W3C home > Mailing lists > Public > public-automotive@w3.org > November 2015

[auto-wg] minutes - 24 November 2015

From: Kazuyuki Ashimura <ashimura@w3.org>
Date: Wed, 25 Nov 2015 02:24:31 +0900
Message-ID: <CAJ8iq9UOJy0vmFZEwg_BfRHCRM66wKgpd1in9J31SbSwOLdGHQ@mail.gmail.com>
To: public-automotive <public-automotive@w3.org>
available at:
 http://www.w3.org/2015/11/24-auto-minutes.html

also as text below.

I've just updated the publication timeline on the wiki at:
 https://www.w3.org/auto/wg/wiki/Main_Page#Publication_Schedule
based on today's discussion.

Thanks,

Kazuyuki

---
   [1]W3C

      [1] http://www.w3.org/

                               - DRAFT -

                             Automotive WG

24 Nov 2015

   [2]Agenda

      [2]
https://lists.w3.org/Archives/Public/public-automotive/2015Nov/0017.html

   See also: [3]IRC log

      [3] http://www.w3.org/2015/11/24-auto-irc

Attendees

   Present
          Paul_Boyes, Adam_Crofts, Dave_Jensen, Junichi_Hashimoto,
          Kaz_Ashimura, Qing_An, Shinjiro_Urata, Yingying_Chen,
          Peter_Winzell

   Regrets
   Chair
          Paul

   Scribe
          kaz

Contents

     * [4]Topics
         1. [5]Agenda
         2. [6]Publication schedule
         3. [7]Implementations and Testing
         4. [8]Security update
         5. [9]Wrap-up
     * [10]Summary of Action Items
     * [11]Summary of Resolutions
     __________________________________________________________

Agenda

   paul: spec timeline, security update, etc.

   ->
   [12]https://www.w3.org/auto/wg/wiki/Main_Page#Publication_Sched
   ule publication schedule so far

     [12] https://www.w3.org/auto/wg/wiki/Main_Page#Publication_Schedule

Publication schedule

   kaz: we should update the timeline
   ... FPWD already done

   <paul> [13]https://www.w3.org/auto/wg/wiki/Main_Page

     [13] https://www.w3.org/auto/wg/wiki/Main_Page

   kaz: and we're preparing the second draft

   paul: LC/CR should be later

   kaz: maybe Q2 2016

   paul: so PR and REC for Q4 2016

Implementations and Testing

   paul: we'll work for the testing and implementation as well
   next year
   ... Genivi is doing one

   peter: started to see how to implement on Chromium
   ... and outlook how to test it
   ... collaboration with Genivi would be good

   paul: right
   ... willing to take an action to see what would happen in US
   and Genivi
   ... we can get some small loop to work together
   ... making proposal and align things

   peter: started with Chromium
   ... how to add interfaces
   ... you can use the browser itself
   ... I don't know if that is the best choice, though

   paul: anybody who work with Chromium could use that, so that's
   good
   ... for typical cars

   peter: think so
   ... but don't think you can do that on your PCs
   ... could do if you have some recorder

   paul: Kevin and Adam?

   kevin: not typically CAN logs
   ... but we could do

   peter: we've been testing head units

   dave: think ACCESS has something

   paul: we can record data and use some simulator
   ... JLR has some mechanism
   ... let me sense
   ... have to see definition
   ... any comments from Urata-san?

   urata: using some property from dongle
   ... getting CAN data via the dongle device
   ... translate CAN data to JSON
   ... could be a reference model

   paul: Dave, do you have any experience?

   dave: open xd has some project
   ... hardware is open
   ... proprietary binary format
   ... convert the output data to JSON

   paul: also interested in what Google is doing
   ... how we can get/record data?
   ... e.g., using chrome
   ... various possibilities

   peter: would take an action to see what would be available
   ... not sure what the actual state

   paul: most people should consider

   peter: try to contact Genivi

   paul: e.g., Gunnar?

   peter: yes
   ... will ask him
   ... the best is something open

   dave: would see OpenXC

   paul: anything from JLR?

   kevin: CAN data database

   paul: Kevron or somebody from Poland
   ... non-production implementation
   ... Peter, you sent an email regarding what the test plan would
   be

   peter: part of the implementation I'm doing

   paul: would people be interested in TF work?

   peter: working on that everyday

   paul: is anybody else interested?

   peter: interested in how ACCESS thinking about testing

   dave: interested in how the other groups working on testing

   kaz: usually groups form a TF for testing
   ... and people work collaboratively for that purpose

   paul: yes, that' my suggestion
   ... urata-san, are you willing to join it?

   urata: interested but have time restriction...
   ... can contribute very little...

   paul: would send out a message to ask people for participation
   ... we can coordinate
   ... understanding implementation, etc.

   dave: interested

   paul: will send an email then
   ... peter, you can arrange the agenda

   peter: ok

   kevin: interested and possibly make contribution

   kaz: we'll discuss not only implementation experience but also
   testing mechanism?

   paul: yeah

   kaz: we need to generate test assertions and test suite
   ... also would be nicer to have testing environment

   dave: automated tools would be helpful and worth consideration

Security update

   junichi: access control
   ... for auto makers and implementers
   ... have been looking Web security specs
   ... manifest is permission list
   ... focused on icons
   ... another one is application mechanism
   ... controlled by implementers
   ... difficult to use for access control by auto makers
   ... we should consider approval of developers
   ... approving specific URL domains
   ... thinking of some root certificate
   ... vehicle APIs only approved domains
   ... would finish by the end of this month
   ... do you like the idea?

   paul: yeah

   junichi: feasibility, urata-san?

   urata: with the restricted domain list?

   junichi: usually all APIs are openly used by any domains

   urata: W3C widgets spec is kind of old
   ... but handles manifest and packaged apps
   ... maybe similar to your idea

   junichi: currently we don't have a packaged format

   urata: Firefox can use packaged formats
   ... from app security perspective, that kind of packaged apps
   would be effective
   ... maybe one candidate
   ... would listen to other approaches as well

   kevin: token?
   ... basically have an authentication service
   ... to authenticate and verify the app
   ... e.g., using password
   ... facial recognition
   ... optionally authenticate the vehicle or infrastructure,
   local government, highway agency, etc.
   ... assistance to get vehicle location, etc.
   ... authentication token attached to the HTTP header
   ... authorizing the access to the data

   junichi: do we need to introduce a new HTTP header?

   kevin: two tokens on a request
   ... one token representing the user and another representing
   the vehicle or something
   ... separate tokens are possible

   junichi: several approaches we discussed during TPAC f2f
   ... token was one of them
   ... another was having a proxy

   kevin: like having a secure proxy

   junichi: introducing a big mechanism would cost much for
   implementers
   ... so would start with light-weight approach

   kevin: in terms of modification of spec, there would be minimum
   changes
   ... not mandatory
   ... happy to write an idea to access tokens
   ... not clear how to handle that within the spec, though

   paul: we could add that as informative notes
   ... basically we could add that to some informative section

   kevin: can write some wording
   ... for an informative section

   kaz: yes, we can do so

   paul: makes sense
   ... Kevin will generate some description
   ... Hashimoto-san, are you interested in adding something?

   junichi: yes

Wrap-up

   paul: Peter will work on implementation/testing TF
   ... myself will work with Adam and Dave for Genivi

   AdamC: still not much discussion on event handling
   ... would be great to have input from Urata-san, etc.
   ... vehicle enum should be changed

   paul: Adam, you might want to summarize the discussion

   kaz: should we ask TAG for some more help?

   paul: Tobie made some suggestion during TPAC

   kaz: yeah, Generic Sensor style is one possibility

   paul: can send a message to TAG
   ... anything else?

   (nothing)

   paul: will have the next call next week.

   [ adjourned ]

Summary of Action Items

Summary of Resolutions

   [End of minutes]
     __________________________________________________________


    Minutes formatted by David Booth's [14]scribe.perl version
    1.144 ([15]CVS log)
    $Date: 2015/11/24 17:19:44 $

     [14] http://dev.w3.org/cvsweb/~checkout~/2002/scribe/scribedoc.htm
     [15] http://dev.w3.org/cvsweb/2002/scribe/

-- 
Kaz Ashimura, W3C Staff Contact for Auto, WoT, TV, MMI and Geo
Tel: +81 3 3516 2504
Received on Tuesday, 24 November 2015 17:25:44 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 24 October 2017 18:52:44 UTC