Re: [webappsec] Rechartering: Secure Introduction of Internet-Connected Things

This related WG at the IETF has also come to my attention:

ACE = Authentication and Authorization for Constrained Environments

On 11/10/14, 10:48 AM, "Brad Hill" <> wrote:

>Agreed 100%.  Given the size of the list we started with, the group felt
>it was important to scope our charter closely to what we have the
>resources to achieve.  We (like many standards groups) have an unfortunate
>habit of missing our schedules already, and I would say this got a "no"
>for reasons mostly of triage.
>That said, I think if there are individuals who will publicly commit to
>showing up and doing the work as editors, testers and liaisons with other
>groups, I don't think there is a fundamental objection to tackling some of
>the web-specific interactions we discussed earlier on list.
>On 11/10/14, 9:57 AM, "Chris Palmer" <> wrote:
>>On Sun, Nov 9, 2014 at 4:19 PM, Brad Hill <> wrote:
>>> Rechartering Thread 8: Secure introduction of Internet-Connected Things
>>> At TPAC and in our survey there was a strong expression of sentiment
>>> that the WG should NOT consider this for its charter due to scope and
>>> appropriateness for the community participating here, but that rather
>>> the WG or individuals should work to develop requirements first with
>>> the IoT Community Group being spun up at the W3C or other industry
>>> bodies.
>>This is an amazingly twisty problem, with lots of pointy sticks and
>>unexploded cows everywhere. Is the IoT Community Group going to be the
>>right place? Do they have security and secure usability expertise?

Received on Wednesday, 12 November 2014 21:32:17 UTC