- From: Kazuyuki Ashimura <ashimura@w3.org>
- Date: Fri, 06 Dec 2019 02:32:52 +0900
- To: public-wot-ig@w3.org, public-wot-wg@w3.org
available at:
https://www.w3.org/2019/11/18-wot-sec-minutes.html
also as text below.
Thanks,
Kazuyuki
---
[1]W3C
[1] http://www.w3.org/
- DRAFT -
WoT Security
18 Nov 2019
Attendees
Present
Kaz_Ashimura, Michael_McCool, Oliver_Pfaff, Taki_Kamiya,
Sebastian_Kaebisch, Elena_Reshetova
Regrets
Tomoaki_Mizushima
Chair
McCool
Scribe
kaz
Contents
* [2]Topics
1. [3]WG Charter finalization
2. [4]IETF Hackathon and IRTF Workshop
3. [5]Review minutes
4. [6]Issues and PRs
5. [7]Next week
* [8]Summary of Action Items
* [9]Summary of Resolutions
__________________________________________________________
<McCool>
[10]https://www.w3.org/WoT/IG/wiki/IG_Security_WebConf#Nov_18.2
C_2019
[10] https://www.w3.org/WoT/IG/wiki/IG_Security_WebConf#Nov_18.2C_2019
WG Charter finalization
[11]PR 907 to handle i18n comments
[11] https://github.com/w3c/wot/pull/907
[12]Richard's comment
[12] https://github.com/w3c/wot/pull/907#issuecomment-555000046
<scribe> scribenick: kaz
McCool: we have this PR 907
... what we want to do is...
... a comment from i18n
... need to be fair to the other horizontal groups as well
... updating the text within the "Coordination" section
Kaz: got a comment from Richard asking us to change "prior to
the horizontal review" to "throughout developing..."
McCool: think we can merge this PR itself
... and add another change
Sebastian: fine with merging the PR
McCool: (merges PR 907)
... and then we can create a new PR to handle Richard's comment
<McCool> proposal: current version of wg-draft-charter-2019 to
be submitted to AC review
RESOLUTION: current version of wg-draft-charter-2019 to be
submitted to AC review
IETF Hackathon and IRTF Workshop
McCool: discussion on discovery
... markdown now
<McCool>
[13]https://github.com/w3c/wot/blob/master/proposals/wot-discov
ery.md
[13] https://github.com/w3c/wot/blob/master/proposals/wot-discovery.md
McCool: discussed how to do discovery
... borrowed text from the landscape document
... discussion about criteria and priority as well
... Introduction, Background to be done
... Requirements from my slides for the WoT workshop
... Use Cases to be done
... should think about global ones and local ones
... Architecture section has high-level description
... started to talk about CoRE discovery and directories
... Authentication section including several existing
mechanisms
... OAuth2 or ACE-OAuth2 for CoAP
... strawman proposal as the starting point
... Other Introduction Mechanism has rough sketch
Review minutes
[14]Nov-11 minutes
[14] https://www.w3.org/2019/11/11-wot-sec-minutes.html
McCool: short call
... privacy discussion
... and several issues
... one thing to be fixed
... made id non-unique and optional
... discussed terminology a bit
... lifecycle, etc.
... had some chat with the IETF guys as well
... typo with "summerizing" (to be fixed as "summarizing")
... any other changes needed?
(none)
McCool: propose we accept the minutes after fixing those 2
points
(no objections)
McCool: accepted
[15]Nov-5 minutes
[15] https://www.w3.org/2019/11/05-wot-sec-minutes.html
McCool: next minutes from Nov-5 call
... new time slot for the call
... publication status
... the security note has been published
... typo with "juts" (to be fixed as "just")
... any objection to accept the minutes after fixing the typo?
(no objections)
McCool: accepted
Issues and PRs
[16]PRs
[16] https://github.com/w3c/wot-security/pulls
McCool: no PRs
[17]Issues
[17] https://github.com/w3c/wot-security/issues
[18]Issue 148
[18] https://github.com/w3c/wot-security/issues/148
Oliver: didn't have a chance to talk with Sebastian about this
... trying to create a minor issue
McCool: didn't see a pullrequest yet
Oliver: was about to create a PR
... will check what I've been doing
<McCool> instructions on how to do a PR:
[19]https://github.com/w3c/wot
[19] https://github.com/w3c/wot
McCool: instructions above
[20]Issue 147
[20] https://github.com/w3c/wot-security/issues/147
McCool: need to understand IETFAnima
... sign on mechanism or onboarding mechanism?
... (adding a comment to issue 147)
... someone suggested lifecycle reference
... thought IIC had a better lifecycle
... probably we should explicitly mention "ACE"
... also still need a lifecycle
[21]updated comment to Issue 147
[21] https://github.com/w3c/wot-security/issues/147#issuecomment-555018423
McCool: how about adding another issue to refer to Intel's SDO?
... do we have a section for Onboarding?
Elena: not yet
McCool: adds a comment to the new Issue
... create a new "Onboading" section
... along with Anima and other onboarding schemes
... referring to Intel's SDO
... let's use the master branch for the discussion
... "Onboarding" is in the scope of the new WG Charter
Elena: good to see what the "WoT Architecture" says about
"Onboarding" as well
... need to synchronize with that
McCool: probably the details should go to the Security Note
... is there any additional level of "Onboarding"?
... may consume OCF devices and WoT devices
... and may have two different onboarding mechanisms
... a lifecycle diagram is now included in the Security Note
... but should be moved to the Architecture document
... (go back to the issue list)
... Issue 147 handles Anima
... and Issue 149 handles SDO
Elena: have to look into the details
McCool: Elena and Oliver can create an initial PR for further
discussion
Next week
McCool: need to cancel the call next week due to multiple
conflicts
... take a look at the discovery draft as well
[adjourned]
Summary of Action Items
Summary of Resolutions
1. [22]current version of wg-draft-charter-2019 to be
submitted to AC review
[End of minutes]
__________________________________________________________
Minutes manually created (not a transcript), formatted by
David Booth's [23]scribe.perl version 1.154 ([24]CVS log)
$Date: 2019/12/03 05:35:22 $
[23] http://dev.w3.org/cvsweb/~checkout~/2002/scribe/scribedoc.htm
[24] http://dev.w3.org/cvsweb/2002/scribe/
Received on Thursday, 5 December 2019 17:33:01 UTC