- From: Kazuyuki Ashimura <ashimura@w3.org>
- Date: Fri, 8 Jun 2018 19:02:42 +0900
- To: Public Web of Things IG <public-wot-ig@w3.org>, public-wot-wg@w3.org
available at:
https://www.w3.org/2018/06/06-wot-pf-minutes.html
also as text below.
Thanks,
Kazuyuki
---
[1]W3C
[1] http://www.w3.org/
- DRAFT -
WoT PlugFest
06 Jun 2018
Attendees
Present
McCool, Kaz_Ashimura, Kazuaki_Nimura, Michael_McCool,
Taki_Kamiya, Ryuichi_Matsukura, Kunihiko_Toumura,
Toru_Kawaguchi, Takeshi_Sano, Michael_Lagally,
Tomoaki_Mizushima
Regrets
Chair
Matsukura
Scribe
kaz
Contents
* [2]Topics
1. [3]PF call and Testing call
2. [4]PlugFest preparation
* [5]Summary of Action Items
* [6]Summary of Resolutions
__________________________________________________________
<inserted> scribenick: kaz
PF call and Testing call
Kaz: due to overwrap with WISHI, we might be going to change
the Testing slot right after this call
McCool: and make this call 1.5 hours
... 90% sure for that
... but there is no conflict next week
... asking the F-Interop guys about their preference now
... so hold it on at the moment
PlugFest preparation
Matsukura: would like to start discussion on preparation
... (shares his screen)
... was generating the preparation.md file on my local branch
<ryuichi>
[7]https://github.com/mryuichi/documents/blob/master/preperatio
n_June2018.md
[7] https://github.com/mryuichi/documents/blob/master/preperation_June2018.md
(matsukura-san's branch above)
McCool: 2018-budang should be the place
Matsukura: will move it there
... for the next plugfest
... section 2.2
... servient list like this
... we generated this kind of table
... should generate this again for the Korea f2f as well
... and all are encouraged to generate COMPANY-preparation.md
... who would join?
McCool: Intel
Kawaguchi: Panasonic
McCool: Siemens
Lagally: Oracle
Matsukura: who else?
... please generate your COMPANY-preparation.md and share it
asap
McCool: some testing stuff
... (shares his work)
... under 2018-bundang directory
... Security-Bundang... and Testing-Bundang...
[8]Security-Bundang
[8] https://github.com/w3c/wot/blob/master/plugfest/2018-bundang/Security-Bundang-PlugFest-Preparation.pptx
[9]Testing-Bundang
[9] https://github.com/w3c/wot/blob/master/plugfest/2018-bundang/Testing-Bundang-PlugFest-Preparation.pptx
McCool: [Scope]
... preparation for W3C WoT Plugfest wrt testing goals
... [Goals]
... three topics
... [Thing Description Validation]
... TD Playground
... runs json schema
... JSON schema + TD-validation.TTL (SHACL)
... going to create TD validation service
... based on help by Ege
... returns error codes
... also planning to provide Thing Directory
... if the TD is wrong, it would not accept the TD
... provide secure access as well
... with password, etc.
... would figure out it
... [Thing Network API Exerciser]
... another thing Ege is working on
... given a TD, goes over the network and invokes network API
... e.g., get properties
... not "safe"
... [Thing Scripting API Test Suite]
... another thing
... collection of test scripts
... assuming node-wot
... [Thing Security Testing]
... automatically break into Web services
... design rules for TDs to catch common security issues
... simply flags for security
... get your TD, HTTP + Basic Auth
... no security is insecure
... second one is autonomous penetration test suite
... will do it manually invoked thing
... [Conclusion]
... let's start testing!
Kaz: minor typo
McCool: fixes it
... will update it
... next PlugFest preparation
[10]McCool's slides on Bundang PlugFest preparation
[10] https://github.com/w3c/wot/blob/master/plugfest/2018-bundang/Intel-Bundang-PlugFest-Preparation.pdf
McCool: Intel preparation document
... this is my goal here
... [Planned Architecture]
... node-red orchestration
... camera service, speech service
... and OCF CoAP things
... couldn't do ABS thing
... would have this time
... with Amazon voice service
... most of them online
... still much to do
... [Collaborations and Use Cases]
... accessibility
... continue defining use cases with Paciello group
... AI integration
... connecting WoT Things with local/remote AI services
... specifically object recognition
... camera with web api
... that's my stuff
... will put into the template once it's done
<McCool>
[11]https://github.com/w3c/wot/blob/master/plugfest/2018-bundan
g/Intel-Bundang-PlugFest-Preparation.pdf
[11] https://github.com/w3c/wot/blob/master/plugfest/2018-bundang/Intel-Bundang-PlugFest-Preparation.pdf
<McCool>
[12]https://github.com/w3c/wot/blob/master/plugfest/2018-bundan
g/Testing-Bundang-PlugFest-Preparation.pptx
[12] https://github.com/w3c/wot/blob/master/plugfest/2018-bundang/Testing-Bundang-PlugFest-Preparation.pptx
Nimura: question
... security stuff
... purpose of that is checking basic security implementation
... but actual devices wouldn't that simple security?
McCool: there might be vulnerability within your implementation
... still need guest password, etc.
... those standard penetration tool could be broken
... security hazard
... not trying to collect tools
Nimura: so checking the possible vulnerability is the key
... another question
... security incorporated in architecture
... do you want to update the architecture document with
security portion?
McCool: good question
... you should make sure TDs are distributed
... avoid manipulating your TDs
... to be done by the plugfest but probably not next week
... would ping the TFs
... in practice not part of the standards
... but to be handled by WoT implementations
... break into some system
... btw, with HTTP+basic auth, you can get the password and
login to the system easily...
... will expand the plan through the next security call
Kaz: how to proceed?
... Matsukura-san, will generate the template for
COMPANY-preparation.md?
Matsukura: will do
... clarify the common part and generate some template
... and share with all
Kaz: do we have anything else for today?
Matsukura: question about McCool's slides
... interested in your architecture
... but not sure how to connect with your servient
McCool: let me just say
... now testing online
... you can see my current system
... but TDs right now are not really good
... basically I have devices with TDs
... you want to access the devices?
... provides via HTTPS connection
... transparent portal
... using SSH tunnel
Matsukura: we can connect to the portal
... with our application?
McCool: local Thing Directory and remote Thing Directory
... remote directory refers to portal address
... but not sure about the local address yet
... assuming we have network address
Kaz: that kind of interface should be included in the template
McCool: can provide information, can update TD as well
... I have two portals
... Japan portal and California portal
... Japan one should be faster
Matsukura: tx
<scribe> ACTION: Matsukura to generate template for
COMPANY-preparation.md (and possibly common preparation.md)
Kaz: anything else for today?
(none)
Matsukura: thanks all!
[adjourned]
Summary of Action Items
[NEW] ACTION: Matsukura to generate template for
COMPANY-preparation.md (and possibly common preparation.md)
Summary of Resolutions
[End of minutes]
__________________________________________________________
Minutes formatted by David Booth's [13]scribe.perl version
1.152 ([14]CVS log)
$Date: 2018/06/08 10:01:10 $
[13] http://dev.w3.org/cvsweb/~checkout~/2002/scribe/scribedoc.htm
[14] http://dev.w3.org/cvsweb/2002/scribe/
Received on Friday, 8 June 2018 10:04:18 UTC