- From: Kazuyuki Ashimura <ashimura@w3.org>
- Date: Mon, 15 Jan 2018 23:48:44 +0900
- To: Public Web of Things IG <public-wot-ig@w3.org>, public-wot-wg@w3.org
available at: https://www.w3.org/2018/01/08-wot-sec-minutes.html also as text below. Thanks, Kazuyuki --- [1]W3C [1] http://www.w3.org/ - DRAFT - WoT Security 08 Jan 2018 [2]Agenda [2] https://www.w3.org/WoT/IG/wiki/IG_Security_WebConf#Agenda Attendees Present Kaz_Ashimura, Elena_Reshetova, Michael_McCool, Tomoaki_Mizushima, Michael_Koster, zkis Regrets Chair McCool Scribe kaz Contents * [3]Topics 1. [4]Agenda 2. [5]NDSS workshop 3. [6]IoT semantic interop ws 4. [7]WoT Security and Privacy Considerations 5. [8]Issues 6. [9]prev minutes * [10]Summary of Action Items * [11]Summary of Resolutions __________________________________________________________ Agenda previous minutes: [12]https://www.w3.org/2017/12/18-wot-sec-minutes.html [12] https://www.w3.org/2017/12/18-wot-sec-minutes.html [13]Soumya's message [13] https://lists.w3.org/Archives/Public/public-wot-ig/2018Jan/0000.html mccool: one more meeting before Elena leaving ... need to talk about plugfest planning ... and f2f planning elena: when/where? mccool: in March in Prague ... OCF meeting (March 19-23) ... WoT PlugFest (March 24-25) ... WoT f2f (March 26-29) ... plugfest call will be held on Wed (Jan 10) ... can show slides ... on possible support for TLS, etc. ... not everyone is aware of security (at the moment) elena: should take a look from security viewpoint ... e.g., sensor/actuator within some network and application from outside mccool: right ... TLS and tokens ... among OAuth elena: how normally PlugFests set up/down? ... can we see the high-level scenario? mccool: still on planning phase ... personally want to see security aspects ... how to generalize multiple participants ... so far we didn't consider security ... but we have to go beyond that elena: if we put too much it wouldn't be accomplished mccool: right ... might want to start with simple provisioning ... there is more specific things to do ... one discussion we had during the scripting call is affection of security information to the metadata ... set up out of bound zoltan: provisioning is not part of the current scripting api mccool: how can we prototype? ... need to document it <zkis> provisioning may be covered by a scripting API with a different entry point than the WoT API mccool: (shows the 2018-prague area for plugfest) ... (and then 2017-burlingame area) [14]2017-burlingame area [14] https://github.com/w3c/wot/blob/master/plugfest/2017-burlingame [15]latest slides [15] https://github.com/w3c/wot/blob/master/plugfest/2017-burlingame/PlugfestForNext171213.pdf (to be merged with the HTML) mccool: [p5. Issues for the next] ... issues here ... TD distribution and management should be done in a secure manner ... this week (on Wed) we should have more detailed discussion ... would accomplish voice interface ... all the stuff inside a secure mechanism ... that's my preference kostelena: we should put all of them together NDSS workshop mccool: paper on the queue ... and still under review IoT semantic interop ws mccool: another topic on the queue ... negotiating with the NDSS co-Chair for submitting a paper to this ws *Important Dates* Paper submission deadline: February 28, 2018 Acceptance Notification: March 31, 2018 Camera-Ready Paper Submission: April 30, 2018 ]] mccool: thinking about security aspects ... semantic tagging for security ... policy information marked up by semantic tagging ... let me know if you have any ideas ... this workshop itself is more about semantic interoperability WoT Security and Privacy Considerations mccool: need to see the Editor's notes ... create GitHub issues based on those notes kaz: maybe I should check the possible difference between the publication version and the Editor's draft just to make sure mccool: (shows pullrequest 62) [16]pullrequest 62 [16] https://github.com/w3c/wot-security/pull/62 [17]files changed [17] https://github.com/w3c/wot-security/pull/62/files mccool: conversion from "Thing" to "System" seems ok ... (browses some more keywords, e.g., "System Maintainer", "Security Owner") ... have to read through all the changes before merging ... and another pullrequest 37 [18]pullrequest 37 [18] https://github.com/w3c/wot-security/pull/37 [19]file changed [19] https://github.com/w3c/wot-security/pull/37/files mccool: need to check with Dave ... (add a comment to the issue 37) ... regarding pullrequest 62, I'll check all the changes including the threat model with IETF IoT RFC #40 ... Kaz, can you check the diff between the Editor's draft (master branch) and the published version? kaz: will quickly do mccool: will review the PRs ... and accept them (if it's ok) ... we should be thinking about security for plugfest ... also will review the security document Issues mccool: got a comment from Wendy [20]issue 61 [20] https://github.com/w3c/wot-security/issues/61 mccool: will respond to Wendy ... (goes through other issues) [21]issue 59 [21] https://github.com/w3c/wot-security/issues/59 [22]issue 39 [22] https://github.com/w3c/wot-security/issues/39 mccool: maybe can assign issue 39 to Elena [23]issue 36 [23] https://github.com/w3c/wot-security/issues/36 mccool: will check with Dave prev minutes [24]prev minutes [24] https://www.w3.org/2017/12/18-wot-sec-minutes.html mccool: any objections to accept the minutes? (none) [adjourned] Summary of Action Items Summary of Resolutions [End of minutes] __________________________________________________________ Minutes formatted by David Booth's [25]scribe.perl version 1.152 ([26]CVS log) $Date: 2018/01/15 14:09:19 $ [25] http://dev.w3.org/cvsweb/~checkout~/2002/scribe/scribedoc.htm [26] http://dev.w3.org/cvsweb/2002/scribe/
Received on Monday, 15 January 2018 14:49:56 UTC