- From: Kazuyuki Ashimura <ashimura@w3.org>
- Date: Tue, 21 May 2019 23:31:00 +0900
- To: Public Web of Things IG <public-wot-ig@w3.org>, public-wot-wg@w3.org
available at: https://www.w3.org/2019/05/06-wot-sec-minutes.html also as text below. Thanks, Kazuyuki --- [1]W3C [1] http://www.w3.org/ - DRAFT - WoT Security 06 May 2019 Attendees Present Kaz_Ashimura, Elena_Reshetova, Michael_McCool, Tomoaki_Mizushima Regrets Chair McCool Scribe kaz Contents * [2]Topics 1. [3]Agenda 2. [4]Review of minutes 3. [5]Quick updates 4. [6]Review progress 5. [7]Updates to TD/Arch 6. [8]Issues/PRs 7. [9]Next call * [10]Summary of Action Items * [11]Summary of Resolutions __________________________________________________________ Agenda McCool: short agenda: prev minutes, updates to TD/Arch, Issues/PRs <inserted> mm: adds CTA/NIST for workshop to quick updates Review of minutes [12]https://www.w3.org/2019/04/29-wot-sec-minutes.html [12] https://www.w3.org/2019/04/29-wot-sec-minutes.html McCool: (goes through the minutes) ... publication schedule change, still ongoing ... also need to work on demos ... any issues? (no objections) McCool: accepting the minutes Quick updates McCool: talked with Mike Bergman from CTA to invite them to the WoT workshop ... but unfortunately he can't come Review progress McCool: joined the IIC security call ... but just myself and the Chair there ... have not heard back from the others either ... so far we have got no feedback from TAG either Updates to TD/Arch McCool: one of the issues ... best practices document and testing document don't have proper style yet ... so for the moment, we should remove the refs to them from the spec docs ... when we get to PR, we can add links back again Kaz: those references are non-normative. right? McCool: right Issues/PRs [13]Issues [13] https://github.com/w3c/wot-security/issues Elena: maybe better to start with the oldest one? McCool: yeah, but maybe we can look at issue 122 first [14]Issue 122 [14] https://github.com/w3c/wot-security/issues/122 McCool: (reopens the related TD issue 300) [15]TD issue 300 [15] https://github.com/w3c/wot-thing-description/issues/300 McCool: now we can refer to the above TD issue 300 ... and security issue 122 itself can be closed ... (closes issue 122) [16]Issue 84 [16] https://github.com/w3c/wot-security/issues/84 McCool: add a comment ... need to review before the Cork IIC meeting in May 2019. Elena: after that, we should check the old issues McCool: ok [17]Issue 13 [17] https://github.com/w3c/wot-security/issues/13 McCool: current practices document has gone away and turned into the Architecture document ... so would propose we close this issue itself (13) and create a smaller issues related to particular things in the Architecture document. ... (also adds some more comment to the TD issue 300) [18]McCool's updated comment on TD issue 300 [18] https://github.com/w3c/wot-thing-description/issues/300#issuecomment-489601427 McCool: (goes back to the security issue 13) ... change the title to "Align with Architecture document" ... and keep it [19]Issue 14 [19] https://github.com/w3c/wot-security/issues/14 McCool: discovery and expose ... since we don't consider discovery any more ... also discovery is out of scope from our current Charter ... if there was a service supporting discovery, and that service was described with a TD, that TD could specify the access rights and requirements for discovery ... TDs alone specify the interaction rights but say nothing about discovery, and this is fine, since that is the scope of the TD ... we already state the security properties that any TD discovery mechanism should have, e.g., provide TDs only to "authorized users". However, we are vague as to how that is accomplished we state the goal, not the mechanism, which is intentionally undefined ... my reading of what Zoltan was saying above is that is not really an issue for the Scripting API. Or rather, access rights are handled outside of the Scripting API. ... (and close it; issue 14) [20]Issue 21 [20] https://github.com/w3c/wot-security/issues/21 McCool: done ... and closed [21]Issue 13 [21] https://github.com/w3c/wot-security/issues/13 McCool: (goes back to issue 13, and close it as well) ... because we already have an issue with the updated title Next call McCool: would cancel the call next week Kaz: so the next call will occur on Monday, May 20? McCool: will be traveling for the IIC meeting on that day as well ... but still may be able to join [adjourned] Summary of Action Items Summary of Resolutions [End of minutes] __________________________________________________________ Minutes manually created (not a transcript), formatted by David Booth's [22]scribe.perl version 1.154 ([23]CVS log) $Date: 2019/05/21 14:26:59 $ [22] http://dev.w3.org/cvsweb/~checkout~/2002/scribe/scribedoc.htm [23] http://dev.w3.org/cvsweb/2002/scribe/
Received on Tuesday, 21 May 2019 14:32:11 UTC