- From: Kazuyuki Ashimura <ashimura@w3.org>
- Date: Thu, 16 Jul 2020 09:44:44 +0900
- To: public-wot-ig@w3.org, public-wot-wg@w3.org
available at:
https://www.w3.org/2020/06/22-26-wot-vf2f-minutes.html
also available as text below.
Thanks a lot for all the scribes, the prsenters and the Chairs!
Kazuyuki
---
[1]W3C
[1] http://www.w3.org/
- DRAFT -
WoT-IG/WG - Virtual F2F meeting
22-26 Jun 2020
[2]Agenda
[2] https://www.w3.org/WoT/IG/wiki/F2F_meeting_2020_2nd#WoT_F2F_Agenda
Contents
* [3]Day 1
1. [4]Opening and Quick updates
1. [5]Scribes
2. [6]Agenda
3. [7]Opening Session
2. [8]Security
1. [9]Signing TDs
2. [10]Decentralized identifiers
3. [11]OAuth2
4. [12]End-to-End security
5. [13]Other key open issues
3. [14]Discovery
1. [15]Requirements and Design decisions - Michael
McCool
1. [16]Discovery requirements
2. [17]Key design decisions
3. [18]Privacy issues
4. [19]Introduction
5. [20]Exploration
6. [21]Key issues
2. [22]LinkSmart directory service update - Farshid
Tavakolizadeh
3. [23]Verifiable Credntials in IoT Services - Nikos
Fotiou
* [24]Day 2
1. [25]Scribe
2. [26]PoC Projects
3. [27]PlugFest
4. [28]Note on where to put the sides for the vF2F
5. [29]Scripting
6. [30]Binding Template
7. [31]Logistics for tomorrow
8. [32]AOB?
* [33]Day 3
1. [34]Agenda
2. [35]Use Case questionnaire
3. [36]Questionnaire
4. [37]WoT Profiles
5. [38]Lifecycle
6. [39]Tomorrow
* [40]Day 4
1. [41]Scribes
2. [42]Presentations
3. [43]Use Case Prioritization
4. [44]Prioritization questionnaire results
5. [45]Requirements
* [46]Day 5
1. [47]Scribes
2. [48]TD
1. [49]Editorial bugs
2. [50]URI Variables
3. [51]readmultipleproperties
4. [52]Issue #913 Improve text on Action parameters
5. [53]definition and $ref
3. [54]Marketing
4. [55]Wrap-up and Closing
* Summary of Action Items
* Summary of Resolutions
1. [56]Pull request to remove comma to be merged into
latest Editor's Draft. The comma is banished. Should
create Errata document to note bug fixes. Daniel will
create separate issue to remove comma in
Recommendation, with a label to note editorial change.
2. [57]We will merge this PR.
__________________________________________________________
Day 1
Attendees
Present
Kaz_Ashimura, Ari_Keranen, Cristinao_Aguzzi,
Ben_Francis, Dmitrij_Lagutin, Farshid_Tavakolizadeh,
Ege_Korkan, Michael_McCool, Dave_Raggett,
Kunihiko_Toumura, Tomoaki_Mizushima, Jaime_Jimenez,
Michael_Koster, Nikos_Fotiou, Ryuichi_Matsukura,
Christian_Glomb
Regrets
David_Ezell
Chair
McCool
Scribe
Lagally, Farshid, Kaz
[58]Agenda
[58] https://www.w3.org/WoT/IG/wiki/F2F_meeting_2020_2nd#WoT_F2F_Agenda
[59]Presentations
[59] https://github.com/w3c/wot/tree/master/PRESENTATIONS/2020-06-online-f2f
Opening and Quick updates
* Scribes
<kaz> 1. Lagally
<kaz> 2. Farshid
<kaz> 3. Kaz
* Agenda
<inserted> scribenick: mlagally
McCool walks through the agenda, some small tweaks for
gathering, breaks
<McCool> agenda:
[60]https://www.w3.org/WoT/IG/wiki/F2F_meeting_2020_2nd#WoT_F2F
_Agenda
[60] https://www.w3.org/WoT/IG/wiki/F2F_meeting_2020_2nd#WoT_F2F_Agenda
McCool: let's use the IRC channel for chat, not the WebEx chat
* Opening Session
[61]Opening slides
[61] https://github.com/w3c/wot/blob/master/PRESENTATIONS/2020-06-online-f2f/2020-06-22-F2F-Opening-McCool.pdf
McCool: any guests?
... any non W3C members?
<kaz> Dmitrij Lagutin from Aarto University is a guest for
today
McCool: please respect W3C patent policy
<kaz> [62]W3C PP
[62] https://www.w3.org/Consortium/Patent-Policy-20170801/
McCool: Dmitrij Lagutin is a guest, his University is a member
<kaz> Nikos Fotiou from AUEB as well
McCool: all, to simplify management, please give full names
when you join WebEx on future calls
... Logistics: There's a github site with all presentations
... please put your presentation material to it
<McCool> presentations:
[63]https://github.com/w3c/wot/tree/master/PRESENTATIONS/2020-0
6-online-f2f
[63] https://github.com/w3c/wot/tree/master/PRESENTATIONS/2020-06-online-f2f
<inserted> scribenick: kaz
Lagally: use cases questionnaire ongoing
<McCool> [64]use case priority questionnaire
[64] https://www.w3.org/2002/09/wbs/1/wot-uc-priority-202005/
Lagally: there are 15 questions in the questionnaire
... options on "not interested", "useful, but not business
relevant", "business relevant", "business critical"
... last one (q18: category 17) is proposal for a new possible
use case
... if you have any other ideas for which WoT to be applied,
please put them
... in terms of the deadline, we'll discuss the results on
Thursday during the vF2F
... so please respond by then
<inserted> mm: note that Kaz reported a bug with the TD
Recommendation, but the detail to be discussed during the TD
session.
Security
scribenick: mlagally
[65]Security slides
[65] https://github.com/w3c/wot/blob/master/PRESENTATIONS/2020-06-online-f2f/2020-06-22-Security-McCool.pdf
McCool: we'll talk about Discovery later today after the break
... There was related work in "Lifecycle" and "Use cases"
... DID's will be discussed in depth in discovery
... OAuth2 work is still in progress
... Lfieycle has been discussed extensively, identifier
management is an important topic there
... in architecture there were discussions about agents and
stakeholders, we also used certain terms in security, need to
move over to architecture
... not all use cases have security and privacy considerations
yet, please make sure to include these when creating a new use
case
... "none" is a possible answer, if no security requirements
* Signing TDs
McCool: consider a compromised directory service that has
malicious links
... harvests password, e.g. for basic auth
... TLS credentials could help, however changed URLs could
still be used
... need to prevent modifications of TDs, e.g. prevent adding a
proxy
... need to enforce integrity
... ID could contain a hash on the contents of the TD
... alternative way: adding a proof section
... in 1st case a TD change modifies the id
... in 2nd case a proof needs to be regenerated on every change
<inserted> scribenick: kaz
Lagally: in general, many use cases assume TDs are static
... some kind of proof section may be useful
McCool: we'll have to calculate the proof again if the TD is
regenerated
Lagally: actual signature should be validated
... don't see how that kind of validation would fit for dynamic
TDs
McCool: directory should be aware of changes of TDs
<inserted> scribenick: mlagally
McCool: updating TDs is complicated, implications on caching,
...
... this has implicatinos and TDs and architecture
Daniel: in other standards they define canonical XMLs,
identifying what can/cannot be changed
McCool: good point, e.g. a directory could add semantic
annotations
Ben: there seem some assumptions in this requirement
... 2 use cases, device or gateway serves TDs
... in these cases signing is not required, since you use TLS
... This seems to be tied to a directory
McCool: the issue arises if you redestribute somebody elses TD
... federated directories (e.g. campus use case) and
redistribution use cases
... also comes up for sleeping devices
Kaz: suggest we think about dedicated use cases for further
discussion
... multimodal integration use cases, IP addresses and ids
could be integrated, need to define a scenario
McCool: we should create issues in the use case session, let's
discuss on Thursday
* Decentralized identifiers
McCool: 3 key applications:DIDs as IDs for TDs
... use DID document as one way for discovery
... we need to formalize types for DIDs, e.g. for discovery
... 3. Key distribution: public keys with referenceable URLs
Lagally: additional stakeholders need to be considered in
architecture for this approach
McCool: there's good material in the DID draft document
... DIDs are not done yet, we need to discuss some aspects
* OAuth2
McCool: we had several flows but removed some of them, only
code flow remained
... which Oauth2 flows are required in terms of use cases. Do
we want to include all flows?
... scopes are pretty useful for smart cities, i.e. having a
separate credential system
... Oauth2 depens on Bearer Tokens, in theory all Oauth2 flows
would be supported
... There's also a device flow, we may want to include it. We
need to clarify the "user agent" can also be a simple button on
a device, or a redirect
Ege: user agent could be important
McCool: human interaction is not required, could be machine to
machine
Farshid: multiple flow support is important, it is not clear
who is involved
McCool: different interactions can have different security
schemes
... need to see which flow to use depends on the context
... code flow is not appropriate for some
Christiano: code flow is constrained not only to user agent but
also resource owner
... primarily human users
... critical is to know who is the resource owner
McCool: need to define stakeholders, differentiate between
humans and others
... it is easy to add all of Oauth2 to the TD
... since we are descriptive we should not be constraining what
we can describe
scribenick: kaz
Lagally: concur with your view
... it is important to crate user agent for generic purposes,
and that reminded me of the TD profile discussion
... what is needed for wide interoperability
... further discussion later this week during the profile
session
scribenick: mlagally
McCool: OpenAPI includes all Oauth2 flows, we need to be able
to answer why we exlude some.
* End-to-End security
McCool: New text in Security and Prvacy guidelines around E2E
security
... E2E concept is very vague, i.e. who is the end consumer
... need to specify the endpoints in the requirements and use
cases
... this leads to various issues with "bridges" in the
architecture
... how to ensure the bridge is trusted
... may need to unpack/modify TDs, perhaps this is permitted
but no payload manipulation
<FarshidT> I will take over as scribe after this presentation.
oliver: need to consider more details about who is the "end"
component
* Other key open issues
McCool: Review Conexxus Security and Privacy model, they have a
threat model we want to consider/align with. Waiting for a
document for review.
... Security review of lifecycle, need to review the final
lifecycle modle
<kaz> [break till 15mins past the hour]
Discovery
scribenick: FarshidT
[66]Discovery slides
[66] https://github.com/w3c/wot/blob/master/PRESENTATIONS/2020-06-online-f2f/2020-06-22-Discovery-McCool.pdf
* Requirements and Design decisions - Michael McCool
McCool: will talk about requirements, design decisions,
two-phase arch., key issues. More details about some topics
will be covered in Farshid's presentation
- Discovery requirements
McCool: support for remote discovery is necessary
... semantic querying should be supported minimally at least,
since we have linked data
... support large repos of things, and p2p (self-identying)
discovery
... privacy is a big requirements. Need to ensure user privacy.
Distribute TDs only to authenticated and authorized users.
... allow change of IDs
... Align with existing standards to avoid reinventing the
wheel
... also, align with WoT scripting API
... link to file collecting requirements:
[67]https://github.com/w3c/wot-discovery/blob/master/requiremen
ts.md
[67] https://github.com/w3c/wot-discovery/blob/master/requirements.md
- Key design decisions
<inserted> [68]Design document
[68] https://github.com/w3c/wot-discovery/blob/master/design.md
McCool: only one resolution, i.e. on two-phase architecture
... introduction phase to identify exploration services,
exploration phase to get descriptions
... technologies for introduction, DHCP, DNS-SD, DID Documents,
QR codes, etc
... exploration: well known location. URL may point at the
Thing, the TD, or the directory service
... introduction should be open so it can be consumed with no
or limited access controls
... lightweight to not waste computational and networking
resources
... resist to DDoS
... exploration meta data should be returned only to authorized
users
- Privacy issues
McCool: two-phase approach not sufficient in all contexts
... depends on the design of API
... need to hide data that can be use to infer personal info
- Introduction
Lagally: need to know if the well-known is also a trusted URL
McCool: DNS may be used for spatial discovery
Lagally: need to generalize. UPnP may be used as an
introduction mechanism
... how to know if a TD is for a directory?
McCool: can add some annotation. Directory is not a physical
thing, but adding a TD is useful to describe and have a uniform
way of interacting similar to other WoT things
Ben: supports describing a directory with a TD
... if directory is a gateway, the gateway is actually a
physical thing
McCool: a gateway can support a collection of services
Lagally: do we wanna standardize the directory API?
McCool: we need to formalize the introduction phase. And also
the exploration.
Lagally: so we define actions with specific specs for
directories?
McCool: agrees
- Exploration
McCool: auth is required
... well known location to get the TD
... light query language to have parameter based filtering
... medium like jsonpath and xpath
... advanced like sparql, graphql
- Key issues
McCool: form of query, support for semantic queries
... describe directory with a TD
... TCP/HTTP baseline protocol
... partial and fragment TDs, implications for JSON-LD
... pagination
... out-of-band data such as system-generated IDs
... notifications for changes to TDs
... links to other open issues on github
Kaz: need to look into concrete use cases for those issues
* LinkSmart directory service update
<kaz> scribenick: kaz
[69]LinkSmart slides
[69] https://github.com/w3c/wot/blob/master/PRESENTATIONS/2020-06-online-f2f/2020-06-22-Discovery-ThingDirectory-Tavakolizadeh.pdf
Farshid: what are done so far
... (shows outline)
... current status, naming, jsonpath/xpath, drectory meta info,
paginatio, ns-sd, tds, dircory td
... [current status]
... cataloging
... DNS-SD registration
... RESTful API
... OpenAPI, TD CRUD, catalog, valiation
... [Naming]
... Thing Directory (not to be shorten as "TD" :)
... how to call it to avoid the confusion with "Thing
Description"?
... please consider it
... [JSONPath / XPath]
... filtering and attribution
<zkis> Note to self: to align with Scripting API on names
Farshid: JSON-LD response
... array of TD with original context
... value/object selection
... don't need to use huge query
... but just query on the consumer side
... JSON fragment response as an array
... pros and cons
... pros: short and expressive, passed as URL query parameters,
value selection saves both client and server resources
... cons: fragmented response are not JSON-LD compliant, schema
can get messy, no formal spec (yet)
McCool: injection attack?
... json schema round bracket means arbitrary expression
... potentially run arbitrary code
... but that's not intended here
Farshid: right
McCool: this is a prototype directory at the moment
... we should discuss what kind of query language to be used
Farshid: rith
... [directory meta attributes]
... TTL: the validity of TD, the lifetime of TD inside the
directory after registration/update/observation
... approach #1
... add "ttl" attribute to TD specs or extend the context
... read-only meta" in responses, only when requested
... digital proof insde TD based on LD-proofs
... approach #2
... add "ttl" attribute to TD
... define a second resource type
... approach #3
... new resource type for out-of-band information
... LinkSmart's choice is #1
... single resource type
... "ttl inside the TD
... if no "ttl", directory may keep forever or reect
... proof and prof chain based on LD-Proofs draft
... related issue here
... wot-discovery/issues/18, 24 and wot-security/issues/166
Ben: be cautious
... expiry for resources would be complicated
... can see in this example, different TDs have different
resources
Farshid: could see the next slide
... [pagination]
... if some TD is static, could be very long
... on the other hand, if some TDs are dynamic, could be
smaller and frequent
McCool: push update for dynamic TDs
... originally TDs are expected as static
... here issue on dynamic TDs as well
Sebastian: handshake issue as well
... something similar to CoAP transfer
... how many/how big data to be transferred?
Farshid: limit comes from the server's capability
... possible to narrow it down
McCool: technically TDs are unbound
... one transaction vs unbound ones
... complication to break syntax of LD
Ben: a directory itself has a TD
McCool: you could have a notification
... also garbage collection
Ben: it's a trade-off
McCool: a person could register a huge TD
... probably need some mechanism for flood
Zoltan: what about streaming?
Kaz: yeah, we should think about several concrete points caused
by this topic
... e..g, streaming, big data, fragments, sessions, ...
Sebastian: you already implemented pagination?
Farshid: yes
McCool: Hitachi's nodegen approach is one possible use case
Farshid: [DNS-SD type]
... LinkSmart uses _wot._tcp type
... _directory subtype
... TXT record of "version=<api-version>" "td=/td"
... version and API endpoint
McCool: we have to annotate the type using another record
Farshid: yeah
... [TD without ID]
... with TDs with ID
... PUT /td/urn:example:1234
... but with TDs without ID
... POST /td
... response location header:
urn:uuid:0ff82c68-a9dd-4342-91a9-a326b8e2d50
McCool: globally unique ID to be used here
... query for database
... matches some ID
... we can have difference between globally unique ID and
directory-wide one
Kaz: so "uuid:0ff82c68-a9dd-4342-91a9-a326b8e2d50" is generated
by the directory
Farshid: right
Kaz: not globally unique but system-wide?
Farshid: could be globally unique
... [Directory TD]
... (example TD)
... look at the scope
... OpenID approach as well
McCool: particular OAuth flow should be also considered
... should create an issue about that
... what you put into the TD and what you get from the query
Farshid: ok. note the consumer is the resource owner
... and then go into the actios here
... then tried to validate it
... is TD meant to replace the OpenAPI specs?
... possible issues
... can't define multiple different responses based on HTTP
status codes
... few ways to define the operations: HTTP methods,
interaction affordance subclasses, propertyaffordance
(readonly/writeonly)
McCool: OpenAPIs vs Thing APIs
... do we stick with the directory with Things?
... personally think using TDs would be beneficial for
recursive purposes
Sebastian: we can't replace with OpenAPI
... that's not our purpose
... TD is independent from any protocols
... another aspect is collaborative discussion with the IRTF
T2TRG
Farshid: understood
... if it's not the intention, that's fine
Ege: we use devices but many of cloud services as well
Ben: there are a lot of cases
... any kind of affordances to be used
... many cases with TDs
McCool: 2 issues
... 1. we should have discussion on the relationship with
OpenAPI
<Ege> [70]https://github.com/w3c/wot-marketing/issues/66
[70] https://github.com/w3c/wot-marketing/issues/66
McCool: 2. also we should have discussion on error codes
Zoltan: we discuss this error mapping issue during
thttps://github.com/w3c/wot/blob/master/PRESENTATIONS/2020-06-o
nline-f2f/2020-06-22-DID-VC-Fotiou.pdfhe scripting calls
... agree with Ben
... we should describe error codes within the TD spec
... need some generic mechanism for error handling
... we need some work with several TFs
McCool: (time check)
... we should move forward to the DID discussion
... and continue this discussion during the TD session
Ege: note that I've submitted some idea to the OpenAPI conf
McCool: let's take a look at that tomorrow
* Verifiable Credentials in IoT Services - Nikos Fotiou
[71]VC in IoT slides
[71] https://github.com/w3c/wot/blob/master/PRESENTATIONS/2020-06-online-f2f/2020-06-22-DID-VC-Fotiou.pdf
Nikos: (about SOFIE)
... an EU project which enables interoperability among existing
IoT platforms
... [VC in a nutshell]
... verifiable credential is a standard way to express
credentials on the Web
... vc-data-model is a W3C REC
... [VC Structure]
... context: issuer ID, Credential (type, subject id, claims),
Proof
... digitally signed by the issuer
... [The "Sofie Credential"]
... (example VC data)
... @context has
"[72]https://mm.aueb.gr/contexts/access_control/v1"
... issuer: did:nacl:E390... as a public key
... actual credentialSubject
... id: did:nacl:A49...
... [WoT device configuration]
... hints for the enduser
... also provides information on the WoT implementation
... @context has
"[73]https://mm.aueb.gr/contexts/access_control/v1"
... securityDefinitions has
... @type: ["VerifiableCredential", "AllowedURLs"]
... [SOFIE's Identity, Authentication, and Authorization
Component]
... access control based on the VC
... HTTP request from client
... then response from the device
... and then the use has to generate the proof
... if the proof can be verified, the user can access the
device
... [SOFIE]
... links for resources
[72] https://mm.aueb.gr/contexts/access_control/v1
[73] https://mm.aueb.gr/contexts/access_control/v1
McCool: tx
... you're presenting the security scheme based on VC and DID
... replace with other security mechanism?
... don't we need other mechanisms like OAuth?
Nikos: that's possible
McCool: probably we would extend TD for this purpose
... do you looked at XPath as well?
Nikos: yes
McCool: similar issues/considerations to be applied
... how to deal with selection of devices?
... filter-based metadata in the VC would raise issue with
privacy
... possibly a PII information?
Nikos: the user can hide information if want
McCool: relationship between DID and discovery
... wondering about the DID for discovery of credential
information
Nikos: DID uses public key
... DID is included in the credential
Kaz: this example is too simple but the point is that VC is not
PII itself but a data model to provide necessary information
for each application
... and DID is the actual identifier but that is also split
from the PII
McCool: regarding the data, VC can be embedded in the DID
document?
Nikos: those are separate
McCool: tomorrow, we'll discuss PoCs, Scripting, PlugFest
reports, Binding Templates
Ben: tx for all your presentations
... interested in DNS-SD, etc.
... Mozilla also has some mechanisms for discovery
... DNS-SD, Bluetooth and Gateway
... may have a better way based on today's discussion
... could write some proposal myself
McCool: we'll continue the discussion in 2 weeks (no call next
week)
... your input would be welcome
Zoltan: regarding the order of the topics for tomorrow
... maybe better to have PoCs, PlugFest and then Scripting
McCool: will tweak the agenda
... Niko and Farshid, please send your (update) slides to me so
that we can upload them on the GitHub repo
[Day 1 adjourned]
[74]↑
__________________________________________________________
Day 2
Attendees
Present
Kaz_Ashimura, Michael_McCool, Jennifer_Lin,
Daniel_Peintner, Ege_Korkan, Dave_Raggett,
Michael_Lagally, Cristiano_Aguzzi,
Farshid_Tavakolizadeh, Kunihiko_Toumura,
Sebastian_Kaebisch, Zoltan_Kis, Tomoaki_Mizushima,
Ryuichi_Matsukura, Michael_Koster, Ken_Ogiso,
Christian_Glomb
Regrets
David_Ezell
Chair
SMcCool, Sebastian
Scribe
sebastian, Ege, kaz, dape
<McCool> agenda:
[75]https://www.w3.org/WoT/IG/wiki/F2F_meeting_2020_2nd#WoT_F2F
_Agenda
[75] https://www.w3.org/WoT/IG/wiki/F2F_meeting_2020_2nd#WoT_F2F_Agenda
Scribe
<kaz> 1. Sebastian
<kaz> 2. Ege
<kaz> 3. Daniel
<kaz> scribenick: sebastian
McCool: shows the agenda
<kaz> Agenda:
[76]https://www.w3.org/WoT/IG/wiki/F2F_meeting_2020_2nd#WoT_F2F
_Agenda
[76] https://www.w3.org/WoT/IG/wiki/F2F_meeting_2020_2nd#WoT_F2F_Agenda
PoC Projects
[77]PoC slides
[77] https://github.com/w3c/wot/blob/master/PRESENTATIONS/2020-06-online-f2f/2020-06-23-PoCs-McCool.pdf
Jennifer: summary Smart City use case
... apply SPOTON in that scenario
... use of AI and thermal cameras for health monitoring
... pandemic management
... it is a first use case for introduction
... there are also plans for mapping and robots usage
... we want to start small
McCool: we should update the health monitoring use case
... we want a PoC on geolocation, right?
Jennifer: not using it yet
... maybe later
McCool: we should revisite PoC plannings
Jennifer: we will add that to the use cases
McCool: Retail
... there two different busniss groups
... and collaborations such as Conexxus, Intel,...
... retail scenario: buying ice cream
... we want to demonstrate visible sensors and analytics by
EdgeX
... demonstrator shall show how simple applications can be
build
... applying WoT for metadata and using WoT API/node-wot
sebastian: where is WoT applied exactly?
McCool: device description and analytics
Kaz: is there some digital twin aspects?
McCool: edgeX tries to predict maintenance of the devices.
Lagally: some comments for digital twins: state of the device
and historian
... and you discover the behavoir of the devices
Jennifer: for what are you using digital twin?
McCool: its more a semantic simulation
... Intel has some investment in predicting maintenance
... are there other PoCs?
(no responses)
PlugFest
[78]PlugFest slides
[78] https://github.com/w3c/wot/blob/master/PRESENTATIONS/2020-06-online-f2f/2020-06-23-Plugfest-McCool.pdf
McCool: full week virtual plugfest via VPN, one hour day sync
meeting
... what we accomplished is to create issue tracker
MM shows slide about its home scenario setup
McCool: the VPN instance is still online?
Kaz: yes
Sebastian: how long will be the VPN available?
McCool: so far, ongoing
sebastian: cool thing to have vpn and things always online for
testing
... people can go there and test its implementation
McCool: it would be cool to have a dashboard which things are
online
Kaz: so our intention is using the AWS instance not just "for a
while" but "for some years". right?
McCool: yes, at least till the end of the charter
... shows an overview of the Things that were used in the
PlugFest
... there were things within VPN and some outside (in the
internet) such as Thing Directory
<inserted> [79]Plugfest+Outcome PlugFest Outcome issues
[79] https://github.com/w3c/wot-testing/issues?q=is:issue+is:open+label:
McCool: outcomes and issues are provided
... balabce vlaudation and experimentation, usefulness of VPN,
Xpath useful for discovery, get validation and reporting tools
ready before the plugfest, IDs needed for primary keys
Ege: we spend a lot of time about VPN, but who is depending on
that?
McCool: we should log who used the VPN
Ege: Actually I don't need that, except if there is a device in
vpn then I have to use it
... how do I know when I have to use the VPN?
support keeping VPN such as for prototypes of planned
commercial devices
scribe: supporting the idea of an dashboard
McCool: more comments about the PlugFest?
<kaz> [5min break]
Note on where to put the sides for the vF2F
<McCool>
[80]https://github.com/w3c/wot/tree/master/PRESENTATIONS/2020-0
6-online-f2f
[80] https://github.com/w3c/wot/tree/master/PRESENTATIONS/2020-06-online-f2f
<McCool> please put presentations at the above directory - I
will move the scripting pres later
Scripting
scribenick: Ege
[81]Scripting slides
[81] https://github.com/w3c/wot/blob/master/PRESENTATIONS/2020-06-online-f2f/2020-06-23-Scripting-Kis.pdf
Zoltan: we had busy time since March
... in ConsumedThing you can specify the form ... index
... we discussed on how to handle contentType and DataSchema
... and we added most of the algorithms
<kaz> [82]PR 207
[82] https://github.com/w3c/wot-scripting-api/pull/207
<kaz> [83]PR 203
[83] https://github.com/w3c/wot-scripting-api/pull/203
Zoltan: we have improved the error mapping
<kaz> [84]PR 209
[84] https://github.com/w3c/wot-scripting-api/pull/209
Zoltan: so how to map errors to protocols and back
<kaz> [85]PR 218
[85] https://github.com/w3c/wot-scripting-api/pull/218
<kaz> [86]PR 221
[86] https://github.com/w3c/wot-scripting-api/pull/221
<inserted> scribenick: kaz
Ege: status message also should be handled
... by the ConsumedThing
Zoltan: how to map the protocol-specific errors with JS errors
is the question
Ege: script should understand protocol specific features
Zoltan: developer could make mapping
<inserted> scribenick: Ege
Zoltan: so the mappings are more straightforward
Lagally: we discussed something similar with Sebastian and
Matthias a couple years ago
... the errors in the API should be abstracted from the
protocols
Zoltan: so we need two mappings, one in the bindings document
that maps protocol errors to a unified error list
... and another one that maps those unified error list to
JavaScript errors
<sebastian>
[87]https://github.com/w3c/wot-thing-description/issues/303
[87] https://github.com/w3c/wot-thing-description/issues/303
Sebastian: So the issue that ml described, I have pasted the
link in the IRC
... TD issue number 303
... so we can continue discussion in there
Kaz: You can share the link in IRC as well
<Ege> @mmccool, could you merge this PR:
[88]https://github.com/w3c/wot/pull/922
[88] https://github.com/w3c/wot/pull/922
<McCool> ok
<kaz> [89]Scripting.pdf fyi scripting slides (tentatively)
[89] https://github.com/w3c/wot/blob/master/PRESENTATIONS/2020-06-23-vF2F-WoT
<kaz> [slide 3: WoT Scripting API specification updates]
Zoltan: we worked on observe and subscribe handlers
<McCool> btw I'll rename slides later to clean things up, don't
worry too much about it for now
<kaz> [90]InteractionInput and InteractionOutput, support
streams
[90] https://w3c.github.io/wot-scripting-api/#handling-interaction-data
Zoltan: and also getting values from the interaction outputs
... now we can parse to different media types
... also streams are possible
... this was a big change
Ege: handling observe and subscribe is needed if you want to
build a proxy with Scripting API so that you can dynamically
listen to observe requests from Consumers and relay it to the
actual Thing
<kaz> [slide : Opens]
<kaz> [91]Error handling (related to PR 221)
[91] https://github.com/w3c/wot-scripting-api/issues/200
<kaz> [92]Issue 219
[92] https://github.com/w3c/wot-scripting-api/issues/219
Zoltan: We have open issues, regarding readmultipleproperties
<kaz> [93]issue 912
[93] https://github.com/w3c/wot-thing-description/issues/912
Zoltan: also contentType or DataSchema but mixing them (raised
by Cristiano)
... we need to sync with the Discovery TF for the discovery API
<kaz> [94]Issue 910
[94] https://github.com/w3c/wot-thing-description/issues/910
<kaz> [95]Issue 913
[95] https://github.com/w3c/wot-thing-description/issues/913
<kaz> [96]Issue 206
[96] https://github.com/w3c/wot-thing-description/issues/206
Zoltan: We have the discovery API but it is very unspecific
... but there are already proposals like ThingFilter
McCool: so we need to generalize the ThingFilter to payloads or
URI content since both can be inputs for discovery
Daniel: the reason to not let consume() method accept a URI is
to avoid having to support multiple protocols while fetching
the TD
McCool: yes, so the consume method works without network access
Zoltan: there is also the semantic api proposal by Michael
Koster but we didn't have to explore it yet
<kaz> [97]Issue 204 - Semantic API
[97] https://github.com/w3c/wot-scripting-api/issues/204
<kaz> [slide 5: Deployment scenarios]
Zoltan: we are also discussing on how to deploy scripts
<inserted> [slide 7: Status node-wot]
Daniel: Here are some updates on node-wot
... we support HTTP, CoAP, MQTT, OPCUA, Netconf and Modbus
being planned
McCool: what about CBOR?
Daniel: We don't have support for it but they can be very
easily plugged
... you can do everything in the browser as well
... then the hands-on material was improved
McCool: I find the test thing having data types as names a bit
confusing
Daniel: we have videos for using node-wot
... Cristiano is working on OAuth2 in server side
... we have also improved the logging mechanism
... also, the new Scripting API is not yet in the master branch
Jennifer: nice to see OAuth2 and the tutorials improved
McCool: it would be nice to get some input on needed OAuth
flows
Daniel: you can also see that we have many PRs by contributors
and we are making good progress
<McCool>
[98]https://github.com/w3c/wot/blob/master/PRESENTATIONS/2020-0
6-online-f2f/2020-06_WoT-Bindings.pdf
[98] https://github.com/w3c/wot/blob/master/PRESENTATIONS/2020-06-online-f2f/2020-06_WoT-Bindings.pdf
<kaz> scribenick: kaz
<inserted> [99]Browsified node-wot
[99] http://plugfest.thingweb.io/webui/
Kaz: Daniel, are you planning to use the webui version of
node-wot for the upcoming PlugFest in the future
Daniel: already using it
Kaz: would be great to have some document as well
... good starting point. thanks a lot!
[5min break]
Binding Template
scribenick: dape
[100]Binding slides
[100] https://github.com/w3c/wot/blob/master/PRESENTATIONS/2020-06-online-f2f/2020-06_WoT-Bindings.pdf
<Ege> [101]Google Docs version
[101] https://docs.google.com/presentation/d/1ZhwbVQGKL5scnXWtfm_s0L1UmNjo_tQxa2YukUQ9uLA/edit?usp=sharing
Ege: [slide 2] - Protocol Vocabularies
... we have turtle files for CoAP and MQTT
... thanks to Victor
... [slide 3]
... links to rendered version
... [slide 4]
... improvements about vocabularies still needed
... [slide 5] - Interest Check
... so far we have HTTP, CoAP, MQTT.. done
... no interest on oneM2M, OCF so far
McCool: w.r.t. OCF, implementantions 1.0
<kaz> [102]Issue 1
[102] https://github.com/w3c/wot-binding-templates/issues/1
McCool: need to look at more recent versions, and security
<kaz> [103]Issue 92
[103] https://github.com/w3c/wot-binding-templates/issues/92
<Ege>
[104]https://github.com/w3c/wot-binding-templates/issues/92
[104] https://github.com/w3c/wot-binding-templates/issues/92
Ege: please comment on issue
[105]https://github.com/w3c/wot-binding-templates/issues/92 to
identify new ones
[105] https://github.com/w3c/wot-binding-templates/issues/92
McCool: suggest zeroMQ, will add it to issue
<kaz> [106]ZeroMQ
[106] https://zeromq.org/
McCool: [slide 6, 7] - Robotic Operating System (ROS)
Ege: ROS is middleware
... communicates with protocols of robot over lower level
protocols
... programming is abstract
... [slide 8]
... ROS has similar goals to the WoT
McCool: ROS has security problems
... work on ROS2 is in progress
Ege: Agree, it is 10 years old
... lot of devices out with ROS "1"
McCool: ROS2 has more industrial strength
Ege: [slide 9]
... ROS: Mixed broker and P2P communication
<kaz> [107]ROS
[107] https://www.ros.org/
Ege: can store TD
... consume them
McCool: Payload issue? Serialized with YAML?
Ege: contentType has to be specific contentType
Ege: [slide 10]
... 3rd July call, proposal shown in Binding call
McCool: Did have issues with node.js implementation
Ege: Implementation improved
... [slide 10] - Subprotocols
... [slide 11] - Server Sent Events
... serves pushes events to client/consumer
... PR for node-wot
... used in OpenHAB
... plan to look into subprotocols
... [slide 12] - bridging protocols
... MQTT over WS
... clients can used WS to talk with MQTT device
... there is also CoAP over WS
McCool: CoAP over WS mentioned by Mozilla also
... should look at there use-cases also
McCool: OpenHAB is very interesting
... PoC for OpenHAB is very valuable
Sebastian: Student of mine works on openHAB topic
McCool: OK, great. can talks about that in Plugfest call
Kaz: Question: if we want to use MQTT over WS... web browser as
possible client?
Ege: Yes. correct
Kaz: NHK uses web browser in TV set
... could be part of the future PlugFest as well
McCool: TD describable enough ?
Ege: Yes, interesting topic. will come to it later
... [slide 13]
... [slide 14] Paho in Python, reference implementation
... different to node.js implementation
... TD consumption step needs some assumption
... not sure how to describe it in href
McCool: Standardized URLs for MQTT?
Ege: There isn't
... broker URL and topic
... see issue 255 in node-wot
... assumption / best practice
<Ege>
[108]https://github.com/w3c/wot-thing-description/issues/878
[108] https://github.com/w3c/wot-thing-description/issues/878
Ege: also issue 878 in TD repo
Farshid: some pure MQTT implementation use TCP and SSL
... no mentioning of WS but TCP, SSL
... no standardized scheme
<FarshidT>
[109]https://github.com/mqtt/mqtt.github.io/wiki/URI-Scheme
[109] https://github.com/mqtt/mqtt.github.io/wiki/URI-Scheme
<Ege> Some implementations may also support the 'tcp' and 'ssl'
scheme names.
McCool: similar issue with JSON schema.. not having a standard
reference
Sebastian: we have to check MQTT standard
... many implementation out that are not following standard
<McCool>
[110]http://docs.oasis-open.org/mqtt/mqtt/v3.1.1/csprd01/mqtt-v
3.1.1-csprd01.html
[110] http://docs.oasis-open.org/mqtt/mqtt/v3.1.1/csprd01/mqtt-v3.1.1-csprd01.html
Sebastian: MQTT 3.1 is weak w.r.t. security
... --> different security solutions implemented but not
standardized
McCool: OASIS connection points?
... impacts our work
Ege: MQTT vocabulary needs to describe broker URI, security etc
McCool: look at *all* possible ways
... figure out how to deal with them
... maximizes interoperability
Ege: [slide 15] - Next work item
... improve protocol vocabularies
... error mapping
... node-wot has OPC-UA, NETCONF and Modbus, should they be in
binding templates
Cristiano: can help with Modbus
<McCool_> network glitch, my audio just broke :(
Cristiano: have PR on node-wot with Christian
... OPC-UA and NETCONF was done by Luca
... can ask Luca
<McCool_> (audio/irc back... network hiccup)
Sebastian: OPC-UA work should be done with OPC foundation
... possibility to have OPC-UA expert
... vocabularies should be maintaned by *owner* of protocol
Kaz: OPC-UA contact?
Sebastian: Yes
... but so far in internal process
Kaz: How many bindings templates should be added?
... can I assume OPC-UA. Modbus being added as example
Ege: Could be examples or more assertive within tables
Kaz: Echonet or Hybdridcast could be added to binding templates
also
McCool: vocabulary should be normative
... how do we get there?
... other groups are in charge
... need to work with other organizations
Kaz: agree
... can publish group note first and then transfer if needed
McCool: Yes, reach out to other organizations a well
Ege: node-wot examples could be added ...
McCool: Yes, but putting note saying it is prototype
Ege: will add to issue 92 ... OPC-UA, NETCONF and Modbus
<kaz> [111]Issue 92
[111] https://github.com/w3c/wot-binding-templates/issues/92
Ege: New protocol interest, please let me know
Kaz: will you update the slides on the GitHub repo with the
"next steps" page?
Ege: yes
McCool: 2 missing protocols: Zigbee and zwave
... not sure if feasible
Ege: Not sure if we can support them
... would open up to USB, Bluetoothm ....
McCool: Agree
Cristiano: w.r.t. ROS. I did some experiments. Difficult to
understand initial setup, topics, et cetera
Ege: Correct. WoT can help here
... direct XML RPC is possible also
... lots of extra communication is done and rather messy
McCool: ROS has formal documents
... in YAML files
... Comments/input?
Logistics for tomorrow
McCool: shall we discuss logistics for tomorrow
... Wednesday, 3 hours sessions by M. Lagally
... please upload presentation to github repo
... will do a clean-up step later
AOB?
Jennifer: client application connecting to WoT. Recommendation
to use HTTP or MQTT ?
McCool: TD is independent
... >discussion how to wrap node.js code in other languages<
Kaz: most of PF participant have been using HTTP and other
protocols are of interest
McCool: It is also a discussion about implementation language.
node.js... C++ et cetera
Kaz:there is a python implementation for WoT, WoTPy, as put on
the [112]WoT REC press release
[112] https://www.w3.org/2020/04/pressrelease-wot-rec.html
<kaz> [113]WoTPy
[113] https://github.com/agmangas/wot-py
McCool: maybe we can reach out and have 1-to-1 discussion
Ege: my contact person was not interested ;-)
<cris> [114]https://pypyjs.org/
[114] https://pypyjs.org/
McCool: will create issue about "how to support Python"
<McCool_> [115]https://github.com/w3c/wot-testing/issues/37
[115] https://github.com/w3c/wot-testing/issues/37
<kaz> [Day 2 adjourned]
[116]↑
__________________________________________________________
Day 3
Attendees
Present
Kaz_Ashimura, Michael_McCool, Farshid_Tavakolizadeh,
Jennifer_Lin, Kunihiko_Toumura, Michael_Lagally,
Daniel_Peintner, Sebastian_Kaebisch, Ege_Korkan,
Dave_Raggett, Michael_Koster, Zoltan_Kis,
Tomoaki_Mizushima, Ryuichi_Matsukura, Ken_Ogiso,
Ben_Francis, Cristiano_Aguzzi
Regrets
Chair
McCool, Sebastian
Scribe
jenlin, zkis
Agenda
scribenick: kaz
McCool: (goes through the agenda)
... profiles and lifecycle for today
... use cases, requirements tomorrow
... TD, marketing on Friday
<kaz> ... note the use case call will be held tomorrow on June
25 one hour earlier than this vF2F call
Use Case questionnaire
<McCool>
[117]https://www.w3.org/2002/09/wbs/1/wot-uc-priority-202005/
[117] https://www.w3.org/2002/09/wbs/1/wot-uc-priority-202005/
<inserted> scribenick: jenlin
mlagally: Collected 15 use cases so far
... Can people respond by the end of the day today for the Use
Case questionnaire?
<zkis> scribenick:zkis
Questionnaire
[118]questionnaire
[118] https://www.w3.org/2002/09/wbs/1/wot-uc-priority-202005/
Lagally: please fill it
WoT Profiles
[119]Profiles slides
[119] https://github.com/w3c/wot/blob/master/PRESENTATIONS/2020-06-online-f2f/2020-06-24-Profiles-Lagally.pdf
<mlagally__> [120]https://github.com/w3c/wot-profile
[120] https://github.com/w3c/wot-profile
Lagally: we hat a github repo
... and handle this in the Architecture task force
... presents slides
... motivation for profiles: we need out of the box
interoperability
... the TD spec it is quite elaborate and generic
... TD is very flexible and has few constraints
... we got feedback (e.g. from the W3C TAG) about
interoperability concerns
... generic TD consumer cannot be implemented, because device
implementers can pick TD features arbitrarily
... we have seen during plugfests that there are a core feature
set that works fine together
Ege: agree it's difficult to implement a generic client, but
don't think it cannot be implemented
... there some cases indeed node-wot could not implement
McCool: for instance there could be some protocols missing
Ege: still, implementable
McCool: the point is that a given client needs to implement a
compatible protocol
Lagally: for every generic client I could create a TD that
would break the client
McCool: clients could be updated with time, and the profiles
would explain the differences
Ege: (missed)
Lagally: you don't even need to go down to the protocol
Koster: there are 2 approaches: client adapts to protocol
... and to constrain the protocol choices
... it's a huge tradeoff
... we need to be careful
... everyone wants their special profile
McCool: we just want out of the box interop
Koster: tricky term
McCool: if two devices implement a profile, they should work
together
Koster: we restricted already the protocol choices
McCool: we can decide that
Lagally: we are in the middle of the profile discussion,
perhaps finish the slides first
... there are a number of ideas
... there are 2 angles to interoperability: specification
(normative guarantees)
... covering all corner cases
... this is difficult
... which is why we do reference implementation
... considering profiles to compartmentalize concerns
... second angle: reference implementation
... third angle: test suites with guaranteed coverage
... certification program
... how other specs solve this?
... selecting a target specific subset of features
... additional constraints and clarifications
... there is a common core profile
... in DVB-GEM
... it is possible to combine profiles
Zoltan: this is similar to W3C conformance classes
Lagally: will look into that
... profiles also might select various codecs etc
Koster: there could be different levels of expectations on what
interop means
Lagally: will address that later
... there are also other features a profile could select for
interop
... other example, filename requirements
... other example: clarification of behaviour
... if the API is not fully specified on that behaviour
... so it's clarification of corner cases
... Scenarios and use cases
... before buying, making sure a device would work in my
environment
... as developer, wants TDs to be simple as possible (e.g. in
constrained devices)
... as a developer, being able to validate compatibility with
consumers
Koster: let's go to the other direction: there is a whole
spectrum here, e.g. dismissing Forms
McCool: we want to limit complexity
Koster: we could probably allow more complex data structures
more easily than new protocols
McCool: most important is to make sure the devices will work
... then, secondarily it's important that I can sell a given
device for a given use case
... 2 viewpoints: end user and developer
... both need to figure out how to interop
Zoltan: were there practical hard limits on interop with the
current generic TD spec?
McCool: there may be gaps in coverage
Lagally: it is possible to implement incompatible systems
Ege: I would disagree with that
McCool: other way to do it is testing features and post
compatibility on a public site
... a consumer could figure out what works
Koster: in general, the Web doesn't have profiles
Ben: any browser can render any web page
Koster: I agree
... not every system needs to support every protocol
... where is the boundary
... for instance FTP support in browsers is not universally
needed, but might be
McCool: implementations could have extensions
... we should be able to check for features
Koster: we could allow more feature rich and less feature rich
endpoints without breaking things
... we also need to create one spec
... not like 15 specs
Ben: ad-hoc interop is impossible
Koster: in general I agree
Sebastian: ad-hoc is irrealistic
... we also need to take security in account, then there is no
ad-hoc
Lagally: if we cannot ensure out of the box interop, without
writing code, what is the purpose of the spec
Koster: yes, 2 different factors: we do make a unifying spec
... it is not the same to enable magical interop
... WoT is doing exactly the work of agreeing in a working
"profile"
Lagally: it is not "either, or"
Koster: just saying there is a lot of benefit in doing the
standard even without explicit profiles
Lagally: implementing own client is not a good requirement
Zoltan: (fill in later)
Lagally: what do we do if actions go wrong?
Zoltan: need to describe an error
<mjk> [121]https://xkcd.com/927/
[121] https://xkcd.com/927/
Kaz: if we need additional mechanisms, we should indeed add
them
... but we should look into exact use cases first
Lagally: there is a certain methodology on this in the
presentation
Ben: the profiles are needed
... without them the TD spec is open ended
... currently the TD spec does not guarantee interop
... so agree in adding profiles to add ad-hoc interop
McCool: we can't prevent people doing silly things
... but could achieve a reasonable compatibility
... we should support green field devices
... security is another aspect
... one effect of profiles is to add guaranteed support for
things
... especially regarding security
Lagally: agree that we need to limit and constrain security
options
McCool: working "well" also means "not hackable"
Koster: we're going towards interoperability
... this is a separate thread of development in the IG to
gather interested parties
Sebastian: the goal of profiles is good
... but we dismiss the legacy, and that is a real problem today
... when new devices are developed, then we can require profile
compatibility
... but we need to be careful with legacy systems
... otherwise the standard might not be accepted
... we might have too many profiles as well
... and the end is again a mess
... we should avoid that
... I think we are good about the TD and not sure profiles
solve the real problem
Lagally: agree to not create a mess of profiles
... we want to limit the number of profiles
... about brown-field devices
... if we define profiles so that 80% of legacy features are
supported, it should be good enough
... that would be enough for spec adoption
Dave: I like the points brought for profiles (working features)
... the actual technical requirements don't require a very wide
support for things
... for instance image formats in the web are just a few
<dsr_> Profiles are also important for discovery - client apps
need to limit discovery to things they can actually
interoperate with
Kaz: repeating the point of looking into the existing scenarios
... also work together with the other standardization bodies
and align with their views
... if there is actual need of extensions for the TD that
require profiles, we should go for it
Lagally: yes, we started doing that
... with ITU-T and OCF for instance
... please respond to the questionnaire and specify what is
needed
Sebastian: still don't get the real issue here
... one thing is what do we miss in the TD spec
... then, what is the client doing with profiles?
... let's compare with web pages
... the question is what the client is doing with the page
source
... it will do what it supports
Lagally: let's move on with explaining the proposal and then
will tackle that
<mjk> my comment to the irc: profiles already exist. There is a
profile for OCF, a profile for OMA LWM2M, etc. that are
candidates for a standard profile
Lagally: profiles are widely used elsewhere as well, with
similar motivation
... continuing with use cases for profiles
... digital twins
... with tens and hundreds of device types
... we want to have a model of these devices
... just a TD would not be enough to cover implementation
environment constraints
... if additional code is required, then it's not going to be
used
... TDs should be consistent and complete
... then, interop between multiple vendors and protocols
... there might be differences in content format
... there could be many restrictions
... consumers should be aware of these restrictions
... imposed by the protocols
Kaz: we should see the difference between the requirements for
profiles and the ones for Binding Templates
... so we should clarify the requirements for the profiles here
Lagally: to give more context on proposed requirements
... would defer that discussion until the next Architecture
call
... profiles should have a finite set of features and
capabilities to be implemented by the consumer
... Check out the current Profile draft
<kaz> [122]strawman draft for WoT Profile
[122] https://w3c.github.io/wot-profile/
Lagally: profiles should not define new features, just
constrain and clarify existing ones
... how to describe a profile: we need a generic profile
mechanism
... we need a core profile, coming from plugfest experiences
... the intention is to formalize these experiences
... to document what has been working and what not
... profiling mechanism
... constraints on: TD vocabulary, mandatory terms, limit
cardinality
... constraints on values, data schemas, security
Zoltan: what is missing from the current TD spec to express all
these constraints?
Lagally: we can see a couple of examples
... for instance when TDs don't actually define those
constraints
... will show examples later
McCool: we agree a profile is a set of constraints
... the question is how to organize these
... we need to gather the constraints that are necessary and
optional
Ben: agree that these activities should be focused
... e.g. infinite nested objects are a problem
... constraining the protocols would be most important
... because that is not easy to handle from the client
Kaz: these constraints might be valid for the Binding Templates
as well
... we need to think on how to deal with these requirements
<McCool> (I also agree with ben that protocols should be on
this list of contraints - I assumed it was just an oversight
when the slide was built, though, since I beleive those
constraints are in the strawman)
Lagally: agree
<McCool> (also content formats, eg. for data payloads, probably
also need to be constrained)
Sebastian: this reminds me of what Escher IoT are doing
<mjk> The Azure thing is Digital Twin Description Language
(DTDL)
Ben: indeed there is overlap between profiles, templates, ...
Lagally: in templates we don't talk about protocols, only about
the data model
... on devices that implement the same templates, the model is
the same, but there could be different protocol bindings
Koster: a lot of open-ended discussion, but got a good picture
on what needs to be constrained
... OCF has a similar mechanism and MQTT as well
... the set of constraints are pretty well defined in the
protocols
Lagally: presenting core profile
... constraint on the protocol binding is that default binding
is HTTPS
... predefined mapping of HTTP verbs to WoT interactions
... only a single Form per interaction
... constrained set of data types (e.g. no arrays of arrays)
... profile status: last year a strawman proposal was made
... architecture TF focused on lifecycle
McCool: want to open a discussion about logistics
... how exactly should we proceed with profiles
Lagally: let's finish the presentation first
McCool: do we start with a strawman and improve later, or do we
want more preparation
Ben: there is a list of proposed and accepted requirements
... need to agree on the accepted requirements
Lagally: certainly, please participate in that discussion
... presenting the profiles github repository
... and the strawman proposal
<kaz> [123]strawman draft for WoT Profile
[123] https://w3c.github.io/wot-profile/
McCool: the structure is reasonable
... there are some issues
... we need to create better requirements and then modify it
with a set of PRs
... and document things in issues
Ben: will try to write a draft for requirements on what's
needed
... one is what operations to define by default
... TD spec, Bindings and Profile spec tries to do this as well
... so where should this live
Lagally: good point
... the Profile spec is not to define things, just to reference
them
Ben: a client really needs to know what ops and details they
have
Koster: both LwM2M and OCF have profile-like constraints
... it should be checked
Lagally: we could discuss that in an upcoming Architecture call
Koster: OCF could be easy to map to HTTP - given security
details are sorted out
McCool: we can figure out later if profiles vs bindings need to
address constraints
... the question is figuring out the next steps
... is it in the architecture calls?
Lagally: yes, the next Architecture calls
... please take a look at the profile issues
... create new issues
<benfrancis> Clarification for the minutes: The requirements
document I mentioned writing was for the Web Thing Protocol
Community Group, not WoT profiles as I want to make sure all
the WoT specifications do not conflict with each other.
<benfrancis> The comment about ops was that defining default
HTTP methods for operations is only part of what is needed by a
client - also need to define headers, payloads, response codes,
error conditions etc. Perhaps the Profile could go further than
the TD and Protocol Bindings specification in defining those,
or constrain TDs to a particular sub-protocol
<benfrancis> which defines them.
Lagally: review the strawman proposal
<kaz> [124]wot-profile issues
[124] https://github.com/w3c/wot-profile/issues
McCool: we have 2 architecture calls, needs some alignment
Lagally: we can have that conversation later
McCool: break time
<kaz> [resume in 6 mins]
Lifecycle
<kaz> scribenick: jenlin
[125]Lifecycle slides
[125] https://github.com/w3c/wot/blob/master/PRESENTATIONS/2020-06-online-f2f/2020-06-24-Lifecycle-Kis-Lagally.pdf
Michael_Lagally: Presenting WoT Lifecycle
Lagally: Goals: Describe the operational lifecycle model across
different standards, Align terminiology, Identify impact and
requirements
... Mentions Zoltan did a lot of work on tStatus for lifecycle
... Draft of Layered lifecycle diagram
... Lifecycle Specification draft
McCool: One thing we used in security documents is to define
the scope in our scecurity documents
... Since we have two operational substates
... We also have maintenance states like discovery and
registration
... Each spec writer needs to make sure each spec says what it
needs to say for lifecycle
... Device lifecycle
Lagally: System lifecycle mentioned too
... Thing lifecycle
... Onboarding and offboarding of device lifecycle to consumers
McCool: Things should be cover in discovery lifecycle like time
to live
... The point is discovery can go both directions -- discover a
directory and register
Zoltan: Want to specify similar things for smart group -- we're
putting together a lot of things in the beginning that should
probably be separate
... Discovery for onboarding different from discovery in
operational mode
... There are protocol things specific to take into account for
lifecycle, so it's difficult to standardize behavior and may
require different network equipment
... What do we want to represent in lifecycle?
... We want to represent state and transitions and operational
mode and onboarding discovery
... This is tricky, the lifecycle discussion, since it's all
about specifics
Lagally: I agree, but we're going to look at high level
architecture with consumer and intermediaries
Kaz: Two comments: We should think about the relationship
between application and session lifecycle
... Also should think about lifecycle in an abstract layer for
error handling -- for example, if some state transition like
onboarding has failed, that could be an error for all the
possible protocols used by the connected devices
... Concrete errors for each potocol could be mapped with that
abstract error
Lagally: Runtime layer on top of devices where we don't have to
look into the state machines of protocols but have an abstract
layer on top
Kaz: We don't have to think about the detail of the hardware
layer or the network layer, but can concentrate on the
application layer, though
McCool: Wonder if lifecycle is what we should define it as
first
... There's additional components we may need like a separate
service that runs a component
... Take our patterns and think of them as components
... Then we can think about lifecycle and onboarding
Lagally: One new component is the directory and discovery
service
McCool: OCF is an onboarding service that discovers devices and
onboards them
... Does what it needs to do to find devices then registers it
Lagally: I'm wondering if these bridges or gateways are
intermediaries
... Let's call it protocol gateway at the moment
McCool: Second category is a bridge
... Whatever, we need two different words
Lagally: Gateway is just a 1-1 protocol translator/convertor
McCool: First category is a servient
... Second category is not
<Zakim> zkis, you wanted to explain system lifecycle
Zoltan: In architecture we need to specify what nodes we have
... When we have a thing directory, how a consumer knows it's a
TD, it has to know its URL
... Should be able to define a TD in wot interactions
McCool: Having a lifecycle for TDs is very interesting
... Since we need to know when it is updated
... Lots of questions of TD lifecycle
<McCool> my previous points: maybe we should think about the TD
lifecycle
<McCool> so I think there are use cases where TDs need to be
updated, if not very frequently, even without "dynamic"
hypermedia/resources creation
<McCool> e.g., IDs can be rotated, IPs can change...
scribenick: kaz
Lagally: (shows system state diagram)
... let's use the next architecture call in 2 weeks for the
following discussion
Tomorrow
McCool: we'll discuss use cases and requirements tomorrow
... also there will be the use cases call tomorrow one hour
earlier
Lagally: will create an issue, and we'll continue the
discussion on lifecycle during the architecture call in 2 weeks
[Day 3 adjourned]
[126]↑
__________________________________________________________
Day 4
Attendees
Present
Kaz_Ashimura, Hiroki_Endo, Jennifer_Lin, Josh_O_Connor,
Michael_Lagally, Michael_McCool, Ben_Francis,
Daniel_Peintner, Farshid_Tavakolizadeh, Michael_Koster,
Cristiano_Aguzzi, Ege_Korkan, Joshue108,
Tomoaki_Mizushima, Ken_Ogiso, Kunihiko_Toumura,
Ryuichi_Matsukura, Sebastian_Kaebisch
Regrets
David_Ezell
Chair
McCool, Sebastian
Scribe
Jennifer, Daniel, Farshid
Scribes
<kaz> Agenda:
[127]https://www.w3.org/WoT/IG/wiki/F2F_meeting_2020_2nd#WoT_F2
F_Agenda
[127] https://www.w3.org/WoT/IG/wiki/F2F_meeting_2020_2nd#WoT_F2F_Agenda
<kaz> 1. Jennifer
<kaz> 2. Daniel
<kaz> 3. Farshid
Presentations
<kaz> [128]Presentations area
[128] https://github.com/w3c/wot/tree/master/PRESENTATIONS/2020-06-online-f2f
<inserted> scribenick: jenlin
McCool: Double-check the name of your presentation
Use Case Prioritization
[129]Slides on Use Cases and Requirements
[129] https://github.com/w3c/wot/blob/master/PRESENTATIONS/2020-06-online-f2f/2020-06-25-Usecases-Requirements-Lagally.pdf
Lagally: Cancelled earlier Use Case call due to low attendance,
merging with this call
... Almost 2 hours for Use Case results
... More of a discussion today rather than presentation on the
Architecture Use Cases & Requirements
... Questionnaire results
... Use cases ~ 20 proposed in the architecture group
... Mentions active contributors of Use Cases
... Also target domains
... Work split: Architecture and Use Case Task Force
... Capture new use cases, open to all IG members, community,
and guests
... All use case related issues moved over to new repo
<kaz> [130]wot-usecases repo
[130] https://github.com/w3c/wot-usecases
<kaz> [131]old USE-CASES area from the wot-architecture repo
[131] https://github.com/w3c/wot-architecture/tree/master/USE-CASES
Lagally: folder called Contributions for new use cases
<kaz> [132]use case template
[132] https://github.com/w3c/wot-usecases/blob/master/CONTRIBUTIONS/use-case-template.md
McCool: Subdirectory is old use case template, top level is new
Lagally: Will fix after call
<kaz> [133]initial use case draft
[133] https://w3c.github.io/wot-usecases/
McCool: This is an informative document (use cases) and there
will be no royalty commitment required
Lagally: There is an "Issues" tab and structure things separate
<kaz> [134]wot-usecases issues transferred from
wot-architecture repo
[134] https://github.com/w3c/wot-usecases/issues
Lagally: Architecture Discussion Process diagram
... Use Case Shortlisting
... Want to make sure Use Cases coming from different sources
have business interests
... And real market needs
... Want to make sure to focus on the important/priority use
cases
McCool: 40% of use cases involves orchestration of devices from
market
... how do you account economic activity?
Koster: owe you a use case based from market need
McCool: agree with basic point to need to figure out advantage
Koster: Capabilities model
Lagally: will have another use case meeting, ask mk to join
Koster: dog upset by fireworks
Lagally: Questionnaire results
Koster: Will try to make regular call
Kaz: what about inviting Koster to the architecture call?
Lagally: good idea
<kaz> architecture calls are 11pm and 8am in PDT
Prioritization questionnaire results
[135]Slides on Use Cases and Requirements
[135] https://github.com/w3c/wot/blob/master/PRESENTATIONS/2020-06-online-f2f/2020-06-25-Usecases-Requirements-Lagally.pdf
Lagally: Put together the results as of 25.6 @ noon
... have not received responses on all the use cases
... business relevant responses are higher than business
critical
<kaz> [136]questionnaire results (member-only)
[136] https://www.w3.org/2002/09/wbs/1/wot-uc-priority-202005/results
Lagally: anyone not a W3C member?
Josh: part of the W3C Team
Lagally: Ogiso-san a W3C member?
Kaz: yes.
Lagally: Lots of written feedback to look into
McCool: This questionnaire is very flat.
... I marked a lot of things as business critical
... What's missing is to rank the use cases
... Need to do trade-offs between use cases
Lagally: Right. Will get to it in the second half of the call.
Will assign rank.
... Need to do weighted results, inventing a formula.
... Weighted Results, e.g., business critical=6; business
relevant=3; useful=1
... This is not final
... What people are interested in the most
... representing the members of the group
McCool: This metric ranks things higher even though there are
other things that are business critical
... While this is helpful, a more direct question about ranking
will be helpful
Kaz: Similar to McCool. The result of direct question might be
the same as the results of this formula, but if some use case
is very important for a company, it should be handled and
included in the final proposal
... probably, we can categorize all the proposed use cases into
3 categories, critical, relevant and useful, and then which use
cases would be handled by whom
Lagally: identify what needs to happen if we dig deeper in
requirements
... identify people who say this is important enough for me
that would be willing to contribute their expertise and
anaylsis in the existing spec
... look at examples as well
... who would be willing to do something here
... using numbers for trends
... And stakeholders
Josh: Weighting accessibility of the current model/business --
I don't think this reflects the importants of accessibility in
all the use cases
... be careful about drawing conclusions based on these numbers
... it's hard to find business cases for accessiblity in WoT
... demonstrate lack of tangable cases of accessibility in this
business space
Lagally: thank you, taking notes
McCool: accessibility and other horizontal things might confuse
the picture
<Joshue108> +1 to MMcCool
McCool: should look at the importantance of difference
technologies over horizontals
... categorize and sort into buckets
... accessibilty should be in the same category of security and
privacy
<Joshue108> +1 to MMcCool again
McCool: considered for every use case
... some of these are tricky, like audio/video
... vendor/system integration is also a horizontal
... 10 are verticals, 6 are horizontals
Lagally: let's capture this as a first finding
... prioritize horizontals
McCool: not all verticals need all the horizontals
... not all veriticals will need OAuth2 for example
... need a matrix to show this
Kaz: remember we already talked about horizontal vs vertical in
last architecture call
McCool: charter requirement
<Joshue108> +1 to Kaz :-)
Lagally: Horizontal Use Cases
... Accessibility, Privacy, Security, l18n
(Internationalization)
McCool: Other vertical groups we should be reviewing with
... Different overlaps we need to review with verticals
Lagally: Vertical Use Cases
McCool: We should coordinate with these vertical groups
<kaz> horizontal use cases should include: accessibility,
privacy, security, i18n
<kaz> vertical should include: DAS (geolocation), Automotive,
ME
McCool: We need to draft the use case document and reach out to
the groups
... Ask for reviews and input right away when we have a
reasonable design document
... when we have a first document we have consensus on
<inserted> scribenick: kaz
Jennifer: one possible addition for the vertical use cases is
medical one
... need to define what a "medical device", though
... various viewpoints like certified devices
<inserted> scribenick: jenlin
Lagally: There are different standards for military and fitness
trackers, etc
... Do we need to classify different things?
<Joshue108> [137]https://www.w3.org/WAI/APA/
[137] https://www.w3.org/WAI/APA/
Josh: happy to be point of contact for accessibility reviews
<Joshue108> [138]https://www.w3.org/WAI/APA/wiki/Wot_usecases
[138] https://www.w3.org/WAI/APA/wiki/Wot_usecases
Josh: we have a wiki for use cases and added use cases to it
... done a lot of work in user needs and requirements for real
times communications
... just a head's up for some of the work our group has done
<Joshue108> Accessible Platform Architectures (APA)
Josh: the purpose of APA is to make sure W3C specifications
support accessibility
Lagally: do we have any previous experiernce in end to end
(machine to machine communication) sensor/robot interaction?
Kaz: suggest the results from the questionnaire as a basis for
peoples' interest in the categorized use cases here and provide
further contributions
<kaz> scribenick: dape
Kaz: ask for further contributions
McCool: Issue of health: regulation
... expensive to get certification
... similar issues: Automotive, Smart grid and smart building
... wrt. use cases: is it a given industry?
... people avoid health... due to the afore mentioned issues
Lagally: implications of requirements work
... does it help if we know is it regulated?
McCool: Yes. Question whether we need expert.
JENNIFER: Certification is important since some people will
refuse to use it if certification is missing
Lagally: Is there a analogy to HTML ?
McCool: HTML is expection
... e.g. had documentation requirements like XML
... hard to know when you need certification
Lagally: Would be good to know when certification is needed
McCool: WoT TD might need certification
... archived for long time storage
Lagally: Some use-cases still under-represented?
... 5 minute break
<kaz> [5min break]
Lagally: please speak up if someone feels issue
under-represented
<inserted> [139]Requirements area
[139] https://github.com/w3c/wot-architecture/tree/master/REQUIREMENTS
Lagally: We have requirements in wot-architecture
<McCool> sure, I can let others go first ;)
Lagally: 2 req documents created
... one on thing templates
... similar: geolocation support document,
[140]https://github.com/w3c/wot-architecture/blob/master/REQUIR
EMENTS/geolocation.md
... mentioning requirements, related standards, othe
references, comments
[140] https://github.com/w3c/wot-architecture/blob/master/REQUIREMENTS/geolocation.md
McCool: are some use cases requirements?
... e.g., OAuh2
Lagally: Was thinking along the same lines
McCool: Yes, should remove OAuth2 from use-cases
Lagally: Will do
... Some UCs have 1:1 mapping to requirements, other may have
multiple reqs
McCool: let's single out technologies to requirements
... sometimes still fuzzy
Lagally: Several new use cases
... from Cristiano, Ben and McCool
Cristiano: Open field smart agriculture and smart managament
came from one project
... comes from IOT-based platform
... uses Fiware at the moment with LORA (devices that can go to
sleep)
... w.r.t. "Building structural health monitoring", Italien
project on platform for bulding, bridges, ..
... multiple sensors taking high frequency samplings
... can create use-case document
Lagally: Thanks, very helpful
Cristiano: Smart water managements use case is about managing
network of channels
Lagally: related to Fujitsu use-case
... Ben provided use case. Not in the call right now
... Interactive digital signage
Kaz: there is business group on digital signage
... will try to reach out
Lagally: McCool has 3 new use cases
McCool: AI Services, Edge Computing, IoT Orchestration
... Edge Computing: presentation about leveraging WoT discovery
... AI Services: like face detection. pre-defined service,
retail use-case contains it for example
... is somewhat horizontal
... IoT Orchestration: landing zone for scripting
Lagally: Kind of mash-up?
McCool: IoT Orchestration is idea of representing result as new
thing
... new TD
Lagally: reminds me about "links between things"
Kaz: w.r.t. new ideas, we could have another category between
horizontal and vertical, e.g., middleware, if needed
Lagally: I am not opposed to 3 categories... if it helps us
<McCool> McCool: I think we should stick to 2 categories for
now... simpler
<McCool> ... middleware should probably be horizontal
<kaz> Kaz: that's also fine since middlewares tend to get into
the horizontal platform in the end :)
Cristiano: Besides project of monitoring we are evaluating
policies of WoT services
... services discovering other services
... dynamic service migration
McCool: Web worker migration seems related
... virtual things: in retail use-case we use partly virtual
and not physical things
Lagally: comes close to digital twin use case
McCool: Motivation: support for virtual things
<McCool> ... much easier to substitute virtual devices (eg a
camera and AI instead of a real door sensor) if both are
"Things"
Lagally: More new use cases/ideas?
... hearing none
... Summary
... looked into business critical vs. business relevant
... talked about weighted results
... horizontal vs vertical use-cases
... requirements: like OAuth2
... new use-case proposals
... after break we take a look at the points from requirements
perspective
... re-start in 7 minutes, 5 past the hour
<kaz> [7min break]
<kaz> scribenick: FarshidT
Requirements
[141]Slides on Use Cases and Requirements
[141] https://github.com/w3c/wot/blob/master/PRESENTATIONS/2020-06-online-f2f/2020-06-25-Usecases-Requirements-Lagally.pdf
link to repo directory:
[142]https://github.com/w3c/wot-architecture/tree/master/REQUIR
EMENTS
[142] https://github.com/w3c/wot-architecture/tree/master/REQUIREMENTS
Lagally: there is no risk of adding patents into use cases
McCool: the contributions should actually be royalty free. We
have to warn people about that.
... the normative specs cannot include non royalty-free
materials
Kaz: normative portion within the final W3C Recommendation must
be royalty-free, but examples and informative sections don't
require royalty-free commitments
Lagally: more interested into application domains
[143]Requirements for Thing Templates
[143] https://github.com/w3c/wot-architecture/blob/master/REQUIREMENTS/thing-templates.md
Lagally: if a use case requires standardized system component,
it can be included in requirements
... template if good to formulate ideas.
... related standards can point to what other task forces have
been doing to give a good starting point, also not to reinvent
and have overlaps.
McCool: should each use case have a corresponding requirements
document?
Lagally: no, we extract requirement from all use cases. One
requirement may apply to multiple use cases.
... the goal is to have atomic requirements, i.e.
non-overlapping
McCool: also precise and satisfiable
Lagally: acceptance criteria for satisfiability
... we need to have stakeholders for use cases
McCool: we can capture requirements in the PoC meeting. Let's
add this to the agenda.
Lagally: retail and smart city use cases have priority for
Intel.
McCool: manufacturing and smart building may be a priority for
Siemens. Need to confirm.
Kaz: Audio/Video is important for NHK. With help from Kaz.
Chris Needham?
Lagally: for agriculture, there are requirements for
greenhouse, stakeholders are Matsukura-san an Christiano.
... smart city: Michael McCool and Jennifer will work on
requirements
McCool: health is theoretically important, but we don't have
anyone suitable to work on it
Lagally: manufacturing: Sebastian?
... multi-vendor system integration: Oracle has a lot of
interest. M. Lagally.
... multimedia system integration: Intel has interest but no
time, maybe Josh can look into it? Kaz would like to volunteer.
... accessibility: Josh?
... automotive: no expertise
Kaz: can ask about the interest of Access for automotive use
case
Lagally: energy/smart grid: Christian G. from Siemens worked on
the use case. Maybe he can work on it.
... smart building: Farshid, and Andrea C. (UPM)?
... transportation: the use case in very broad, and high level.
Needs additional work.
... Can Zoltan work on transportation?
... shared devices and resources: Ege?
Ege: will continue working on the details
McCool: willing to help Ege regarding this use case.
Lagally: oauth flows use case
McCool: need to look into flows and decide which ones make more
sense. Will be the point of contact.
Lagally: device life cycle: In good hands. Zoltan and M.
Lagally will continue to work on it.
Kaz: got a response from Josh, he will rejoin the call to
discuss accessibility.
Lagally: need to prioritize which use cases to cover in the
next arch. calls (July 7th and then 14th)
... welcomes and briefs Josh
<Joshue108> I can bring these back to Accessibility Platforms
Architecture working group for feedback
Josh: agrees with assignments i.e. multimodal system
integration, accessibility
McCool: first pass needs Josh's expertise
Josh: functional requirements can come from user needs
<Joshue108> +1 to Michael L
Lagally: add a section in requirements section for user needs?
Josh: agrees
Lagally: use case shortlist for next two arch. calls: retail,
agriculture, smart city, multi-vendor system integration,
multimodal system integration, smart building, shared devices
and resources, oauh2 flows, device lifecycle
... have names and owners for all use cases
... need confirmation from some stakeholders
... will check the status in two weeks
... wrap up session tomorrow?
McCool: yes and thing descriptions
Lagally: can get the confirmation from others tomorrow
Farshid: will check with Andrea C.
Lagally: thanking all, closing
<kaz> [Day 4 adjourned]
[144]↑
__________________________________________________________
Day 5
Attendees
Present
Kaz_Ashimura, Michael_McCool, Ben_Francis,
Daniel_Peintner, Farshid_Tavakolizadeh, Jennifer_Lin,
Michael_Lagally, Takuki_Kamiya, Michael_Koster,
Sebastian_Kaebisch, Ryuichi_Matsukura
Regrets
David_Ezell
Chair
McCool, Sebastian
Scribe
Ben, Taki, Cristiano
<kaz> [145]Presentations area
[145] https://github.com/w3c/wot/tree/master/PRESENTATIONS/2020-06-online-f2f
Scribes
<kaz> 2 for TD, 1 for marketing
<kaz> 1. Ben
<kaz> 2. Taki
<kaz> 3. Cristiano
TD
<kaz> scribenick: benfrancis
[146]TD slides
[146] https://github.com/w3c/wot/blob/master/PRESENTATIONS/2020-06-online-f2f/2020-06-26-Thing-Description-Kaebisch.pdf
Sebastian: Welcomes the group to Friday session of F2F, Thing
Description discussion
... Known TD spec bugs, under-specified features, new features
for TD 1.1, Status of Templates, hypermedia, discovery &
security
... Discovery & Security will recap discussion from Monday
* Editorial bugs
Sebastian: Want to improve the Thing Description and make it
more powerful. We have found bugs, e.g. in Example 17.
Example 17 has a stray comma which prevents parsing as valid
JSON
Pull request to remove the comma. Question: Should we update
the main Thing Description specification as well?
Kaz: The latest policy is, as long as a fix is editorial, can
fix recommendation itself.
McCool: Should create Errata page so people know what has
changed.
Kaz: Should file two issues, one for recommendation and one for
latest Editor's Draft
McCool: Could label issues that need to be landed in
Recommendation.
<kaz> [147]PR 914
[147] https://github.com/w3c/wot-thing-description/pull/914
Kaz: Can define a simple procedure so we can fix the current
draft on GitHub using PRs, but create additional issue for
Recommendation. Consolidate editorial issues and ask webmaster
to reflect these in the published specification.
... BTW, there was another issue pointed out regarding table
syntax. #919
<kaz>
[148]https://github.com/w3c/wot-thing-description/issues/919
[148] https://github.com/w3c/wot-thing-description/issues/919
RESOLUTION: Pull request to remove comma to be merged into
latest Editor's Draft. The comma is banished. Should create
Errata document to note bug fixes. Daniel will create separate
issue to remove comma in Recommendation, with a label to note
editorial change.
Sebastian: Issue 915
[149]https://github.com/w3c/wot-thing-description/issues/915
[149] https://github.com/w3c/wot-thing-description/issues/915
Validates as valid Thing Description, but if using JSON
Schema(?) validator does not correctly recognise terms in
securityDefinitions collection.
McCool: Schema has definitions for things that have been
removed, needs a cleanup
Sebastian: For people who want to use semantic tools, will have
issues with security members
McCool: Can we update the file as is or publish a new version?
If it's a bug fix, updating the current version makes sense
Should delete extra schemes that are not in the spec to bring
it inline with the specification
How did we miss this? Do our testing tools like include JSON-LD
tests?
Sebastian: We are not doing enough semantic testing in our
PlugFests
McCool: We did do testing, but treated as optional elements so
did not trip the test case. Or similar.
Ege: Should have thrown an error. Perhaps JSON-LD version in
playground is old.
McCool: Should fix the testing so it does trip on this, and fix
context file. Investigate if fixing in place with bug fix is
reasonable.
Sebastian: Context file not directly in the specification. Is
it OK to just change it? The specification is correct, but the
model file has a mistake.
Kaz: Should think about impact for implementations if we fix
the bug in the context file. Will implementations be impacted,
what would need to be changed. Should carefully consider.
McCool: Notify people in advance that the context file will
change in place, set a date for that change, archive old
version with new URL (e.g. v1_obsolete)
Need to consider this a bug fix.
Kaz: Can bring this to project manager and ask if OK to reflect
the change.
... If change impacts implementation then need to discuss
further.
<McCool> to capture what else I said: I'd like to suggest we
establish a minor version, and let "v1" pick up the latest
minor version
McCool: Thanks, I lost track of that part.
<McCool> then if people really want older versions, they can
use a more specific minor version, eg. v1-0, v1-1, etc.
Sebastian: Implementors may wonder why they do not see
securityDefinitions
Kaz: Should assess potential impact
Taki: Can ask bug filer how it impacted their implementation
Sebastian: Bug filer has a workaround.
Dape: Have previously been asked to file issues for Errata
items, this seems similar. I think it would be good to not just
do change in an issue but list as an Errata item.
Kaz: Already provide a template for Errata entries. This issue
might be problematic for implementations should carefully look
into this.
McCool: Different to modifying the specification (human
readable), this is machine readable and would impact
implementations. Bug fix in minor versions.
Figure out how to do bug fix as code, not just editorial change
in spec.
Kaz: Should clarify what our intention was. If this was
intended specification this is fine, but need to fix bug on
specification itself for next version.
<kaz> [150]Errata file
[150] https://w3c.github.io/wot-thing-description/errata.html
McCool: Not an errata issue in spec, bug in file, spec is fine
Kaz: If implementations are impacted, that would be a problem.
Lagally: Support idea of Errata document. So implementors know
what to do to be interoperable, and understand if there is a
delta from what has been published.
Sebastian: Is this Errata document linked in the recommendation
document?
Kaz: Yes, there is a link in the top section.
Sebastian: Resolution: I will respond to issuer to say we can
approve this bug and will fix this in the Errata process.
... These were the two topics we need to address very soon.
<kaz> thinks it's actually a good proof of the fact that people
have started to use the TD spec :)
<benfrancis> kaz++
* URI Variables
Sebastian: Specification looks like we should use uriVariables,
except action input field. Criticized in some issues. Should
clarify when we should use uriVariables.
McCool: So using uri query paramaters is considered bad
practice in API design?
Sebastian: Yes and no. Can use uriVariables in properties etc.
But for actions we have inputs, so why are we showing an
example of uriVariables for actions when we also have input?
uriVariables should probably be avoided if possible for new
systems.
McCool: Two issues. Did we introduce uriVariables as a good
example.
<kaz> [151]Issue 910
[151] https://github.com/w3c/wot-thing-description/issues/910
uriVariables are actually bad practice in actions. For actions
you do have paramterized actions. The use case that comes up is
if input is binary data like an image.
Inconvenient to have to create a body that has some JSON. There
are use cases for this, need to explain.
Sebastian: We should be more clear about usage?
Dape: Disagree. Using uriVariables for properties is bad
design. In case of actions when you POST something considered
good practice if convey data in body. For properties there is
no outcome so considered back practice.
McCool: Question is what you use the query data for. Might want
to put data parameters in POST query. Binary vs. ASCII data.
Need a best practices document that explains these tradeoffs.
The spec just says what the spec can do. Examples should be
reasonable and not contradict best practices.
Sebastian: Example 21 uses uriVariables in a property. Passed
in URL in form. Looks good to me, should maybe provide
clarification.
McCool: I do agree this is a reasonable use. Constraining the
type of data you're getting back. More like a query/database
query.
... I can see it being justified.
Dape: This is a good example of a running instance that works.
Sebastian: But is it really running?
<sebastian>
[152]https://cdn.statically.io/gh/w3c/wot-thing-description/d7c
47cfce6df02f162e16164fe9beee1802ebbeb/index.html#example-21
[152] https://cdn.statically.io/gh/w3c/wot-thing-description/d7c47cfce6df02f162e16164fe9beee1802ebbeb/index.html#example-21
<sebastian>
[153]https://samples.openweathermap.org/data/2.5/weather?q=Lond
on,uk&appid=439d4b804bc8187953eb36d2a8c26a02
[153] https://samples.openweathermap.org/data/2.5/weather?q=London,uk&appid=439d4b804bc8187953eb36d2a8c26a02
<sebastian> PR on updating example 21:
[154]https://github.com/w3c/wot-thing-description/pull/911
[154] https://github.com/w3c/wot-thing-description/pull/911
Sebastian: Should we merge this PR? Update example? More
reasonable, not as confusing.
<Ege> [155]https://openweathermap.org/current
[155] https://openweathermap.org/current
FarshidT: Root of the problem is really the HTTP method. GET
request should not change state.
Sebastian: Action comes from Matthias. Comes from Nabaztag
(Wi-Fi rabbit). Has a REST API. Designed a Thing Description
for this. Uses GET method with parameters. So it's the rabbit's
fault.
... The Thing Description should show best practice.
I may have paraphrased...
RESOLUTION: We will merge this PR.
Sebastian: Should we also close this issue?
[156]https://github.com/w3c/wot-thing-description/issues/913
[156] https://github.com/w3c/wot-thing-description/issues/913
Keep open, but clean up later.
* readmultipleproperties
<inserted> [157]Issue 848
[157] https://github.com/w3c/wot-thing-description/issues/848
Lots of discussion about readmultipleproperties
Very fussy and strange that it was adopted by specification
since there is an expectation we have implementations.
Ege: There are no implementations.
... There are TDs produced, but implementation wasn't doing it
properly.
... Report says there are two implementations, but I can only
find examples from node-wot
<inserted> scribenick: taki
McCool: It was the last minute change.
<McCool> to be clear, implementation report was totally
data-driven, but this extra implementation might have been
based on a manual assertion rather than a TD
<McCool> we will have to look at the archives in more detail
Sebastian: It cannot disappear now. I should investigate more
such as use cases in CoAP PATCH and OPC-UA.
... also it may be common in cloud systems.
Lagally: Network overhead is significant.
... We do read-all in our implementation.
... It is useful in practice.
Koster: Digital twin systems, common interaction through
incremental changes.
... It looks like an interaction model issue.
... It is a model issue.
Ege: It is not clear why we need to supply an array.
... It is different in pub/sub case.
... If it is using URI variable, how can we do this?
Sebastian: It is not well explained in spec.
Daniel: We have both methods for retrieving multiple and all.
... From scripting perspective, it is not really necessary to
have both.
... I can do real-all. If it is only 2 or three, we can use
promise.
Koster: read-all satisfies the requirements.
Zoltan: Are there anyone who absolutely need read-multiple?
Sebastian: CoAP-PATCH? We need to investigate.
Koster: CoAP-PATCH is for patterns. OPC-UA, there is a
bulk-load. Cloud systems usually does not need read multiple.
Zoltan: I have never seen use cases that need read multiple.
Koster: Some people may see read-multiple as optimization.
Zoltan: I can group them in an object in TD.
Koster: There are design patterns. But we do not have concrete
use cases.
Ben: It is safe to remove read-multiple. We can make it as a
feature at risk in the coming version.
Sebastian: One possibility is to remove it in the next version.
At the same time, we could investigate more. For now, it seems
that removing it makes more sense.
Zoltan: We can add it later.
Daniel: You can mark a feature so if nobody finds it useful, is
there procedure in W3C?
Issue #913 Improve text on Action parameters
<inserted> [158]Issue 913
[158] https://github.com/w3c/wot-thing-description/issues/913
Zoltan: multiple parameter case is not very clear in spec right
now.
Sebastian: Those are the issues that I wanted to have discussed
today.
... new features next.
<Ege> brb
Sebastian: minLength, maxLength and multipleOf in Data Schema,
see PR #896.
<inserted> [159]PR 896
[159] https://github.com/w3c/wot-thing-description/pull/896
Sebastian: Have not merged yet because there is a problem in
rendering script now.
... Victor is not available today. He works on rendering
script.
Sebastian shows JSON Schema ontology HTML.
Ben: Mozilla implementation already has multipleOf because
there is a use case.
McCool: Are there any JSON schema features that we do NOT want?
Sebastian: the set we have now was all experimented in
plugfests.
McCool: developer expectation is that it is JSON-Schema.
Koster: We have not seen many payload examples.
... Let's make a bigger useful subset for common payloads.
McCool: We should talk to people experienced in IoT payloads.
Sebastian: We say in spec that we support all keywords.
McCool: $ref, for example, does it break validation?
... we should base our decision on community experience.
Ben: Mozilla implementation is basically using the set
specified in W3C recommendation.
definition and $ref
Sebastian: next, definition and $ref. This is new as well.
... Define data model constructs once, and use it in multiple
places by reference.
<benfrancis> The Mozilla implementation so far uses enum,
readOnly, minimum, maximum and multipleOf. And unit, but I
think that was added for WoT.
Sebastian shows Issue #307.
<kaz> [160]Daniel's example for Issue 307
[160] https://github.com/w3c/wot-thing-description/issues/307#issuecomment-650072301
Sebastian: It was originally suggested by Toru Kawaguchi.
Koster: "definition" is convention in JSON schema.
Ege: Yes
Koster: we can use JSON pointer, and JSON validator work on
that.
Sebastian: JSON validator does not understand action, property,
etc.
<cris>
[161]https://github.com/w3c/wot-thing-description/issues/912
[161] https://github.com/w3c/wot-thing-description/issues/912
Cristiano: I have issue with Content-type in schema. We can
discuss in next TD call.
<Ege>
[162]https://github.com/eclipse/thingweb.node-wot/blob/a3999fac
20a4616d209fe0c1830a311cef0b86a4/examples/templates/exposed-thi
ng/src/base.ts#L124
[162] https://github.com/eclipse/thingweb.node-wot/blob/a3999fac20a4616d209fe0c1830a311cef0b86a4/examples/templates/exposed-thing/src/base.ts#L124
Lagally: Design question. Do we need to parse TD once or twice
to resolve references?
... This is important for constraint systems.
Ege: I posted a link.
Koster: there are also recursive and circular references.
Lagally: We should discuss to limit references to backward
references, for example.
... can you use variable before you declare it?
Daniel: With JSON, object members are shuffled around.
... there is no way to define order in JSON.
Lagally: We have TD serialization, and we can specify.
... This is an issue with small devices.
Sebastian: client may not use all dependencies.
... It is up to the use case.
Koster: constrained devices cannot buffer much in memory, is
that the point?
... security thing is the same.
<McCool> sequence is not technically required by the spec...
but maybe could be required by the profile
Daniel: complexity raises. You can point anywhere in the
document with JSON-schema.
Lagally: We should keep this issue in mind, and specify how to
limit if necessary.
Farshid: Default security, for example. We no longer need it.
... If we copy it to elsewhere, the links will break.
Daniel: We do not intend new dependency.
Farshid: It is only for data definition.
Koster: can we reference definitions outside of the document?
Ege: $ref depends on implementation.
... It is underspecified in JSON-schema spec intentionally.
... AJV, for example, does not have TD scope.
<sebastian_>
[163]https://github.com/eclipse/thingweb.node-wot/blob/a3999fac
20a4616d209fe0c1830a311cef0b86a4/examples/templates/exposed-thi
ng/src/base.ts#L124
[163] https://github.com/eclipse/thingweb.node-wot/blob/a3999fac20a4616d209fe0c1830a311cef0b86a4/examples/templates/exposed-thing/src/base.ts#L124
Ege: You have to copy definition into actions before handing to
AJB.
Daniel: You can copy the entire definition to next to $ref/
... i.e. within the same scope.
Ege: $ref, all depends on implementation.
Sebastian: $ref processing depends on validation tools?
Ege: there is common practice among implementations.
... But it is not specified in JSON schema.
Sebastian: We can specify in TD spec then.
... We can also use JSON pointer.
Kaz: I am skeptical about this proposal.
... for example, there is a possibility of using Verifiable
Credentials and DID for user credentials, so we should look
into some more use cases to see the actual need for "$ref and
definitions".
... We should look at more use cases.
McCool: We can have "processed" version of TD.
... external definition should be disallowed.
... DID is new spec at this point.
... $ref makes more sense to me.
Sebastian: We discussed this in TD call, and we agreed we need
this feature.
Kaz: If the main purpose is defining address separately and
referring to it once, do we really need this feature?
McCool: We wanted to reduce redundancy.
... We should start describing use cases.
... redundancy invites error.
... We should describe use cases.
Ben: parsing algorithm's point view, it introduces complexity.
We can make it preprocesing in the server.
Sebastian: Complexity vs. redundancy is a recurrent issue.
Ben: This is also an issue TDT.
<cris> taki I can take over the notes, or at least I try :)
Sebastian: We have only one hour left.
... We should take a break.
<benfrancis> I also think securityDefinitions should be
simplified so that security can be used on its own for simple
examples
([164]https://github.com/w3c/wot-thing-description/issues/300)
[164] https://github.com/w3c/wot-thing-description/issues/300)
<benfrancis>
[165]https://github.com/mozilla-iot/wiki/wiki/Mozilla-W3C-Diffe
rences
[165] https://github.com/mozilla-iot/wiki/wiki/Mozilla-W3C-Differences
Ben: I started to document the difference between Mozilla
implementation and W3C specification in the hopes that they
will converge.
<cris> ben: starts to document the differences between
mozzilla'TD and W3C TD. Trying to convege
Sebastian: Thank you very much, it is a great work.
... People expect the two are the same.
Ben: there are many minor differences. The bigger one is
architecture changes including protocol binding.
McCool: Profile can help.
<inserted> scribenick: cris
McCool: 10 minutes break
<kaz> [10min break; resume at 15mins past the hour]
McCool: sharing the agenda
Marketing - Current activities
[166]Marketing slides
[166] https://github.com/w3c/wot/blob/master/PRESENTATIONS/2020-06-online-f2f/2020-06-26-Marketing-Kaebisch.pdf
McCool: sebastian review of activities, discussion of the next
steps
Sebastian: quick update, showing a patchwork of different
articles where wot were mentioned
... sharing links to these articles
... please add more if have seen other sources mention wot
... showing the new logo
... please use the new one
... we are working with webcastor which already worked for W3C
... we are going to create a video, Siemens will sponsor it
... and Intel
... sponsor positions are open
... a style of video was decided
McCool: two kinds of sponsorship: money or logos
Lagally: is there some of document which explain the content of
the video
Sebastian: there are some slides about it, cannot show them now
... topic twitter account
... go to @W3C_WoT
<kaz> [167]@W3C_WoT
[167] https://twitter.com/W3C_WoT
Sebastian: there is a draft of a new wot web landing page
<dape> [168]https://github.com/w3c/wot-marketing/issues/65
[168] https://github.com/w3c/wot-marketing/issues/65
Sebastian: was made by Studio 24, daniel has more details about
it
Daniel: provides a link with next steps
... studio24 will provide updates in that issue
<kaz> [169]timeline
[169] https://w3c.studio24.net/timeline/
Daniel: studio24 plans to work openly
Kaz: they are working with the basic template HTML+CSS like a
CMS so that people can easily maintain the Web pages
Daniel: it might be complicated to handle users
Kaz: mentioned to them the possible difficulty with working on
the W3C content which consists of multiple mechanisms
Sebastian: new page on wikipedia about WoT
... it was outdated and not reflected what W3C was doing
... someone made some changes but violated some copyright rules
... we need to discuss how can we improve it
... like describing the different blocks in the W3C WoT
architecture
Ege: we need to provide more references
Sebastian: how can we improve it ?
McCool: create a draft were we can work together with other
parties
... also can we trigger an re-evaluation of the page content?
Ege: need to explicitly ask for an re-evaluation
McCool: in the marketing repo we have a md page that needs to
be kept in sync
Kaz: ege, do you know some external collaborator who can help
us with the wiki?
Ege: we can tweet about this
<kaz> [170]WoT welcome page
[170] https://w3c.github.io/wot-marketing/
Lagally: What's the plan with the public WoT landing page?
Daniel: the current one has nothing to do with what studio24 is
doing
<McCool> timecheck: now way over the 10m allocated...
Daniel: we mean to substitute it with the new one
Lagally: when is the best time to provide feedback about the
new landing page?
Kaz: we can talk about this during the next marketing call
Sebastian: Michael, you can comment anytime
Lagally: it is quite confusing because we have two versions
running in parallel
Kaz: the [171]W3C WoT Landing page was made/maintened by the
W3C Team, while the new [172]WoT Welcome page is
made/maintained by the WoT Marking TF.
... On the other hand, we (=Daniel, etc.) were asked for input
from Studio24 who is now working on the redesign of the global
W3C pages (except the group pages like the WoT Welcome page)
[171] https://www.w3.org/wot/
[172] https://w3c.github.io/wot-marketing/
Lagally: just let us know if something is ready for review
Kaz: Studio24 is working on the global W3C pages except the
group pages
... So we have to make a resolution on how/when to review the
WoT group pages including the [173]WoT Welcome page
[173] https://w3c.github.io/wot-marketing/
Lagally: so this group page is ready for review?
Sebastian: yes
McCool: time check 18 minutes left
... handle kaz presentation to next slot
... we should now discuss about the next steps
Sebastian: the next steps were already included in the previous
slides
... there is a broken link in the global W3C page
Ege: the point is that we do not have access to this page, even
if we are the most interested by its content
Kaz: there are two kinds of Web pages, 1. those maintained by
the W3C Team and 2. those maintained by the WoT WG ourselves.
So I wanted to explain what's ongoing on the W3C Team side, but
let's talk about the details during the next Marketing call
<inserted> [174]W3C Project Management Updates
[174] https://github.com/w3c/wot/blob/master/PRESENTATIONS/2020-06-online-f2f/2020-06-26-Project-Management-Kaz.pdf
<McCool> at the very least I think we need to streamline change
requests, eg with direct access to an issue tracker
Sebastian: topic upcoming conferences
... Ege has applied to a ASC 2020 conference
Ege: if anyone has input about my submission is there still
time for editing
McCool: we could also have a session were we review your
slides, maybe in the Marketing calls
... the conference it will be a good chance to talk with
experts from other technologies (i.e. openAPI)
Sebastian: there is a video about node-wot in action
McCool: there is also a template for slides to keep a
consistent look&feel
Ege: include some photos from plugfest as additional material
to include in presentations
McCool: we need to get a consent by people on these pictures
Ege: but they are already pubblic
McCool: we still need to get their consent
Ege: another thing in addition to a template we can put
material which will be used inside the presentations
McCool: any other comments?
... let's agree on the template and start to use it
Kaz: the template is nice, thank you
Wrap-up and Closing
[175]Slides
[175] https://github.com/w3c/wot/blob/master/PRESENTATIONS/2020-06-online-f2f/2020-06-26-Closing-McCool.pdf
McCool: topic closing session
... topic followup activities
... profiles in 2 weeks, call for TDT in 2 weeks (TD webex),
hypermedia calls in 3 weeks...
... try to cancel as many calls as we can to break after F2F
... let's cancell all the TF meetings but if you have an
exception please report it in the mailing list
<kaz> [176]Project management updates for Marketing
[176] https://github.com/w3c/wot/blob/master/PRESENTATIONS/2020-06-online-f2f/2020-06-26-Project-Management-Kaz.pdf
Kaz: should we move also the discussion about Marketing tools
in the next marketing call?
McCool: yes let's move it in 2 weeks
... when will the minutes be ready?
<inserted> from now, i.e., July 8
McCool: let's put fix a deadline: 2 weeks from now
... if there are any other follow up activities please email me
Lagally: I need to allocate someone to the requirements of
manufacturing
Sebastian: you can put me and Christian and also to the smart
building requirements
McCool: who's is going to post about F2F on twitter?
... assigns sebastian to this task
Kaz: please take a look at my slides before the next marketing
call
<kaz> [177]Project management updates for Marketing
[177] https://github.com/w3c/wot/blob/master/PRESENTATIONS/2020-06-online-f2f/2020-06-26-Project-Management-Kaz.pdf
McCool: we should keep an eye on Ege slides for the next
conference
... is any followup action that I miss?
... ok none, please if you have any additional items send me an
email
... please also update your presentations with a PR
... ok we are done
Kaz: thanks McCool and Sebastian
<kaz> also all the scribes!
Sebastian: thank you also from my side
[vF2F adjourned]
[178]↑
__________________________________________________________
Minutes manually created (not a transcript), formatted by
David Booth's [179]scribe.perl version ([180]CVS log)
$Date: 2020/07/07 12:03:51 $
[179] http://dev.w3.org/cvsweb/~checkout~/2002/scribe/scribedoc.htm
[180] http://dev.w3.org/cvsweb/2002/scribe/
Received on Thursday, 16 July 2020 00:43:37 UTC