W3C home > Mailing lists > Public > public-wot-ig@w3.org > February 2018

[wot-security] minutes - 12 February 2018

From: Kazuyuki Ashimura <ashimura@w3.org>
Date: Tue, 27 Feb 2018 01:29:59 +0900
Message-ID: <CAJ8iq9X-3QPBSV+FNBXmHQ6Vo7WU3UVS_Z5RYTVZbsdn+t_teQ@mail.gmail.com>
To: Public Web of Things IG <public-wot-ig@w3.org>, publid-wot-wg@w3.org
available at:
  https://www.w3.org/2018/02/12-wot-sec-minutes.html

also as text below.

Thanks a lot for taking these minutes, Elena!

Kazuyuki

---

   [1]W3C

      [1] http://www.w3.org/

                               - DRAFT -

                              WoT Security

12 Feb 2018

   [2]Agenda

      [2] https://www.w3.org/WoT/IG/wiki/IG_Security_WebConf#Agenda

Attendees

   Present
          Kaz_Ashimura, Michael_McCool, Barry_Leiba,
          Daniel_Peintner, Elena_Reshetova, Michael_Koster,
          Zoltan_Kis, Tomoaki_Mizushima

   Regrets

   Chair
          McCool

   Scribe
          Elena, McCool, kaz

Contents

     * [3]Topics
         1. [4]Previous minutes
         2. [5]Review NDSS presentation material
         3. [6]Scripting review
     * [7]Summary of Action Items
     * [8]Summary of Resolutions
     __________________________________________________________

   <kaz> scribenick: elena

Previous minutes

   <kaz> [9]prev minutes

      [9] https://www.w3.org/2018/02/05-wot-sec-minutes.html

   McCool: reviewing previous meeting minutes first

   reading through the minutes...

   McCool: should try to review labels on issues today if we have
   time
   ... any objections to accepting the minutes?

   minutes accepted

Review NDSS presentation material

   McCool: next NDSS presentation slides review

   <McCool> [10]https://github.com/mmccool/ndss-wot-sec

     [10] https://github.com/mmccool/ndss-wot-sec

   <McCool>
   [11]https://github.com/mmccool/ndss-wot-sec/tree/master/talk

     [11] https://github.com/mmccool/ndss-wot-sec/tree/master/talk

   McCool: 20 min talk, 10 min questions
   ... goals of the presentation to get a feedback instead of
   presenting new methods/approaches
   ... main focus is on metadata and TD, slides follow the NDSS
   paper and we are hoping for a good discussion after that
   ... are the goals clear enough?

   Barry: yes, I think so

   McCool: some links on slide 5 might need updates
   ... slide 7 focus on TD, semantic metadata should be changed to
   TD on slide 7 also
   ... slide 8 needs an example update
   ... do we have an updated examples?

   KostElena: not sure we have syntax fixed, so need to wait for
   it to stabilize

   McCool: slide 8 needs to have bubbles for security metadata
   ... slides 11-15 talk about open issues with WoT and
   distributed security

   <Zakim> kaz, you wanted to ask if you/we want to mention
   plugfest (and plugfest guideline) as well and to ask if you
   want to mention existing examples, e.g., digital TVs

   Michael adds a new slide: follow-up actions

   with plugfest info

   Kaz: also should mentioned S&P consideration document
   ... should really refer to a concrete example in the slides?

   McCool: talk is short, audience should understand it

   Elena: I think that examples might be important since there are
   many standards around IoT, so audience might benefit from it

   McCool: I will try to put some example for explaining issues
   and if it doesn't work, it can be removed

   Michael explaining following slides

   McCool: smth is not discussed as separate issue: protection of
   metadata

   <kaz> [12]Michael's Slides

     [12] https://github.com/mmccool/ndss-wot-sec/blob/master/talk/WoT
- S&P - NDSS DISS 2018 - Talk.pdf

   McCool: maybe we need a new slide for this
   ... problem 5 is pretty vague in the paper, so I gave some
   examples in slides
   ... shows kind of things we can enable with metadata
   ... please send email to me to provide further comments

   changes will be uploaded to github

Scripting review

   <zkis>
   [13]http://rawgit.com/zolkis/wot-scripting-api/master/index.htm
   l

     [13] http://rawgit.com/zolkis/wot-scripting-api/master/index.html

   <kaz> scribe: McCool

   Elena: showing rawgit version of most recent Scripting API
   draft
   ... looked at version available Friday
   ... general feeling: much more concrete
   ... concrete APIs
   ... clearer to see what is missing
   ... currently: doesn't have *anything* about security
   ... none of the examples discuss it
   ... start from use cases...
   ... looking at which of these actions would need security
   ... and then we can discuss how to plug it in
   ... for instance, discovery
   ... an attacker could be visiting a site
   ... if discovery done using broadcast
   ... can find out all the things
   ... could be a privacy threat
   ... even just knowing what devices are there
   ... same in an industrial environment
   ... not clear what the limits are on discovery

   Zoltan: mapping of existing functionality onto scripting
   ... but supported in scripting only if implementation supports
   it
   ... might be blocked by implementation

   Elena: brings me to another point...
   ... how are errors reported?

   Zoltan: that's right
   ... coming.
   ... descriptions of algorithms still coming
   ... we have to be careful when reporting errors
   ... to not give away information to an attacker

   Elena: should be ok to say it is a security error, just not
   what kind of security error (eg type of credentials required,
   etc)

   zoltan: ok, sounds good

   Elena: there are so many security things that fingerprinting is
   still hard

   zoltan: we used to have a security section
   ... but it was deleted, didn't contain much anyway

   zoltan: but we can at least add security error to error list

   Elena: discovery was one security issue
   ... right now gives the impression that there are not errors,
   API methods just work...

   Zoltan: there should be an algorithm section for each that also
   described when and how they can fail; not there yet

   Elena: what about security metadata... how to be associated
   with an exposed thing, for instance?

   McCool: for instance, how to associated metadata with an
   exposed thing

   Zoltan: you don't... in manifest

   Elena: but for example, an Action may be need a token

   Zoltan: that should come from the identity
   ... certain entities will have certain access rights

   Elena: but if use token-based access, for instance, how to
   specify which actions need which tokens?

   Zoltan: right now we have no means to associated security
   metadata with particular actions, just with entire thing
   ... we need a separate API for provisioning
   ... in a different security realm
   ... consider it out of scope from scripting API
   ... but, you do have a point that it contributes to the TD
   ... we do have to figure out what security metadata the TD
   contains
   ... right now we can generate functional part of TD, but can't
   do provisioning
   ... we need a different API spec for provisioning

   Elena: how to support different credentials for different
   actions?

   Zoltan: we decided in OCF that in that case it was better to
   separate actions in different APIs
   ... in the WoT, that would put interfaces with different
   security requirements in different Things

   Daniel: I think you are right, Zoltan is completely not in the
   document
   ... but what I think now should happen
   ... if certain functions needs certain tokens
   ... then property struct needs that information
   ... needs to contain that information

   Zoltan: why can't we just pass this data as regular data
   ... does the runtime need to know?

   daniel: in the initialization phase?

   zoltan: well, in the case of tokens, I would like to ask Elena
   if tokens can just be managed as regular objects

   Elena: need to get information that action needs token into TD
   ... has to be some way for API to embed that information

   Zoltan: I define an exposed thing, I define an action, I define
   some parameters

   <inserted> scribenick: kaz

   McCool: would suggest we don't cancel the call next call...

   Zoltan: or I can leave here today for some more time

   Elena: need to leave now...

   Zoltan: good to have larger people
   ... better to expose the discussion
   ... would add some more text
   ... if you see any more issues, please create additional issues

   Elena: can't join the call next week

   McCool: we can continue the discussion in 2 weeks
   ... btw, Zoltan, do you want to review the TD draft from
   security viewpoint?
   ... can ask Barry as well

   Zoltan: by when?

   McCool: once the TD draft is ready

   Zoltan: can read the draft anyway

   [adjourned]

Summary of Action Items

Summary of Resolutions

   [End of minutes]
     __________________________________________________________


    Minutes formatted by David Booth's [14]scribe.perl version
    1.152 ([15]CVS log)
    $Date: 2018/02/12 15:08:48 $

     [14] http://dev.w3.org/cvsweb/~checkout~/2002/scribe/scribedoc.htm
     [15] http://dev.w3.org/cvsweb/2002/scribe/
Received on Monday, 26 February 2018 16:31:11 UTC

This archive was generated by hypermail 2.3.1 : Monday, 26 February 2018 16:31:12 UTC