[PlugFest/Test] minutes - 8 August 2018

available at:
  https://www.w3.org/2018/08/08-wot-pf-minutes.html

also as text below.

Thanks a lot for taking these minutes, Kawaguchi-san!

Kazuyuki

---

   [1]W3C

      [1] http://www.w3.org/

                               - DRAFT -

                          WoT PlugFest/Testing

08 Aug 2018

Attendees

   Present
          Kaz_Ashimura, Michael_McCool, Tomoaki_Mizushima,
          Daniel_Peintner, Kunihiko_Toumura, Ryuichi_Matsukura,
          Takeshi_Sano, Toru_Kawaguchi, Matthias_Kovatsch

   Regrets

   Chair
          McCool

   Scribe
          Toru

Contents

     * [2]Topics
         1. [3]Agenda
         2. [4]Bundang Plugfest review
         3. [5]Plugfest goals and logistics
         4. [6]Testing plan
         5. [7]AOB
     * [8]Summary of Action Items
     * [9]Summary of Resolutions
     __________________________________________________________

Agenda

   <McCool>
   [10]https://www.w3.org/WoT/IG/wiki/PlugFest_WebConf#Agenda_08.0
   8.2018

     [10] https://www.w3.org/WoT/IG/wiki/PlugFest_WebConf#Agenda_08.08.2018

   <kaz> scribenick: kawaguch

   <kaz> scribe: Toru

   McCool: Agenda
   ... quick update
   ... Review from Bundang Plugfest
   ... Next Plugfest

Bundang Plugfest review

   McCool: Update from Fujitsu?

   <kaz> [11]plugfest reports

     [11] https://github.com/w3c/wot/tree/master/plugfest/2018-bundang

   Matthias: Siemens result

   <kaz> [12]Siemens results

     [12] https://github.com/w3c/wot/blob/master/plugfest/2018-bundang/result-siemens.md

   Matthias: had machine capability issue on directory
   ... Property handling should be splited into three cases
   ... read/write/observe
   ... Node WoT hasn't implemented observe property yet
   ... after two weeks at IETF hackathon some additional products
   were tested

Plugfest goals and logistics

   McCool: Added Online and Lyon to GitHub repo

   [13]https://github.com/w3c/wot/tree/master/plugfest

     [13] https://github.com/w3c/wot/tree/master/plugfest

   Matthias: Will provide initial preparation template

   McCool: Online plugfest at late September
   ... Work 4 weeks to identify what to test
   ... One thing is security schemes
   ... New protocol binding features
   ... including actions and event descriptions
   ... event splitting into input and output data
   ... Logistics
   ... Next week is vacation in Japan
   ... Want to create VPN and Virtual NAT
   ... to simulate what we do locally
   ... Will provide OAuth server
   ... Other thing?

   Matthias: WebEx coordinate
   ... Or alternative video stream such as Hangout

   McCool: For safety will have both

   Matthias: Hangout has good quality
   ... but maybe has some restriction on number of participants

   McCool: What will Panasonic provide?

   Kawaguchi: Online simulator as already provided

   McCool: add documentation under online plugfest
   ... Thing directory services and proxy services on cloud will
   be provided
   ... For cloud version of thing directory I will use
   authentication
   ... under documentation there will also be preparation template
   ... and result template
   ... Another section is validation and testing
   ... We will have TD validation tool and network testing tool
   ... Also security validation

   Kaz: Under Goals section there should be also scenario

   McCool: add Scripting API to Validation

   Matthias: Also semantic validation in TD

   McCool: Let's continue discussion. Please make PR

Testing plan

   <McCool>
   [14]https://github.com/w3c/wot/blob/master/testing/plan.md

     [14] https://github.com/w3c/wot/blob/master/testing/plan.md

   McCool: Please read and comment
   ... TD testing template is under preparation
   ... Scripting and Binding are currently broken
   ... 5 steps for TD validation
   ... 1. JSON file
   ... 2. JSON Schema
   ... 3. Semantic checking
   ... 4. Validation against OWL
   ... 5. Special case test
   ... One addition to network interface testing is Fuzz testing
   ... Generates random garbage input
   ... such as thousand-nested JSON file
   ... partly robustness, partly security testing

   <kaz> [15]Scapy

     [15] https://scapy.net/

   McCool: Tools can be found, but Ege's tools may be also
   extended
   ... Security testing
   ... added new description about positive and negative testing
   ... negative testing is to check vulnerability
   ... also added descriptions per protocols
   ... such as HTTP, CoAP, MQTT
   ... For CoAP small set of schemes will be tested
   ... For MQTT there is no standard
   ... session resumptions
   ... not all brokers support all versions
   ... need to identify typical use
   ... some parameters might be indicated by protocol binding
   ... Any input to DTLS or MQTT testing?

   <inserted> Kaz: we should ask people to try those security
   approaches (DTLS, MQTTS, CoAPS, etc.)

   McCool: At next plugfest everybody should implement security
   ... Will try to make MQTTs broker running

   <McCool> [16]https://tools.ietf.org/html/rfc7252#section-9.1

     [16] https://tools.ietf.org/html/rfc7252#section-9.1

   McCool: Section about security in CoAP
   ... DTLS is recommended
   ... There's a pre-shared key
   ... Also raw public key
   ... Also keys and cert mode
   ... One issue is cipher suite
   ... Need to check newest version

AOB

   <Zakim> kaz, you wanted to ask about result-intel.md (sorry
   just noticed)

   Kaz: result-intel.md?

   McCool: will update eventually

   <kaz> [adjourned]

Summary of Action Items

Summary of Resolutions

   [End of minutes]
     __________________________________________________________


    Minutes formatted by David Booth's [17]scribe.perl version
    1.152 ([18]CVS log)
    $Date: 2018/08/09 16:31:23 $

     [17] http://dev.w3.org/cvsweb/~checkout~/2002/scribe/scribedoc.htm
     [18] http://dev.w3.org/cvsweb/2002/scribe/

Received on Thursday, 9 August 2018 16:36:56 UTC