- From: Kazuyuki Ashimura <ashimura@w3.org>
- Date: Wed, 25 Nov 2015 02:24:31 +0900
- To: public-automotive <public-automotive@w3.org>
- Message-ID: <CAJ8iq9UOJy0vmFZEwg_BfRHCRM66wKgpd1in9J31SbSwOLdGHQ@mail.gmail.com>
available at:
http://www.w3.org/2015/11/24-auto-minutes.html
also as text below.
I've just updated the publication timeline on the wiki at:
https://www.w3.org/auto/wg/wiki/Main_Page#Publication_Schedule
based on today's discussion.
Thanks,
Kazuyuki
---
[1]W3C
[1] http://www.w3.org/
- DRAFT -
Automotive WG
24 Nov 2015
[2]Agenda
[2]
https://lists.w3.org/Archives/Public/public-automotive/2015Nov/0017.html
See also: [3]IRC log
[3] http://www.w3.org/2015/11/24-auto-irc
Attendees
Present
Paul_Boyes, Adam_Crofts, Dave_Jensen, Junichi_Hashimoto,
Kaz_Ashimura, Qing_An, Shinjiro_Urata, Yingying_Chen,
Peter_Winzell
Regrets
Chair
Paul
Scribe
kaz
Contents
* [4]Topics
1. [5]Agenda
2. [6]Publication schedule
3. [7]Implementations and Testing
4. [8]Security update
5. [9]Wrap-up
* [10]Summary of Action Items
* [11]Summary of Resolutions
__________________________________________________________
Agenda
paul: spec timeline, security update, etc.
->
[12]https://www.w3.org/auto/wg/wiki/Main_Page#Publication_Sched
ule publication schedule so far
[12] https://www.w3.org/auto/wg/wiki/Main_Page#Publication_Schedule
Publication schedule
kaz: we should update the timeline
... FPWD already done
<paul> [13]https://www.w3.org/auto/wg/wiki/Main_Page
[13] https://www.w3.org/auto/wg/wiki/Main_Page
kaz: and we're preparing the second draft
paul: LC/CR should be later
kaz: maybe Q2 2016
paul: so PR and REC for Q4 2016
Implementations and Testing
paul: we'll work for the testing and implementation as well
next year
... Genivi is doing one
peter: started to see how to implement on Chromium
... and outlook how to test it
... collaboration with Genivi would be good
paul: right
... willing to take an action to see what would happen in US
and Genivi
... we can get some small loop to work together
... making proposal and align things
peter: started with Chromium
... how to add interfaces
... you can use the browser itself
... I don't know if that is the best choice, though
paul: anybody who work with Chromium could use that, so that's
good
... for typical cars
peter: think so
... but don't think you can do that on your PCs
... could do if you have some recorder
paul: Kevin and Adam?
kevin: not typically CAN logs
... but we could do
peter: we've been testing head units
dave: think ACCESS has something
paul: we can record data and use some simulator
... JLR has some mechanism
... let me sense
... have to see definition
... any comments from Urata-san?
urata: using some property from dongle
... getting CAN data via the dongle device
... translate CAN data to JSON
... could be a reference model
paul: Dave, do you have any experience?
dave: open xd has some project
... hardware is open
... proprietary binary format
... convert the output data to JSON
paul: also interested in what Google is doing
... how we can get/record data?
... e.g., using chrome
... various possibilities
peter: would take an action to see what would be available
... not sure what the actual state
paul: most people should consider
peter: try to contact Genivi
paul: e.g., Gunnar?
peter: yes
... will ask him
... the best is something open
dave: would see OpenXC
paul: anything from JLR?
kevin: CAN data database
paul: Kevron or somebody from Poland
... non-production implementation
... Peter, you sent an email regarding what the test plan would
be
peter: part of the implementation I'm doing
paul: would people be interested in TF work?
peter: working on that everyday
paul: is anybody else interested?
peter: interested in how ACCESS thinking about testing
dave: interested in how the other groups working on testing
kaz: usually groups form a TF for testing
... and people work collaboratively for that purpose
paul: yes, that' my suggestion
... urata-san, are you willing to join it?
urata: interested but have time restriction...
... can contribute very little...
paul: would send out a message to ask people for participation
... we can coordinate
... understanding implementation, etc.
dave: interested
paul: will send an email then
... peter, you can arrange the agenda
peter: ok
kevin: interested and possibly make contribution
kaz: we'll discuss not only implementation experience but also
testing mechanism?
paul: yeah
kaz: we need to generate test assertions and test suite
... also would be nicer to have testing environment
dave: automated tools would be helpful and worth consideration
Security update
junichi: access control
... for auto makers and implementers
... have been looking Web security specs
... manifest is permission list
... focused on icons
... another one is application mechanism
... controlled by implementers
... difficult to use for access control by auto makers
... we should consider approval of developers
... approving specific URL domains
... thinking of some root certificate
... vehicle APIs only approved domains
... would finish by the end of this month
... do you like the idea?
paul: yeah
junichi: feasibility, urata-san?
urata: with the restricted domain list?
junichi: usually all APIs are openly used by any domains
urata: W3C widgets spec is kind of old
... but handles manifest and packaged apps
... maybe similar to your idea
junichi: currently we don't have a packaged format
urata: Firefox can use packaged formats
... from app security perspective, that kind of packaged apps
would be effective
... maybe one candidate
... would listen to other approaches as well
kevin: token?
... basically have an authentication service
... to authenticate and verify the app
... e.g., using password
... facial recognition
... optionally authenticate the vehicle or infrastructure,
local government, highway agency, etc.
... assistance to get vehicle location, etc.
... authentication token attached to the HTTP header
... authorizing the access to the data
junichi: do we need to introduce a new HTTP header?
kevin: two tokens on a request
... one token representing the user and another representing
the vehicle or something
... separate tokens are possible
junichi: several approaches we discussed during TPAC f2f
... token was one of them
... another was having a proxy
kevin: like having a secure proxy
junichi: introducing a big mechanism would cost much for
implementers
... so would start with light-weight approach
kevin: in terms of modification of spec, there would be minimum
changes
... not mandatory
... happy to write an idea to access tokens
... not clear how to handle that within the spec, though
paul: we could add that as informative notes
... basically we could add that to some informative section
kevin: can write some wording
... for an informative section
kaz: yes, we can do so
paul: makes sense
... Kevin will generate some description
... Hashimoto-san, are you interested in adding something?
junichi: yes
Wrap-up
paul: Peter will work on implementation/testing TF
... myself will work with Adam and Dave for Genivi
AdamC: still not much discussion on event handling
... would be great to have input from Urata-san, etc.
... vehicle enum should be changed
paul: Adam, you might want to summarize the discussion
kaz: should we ask TAG for some more help?
paul: Tobie made some suggestion during TPAC
kaz: yeah, Generic Sensor style is one possibility
paul: can send a message to TAG
... anything else?
(nothing)
paul: will have the next call next week.
[ adjourned ]
Summary of Action Items
Summary of Resolutions
[End of minutes]
__________________________________________________________
Minutes formatted by David Booth's [14]scribe.perl version
1.144 ([15]CVS log)
$Date: 2015/11/24 17:19:44 $
[14] http://dev.w3.org/cvsweb/~checkout~/2002/scribe/scribedoc.htm
[15] http://dev.w3.org/cvsweb/2002/scribe/
--
Kaz Ashimura, W3C Staff Contact for Auto, WoT, TV, MMI and Geo
Tel: +81 3 3516 2504
Received on Tuesday, 24 November 2015 17:25:44 UTC