- From: Kazuyuki Ashimura <ashimura@w3.org>
- Date: Fri, 25 Aug 2017 03:16:36 +0900
- To: Public Web of Things IG <public-wot-ig@w3.org>, public-wot-wg@w3.org
available at: https://www.w3.org/2017/08/23-wot-sec-minutes.html also as text below. Thanks a lot for taking these minutes, Elena! Kazuyuki --- [1]W3C [1] http://www.w3.org/ - DRAFT - WoT IG - Security 23 Aug 2017 See also: [2]IRC log [2] http://www.w3.org/2017/08/23-wot-sec-irc Attendees Present Kaz_Ashimura, Elena_Reshetova, Michael_Koster, Soumya_Kanti_Datta, Tomoaki_Mizushima, Zoltan_Kis, Michael_McCool, Barry_Leiba, Katsuyoshi_Naka Regrets Chair McCool Scribe elena Contents * [3]Topics 1. [4]Logistics 2. [5]Documents status 3. [6]IEEE Workshop * [7]Summary of Action Items * [8]Summary of Resolutions __________________________________________________________ <kaz> scribenick: elena Logistics McCool: agenda, change security task force meeting to Monday 3pm finland time? no objections, meeting time changed Documents status McCool: next agenda item, first draft for overall arch. and TD document security sections ... next wednesday, Aug. 30, is fist deadline ... monday is a final time for changes, after goes to review ... another item overal direction, general things go to architecture document, td doc only to have specifics <zkis> elena: yes, PR was made to mccool's repo with the TD next we are discussing PR that elena did with changes in TD security section pr would be accepted to mccool repo, he would cleanup etc elena: it would be nice to cross reference to threat model ... when writing security sections in different docs McCool: insert link to threat model in TD security section elena: use of secure transport should move to general architecture doc section <McCool> [9]https://github.com/mmccool/wot-architecture/tree/security [9] https://github.com/mmccool/wot-architecture/tree/security McCool: what pieces from generic practice document should be moved to the security architecture or TD sections? ... will do a first pass on generic arch. document security section, elena will take second pass <kaz> [10]https://github.com/w3c/wotwg/pull/5#issuecomment-32374263 [10] https://github.com/w3c/wotwg/pull/5#issuecomment-32374263 kaz: what is procedure from url above? <kaz> [11]https://services.w3.org/htmldiff?doc1=https%3A%2F%2Fw3c.git hub.io%2Fwot-scripting-api%2F&doc2=https%3A%2F%2Fraw.githubuser content.com%2Fdanielpeintner%2Fwot-scripting-api%2Fmaster%2Find ex.html htmldiff [11] https://services.w3.org/htmldiff?doc1=https://w3c.github.io/wot-scripting-api/&doc2=https://raw.githubusercontent.com/danielpeintner/wot-scripting-api/master/index.html we will do html diff according to above zkis, could McCool merge the PR above from Zoltan? <kaz> kaz: Zoltan was proposing a procedure (pullrequest 5) and everybody is encouraged to use htmldiff <kaz> [12]https://github.com/w3c/wotwg/pull/5 [12] https://github.com/w3c/wotwg/pull/5 RESOLUTION: will be merged McCool: access token currently for entire TD and not for individual entries elena: this is not good and won't scale in general McCool: we will need to double check this and discuss further ... minimize application functionality should go to general architecture <kaz> [13]pullrequest for wot-thing-description on McCool's repo [13] https://github.com/mmccool/wot-thing-description/pull/1 McCool: testing should also be moved into general document ... WoT API needs to be added to terminology list for further discussion question: what should be extracted from the WoT Current Practices document security section? elena: will take a pass on thinking and moving stuff <kaz> [14]WoT Best Practices document [14] http://w3c.github.io/wot/current-practices/wot-practices.html McCool will create first PR, elena will do a next pass everyone should read it and say their objections if any or recommendations McCool: what are the best available practices and reference to them? McCool will update the list of references from set that people recommended over email IEEE Workshop McCool: we need to submit proposal for workshop for S&P IEEE workshop by 20 of september anyone wants to volunteer? <kaz> [15]IEEE workshop page [15] https://www.ieee-security.org/TC/SP2018/cfworkshops.html McCool will try to do the first pass on it others need to review we should discuss it during next meeting McCool: will ask around who else wants to participate in workshop/share costs ... workshop probably is one day and asking people to submit short papers kaz: we will need to talk about it during next chairs meeting another option to consider is NDSS workshop in February but deadline is august 31st, so very soon next meeting is next monday Summary of Action Items Summary of Resolutions 1. [16]will be merged [End of minutes] __________________________________________________________ Minutes formatted by David Booth's [17]scribe.perl version 1.152 ([18]CVS log) $Date: 2017/08/24 18:13:22 $ [17] http://dev.w3.org/cvsweb/~checkout~/2002/scribe/scribedoc.htm [18] http://dev.w3.org/cvsweb/2002/scribe/
Received on Thursday, 24 August 2017 18:17:45 UTC