Candidate Recommendation Snapshot: Web of Things (WoT) Thing Description 1.1 (Call for Wide Review)

Web of Things (WoT) Thing Description 1.1

https://www.w3.org/TR/2023/CR-wot-thing-description11-20230119/

feedback due by: February 16, 2023

Published by
 Web of Things Working Group

Abstract

This document describes a formal information model and a common representation for a Web of Things (WoT) Thing Description 1.1. A Thing Description describes the metadata and interfaces of Things, where a Thing is an abstraction of a physical or virtual entity that provides interactions to and participates in the Web of Things. Thing Descriptions provide a set of interactions based on a small vocabulary that makes it possible both to integrate diverse devices and to allow diverse applications to interoperate. Thing Descriptions, by default, are encoded in a JSON format that also allows JSON-LD processing. The latter provides a powerful foundation to represent knowledge about Things in a machine-understandable way. A Thing Description instance can be hosted by the Thing itself or hosted externally when a Thing has resource restrictions (e.g., limited memory space) or when a Web of Things-compatible legacy device is retrofitted with a Thing Description. Furthermore, this document introduces the Thing Model, which allows authors to describe only the model or class of an Internet of Things (IoT) entity. Thing Models can be seen as a template for Thing Description instances, but with reduced constraints such as no or few requirements for specific communication metadata. 

This specification describes a superset of the features defined in Thing Description 1.0 [WOT-THING-DESCRIPTION]. Unless otherwise specified, documents created with version 1.0 of this specification remain compatible with Thing Description 1.1.

Status of the Document

This section describes the status of this document at the time of its publication. A list of current W3C publications and the latest revision of this technical report can be found in the W3C technical reports index at https://www.w3.org/TR/. 

At the time of CR transition, due to insufficient implementation experience the following features are at risk: 
 
  * Indicating location of security information in body of payload using JSON pointers. sec-body-name-json-pointer, sec-body-name-json-pointer-array, sec-body-name-json-pointer-creatable, and sec-body-name-json-pointer-type. 
  * Indicating location of security information using URI template. td-security-in-query-over-uri and td-security-in-uri-variable. td-security-uri-variables-distinct. 
  * Multilanguage content negotiation. td-ns-multilanguage-content-negotiation and td-ns-multilanguage-content-negotiation-no-multi. 
  * TD Processor bidi isolation. td-processor-bidi-isolation. 
  * TD Producer mixed direction scripts. td-producer-mixed-direction. 
  * Text direction inferencing. td-text-direction-first-strong and td-text-direction-language-tag. 
  * Support for OAuth2 client flow. td-security-oauth2-client-flow and td-security-oauth2-client-flow-no-auth. 
  * Support for OAuth2 device flow. td-security-oauth2-device-flow. 
  * Use of extensions for security vocabulary. td-security-extension. 
  * Support for queryallactions operation. td-vocab-op--Form_queryallactions. 
  * Thing Model references and versioning. tm-tmRef1, tm-tmRef2, tm-versioning-1, and tm-derivation-validity.  

In addition, a number of assertions in the Privacy Considerations and Security Considerations sections are at risk: 
 
  * privacy-immutable-id-as-property 
  * privacy-temp-id-metadata 
  * security-context-secure-fetch 
  * security-jsonld-expansion 
  * security-mutual-auth-td 
  * security-oauth-limits 
  * security-remote-context 
  * security-server-auth-td 
  * security-static-context  

These represent best practices but often relate to deployment policy rather than implementations and in some cases are difficult to validate. The intention is to complete as many of these as possible by PR; those that cannot be validated but that represent best-practice recommendations will be converted into informative statements. 

At-risk assertions are marked with yellow highlighting. 

The Web of Things Working Group intends to submit this document for consideration as a W3C Proposed Recommendation after at least the minimum CR review period has passed. However, before PR transition is requested, any features or assertions currently marked as at-risk that did not appear in the TD 1.0 specification and do not have at least two implementations at that time will either be removed or converted into informative statements, as appropriate. 

This document was published by the Web of Things Working Group as a Candidate Recommendation Snapshot using the Recommendation track. 

Publication as a Candidate Recommendation does not imply endorsement by W3C and its Members. A Candidate Recommendation Snapshot has received wide review, is intended to gather implementation experience, and has commitments from Working Group members to royalty-free licensing for implementations. 

This Candidate Recommendation is not expected to advance to Proposed Recommendation any earlier than 16 February 2023. 

This document was produced by a group operating under the W3C Patent Policy. W3C maintains a public list of any patent disclosures made in connection with the deliverables of the group; that page also includes instructions for disclosing a patent. An individual who has actual knowledge of a patent which the individual believes contains Essential Claim(s) must disclose the information in accordance with section 6 of the W3C Patent Policy. 

This document is governed by the 2 November 2021 W3C Process Document.

-- 
This report was automatically generated using https://github.com/w3c/transition-notifier

Received on Thursday, 19 January 2023 09:08:09 UTC