- From: Kazuyuki Ashimura <ashimura@w3.org>
- Date: Mon, 18 Jun 2018 22:07:46 +0900
- To: Public Web of Things IG <public-wot-ig@w3.org>, public-wot-wg@w3.org
available at:
https://www.w3.org/2018/06/11-wot-sec-minutes.html
also as text below.
Thanks a lot for taking these minutes, Michael Koster!
Kazuyuki
---
[1]W3C
[1] http://www.w3.org/
- DRAFT -
WoT Security
11 Jun 2018
[2]Agenda
[2] https://www.w3.org/WoT/IG/wiki/IG_Security_WebConf#June_11.2C_2018
Attendees
Present
Michael_McCool, Elena_Reshetova, Kaz_Ashimura,
Kazuaki_Nimura, Michael_Koster, Tomoaki_Mizushima,
Barry_Leiba
Regrets
Chair
McCool
Scribe
kaz, mjkoster
Contents
* [3]Topics
1. [4]Privacy
2. [5]Previous minutes
3. [6]Privacy threat mitigation
4. [7]PlugFest
5. [8]F2F agenda for Bundang
6. [9]Issues and PR review
* [10]Summary of Action Items
* [11]Summary of Resolutions
__________________________________________________________
<kaz> scribenick: kaz
Privacy
McCool: has some chat with Elena about PR 103
-> [12]https://github.com/w3c/wot-security/pull/103 PR 103
(Privacy mitigation)
[12] https://github.com/w3c/wot-security/pull/103
Previous minutes
-> [13]https://www.w3.org/2018/06/04-wot-sec-minutes.html
previous minutes
[13] https://www.w3.org/2018/06/04-wot-sec-minutes.html
McCool: security metadata PR for TD (PR #144) has been merged
... ready for plugfest
Kaz: there were the following actions to be included
<scribe> ACTION: [ONGOING] mccool to talk with security guys
about testing/validation timeline
<scribe> ACTION: [ONGOING] mccool to work on issue 70 (Require
Not Exposing Immutable Hardware Identifiers?)
<scribe> ACTION: [ONGOING] mjkoster/elena to review examples in
the security spec
<scribe> ACTION: [ONGOING] mccool to write a short proposal on
what security tools to use for the next plugfest
McCool: put those actions in the previous minutes
Kaz: ok
... will add another action for PR144 from the previous call
(which is done for today)
McCool: ok
(minutes accepted with those changes)
Privacy threat mitigation
McCool: kind of discussed at the beginning of this call
<scribe> scribenick: mjkoster
McCool: any comments?
Elena: what is ID?
<kaz> [14]TD draft
[14] https://w3c.github.io/wot-thing-description/#thing
McCool: it is a uuid which will not collide with other UUID
instances
... there is an RFC on UUID we should cite
... we can't exclude unique identifiers so we need to protect
them from tracking
... the TD itself can also be tracked
... so there are 2 options; protect the entire TD and allow the
ID to be mutable
Elena: would it be regenerated on boot? will the ID change on a
device
McCool: there are different ways to get a UUID, like timestamp,
domain name, random, etc.
... there may not be a DNS identifier on a constrained device,
so would need to use a UUID
... maybe the ID would be randomized on reboot
... but there may also be a permanent ID
... what are the recommendations?
<kaz> Koster: OCF uses UUID-based permanent ID
<kaz> McCool: any particular citation?
<McCool> [15]https://tools.ietf.org/html/rfc4122
[15] https://tools.ietf.org/html/rfc4122
<kaz> ... RFC 4122 fine for citing?
Koster: OCF has a permanent ID and session-oriented ID
<McCool>
[16]https://www.itu.int/ITU-T/studygroups/com17/oid/X.667-E.pdf
(mm refers to an ITU-T standard as well)
[16] https://www.itu.int/ITU-T/studygroups/com17/oid/X.667-E.pdf
Koster: a session is == the onboard tenure of a device before
the ID changes and it needs re-something
McCool: can we get references?
Elena: an onboard session may last for a long time, like a year
McCool: if it can be protected, it may not be a problem
... there may be a risk, but there is a mitigation in being
able to change the ID
Elena: it may be difficult to change all of the identifiers
McCool: periodic refresh may be able to be automated
<McCool> [17]https://w3c.github.io/wot-thing-description/#thing
[17] https://w3c.github.io/wot-thing-description/#thing
<McCool> btw unique ids are *mandatory* for TDs
Elena: please look for the references
McCool: other points to the discussion on privacy?
... google iot privacy recommendations
PlugFest
McCool: plugfest preparation document for security
... recommending TLS + one form of auth from a choice of
[bearer token, basic, digest]
... also want to do TD validation with security checks and
warnings
... still to do pen testing investigation
... google pentesting
... also pen test
... any other thoughts or discussion on plugfest?
... one way to require security is to require an online version
which is forced to also require security
... this will also facilitate the online continuous testing
F2F agenda for Bundang
McCool: security metadata
... combined session with scription
... security validation and testing
... the discussion needs to evolve to a presentation to start
discussion
... best known practices for security, but it would rapidly
become obsolete
<kaz> [18]Bundang f2f wiki
[18] https://www.w3.org/WoT/IG/wiki/F2F_meeting,_30_June-5_July_2018,_Bundang,_Korea
Koster: but it would be good to drive things forward as there
has not been much movement in IoT security to date
McCool: we need to be able to change the document over time,
maybe an IG document
Kaz: WG note should be fine to produce
McCool: we may need to update it forever
Kaz: how to maintain security spec is being discussed
... there are many possibilities
... maybe a security group to address
... we need to figure out extension vocabularies
Issues and PR review
McCool: issue #101
<scribe> ... closed
<kaz> [19]issue 101
[19] https://github.com/w3c/wot-security/issues/101
McCool: issue #98 form based auth
<kaz> [20]issue 98
[20] https://github.com/w3c/wot-security/issues/98
McCool: need URI templates for this to work in order to pass
query parameters
Koster: is it just a binding template?
McCool: also need another scheme "form" that authorizes at a
URL with a template
Koster: need to figure out the design pattern
McCool: maybe a form as part of a security binding
... maybe we would need an action to define how to authorize
... making notes in issue #98
Koster: maybe iotschema vocabulary for security and login type
concepts
McCool: issue #96 closed
... issue #81 and #77 done but maybe not ready yet, will review
again
... done and wrapup for today
... trying to finish TD validation and move on this week
... aob?
Kaz: testing call?
McCool: didn't reschedule formally yet
Kaz: Ege has asked about the call
McCool: cancel the testing call today and do the combined call
this week
... adjourn
Summary of Action Items
[ONGOING] ACTION: mccool to write a short proposal on what
security tools to use for the next plugfest
[ONGOING] ACTION: mccool to talk with security guys about
testing/validation timeline
[ONGOING] ACTION: mccool to work on issue 70 (Require Not
Exposing Immutable Hardware Identifiers?)
[ONGOING] ACTION: mjkoster/elena to review examples in the
security spec
[DONE] ACTION: mccool to finish TD PR 144 (Security metadata)
and merge it
Summary of Resolutions
[End of minutes]
__________________________________________________________
Minutes formatted by David Booth's [21]scribe.perl version
1.147 ([22]CVS log)
$Date: 2018/06/18 12:42:52 $
[21] http://dev.w3.org/cvsweb/~checkout~/2002/scribe/scribedoc.htm
[22] http://dev.w3.org/cvsweb/2002/scribe/
Received on Monday, 18 June 2018 13:08:54 UTC