- From: Kazuyuki Ashimura <ashimura@w3.org>
- Date: Tue, 24 Mar 2020 04:58:13 +0900
- To: public-wot-ig@w3.org, public-wot-wg@w3.org
available at:
https://www.w3.org/2020/03/09-wot-sec-minutes.html
also as text below.
Thanks,
Kazuyuki
---
[1]W3C
[1] http://www.w3.org/
- DRAFT -
WoT-Security
09 Mar 2020
[2]Agenda
[2] https://www.w3.org/WoT/IG/wiki/IG_Security_WebConf#9_Mar_2020
Attendees
Present
Kaz_Ashimura, Michael_McCool, Tomoaki_Mizushima,
Elena_Reshetova
Regrets
Chair
McCool
Scribe
kaz
Contents
* [3]Topics
1. [4]Agenda
2. [5]Previous minutes
3. [6]PING issue
4. [7]PR 164
5. [8]Minutes (revisited)
6. [9]PR 164 (revisited)
7. [10]Online F2F plans
8. [11]Issues
* [12]Summary of Action Items
* [13]Summary of Resolutions
__________________________________________________________
Agenda
McCool: let's go through the agenda
... unfortunately, have not got response from DID guys
Kaz: shall I respond to your message pinging them?
McCool: yes, please
... 30-min slot is proposed
[14]online f2f agenda
[14] https://www.w3.org/WoT/IG/wiki/F2F_meeting,_16-19_March_2020,_Online
McCool: (shows the agenda for today's call)
[15]today's agenda
[15] https://www.w3.org/WoT/IG/wiki/IG_Security_WebConf#9_Mar_2020
Previous minutes
[16]Mar-2 minutes
[16] https://www.w3.org/2020/03/02-wot-sec-minutes.html
McCool: repo reorg
... PING issue
... f2f face planning
... PRs
... I have no objections
... do we approve the minutes?
(Elena has problem with audio connection, so minutes review
will be revisited later)
PING issue
McCool: we haven't got response yet
[17]PING issue
[17] https://github.com/w3cping/privacy-threat-model/issues/17
PR 164
[18]PR 164
[18] https://github.com/w3c/wot-security/pull/164
(Elena's audio issue is resolved, and we revisit the previous
minutes review)
Minutes (revisited)
Elena: the minutes are fine
McCool: ok approved
PR 164 (revisited)
[19]PR 164
[19] https://github.com/w3c/wot-security/pull/164
McCool: Oliver has created an updated PR on end-to-end security
... but he is not available today
... so let's discuss this next week in detail
... we have a newly proposed paragraph here
... but "end" might be a bit misleading
Elena: quite generic
McCool: (adds a comment)
... maybe a bit confusing
... would be better to have a common "examples' subsection
... each example should define what the "ends" are
... we could merge this and then add edits later
... but would be better integration of the existing text and
new contribution
... (add some comments to the original PR 159)
[20]McCool's comments to PR 159
[20] https://github.com/w3c/wot-security/pull/159#issuecomment-596498298
McCool: let's check with Oliver next week
Online F2F plans
[21]Online f2f agenda
[21] https://www.w3.org/WoT/IG/wiki/F2F_meeting,_16-19_March_2020,_Online
McCool: had some discussion on the agenda
... would like to have Elena and Lagally at once
Elena: what time/date would fit with him?
McCool: the current Security slot is not good
... maybe we could start with adding known conflicts to the
agenda
... now we can look at Thursday
... there will be an online discussion for IETF topics but just
3 hours
Elena: you mean next week. right?
McCool: yes
Elena: I can make it on Thursday before 3pm EET
McCool: (adds a line about that to the "Known Conflicts"
section)
Elena: Wed after 5pm EET is not good either
... Tue after 4pm also
... Mon after 4pm as well
... if needed, may try to get adjusted, though
McCool: will ask Lagally about his availability/conflict too
Issues
[22]Issue 152
[22] https://github.com/w3c/wot-security/issues/152
McCool: no response to the PING issue yet
[23]Issue 161
[23] https://github.com/w3c/wot-security/issues/161
McCool: OAuth2 would be important for some of the new use cases
... (creates a new issue to re-introduce OAuth2)
[24]Issue 165 on re-introducing OAuth2
[24] https://github.com/w3c/wot-security/issues/165
McCool: we need to set up an authentication server for tests
... would be great to have it before the Helsinki f2f meeting
... would like to get an implementer to implement OAuth2
capability for node-wot
... starting with one producer and one consumer
... need to see what the adequate test would be too
... would like to have another implementation in addition to
node-wot
... need to see how many implementations we need
... (updates comments on Issue 165)
[25]updated comments
[25] https://github.com/w3c/wot-security/issues/165#issue-577882416
McCool: (also adds another comment)
[26]new comment to create a PR
[26] https://github.com/w3c/wot-security/issues/165#issuecomment-596505610
[27]https://github.com/w3c/wot-security/issues/161
[27] https://github.com/w3c/wot-security/issues/161
McCool: (adds a comment to Issue 161 as well)
... ACTION: Create a PR into the TD spec for discussion. Note
however that DIDs are still in flight, so...
[28]new comment on Issue 161
[28] https://github.com/w3c/wot-security/issues/161#issuecomment-596506210
McCool: but have conflicts with the TD call (after US DST
change)
... (and then creates a new issue on "Integrity protection to
TDs")
[29]Issue 166 on integrity protection
[29] https://github.com/w3c/wot-security/issues/166
McCool: (shows the "7.9 Proof" section of the DID draft)
[30]Decentralized Identifiers v1.0
[30] https://www.w3.org/TR/did-core/#proof
McCool: (adds reference to the "Linked Data Proofs" draft)
[31]Linked Data Proofs 1.0 (CG draft)
[31] https://w3c-ccg.github.io/ld-proofs/
McCool: wondering about the relationship between those
documents
Kaz: we can ask the DID-WG guys for clarification
[adjourned]
Summary of Action Items
Summary of Resolutions
[End of minutes]
__________________________________________________________
Minutes formatted by David Booth's [32]scribe.perl version
1.152 ([33]CVS log)
$Date: 2020/03/23 12:12:21 $
[32] http://dev.w3.org/cvsweb/~checkout~/2002/scribe/scribedoc.htm
[33] http://dev.w3.org/cvsweb/2002/scribe/
Received on Monday, 23 March 2020 19:58:21 UTC