[IG-SP] Minutes of the conf call on Thurs, July 16 from Pfaff, Oliver on 2015-07-17 (public-wot-ig@w3.org from July 2015)

From: Pfaff, Oliver <oliver.pfaff@siemens.com>
Date: Fri, 17 Jul 2015 06:42:10 +0000
To: "public-wot-ig@w3.org" <public-wot-ig@w3.org>
Message-ID: <B842481327FC5344B501EC1921E8538E01340C2D@DEFTHW99EL2MSX.ww902.siemens.net>
Hi,

there was nobody familiar with the IRC system in the security and privacy (short: SP) call on July 16. So we took a shortcut and I will provide a freestyle memo below. In case there are changes or additions please let me know. After green light I will provide that in a (new) section of the WoT IG Wiki for SP



Date: Thurs July 16, 0:00 - 1:00 UTC / 2:00 - 3:00 CEST / 17:00 - 18:00 PDT (-1d) / 9:00 - 10:00 JST



Agenda: see below



Participants: Kathy Pink, James Lynn, Oliver Pfaff



Requirements (agenda item#2): the initial proposal of security&privacy requirement candidates<https://www.w3.org/WoT/IG/wiki/Security%26Privacy_Requirements_Catalogue> is okay, no change or addition requests right now. Oliver to follow-up with a first text elaboration(should be available until F2F). This list current uses the notion of an "entity" to refer to a system actor that might be a human (represented by a user agent) or a thing/device. The F2F (here: SP breakout) shall discuss if we need to talk about a superset of thing/device and (if we do) how to collectively call these items. Also a closer discussion of SSO is needed during the F2F  (SP breakout) as this notion natively is human user-centric



Landscape (agenda item#3): the initial proposal of security&privacy framework and mechanism candidates<https://www.w3.org/WoT/IG/wiki/Design-Time_Security%26Privacy_Means> is okay, no change or addition requests right now. The F2F (here: SP & Discovery) should kick-off joint discussion (brainstorming) of how to (authz) protect discovery. Currently the set of "future" SP mechanisms for IoT/WoT is IETF-centric (esp. ACE, COSE, DICE). That's valid but we also need to double-check other bodies to avoid blind spots (the joint IRTF/W3C workshop in Prague seems to be a good chance to get started here). This search shall particularly look at cryptographic and key management mechanisms



Joint IRTF/W3C workshop in Prague (agenda item#4): Among the conf call participants, Oliver will attend. The SP breakout falls into 2 portions: interactive sessions (1 and 5, see Joint IRTF T2T/W3C WoT Meeting in Prague<https://www.w3.org/WoT/IG/wiki/Joint_IRTF_T2T_RG_/_W3C_WoT_IG_meeting_18-19_July_2015_in_Prague,_Czech_Republic>) and presentations (2, 3 and 4). The goals are i. surveying the current state (input from the audience), ii. inform (the audience) about the SP landscape, iii. start a discussion about "re-usables" resp. where/how SP for IoT/WoT  needs to integrate existing infrastructure and means, iv. get feedback (from the audience) about what should/might be needed or adapted in future. Obviously the success of the interactive parts depend on the involvement of the audience. We are trying to stimulate the discussion by providing some input / structure



F2F meeting in Sunnyvale (agenda item#5): Among the conf call participants, Kathy, James and Oliver will attend. HP would like to contribute a presentation as part of the agenda item "Contributions of Guests". That contribution would reflect their work on SP matters for IoT/WoT. For SP it is important to have the chance of discussing among the contributors and interested parties in SP (day 2 - breakout) as well as interacting with the TFs (day 1 - reporting and identifying joint matters, day 3 - [starting to] discuss joint matters)



AOB: there might be a rescheduling of the TF plus SP conf calls - subject to currently ongoing discussion



Best regards,

Oliver





Von: Pfaff, Oliver [mailto:oliver.pfaff@siemens.com]
Gesendet: Mittwoch, 15. Juli 2015 13:02
An: public-wot-ig@w3.org
Betreff: [IG-SP] Conf call on Thurs, July 16



Hi,

we'll be having the next call on WoT security&privacy matters Thurs July 16, 0:00 - 1:00 UTC / 2:00 - 3:00 CEST / 17:00 - 18:00 PDT (-1d) / 9:00 - 10:00 JST (sorry for the late notice: it took a bit to get the WebEx conf call scheduled) :



Conf call details:

Meeting number(Access code): 644 020 082

Meeting password: wotsec

Audio connection: +1-617-324-0000 US Toll Number

Meeting link: https://mit.webex.com/mit/j.php?MTID=mf05180ed3a4f7602d1e0cabb039892d6

Host key: 773392



Minutes to be taken on IRC: http://irc.w3.org/?channels=wot-sp (this is a proposal, not sure if a priori setups are needed, let's have a try)



The proposed agenda is:

1.       Housekeeping, minute taking

2.       Requirements: review of the initial proposal of security&privacy requirement candidates<https://www.w3.org/WoT/IG/wiki/Security%26Privacy_Requirements_Catalogue>: additions, changes, removals?

3.       Landscape: review of the initial proposal of security&privacy framework and mechanism candidates<https://www.w3.org/WoT/IG/wiki/Design-Time_Security%26Privacy_Means>: additions, changes, removals?

4.       Joint IRTF T2T/W3C WoT Meeting in Prague<https://www.w3.org/WoT/IG/wiki/Joint_IRTF_T2T_RG_/_W3C_WoT_IG_meeting_18-19_July_2015_in_Prague,_Czech_Republic>: roll-call, planned contents of the security&privacy session, objectives

5.       F2F Meeting in Sunnyvale, CA<https://www.w3.org/WoT/IG/wiki/F2F_meeting_29-31_July_2015_in_Sunnyvale_CA>: roll-call, suggested contents for security&privacy, objectives

6.       AOB

As always, this is open for your suggestions



Kinds regards,

Oliver
Received on Friday, 17 July 2015 06:42:45 UTC