- From: Kazuyuki Ashimura <ashimura@w3.org>
- Date: Tue, 25 Feb 2020 09:06:16 +0900
- To: public-wot-ig@w3.org, public-wot-wg@w3.org
available at:
https://www.w3.org/2020/02/17-wot-sec-minutes.html
also as text below.
Thanks,
Kazuyuki
---
[1]W3C
[1] http://www.w3.org/
- DRAFT -
WoT Security
17 Feb 2020
Attendees
Present
Kaz_Ashimura, Michael_McCool, Elena_Reshetova,
Tomoaki_Mizushima, David_Ezell
Regrets
Chair
McCool
Scribe
kaz
Contents
* [2]Topics
1. [3]Review minutes
2. [4]DID review
3. [5]Remaining issues
* [6]Summary of Action Items
* [7]Summary of Resolutions
__________________________________________________________
<scribe> scribenick: kaz
Review minutes
[8]Feb-10 minutes
[8] https://www.w3.org/2020/02/10-wot-sec-minutes.html
McCool: any objections to accept them?
(no objections)
McCool: minutes approved
DID review
McCool: still working on it
David: there was a session on IoT and DID during the DID
meeting
... shall I paste the link?
McCool: maybe helpful
<dezell> DIDs and IoT (from 29 January 2020)
<dezell>
[9]https://www.w3.org/2019/did-wg/Meetings/Minutes/2020-01-29-d
id#section4
[9] https://www.w3.org/2019/did-wg/Meetings/Minutes/2020-01-29-did#section4
<McCool> [10]https://www.w3.org/TR/did-core/
[10] https://www.w3.org/TR/did-core/
<McCool>
[11]https://www.w3.org/TR/2020/WD-did-use-cases-20200130/
[11] https://www.w3.org/TR/2020/WD-did-use-cases-20200130/
McCool: (goes through the minutes from the DID f2f meeting)
... think IDs may be managed by some distributed system like
blockchain
David: a lot of messages there
McCool: blockchains are not explicitly required but some
systems expect it
... the minutes mention IETF/TCG - Device ID - Impllicit
Identifier
... this is typical for provisioning, etc.
Kaz: as I mentioned the other day, I also talked with Ivan
Herman, the DID-WG Team Contact, and we agreed further
collaboration between WoT and DID would be important
... so probably having a joint call would be useful
McCool: make sense
... (updates the WoT Main call wiki with a possible joint call
with DID)
[12]WoT Main call wiki
[12] https://www.w3.org/WoT/IG/wiki/Main_WoT_WebConf
McCool: having a joint call would be a good idea
... Manu Sporny, the main Editor should be also included
Kaz: happy to contact the DID guys about the possible joint
call
McCool: David, do you know if they have any survey documents
about existing standards, etc.?
<dezell> [13]https://www.w3.org/2019/did-wg/
[13] https://www.w3.org/2019/did-wg/
Kaz: maybe we can look at the references sections of the Use
cases document and the DID spec document
McCool: that's true
... would see the abstract first
... e.g., Thing Description could be related to the
"resolvable" feature
... also section "2.4 Accessing service endpoints"
[14]2.4 Accessing service endpoints
[14] https://www.w3.org/TR/did-use-cases/#accessingServiceEndpoints
McCool: but would see more concrete use cases for IoT purposes
David: right
... that is one of the reasons Sam made a presentation on IoT
use cases
McCool: and also "2.5 Identifiers in an ecosystem of verifiable
credentials (VCs)"
[15]2.5 Identifiers in an ecosystem of verifiable credentials
(VCs)
[15] https://www.w3.org/TR/did-use-cases/#vcEcosystem
McCool: (looks into the diagram at "3. DID Actions")
[16]3. DID Actions
[16] https://www.w3.org/TR/did-use-cases/#actions
McCool: don't see any "registration" action here
David: resolution is key point of the decentralized identifiers
McCool: what if we expect some controller which manages the
access
... there is "ISSUE 14" saying [[What does it mean for a DID to
be "recorded in a registry"?]]
[17]did-use-cases Issue 14
[17] https://github.com/w3c/did-use-cases/issues/14
McCool: let me capture this issue on my todo list
... next "3.3 Authenticate"
[18]3.3 Authenticate
[18] https://www.w3.org/TR/did-use-cases/#authenticate
McCool: prove control typically through some sort of
challenge-response
... need to read through this document
... there is also "3.13 Deactivate"
... we might want to include it into our lifecycle diagram
David: some of the DID guys are active on TLS standardizaton
within IETF
McCool: can see that
... then "4. feature/Benefit Grid"
[19]4. Feature/Benefit Grid
[19] https://www.w3.org/TR/did-use-cases/#featureBenefitGrid
McCool: let's see "7. Focal Use Cases"
[20]7. Focal Use Cases
[20] https://www.w3.org/TR/did-use-cases/#focalUseCases
McCool: (goes through the use cases)
... "7.5 Single Sign On" might be relevant for IoT purposes
[21]7.5 Single Sign On (security)
[21] https://www.w3.org/TR/did-use-cases/#sso
McCool: (also look at the "DID Resolution" doc)
[22]DID Resolution draft
[22] https://w3c-ccg.github.io/did-resolution/
McCool: (then visit the references section of the did-core spec
draft)
[23]D. References (did-core)
[23] https://www.w3.org/TR/did-core/#references
McCool: several relevant links below
<McCool>
[24]https://medium.com/metadium/decentralized-identifiers-the-e
asy-guide-fb96429e8b24
[24] https://medium.com/metadium/decentralized-identifiers-the-easy-guide-fb96429e8b24
<McCool>
[25]https://medium.com/@adam_14796/understanding-decentralized-
ids-dids-839798b91809
[25] https://medium.com/@adam_14796/understanding-decentralized-ids-dids-839798b91809
<McCool>
[26]https://ldapwiki.com/wiki/W3C%20Decentralized%20Identifiers
[26] https://ldapwiki.com/wiki/W3C Decentralized Identifiers
<McCool>
[27]https://ldapwiki.com/wiki/W3C%20Decentralized%20Identifiers
[27] https://ldapwiki.com/wiki/W3C Decentralized Identifiers
<McCool> [28]https://w3c-ccg.github.io/did-primer/
[28] https://w3c-ccg.github.io/did-primer/
McCool: suspect some of them might be out-of-date now
<McCool> [29]https://github.com/w3c-ccg/w3c-ccg.github.io
[29] https://github.com/w3c-ccg/w3c-ccg.github.io
<McCool> [30]https://w3c-ccg.github.io/
[30] https://w3c-ccg.github.io/
[31]Credential CG repo
[31] https://github.com/w3c-ccg
[32]Credentials CG page
[32] https://www.w3.org/community/credentials/
McCool: (revisit the Decentralized Identifiers (did-core)
document)
[33]Decentralized Identifiers (DIDs) v1.0
[33] https://www.w3.org/TR/did-core/
David: (mentions the DID WG page again)
[34]DID WG page
[34] https://www.w3.org/2019/did-wg/
McCool: here is a link to "did-imp-guide"
[35]did-imp-guide
[35] https://github.com/w3c/did-imp-guide
[36]HTML rendered version
[36] https://w3c.github.io/did-imp-guide/
Remaining issues
McCool: will take a glance at the remaining issues
[37]wot-security issues
[37] https://github.com/w3c/wot-security/issues
McCool: need Oliver's clarification
... next issue 160
[38]Issue 160
[38] https://github.com/w3c/wot-security/issues/160
McCool: Zoltan gave comments
... will catch up with Zoltan
[adjourned]
Summary of Action Items
Summary of Resolutions
[End of minutes]
__________________________________________________________
Minutes manually created (not a transcript), formatted by
David Booth's [39]scribe.perl version 1.154 ([40]CVS log)
$Date: 2020/02/18 13:49:01 $
[39] http://dev.w3.org/cvsweb/~checkout~/2002/scribe/scribedoc.htm
[40] http://dev.w3.org/cvsweb/2002/scribe/
Received on Tuesday, 25 February 2020 00:06:28 UTC