Re: [Minutes] Auto WG 2016-09-06

Hi,

There is no remote setup for the Ann Arbor meeting.

Regards,

Jeremiah

On Wed, Sep 7, 2016 at 11:00 AM, Jeremiah Foster <
jeremiah.foster@pelagicore.com> wrote:

> Hi,
>
> @Song Li: I'll see if there are any credentials required for you to attend
> the meeting remotely.
>
> Regards,
>
> Jeremiah
>
> On Wed, Sep 7, 2016 at 10:06 AM, Song Li <ls@newskysecurity.com> wrote:
>
>> Hi Ted,
>>
>> Thanks for the article, very insightful and I'm glad that the most
>> important aspects of vehicle security are listed. Also thanks for
>> introducing Jeremiah, nice to e-meet you, Jeremiah.
>>
>> Unfortunately I have another travel plan that's overlapping with the Ann
>> Arbor meeting, I'd love to provide my input remotely if that's possible,
>> or, as you said, continue the conversation during other meetings.
>>
>>
>> Regards
>>
>> Song Li
>>
>> Co-founder and CTO
>> NewSky Security <https://newskysecurity.com>
>>
>>
>> On Wed, Sep 7, 2016 at 5:45 AM, Ted Guild <ted@w3.org> wrote:
>>
>>> On Tue, 2016-09-06 at 18:39 -0700, Song Li wrote:
>>> > I missed the security part of the discussion - I would suggest we
>>> > include certificate management in our security model. It should cover
>>> > (but not limited to):
>>> > How to create certificates
>>> > How to deploy certificates to in-vehicle servers
>>> > How developers authenticate the server via certificates
>>> > How to revoke and renew certificates
>>>
>>> Hi Song,
>>>
>>> I had given some thought on an app market eco-system that would go
>>> beyond what we're standardizing and started an article, never published
>>> and still drafty, that starts to touch on certs. You'll probably
>>> recognize some bits from a phone call we had some time ago.
>>>
>>> https://www.w3.org/2016/04/guidelines-article.html
>>>
>>> The purpose of the article is to give background to those not familiar
>>> with this space and to try to attract more experts to work on privacy
>>> and security guidelines. I am not seeing the level of cooperation yet
>>> among OEM/Tier 1s nor with 3rd party developers that would be necessary
>>> for such marketplaces.
>>>
>>> Certs, app package management, OS privilege management etc is elsewhere
>>> in the stack than web layer. With Genivi Security Expert Group being
>>> restarted and their interest in working with us we should explore these
>>> area which is why I added Jeremiah to the Cc.
>>>
>>> Steve Crumb had asked for someone from W3C to attend a "Standards
>>> Integration Workshop (End to End Security)" meeting in Ann Arbor on 5
>>> October. I will not be able to attend and have been unsuccessful so far
>>> in finding a W3C colleague to attend. It is too far for someone from
>>> Asia or Europe to go for a half day meeting. I believe our Chairs also
>>> expressed regrets. I should have thought to ask if you could go. If not
>>> I suspect there be some sort of report and opportunity during Genivi
>>> AMM to get swapped in and continue the conversation.
>>>
>>> --
>>> Ted Guild <ted@w3.org>
>>> W3C Systems Team
>>> http://www.w3.org
>>>
>>>
>>
>
>
> --
> Jeremiah C. Foster
> GENIVI COMMUNITY MANAGER
>
> Pelagicore AB
> Ekelundsgatan 4, 6tr, SE-411 18
> Gothenburg, Sweden
> M: +1.860.772.9242
> jeremiah.foster@pelagicore.com
>
>
>


-- 
Jeremiah C. Foster
GENIVI COMMUNITY MANAGER

Pelagicore AB
Ekelundsgatan 4, 6tr, SE-411 18
Gothenburg, Sweden
M: +1.860.772.9242
jeremiah.foster@pelagicore.com