: working on the process of publication
... for example, a static rendered HTML version is needed
mccool: this is needed for github.io hosting also
... W3C moratorium on publication starts on December 18th
kaz: we could set December 7th as the publication date
<kaz> [kaz will let Michael McCool know about the publication
version URL for the NDSS paper]
<kaz> ACTION: kaz to set up gh-pages setting for wot-security
repo so that we can use github.io URL
issues review
[16]https://github.com/w3c/wot-security/issues
[16] https://github.com/w3c/wot-security/issues
mccool: get oauth2 and webtoken stuff sorted ASAP
... current issues won't affect the current version of the
document
https local
<kaz> [17]issue 55
[17] https://github.com/w3c/wot-security/issues/55
mccool: network reachability
... attended the https in local network W3C CG meeting at TPAC
<kaz> [18]HTTP in Local Network CG
[18] https://www.w3.org/community/httpslocal/
mccool: depends on globally visible URLs
... Plex solution based on certificates based on IP address
<kaz> [19]Certificate.md
[19] https://github.com/httpslocal/usecases/blob/master/Certificates.md
<kaz> [20]How Plex is doing
[20] https://blog.filippo.io/how-plex-is-doing-https-for-all-its-users/
<McCool> see here for various ways to do https local:
[21]https://github.com/httpslocal/usecases/blob/master/Certific
ates.md
[21] https://github.com/httpslocal/usecases/blob/master/Certificates.md
mccool: these are based on "wildcard certificates"
<McCool> [22]https://github.com/httpslocal/usecases
[22] https://github.com/httpslocal/usecases
<kaz> HTTP in Local Network CG's Use Cases above
Next steps for next publication
mccool: any other issues?
... what should be done by January 16th?
... what priorities and how can we split up the work?
... what about municipal or industrial sections?
elena: section 4.2
... scripting considerations
<kaz> [23]section 4.2
[23] https://rawgit.com/w3c/wot-security/master/index.html#secure-practices-for-designing-wot-scripts-and-wot-script-apis
elena: we also need work on the validation section
mccool: cite some existing IoT related approaches to security
validation
<kaz> [24]section 6 - Security Validation
[24] https://rawgit.com/w3c/wot-security/master/index.html#security-validation
mccool: reviewing assignments to the issues
... asking Zoltan to provide scripting input
<kaz> [25]Issue 22
[25] https://github.com/w3c/wot-security/issues/22
mccool: any more issues, AOB?
... next week will be cleaning up the paper submission
... no more business, adjourned
Summary of Action Items
[NEW] ACTION: kaz to set up gh-pages setting for wot-security
repo so that we can use github.io URL
Summary of Resolutions
[End of minutes]
__________________________________________________________
Minutes formatted by David Booth's [26]scribe.perl version
1.152 ([27]CVS log)
$Date: 2017/12/04 17:57:25 $
[26] http://dev.w3.org/cvsweb/~checkout~/2002/scribe/scribedoc.htm
[27] http://dev.w3.org/cvsweb/2002/scribe/
Received on Monday, 11 December 2017 16:20:53 UTC