[PlugFest] minutes - 6 June 2018

available at:
  https://www.w3.org/2018/06/06-wot-pf-minutes.html

also as text below.

Thanks,

Kazuyuki

---

   [1]W3C

      [1] http://www.w3.org/

                               - DRAFT -

                              WoT PlugFest

06 Jun 2018

Attendees

   Present
          McCool, Kaz_Ashimura, Kazuaki_Nimura, Michael_McCool,
          Taki_Kamiya, Ryuichi_Matsukura, Kunihiko_Toumura,
          Toru_Kawaguchi, Takeshi_Sano, Michael_Lagally,
          Tomoaki_Mizushima

   Regrets

   Chair
          Matsukura

   Scribe
          kaz

Contents

     * [2]Topics
         1. [3]PF call and Testing call
         2. [4]PlugFest preparation
     * [5]Summary of Action Items
     * [6]Summary of Resolutions
     __________________________________________________________

   <inserted> scribenick: kaz

PF call and Testing call

   Kaz: due to overwrap with WISHI, we might be going to change
   the Testing slot right after this call

   McCool: and make this call 1.5 hours
   ... 90% sure for that
   ... but there is no conflict next week
   ... asking the F-Interop guys about their preference now
   ... so hold it on at the moment

PlugFest preparation

   Matsukura: would like to start discussion on preparation
   ... (shares his screen)
   ... was generating the preparation.md file on my local branch

   <ryuichi>
   [7]https://github.com/mryuichi/documents/blob/master/preperatio
   n_June2018.md

      [7] https://github.com/mryuichi/documents/blob/master/preperation_June2018.md

   (matsukura-san's branch above)

   McCool: 2018-budang should be the place

   Matsukura: will move it there
   ... for the next plugfest
   ... section 2.2
   ... servient list like this
   ... we generated this kind of table
   ... should generate this again for the Korea f2f as well
   ... and all are encouraged to generate COMPANY-preparation.md
   ... who would join?

   McCool: Intel

   Kawaguchi: Panasonic

   McCool: Siemens

   Lagally: Oracle

   Matsukura: who else?
   ... please generate your COMPANY-preparation.md and share it
   asap

   McCool: some testing stuff
   ... (shares his work)
   ... under 2018-bundang directory
   ... Security-Bundang... and Testing-Bundang...

   [8]Security-Bundang

      [8] https://github.com/w3c/wot/blob/master/plugfest/2018-bundang/Security-Bundang-PlugFest-Preparation.pptx

   [9]Testing-Bundang

      [9] https://github.com/w3c/wot/blob/master/plugfest/2018-bundang/Testing-Bundang-PlugFest-Preparation.pptx

   McCool: [Scope]
   ... preparation for W3C WoT Plugfest wrt testing goals
   ... [Goals]
   ... three topics
   ... [Thing Description Validation]
   ... TD Playground
   ... runs json schema
   ... JSON schema + TD-validation.TTL (SHACL)
   ... going to create TD validation service
   ... based on help by Ege
   ... returns error codes
   ... also planning to provide Thing Directory
   ... if the TD is wrong, it would not accept the TD
   ... provide secure access as well
   ... with password, etc.
   ... would figure out it
   ... [Thing Network API Exerciser]
   ... another thing Ege is working on
   ... given a TD, goes over the network and invokes network API
   ... e.g., get properties
   ... not "safe"
   ... [Thing Scripting API Test Suite]
   ... another thing
   ... collection of test scripts
   ... assuming node-wot
   ... [Thing Security Testing]
   ... automatically break into Web services
   ... design rules for TDs to catch common security issues
   ... simply flags for security
   ... get your TD, HTTP + Basic Auth
   ... no security is insecure
   ... second one is autonomous penetration test suite
   ... will do it manually invoked thing
   ... [Conclusion]
   ... let's start testing!

   Kaz: minor typo

   McCool: fixes it
   ... will update it
   ... next PlugFest preparation

   [10]McCool's slides on Bundang PlugFest preparation

     [10] https://github.com/w3c/wot/blob/master/plugfest/2018-bundang/Intel-Bundang-PlugFest-Preparation.pdf

   McCool: Intel preparation document
   ... this is my goal here
   ... [Planned Architecture]
   ... node-red orchestration
   ... camera service, speech service
   ... and OCF CoAP things
   ... couldn't do ABS thing
   ... would have this time
   ... with Amazon voice service
   ... most of them online
   ... still much to do
   ... [Collaborations and Use Cases]
   ... accessibility
   ... continue defining use cases with Paciello group
   ... AI integration
   ... connecting WoT Things with local/remote AI services
   ... specifically object recognition
   ... camera with web api
   ... that's my stuff
   ... will put into the template once it's done

   <McCool>
   [11]https://github.com/w3c/wot/blob/master/plugfest/2018-bundan
   g/Intel-Bundang-PlugFest-Preparation.pdf

     [11] https://github.com/w3c/wot/blob/master/plugfest/2018-bundang/Intel-Bundang-PlugFest-Preparation.pdf

   <McCool>
   [12]https://github.com/w3c/wot/blob/master/plugfest/2018-bundan
   g/Testing-Bundang-PlugFest-Preparation.pptx

     [12] https://github.com/w3c/wot/blob/master/plugfest/2018-bundang/Testing-Bundang-PlugFest-Preparation.pptx

   Nimura: question
   ... security stuff
   ... purpose of that is checking basic security implementation
   ... but actual devices wouldn't that simple security?

   McCool: there might be vulnerability within your implementation
   ... still need guest password, etc.
   ... those standard penetration tool could be broken
   ... security hazard
   ... not trying to collect tools

   Nimura: so checking the possible vulnerability is the key
   ... another question
   ... security incorporated in architecture
   ... do you want to update the architecture document with
   security portion?

   McCool: good question
   ... you should make sure TDs are distributed
   ... avoid manipulating your TDs
   ... to be done by the plugfest but probably not next week
   ... would ping the TFs
   ... in practice not part of the standards
   ... but to be handled by WoT implementations
   ... break into some system
   ... btw, with HTTP+basic auth, you can get the password and
   login to the system easily...
   ... will expand the plan through the next security call

   Kaz: how to proceed?
   ... Matsukura-san, will generate the template for
   COMPANY-preparation.md?

   Matsukura: will do
   ... clarify the common part and generate some template
   ... and share with all

   Kaz: do we have anything else for today?

   Matsukura: question about McCool's slides
   ... interested in your architecture
   ... but not sure how to connect with your servient

   McCool: let me just say
   ... now testing online
   ... you can see my current system
   ... but TDs right now are not really good
   ... basically I have devices with TDs
   ... you want to access the devices?
   ... provides via HTTPS connection
   ... transparent portal
   ... using SSH tunnel

   Matsukura: we can connect to the portal
   ... with our application?

   McCool: local Thing Directory and remote Thing Directory
   ... remote directory refers to portal address
   ... but not sure about the local address yet
   ... assuming we have network address

   Kaz: that kind of interface should be included in the template

   McCool: can provide information, can update TD as well
   ... I have two portals
   ... Japan portal and California portal
   ... Japan one should be faster

   Matsukura: tx

   <scribe> ACTION: Matsukura to generate template for
   COMPANY-preparation.md (and possibly common preparation.md)

   Kaz: anything else for today?

   (none)

   Matsukura: thanks all!

   [adjourned]

Summary of Action Items

   [NEW] ACTION: Matsukura to generate template for
   COMPANY-preparation.md (and possibly common preparation.md)

Summary of Resolutions

   [End of minutes]
     __________________________________________________________


    Minutes formatted by David Booth's [13]scribe.perl version
    1.152 ([14]CVS log)
    $Date: 2018/06/08 10:01:10 $

     [13] http://dev.w3.org/cvsweb/~checkout~/2002/scribe/scribedoc.htm
     [14] http://dev.w3.org/cvsweb/2002/scribe/

Received on Friday, 8 June 2018 10:04:18 UTC