- From: Kazuyuki Ashimura <ashimura@w3.org>
- Date: Tue, 22 May 2018 08:15:34 +0900
- To: Public Web of Things IG <public-wot-ig@w3.org>, public-wot-wg@w3.org
available at:
https://www.w3.org/2018/05/14-wot-sec-minutes.html
also as text below.
Thanks a lot for taking these minutes, Michael Koster!
Kazuyuki
---
[1]W3C
[1] http://www.w3.org/
- DRAFT -
WoT Security
14 May 2018
[2]Agenda
[2] https://www.w3.org/WoT/IG/wiki/IG_Security_WebConf#May_14.2C_2018
Attendees
Present
Elena_Reshetova, Michael_Koster, Zoltan_Kis,
Kazuaki_Nimura, Tomoaki_Mizushima
Regrets
Kaz
Chair
Michael_McCool
Scribe
mjkoster
Contents
* [3]Topics
1. [4]TD security vocabulary from scripting API review
2. [5]PR review
3. [6]tunnel configuration, on line test system
* [7]Summary of Action Items
* [8]Summary of Resolutions
__________________________________________________________
<McCool>
[9]https://www.w3.org/WAI/PF/wiki/Teleconference_cheat_sheet
[9] https://www.w3.org/WAI/PF/wiki/Teleconference_cheat_sheet
<McCool> scribenick: mjkoster
TD security vocabulary from scripting API review
<zkis>
[10]https://rawgit.com/zolkis/wot-scripting-api/master/index.ht
ml
[10] https://rawgit.com/zolkis/wot-scripting-api/master/index.html
McCool: where is the URL?
... for the topic?
<zkis>
[11]https://w3c.github.io/wot-thing-description/#security
[11] https://w3c.github.io/wot-thing-description/#security
Zoltan: what is the property"n"?
McCool: these belong inside the "scheme" element
... do you have the latest version?
... the vocabulary is in the security metadata section
... each scheme has a set of properties for that scheme
Zoltan: this document is enough information to proceed, thanks
McCool: checking the document again, pointing out some examples
... terminology comes from openAPI to be consistent with known
practice
<McCool> mccool: please look at the end of
[12]https://github.com/w3c/wot-security/blob/working/wot-securi
ty-metadata.md
[12] https://github.com/w3c/wot-security/blob/working/wot-security-metadata.md
<McCool> ... there are a lot more terms than just scheme and in
PR review
Elena: privacy section
... section 7
... privacy considerations
... who is the subject, whose privacy is being protected
... who are the privacy stakeholders?
... review of the roles involved, manufacturer, installer, etc
McCool: the primary subject is the end user
Elena: agree, are there any other considerations we need to
include
McCool: privacy is a personal consideration, for corporations
it is confidentiality
Elena: review the table of threat categories
McCool: fingerprinting threat is about assembling all of the
information to create a unique ID
... could elaborate in the last row of the table
... also add a tracking risk category
... behavior observation
Elena: any other threats or risks that are not covered here?
McCool: disclosure of sensitive data, leaking
... Thing Directory could disclose a personal inventory, things
owned
... payload data
... unique IDs on things that can be used for tracking
Elena: please think about more cases and email or discuss
tunnel configuration, on line test system
McCool: issues with converting graphics and fonts, etc.
... added text discussing a tunnel proxy approach in addition
to local+remote proxies
... could be an IP tunnel or SSH tunnel that maps ports
... the thing is responsible for its own security
... which is somewhat hard
... another version is the proxy
... using http instead of https
... the security is added at the tunnel
... network endpoints are exposed locally
... but can be hidden behind other security and gateways
... have implemented this in an online test system
... has examples with different security schemes
... gives demonstration of the online systems including raw OCF
and generated TDs
... more secure system would only expose thing directory and
the interactions themselves
... camera example
... currently has basic and digest running, adding tokens next
... please review and provide feedback, will merge next week
... a section on the caching proxy
... also could use metadata of TD to pre-observe properties and
perform other optimization
... security implication of the proxy having access to the
payload, maybe OSCORE could be part of a solution
... 9 minutes left, could review some issues
Elena: what about the life cycle/provisioning issue?
... #15
... is provisioning in scope?
McCool: thought it was out of scope
Elena: sharing the document
... haven't updated it
... last statement is about the scope
McCool: should be able to close the issue as out of scope
... any objections?
... no objections, will close
... issue 93, end of life of TD
zoltan: going with observable TD
McCool: need to review the security implications of this
solution
... let's leave it open and return to it
... AOB?
... online system is in my apartment but go ahead and use it
anytime
... adjourn
Summary of Action Items
[ONGOING] ACTION: elena to work on issue 68 (Thing Provider
Data Specification) and issue 69 (Passive Observers Risk)
[ONGOING] ACTION: elena/koster to work on terminology
[ONGOING] ACTION: mccool to work on issue 70 (Require Not
Exposing Immutable Hardware Identifiers?)
[ONGOING] ACTION: mccool to talk with security guys about
testing/validation timeline
[ONGOING] ACTION: mccool to work on tunneling/shadow for the
security metadata proposal
[ONGOING] ACTION: mccool to work on PR 90
[ONGOING] ACTION: zkis to create scripting issue for TD life
cycle in scripting api
[ONGOING] ACTION: mjkoster/elena to review examples in the
security spec
Summary of Resolutions
[End of minutes]
__________________________________________________________
Minutes formatted by David Booth's [13]scribe.perl version
1.152 ([14]CVS log)
$Date: 2018/05/21 23:03:21 $
[13] http://dev.w3.org/cvsweb/~checkout~/2002/scribe/scribedoc.htm
[14] http://dev.w3.org/cvsweb/2002/scribe/
Received on Monday, 21 May 2018 23:16:45 UTC