- From: Kazuyuki Ashimura <ashimura@w3.org>
- Date: Tue, 27 Feb 2018 01:29:59 +0900
- To: Public Web of Things IG <public-wot-ig@w3.org>, publid-wot-wg@w3.org
available at:
https://www.w3.org/2018/02/12-wot-sec-minutes.html
also as text below.
Thanks a lot for taking these minutes, Elena!
Kazuyuki
---
[1]W3C
[1] http://www.w3.org/
- DRAFT -
WoT Security
12 Feb 2018
[2]Agenda
[2] https://www.w3.org/WoT/IG/wiki/IG_Security_WebConf#Agenda
Attendees
Present
Kaz_Ashimura, Michael_McCool, Barry_Leiba,
Daniel_Peintner, Elena_Reshetova, Michael_Koster,
Zoltan_Kis, Tomoaki_Mizushima
Regrets
Chair
McCool
Scribe
Elena, McCool, kaz
Contents
* [3]Topics
1. [4]Previous minutes
2. [5]Review NDSS presentation material
3. [6]Scripting review
* [7]Summary of Action Items
* [8]Summary of Resolutions
__________________________________________________________
<kaz> scribenick: elena
Previous minutes
<kaz> [9]prev minutes
[9] https://www.w3.org/2018/02/05-wot-sec-minutes.html
McCool: reviewing previous meeting minutes first
reading through the minutes...
McCool: should try to review labels on issues today if we have
time
... any objections to accepting the minutes?
minutes accepted
Review NDSS presentation material
McCool: next NDSS presentation slides review
<McCool> [10]https://github.com/mmccool/ndss-wot-sec
[10] https://github.com/mmccool/ndss-wot-sec
<McCool>
[11]https://github.com/mmccool/ndss-wot-sec/tree/master/talk
[11] https://github.com/mmccool/ndss-wot-sec/tree/master/talk
McCool: 20 min talk, 10 min questions
... goals of the presentation to get a feedback instead of
presenting new methods/approaches
... main focus is on metadata and TD, slides follow the NDSS
paper and we are hoping for a good discussion after that
... are the goals clear enough?
Barry: yes, I think so
McCool: some links on slide 5 might need updates
... slide 7 focus on TD, semantic metadata should be changed to
TD on slide 7 also
... slide 8 needs an example update
... do we have an updated examples?
KostElena: not sure we have syntax fixed, so need to wait for
it to stabilize
McCool: slide 8 needs to have bubbles for security metadata
... slides 11-15 talk about open issues with WoT and
distributed security
<Zakim> kaz, you wanted to ask if you/we want to mention
plugfest (and plugfest guideline) as well and to ask if you
want to mention existing examples, e.g., digital TVs
Michael adds a new slide: follow-up actions
with plugfest info
Kaz: also should mentioned S&P consideration document
... should really refer to a concrete example in the slides?
McCool: talk is short, audience should understand it
Elena: I think that examples might be important since there are
many standards around IoT, so audience might benefit from it
McCool: I will try to put some example for explaining issues
and if it doesn't work, it can be removed
Michael explaining following slides
McCool: smth is not discussed as separate issue: protection of
metadata
<kaz> [12]Michael's Slides
[12] https://github.com/mmccool/ndss-wot-sec/blob/master/talk/WoT
- S&P - NDSS DISS 2018 - Talk.pdf
McCool: maybe we need a new slide for this
... problem 5 is pretty vague in the paper, so I gave some
examples in slides
... shows kind of things we can enable with metadata
... please send email to me to provide further comments
changes will be uploaded to github
Scripting review
<zkis>
[13]http://rawgit.com/zolkis/wot-scripting-api/master/index.htm
l
[13] http://rawgit.com/zolkis/wot-scripting-api/master/index.html
<kaz> scribe: McCool
Elena: showing rawgit version of most recent Scripting API
draft
... looked at version available Friday
... general feeling: much more concrete
... concrete APIs
... clearer to see what is missing
... currently: doesn't have *anything* about security
... none of the examples discuss it
... start from use cases...
... looking at which of these actions would need security
... and then we can discuss how to plug it in
... for instance, discovery
... an attacker could be visiting a site
... if discovery done using broadcast
... can find out all the things
... could be a privacy threat
... even just knowing what devices are there
... same in an industrial environment
... not clear what the limits are on discovery
Zoltan: mapping of existing functionality onto scripting
... but supported in scripting only if implementation supports
it
... might be blocked by implementation
Elena: brings me to another point...
... how are errors reported?
Zoltan: that's right
... coming.
... descriptions of algorithms still coming
... we have to be careful when reporting errors
... to not give away information to an attacker
Elena: should be ok to say it is a security error, just not
what kind of security error (eg type of credentials required,
etc)
zoltan: ok, sounds good
Elena: there are so many security things that fingerprinting is
still hard
zoltan: we used to have a security section
... but it was deleted, didn't contain much anyway
zoltan: but we can at least add security error to error list
Elena: discovery was one security issue
... right now gives the impression that there are not errors,
API methods just work...
Zoltan: there should be an algorithm section for each that also
described when and how they can fail; not there yet
Elena: what about security metadata... how to be associated
with an exposed thing, for instance?
McCool: for instance, how to associated metadata with an
exposed thing
Zoltan: you don't... in manifest
Elena: but for example, an Action may be need a token
Zoltan: that should come from the identity
... certain entities will have certain access rights
Elena: but if use token-based access, for instance, how to
specify which actions need which tokens?
Zoltan: right now we have no means to associated security
metadata with particular actions, just with entire thing
... we need a separate API for provisioning
... in a different security realm
... consider it out of scope from scripting API
... but, you do have a point that it contributes to the TD
... we do have to figure out what security metadata the TD
contains
... right now we can generate functional part of TD, but can't
do provisioning
... we need a different API spec for provisioning
Elena: how to support different credentials for different
actions?
Zoltan: we decided in OCF that in that case it was better to
separate actions in different APIs
... in the WoT, that would put interfaces with different
security requirements in different Things
Daniel: I think you are right, Zoltan is completely not in the
document
... but what I think now should happen
... if certain functions needs certain tokens
... then property struct needs that information
... needs to contain that information
Zoltan: why can't we just pass this data as regular data
... does the runtime need to know?
daniel: in the initialization phase?
zoltan: well, in the case of tokens, I would like to ask Elena
if tokens can just be managed as regular objects
Elena: need to get information that action needs token into TD
... has to be some way for API to embed that information
Zoltan: I define an exposed thing, I define an action, I define
some parameters
<inserted> scribenick: kaz
McCool: would suggest we don't cancel the call next call...
Zoltan: or I can leave here today for some more time
Elena: need to leave now...
Zoltan: good to have larger people
... better to expose the discussion
... would add some more text
... if you see any more issues, please create additional issues
Elena: can't join the call next week
McCool: we can continue the discussion in 2 weeks
... btw, Zoltan, do you want to review the TD draft from
security viewpoint?
... can ask Barry as well
Zoltan: by when?
McCool: once the TD draft is ready
Zoltan: can read the draft anyway
[adjourned]
Summary of Action Items
Summary of Resolutions
[End of minutes]
__________________________________________________________
Minutes formatted by David Booth's [14]scribe.perl version
1.152 ([15]CVS log)
$Date: 2018/02/12 15:08:48 $
[14] http://dev.w3.org/cvsweb/~checkout~/2002/scribe/scribedoc.htm
[15] http://dev.w3.org/cvsweb/2002/scribe/
Received on Monday, 26 February 2018 16:31:11 UTC