W3C home > Mailing lists > Public > public-wot-wg@w3.org > January 2018

[PlugFest] minutes - 31 January 2018

From: Kazuyuki Ashimura <ashimura@w3.org>
Date: Thu, 1 Feb 2018 04:06:07 +0900
Message-ID: <CAJ8iq9UP8_K8jFjO2uHMiq50UnKogk+awJz_PRfO-mL0GSr8Pw@mail.gmail.com>
To: Public Web of Things IG <public-wot-ig@w3.org>, public-wot-wg@w3.org
available at:
  https://www.w3.org/2018/01/31-wot-pf-minutes.html

also as text below.

Thanks,

Kazuyuki

---

   [1]W3C

      [1] http://www.w3.org/

                               - DRAFT -

                              WoT PlugFest

31 Jan 2018

Attendees

   Present
          Kaz_Ashimura, Matthias_Kovatsch, Michael_McCool,
          Zoltan_Kis, Kunihiko_Toumura, Ryuichi_Matsukura,
          Michael_Lagally, Michael_Koster, Toru_Kawaguchi

   Regrets

   Chair
          koster, matsukura

   Scribe
          kaz

Contents

     * [2]Topics
         1. [3]Interface description between proxy and app/device
            servients
         2. [4]Koster's updated slides
         3. [5]McCool's security template
         4. [6]How to manage documents
     * [7]Summary of Action Items
     * [8]Summary of Resolutions
     __________________________________________________________

   <McCool>
   [9]https://github.com/w3c/wot/blob/master/plugfest/2018-prague/
   docs/Web%20of%20Things%20Security%20and%20Privacy%20Template.pp
   tx

      [9] https://github.com/w3c/wot/blob/master/plugfest/2018-prague/docs/Web
of Things Security and Privacy Template.pptx

   <McCool> security template--- for the agenda

Interface description between proxy and app/device servients

   kaz: while waiting for Koster, I have something
   ... we should clarify who will implement which servients for
   Prague
   ... for that purpose, we might want to reuse Fujitsu's proxy
   servient for Prague
   ... and people should clarify the interface between Futjit's
   proxy and each application/device servient

   matsukura: sounds good

   kaz: thought you wanted to do that for Burlingame
   ... but maybe we could try that for Prague

   <mjkoster> sorry, having trouble connecting with webex

   kaz: Matsukura-san, maybe you could extend your document
   (Burlingame one and/or Prague one) for interface descriptions

   <ryuichi>
   [10]https://github.com/w3c/wot/blob/master/plugfest/2018-prague
   /preparation.md

     [10] https://github.com/w3c/wot/blob/master/plugfest/2018-prague/preparation.md

   kaz: koster, you generated updated slides?

   koster: yes, to clarify our goals
   ... we have many goals
   ... what we want is having a common ground
   ... e.g., for discovery

   (Koster joins)

Koster's updated slides

   <mjkoster>
   [11]https://github.com/mjkoster/wot-protocol-binding/blob/maste
   r/plugfest-prague.pdf

     [11] https://github.com/mjkoster/wot-protocol-binding/blob/master/plugfest-prague.pdf

   koster: (goes through his updated slides)
   ... [Thing Directory]
   ... registration lifecycle management
   ... what TDs will you register as a server
   ... what client discovery methods will you use?
   ... [Semantic Annotation]
   ... some portion here
   ... what thing types and capabilities will be exposed by your
   servers
   ... what interactions and data types will be exposed for each
   capability
   ... applications/clients/servers
   ... put it into the questionnaire
   ... we should bring some kind of client
   ... what application does your client host
   ... [Protocol Binding]
   ... we have CoAP, HTTP, ...
   ... how tho deal with event handling
   ... [Proxy]
   ... what protocols does your proxy consume/expose
   ... security protocols
   ... how does your proxy interact with Thing Directories
   ... [Security]
   ... strawman questions
   ... transport security methods, e.g., DTLS
   ... access control features, HTTP basic auth, Kerberos, ACLs?
   ... how to obtain/configure it?
   ... [Accessibility]
   ... accessibility scenario
   ... alternate modes of interaction
   ... next level of issues?
   ... also same slide deck
   ... details about things
   ... questions?
   ... would like your input offline

   <mkovatsc> [12]https://github.com/thingweb/thingweb-directory

     [12] https://github.com/thingweb/thingweb-directory

   koster: we need whole architecture works together

   matthias: Thing Directory online above

   <mkovatsc>
   [13]https://projects.eclipse.org/proposals/eclipse-thingweb

     [13] https://projects.eclipse.org/proposals/eclipse-thingweb

   matthias: not yet Eclipse foundation repository
   ... you can simply use the thingweb repo for Prague

   koster: tx
   ... we're having a wishi workshop
   ... 1 week before our f2f
   ... I'm working on that
   ... would like to start with discovery
   ... want to avoid duplicate
   ... hopefully we can do some complementary work

   kaz: so you want to expand these questions to guidlines?

   koster: yes

   kaz: how to proceed?
   ... actual questionnaire?
   ... wiki or MD?

   koster: can create an MD or wiki
   ... for collaborative work
   ... can make some template with example

   kaz: whichever is fine, wiki or MD
   ... W3C wiki or GitHub wiki :)

   koster: GitHub wiki would be better
   ... we can use pull requests

   kaz: ok

   koster: let's go for that way

   <scribe> ACTION: koster to organize the first shot of
   questionnaire template

   kaz: any other questions?

   (none)

McCool's security template

   [14]security template

     [14] https://github.com/w3c/wot/blob/master/plugfest/2018-prague/docs/Web
of Things Security and Privacy Template.pptx

   mccool: similar to what koster explained
   ... eventually we may merge this with his template
   ... what is in and out our scope
   ... [Goals]
   ... hard to define security recommendation
   ... need to describe concrete scenario
   ... [Agents and Roles]
   ... who is using this
   ... who owns?
   ... who maintains?
   ... [Topology]
   ... what kind of places?
   ... break down into major sections
   ... [Confidentiality and Privacy]
   ... need more use cases
   ... information management
   ... [Integrity]
   ... [Authentication]
   ... how to identify agents
   ... [Authorization]
   ... who has what kind of rights?
   ... identity of things
   ... during the operational lifecycle
   ... authorization may change
   ... you may simply make it static
   ... [Validation]
   ... how would you validate the security
   ... 2 angles
   ... what you build for plugfest
   ... and what would you do for the scenario
   ... useful to document what would you do
   ... questions?
   ... this is available on GitHub

   <McCool>
   [15]https://github.com/w3c/wot/blob/master/plugfest/2018-prague
   /docs/Web%20of%20Things%20Security%20and%20Privacy%20Template.p
   ptx

     [15] https://github.com/w3c/wot/blob/master/plugfest/2018-prague/docs/Web
of Things Security and Privacy Template.pptx

   mccool: we need feedback
   ... discussion continues at the next security call on Monday
   ... would like to have an implementation to cover those points
   ... everybody has to do that

   kaz: do you want to put this on MD to gather opinions?

   mccool: need feedback
   ... markdown is fine
   ... need to think about where the check list should go

   koster: powerpoint should be also acceptable

   <mkovatsc>
   [16]https://www.w3.org/WoT/IG/wiki/F2F_meeting,_24-29_March_201
   8,_Prague,_Czech_Republic#Preparation

     [16] https://www.w3.org/WoT/IG/wiki/F2F_meeting,_24-29_March_2018,_Prague,_Czech_Republic#Preparation

   koster: as additional resources, e.g., diagrams
   ... we can put all the information into one place

   mccool: can convert this to MD and put it under the wot repo
   ... under the wot/plugrest/2018-prague

   koster: maybe under a subdirectory of "checklist"?

   mccool: ok
   ... maybe we can start with README.md

   matthias: directory for multiple checklist?

   mccool: Koster is doing a general checklist
   ... and mine is for security specifically

   matthias: ok
   ... if people has additional points, they may add them

   koster: if people just add lines, there should not be conflicts
   ... I'll create some initial checklist

   kaz: personally prefer having both on one page with 2 sections

   mccool: we can merge them later

   kaz: ok

   mccool: after plugfest we should merge them

   kaz: ok
   ... any other questions?

   matthias: what do we have to do now?
   ... there are so many documents

How to manage documents

   matthias: what documents to read?
   ... need an overview

   <mkovatsc>
   [17]https://www.w3.org/WoT/IG/wiki/F2F_meeting,_24-29_March_201
   8,_Prague,_Czech_Republic#Preparation

     [17] https://www.w3.org/WoT/IG/wiki/F2F_meeting,_24-29_March_2018,_Prague,_Czech_Republic#Preparation

   kaz: that is the starting point on the f2f wiki

   mccool: maybe we can add a link to the checklist to the f2f
   wiki?

   matthias: that's fine

   mccool: (adds a link to the f2f wiki)
   ... and next we need to add actual scenarios to the prep
   document
   ... we can create subdirectories for concrete scenarios

   koster: scenarios and system architecture
   ... also interoperability across different scenarios

   mccool: btw, I see editorial issues with this prep document,
   and would like to go through it

   [adjourned]

Summary of Action Items

   [NEW] ACTION: koster to organize the first shot of
   questionnaire template

Summary of Resolutions

   [End of minutes]
     __________________________________________________________


    Minutes formatted by David Booth's [18]scribe.perl version
    1.152 ([19]CVS log)
    $Date: 2018/01/31 18:57:36 $

     [18] http://dev.w3.org/cvsweb/~checkout~/2002/scribe/scribedoc.htm
     [19] http://dev.w3.org/cvsweb/2002/scribe/
Received on Wednesday, 31 January 2018 19:07:54 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:27:49 UTC