- From: Kazuyuki Ashimura <ashimura@w3.org>
- Date: Fri, 10 Aug 2018 01:35:44 +0900
- To: public-wot-wg@w3.org, Public Web of Things IG <public-wot-ig@w3.org>
available at:
https://www.w3.org/2018/08/08-wot-pf-minutes.html
also as text below.
Thanks a lot for taking these minutes, Kawaguchi-san!
Kazuyuki
---
[1]W3C
[1] http://www.w3.org/
- DRAFT -
WoT PlugFest/Testing
08 Aug 2018
Attendees
Present
Kaz_Ashimura, Michael_McCool, Tomoaki_Mizushima,
Daniel_Peintner, Kunihiko_Toumura, Ryuichi_Matsukura,
Takeshi_Sano, Toru_Kawaguchi, Matthias_Kovatsch
Regrets
Chair
McCool
Scribe
Toru
Contents
* [2]Topics
1. [3]Agenda
2. [4]Bundang Plugfest review
3. [5]Plugfest goals and logistics
4. [6]Testing plan
5. [7]AOB
* [8]Summary of Action Items
* [9]Summary of Resolutions
__________________________________________________________
Agenda
<McCool>
[10]https://www.w3.org/WoT/IG/wiki/PlugFest_WebConf#Agenda_08.0
8.2018
[10] https://www.w3.org/WoT/IG/wiki/PlugFest_WebConf#Agenda_08.08.2018
<kaz> scribenick: kawaguch
<kaz> scribe: Toru
McCool: Agenda
... quick update
... Review from Bundang Plugfest
... Next Plugfest
Bundang Plugfest review
McCool: Update from Fujitsu?
<kaz> [11]plugfest reports
[11] https://github.com/w3c/wot/tree/master/plugfest/2018-bundang
Matthias: Siemens result
<kaz> [12]Siemens results
[12] https://github.com/w3c/wot/blob/master/plugfest/2018-bundang/result-siemens.md
Matthias: had machine capability issue on directory
... Property handling should be splited into three cases
... read/write/observe
... Node WoT hasn't implemented observe property yet
... after two weeks at IETF hackathon some additional products
were tested
Plugfest goals and logistics
McCool: Added Online and Lyon to GitHub repo
[13]https://github.com/w3c/wot/tree/master/plugfest
[13] https://github.com/w3c/wot/tree/master/plugfest
Matthias: Will provide initial preparation template
McCool: Online plugfest at late September
... Work 4 weeks to identify what to test
... One thing is security schemes
... New protocol binding features
... including actions and event descriptions
... event splitting into input and output data
... Logistics
... Next week is vacation in Japan
... Want to create VPN and Virtual NAT
... to simulate what we do locally
... Will provide OAuth server
... Other thing?
Matthias: WebEx coordinate
... Or alternative video stream such as Hangout
McCool: For safety will have both
Matthias: Hangout has good quality
... but maybe has some restriction on number of participants
McCool: What will Panasonic provide?
Kawaguchi: Online simulator as already provided
McCool: add documentation under online plugfest
... Thing directory services and proxy services on cloud will
be provided
... For cloud version of thing directory I will use
authentication
... under documentation there will also be preparation template
... and result template
... Another section is validation and testing
... We will have TD validation tool and network testing tool
... Also security validation
Kaz: Under Goals section there should be also scenario
McCool: add Scripting API to Validation
Matthias: Also semantic validation in TD
McCool: Let's continue discussion. Please make PR
Testing plan
<McCool>
[14]https://github.com/w3c/wot/blob/master/testing/plan.md
[14] https://github.com/w3c/wot/blob/master/testing/plan.md
McCool: Please read and comment
... TD testing template is under preparation
... Scripting and Binding are currently broken
... 5 steps for TD validation
... 1. JSON file
... 2. JSON Schema
... 3. Semantic checking
... 4. Validation against OWL
... 5. Special case test
... One addition to network interface testing is Fuzz testing
... Generates random garbage input
... such as thousand-nested JSON file
... partly robustness, partly security testing
<kaz> [15]Scapy
[15] https://scapy.net/
McCool: Tools can be found, but Ege's tools may be also
extended
... Security testing
... added new description about positive and negative testing
... negative testing is to check vulnerability
... also added descriptions per protocols
... such as HTTP, CoAP, MQTT
... For CoAP small set of schemes will be tested
... For MQTT there is no standard
... session resumptions
... not all brokers support all versions
... need to identify typical use
... some parameters might be indicated by protocol binding
... Any input to DTLS or MQTT testing?
<inserted> Kaz: we should ask people to try those security
approaches (DTLS, MQTTS, CoAPS, etc.)
McCool: At next plugfest everybody should implement security
... Will try to make MQTTs broker running
<McCool> [16]https://tools.ietf.org/html/rfc7252#section-9.1
[16] https://tools.ietf.org/html/rfc7252#section-9.1
McCool: Section about security in CoAP
... DTLS is recommended
... There's a pre-shared key
... Also raw public key
... Also keys and cert mode
... One issue is cipher suite
... Need to check newest version
AOB
<Zakim> kaz, you wanted to ask about result-intel.md (sorry
just noticed)
Kaz: result-intel.md?
McCool: will update eventually
<kaz> [adjourned]
Summary of Action Items
Summary of Resolutions
[End of minutes]
__________________________________________________________
Minutes formatted by David Booth's [17]scribe.perl version
1.152 ([18]CVS log)
$Date: 2018/08/09 16:31:23 $
[17] http://dev.w3.org/cvsweb/~checkout~/2002/scribe/scribedoc.htm
[18] http://dev.w3.org/cvsweb/2002/scribe/
Received on Thursday, 9 August 2018 16:36:56 UTC