W3C home > Mailing lists > Public > public-wot-ig@w3.org > September 2019

[wot-security] minutes - 2 September 2019

From: Kazuyuki Ashimura <ashimura@w3.org>
Date: Thu, 12 Sep 2019 00:15:18 +0900
Message-ID: <CAJ8iq9VC1FzXe8c7NoVKKgkGBOzC1CDDOTHJnXqGtimHTusijA@mail.gmail.com>
To: Public Web of Things IG <public-wot-ig@w3.org>, public-wot-wg@w3.org
available at:

also as text below.





      [1] http://www.w3.org/

                               - DRAFT -

                              WoT Security

02 Sep 2019


      [2] https://www.w3.org/WoT/IG/wiki/IG_Security_WebConf#Agenda


          Kaz_Ashimura, Elena_Reshetova, Michael_McCool





     * [3]Topics
         1. [4]Review minutes
         2. [5]Rescheduling the security call
         3. [6]WG Charter draft
     * [7]Summary of Action Items
     * [8]Summary of Resolutions

   <scribe> scribenick: kaz

Review minutes

   [9]Aug-26 minutes

      [9] https://www.w3.org/2019/08/26-wot-sec-minutes.html

   McCool: don't see any problems
   ... objections to accept the minutes?

   (no objections)

   McCool: accepted

Rescheduling the security call


     [10] https://doodle.com/poll/uygq7wtn75syw8h2

   McCool: Taki can't make Monday
   ... any preference on the slots on Monday?

   Elena: no preference

   McCool: prefer the later time

   Kaz: me too

   McCool: so let's go with 7am JST

   <scribe> ACTION: kaz to allocate a new webex and distribute it
   for the next week

   Kaz: will do

   McCool: after talking with Taki, we might be going to change
   the slot again

   (Zoltan joins)

   McCool: Zoltan, we were talking about the new slot for the
   Security call
   ... (explains the situation)

   Elena: it's 1pm in Finland

   Zoltan: ok
   ... fine by me though might be a bit late

WG Charter draft

   [11]PR 856

     [11] https://github.com/w3c/wot/pull/856


     [12] https://github.com/w3c/wot/blob/master/charters/wot-wg-charter-draft-2019.html

   McCool: the initial PR (PR 856) has been merged


     [13] http://w3c.github.io/wot/charters/wot-wg-charter-draft-2019.html

   McCool: rendered version above
   ... as far as security goes
   ... topics on security within "2. Scope"
   ... also Interoperability Profiles
   ... Discovery
   ... need to work with the Privacy group
   ... security aspects for Implementation View Spec as well
   ... 2.6 Discovery
   ... we have to define deliverables
   ... possibly break out into 2 pieces
   ... introduction and exploration
   ... peer-to-peer discovery could be supported as a special case
   ... have to coordinate with IETF, etc.
   ... need more general context here
   ... 2.7 Identity Management
   ... Kaz mentioned there is a proposed WG named the
   Decentralized ID WG
   ... should collaborate with them
   ... kind of like ID management lifecycle
   ... e.g., please notify me when the ID management changes
   ... device with right access to be handled
   ... we have a deliverable down here ("3. Deliverables")
   ... we need to create repos for those deliverables
   ... would like to start soon
   ... Michael Lagally is generating draft as well
   ... any comments?

   Zoltan: discovery for WoT?
   ... do we want to define ourselves?

   McCool: good point
   ... have predescribed script
   ... in fact we're doing how to distribute things
   ... because existing devices don't distribute TDs

   Zoltan: distributing script as well?

   McCool: may be

   Zoltan: some kind of manifest of something
   ... some kind of package

   McCool: bunch of things that are listed as "Notes"
   ... normative deliverables are extracted from the powerpoint we
   discussed in Munich

   Zoltan: was there any deliverable which can be included as

   McCool: hold on...
   ... (shares the powerpoint slide from Munich)
   ... other things used to on the REC track
   ... essentially deployment model and packaging
   ... WG Charter can be changed later
   ... what we should do is
   ... if you think deployment/packaging mechanism for Scripting
   would be useful, you can create a PR for that proposal
   ... the current list is generated from the powerpoint in Munich

   Zoltan: ok
   ... some provisions to associate things
   ... should be contained to Scripting distribution mechanism

   McCool: 2 kinds of dependency
   ... NPM kind of packaging
   ... and function
   ... query mechanism and installation mechanism

   Zoltan: we don't have to re-invent generic distribution

   McCool: packaging of script
   ... there is dependency
   ... 2 parts of manifest
   ... very interesting

   Zoltan: let's say I discover things and would know about the
   capability of scripts
   ... up to the clients

   McCool: please review this draft Charter
   ... and also proposals from Michael Lagally

   [14]wot-profile proposal

     [14] https://w3c.github.io/wot-profile/

   (Elena leaves)

   McCool: what is the right context to handle the context?
   ... have been talking about the orchestrator
   ... e.g., Panasonic, etc., use node-red
   ... we could add another deliverable for management script
   ... need context for interoperability
   ... just like profile, we need draft text which describes the
   context and the basic architecture
   ... would be useful to do
   ... personally started to think Scripting API could be a Note
   by the IG
   ... IG should be incubating the requirements

   Zoltan: it's specific to node-wot and typescript

   McCool: we could add management API
   ... with packaging capability

   Zoltan: JS is the language supported by Web browsers
   ... that might be one way to go for something like Web Assembly

   McCool: what to be contained for packaging?
   ... those things could be interesting

   Zoltan: right now we have JS runtime
   ... there are some issues to tackle
   ... it's something would make sense
   ... but not directly related to WoT

   McCool: if we go for more general mechanism for packaging
   ... need a draft text to be included in the draft Charter
   ... need same thing for packaging and/or management API

   Kaz: it sounds like object-oriented programming
   ... how to combine the TD model and Scripting API as a possible
   method for the data model

   McCool: would create an issue about this point

   <McCool> [15]https://github.com/w3c/wot/issues/861

     [15] https://github.com/w3c/wot/issues/861

   McCool: WG Charter issue above
   ... also it would be nice to have a specific repo for the
   wot-discovery discussion
   ... will generate a draft first
   ... and let's have discussion during the main call

   Zoltan: regarding the above Issue 861
   ... we need use cases to motivate it

   McCool: ok
   ... (adds comment on that point)
   ... why don't you add your comments to this thread?

   Zoltan: ok


Summary of Action Items

   [NEW] ACTION: kaz to allocate a new webex and distribute it for
   the next week

Summary of Resolutions

   [End of minutes]

    Minutes manually created (not a transcript), formatted by
    David Booth's [16]scribe.perl version 1.154 ([17]CVS log)
    $Date: 2019/09/02 15:11:07 $

     [16] http://dev.w3.org/cvsweb/~checkout~/2002/scribe/scribedoc.htm
     [17] http://dev.w3.org/cvsweb/2002/scribe/
Received on Wednesday, 11 September 2019 15:16:22 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:27:38 UTC