W3C home > Mailing lists > Public > public-wot-ig@w3.org > February 2021

[wot-security] minutes - 25 January 2021

From: Kazuyuki Ashimura <ashimura@w3.org>
Date: Mon, 08 Feb 2021 20:47:08 +0900
Message-ID: <87zh0edbnn.wl-ashimura@w3.org>
To: public-wot-ig@w3.org, public-wot-wg@w3.org
available at:
  https://www.w3.org/2021/01/25-wot-sec-minutes.html

also as text below.

Thanks a lot for taking the minutes, Elena!

Kazuyuki

---
   [1]W3C

      [1] https://www.w3.org/

                              WoT Security

25 January 2021

   [2]Agenda. [3]IRC log.

      [2] https://www.w3.org/WoT/IG/wiki/IG_Security_WebConf#25_January_2021
      [3] https://www.w3.org/2021/01/25-wot-sec-irc

Attendees

   Present
          Cristiano_Aguzzi, Elena_Reshetova, Kaz_Ashimura,
          Michael_McCool, Oliver_Pfaff, Tomoaki_Mizushima

   Regrets
          -

   Chair
          McCool

   Scribe
          elena

Contents

    1. [4]meeting minutes from last meeting
    2. [5]let's look at the issue tracker
    3. [6]Apikey and psk explanation improvement
    4. [7]add URI template location for security scheme parameters

Meeting minutes

   <McCool> [8]https://www.w3.org/WoT/IG/wiki/
   IG_Security_WebConf#25_January_2021

      [8] https://www.w3.org/WoT/IG/wiki/IG_Security_WebConf#25_January_2021

  meeting minutes from last meeting

   [9]https://www.w3.org/2021/01/18-wot-sec-minutes.html

      [9] https://www.w3.org/2021/01/18-wot-sec-minutes.html

   McCool: date needs to be corrected

   McCool, any objections to the meeting minutes?

   McCool: approved

  let's look at the issue tracker

   McCool: looking at issue 191

   [10]https://github.com/w3c/wot-security/issues/191 - Review
   security architecture of Home Assistant

     [10] https://github.com/w3c/wot-security/issues/191

   McCool: let's capture the important points from this issue into
   our wot-security documentation

   McCool creates wot-security/background/hubs.md and puts text
   from issue 191 there

   [11]https://github.com/w3c/wot-security/blob/master/background/
   hubs.md

     [11] https://github.com/w3c/wot-security/blob/master/background/hubs.md

   McCool: now issue 191 can be closed.

   McCool closes issue 191

   McCool: other similar issues should contribute text in a form
   of PR towards background/hubs

   McCool: look at issue 187

   [12]https://github.com/w3c/wot-security/issues/187 - Review
   security architecture of OpenHAB

     [12] https://github.com/w3c/wot-security/issues/187

   McCool: adding text from issue 187 to background/hubs.md

   McCool: we would need to have template for describing different
   hubs

   McCool: we will leave the issue 187 open for now in case Oliver
   wants to make further edits

  Apikey and psk explanation improvement

   McCool: next let look into issues from agenda

   First one: [13]https://github.com/w3c/wot-thing-description/
   pull/1031 - Improve descriptions of apikey and psk security
   schemes

     [13] https://github.com/w3c/wot-thing-description/pull/1031

   McCool: in TD call last week we discussed this

   McCool: the new description seems to address the original
   issue, but we need to covert a couple of statements to
   assertions

   McCool: how do people feel about making it an assertion?

   Cristiano: agrees with this approach albeit testing this
   assertion is a problem

   McCool puts some comment into the issue

   including the potential wording for the assertions

   McCool: the important statement is to make sure that if someone
   stores secret information (like keys, passwords, etc) in a TD,
   then they are automatically not compliant with the TD spec

   McCool: we will discuss this at next TD call

  add URI template location for security scheme parameters

   [14]https://github.com/w3c/wot-thing-description/pull/1032 -
   WIP: Add URI template location for security scheme parameters

     [14] https://github.com/w3c/wot-thing-description/pull/1032

   McCool: this text is not quite ready yet

   McCool: we can use uriVariables instead of uri and parameters
   here

   McCool puts a comment into 1032

   together with an example on how it can look like

   McCool: If anyone has more comments, please comment also

   <kaz> [adjourned]


    Minutes manually created (not a transcript), formatted by
    [15]scribe.perl version 127 (Wed Dec 30 17:39:58 2020 UTC).

     [15] https://w3c.github.io/scribe2/scribedoc.html
Received on Monday, 8 February 2021 11:47:15 UTC

This archive was generated by hypermail 2.4.0 : Monday, 8 February 2021 11:47:15 UTC