- From: Jeremiah Foster <jeremiah.foster@pelagicore.com>
- Date: Wed, 7 Sep 2016 11:00:23 -0400
- To: Song Li <ls@newskysecurity.com>
- Cc: T Guild <ted@w3.org>, public-automotive <public-automotive@w3.org>
- Message-ID: <CADVDRBinDtLsa4nxzOHK_UOzD+0m33hOX60-hVru4MXTr8aaEg@mail.gmail.com>
Hi, @Song Li: I'll see if there are any credentials required for you to attend the meeting remotely. Regards, Jeremiah On Wed, Sep 7, 2016 at 10:06 AM, Song Li <ls@newskysecurity.com> wrote: > Hi Ted, > > Thanks for the article, very insightful and I'm glad that the most > important aspects of vehicle security are listed. Also thanks for > introducing Jeremiah, nice to e-meet you, Jeremiah. > > Unfortunately I have another travel plan that's overlapping with the Ann > Arbor meeting, I'd love to provide my input remotely if that's possible, > or, as you said, continue the conversation during other meetings. > > > Regards > > Song Li > > Co-founder and CTO > NewSky Security <https://newskysecurity.com> > > > On Wed, Sep 7, 2016 at 5:45 AM, Ted Guild <ted@w3.org> wrote: > >> On Tue, 2016-09-06 at 18:39 -0700, Song Li wrote: >> > I missed the security part of the discussion - I would suggest we >> > include certificate management in our security model. It should cover >> > (but not limited to): >> > How to create certificates >> > How to deploy certificates to in-vehicle servers >> > How developers authenticate the server via certificates >> > How to revoke and renew certificates >> >> Hi Song, >> >> I had given some thought on an app market eco-system that would go >> beyond what we're standardizing and started an article, never published >> and still drafty, that starts to touch on certs. You'll probably >> recognize some bits from a phone call we had some time ago. >> >> https://www.w3.org/2016/04/guidelines-article.html >> >> The purpose of the article is to give background to those not familiar >> with this space and to try to attract more experts to work on privacy >> and security guidelines. I am not seeing the level of cooperation yet >> among OEM/Tier 1s nor with 3rd party developers that would be necessary >> for such marketplaces. >> >> Certs, app package management, OS privilege management etc is elsewhere >> in the stack than web layer. With Genivi Security Expert Group being >> restarted and their interest in working with us we should explore these >> area which is why I added Jeremiah to the Cc. >> >> Steve Crumb had asked for someone from W3C to attend a "Standards >> Integration Workshop (End to End Security)" meeting in Ann Arbor on 5 >> October. I will not be able to attend and have been unsuccessful so far >> in finding a W3C colleague to attend. It is too far for someone from >> Asia or Europe to go for a half day meeting. I believe our Chairs also >> expressed regrets. I should have thought to ask if you could go. If not >> I suspect there be some sort of report and opportunity during Genivi >> AMM to get swapped in and continue the conversation. >> >> -- >> Ted Guild <ted@w3.org> >> W3C Systems Team >> http://www.w3.org >> >> > -- Jeremiah C. Foster GENIVI COMMUNITY MANAGER Pelagicore AB Ekelundsgatan 4, 6tr, SE-411 18 Gothenburg, Sweden M: +1.860.772.9242 jeremiah.foster@pelagicore.com
Attachments
- image/png attachment: PELAGICORE_RGB_Black_horizontal.png
Received on Wednesday, 7 September 2016 15:00:56 UTC