[wot-security] additional security repos (was Re: [wot-ig/wg] minutes - 19 December 2018)

Based on my action item from the Dec 19 main call, I've created
the following two additional security-related GH repos:

Security Best Practice: https://github.com/w3c/wot-security-best-practices
Security Test Plan: https://github.com/w3c/wot-security-testing-plan

Thanks,

Kazuyuki


On Thu, Dec 20, 2018 at 12:25 PM Kazuyuki Ashimura <ashimura@w3.org> wrote:
>
> available at:
>   https://www.w3.org/2018/12/19-wot-minutes.html
>
> also as text below.
>
> Thanks a lot for taking these minutes, Kawaguchi-san!
>
> Kazuyuki
>
> ---
>
>    [1]W3C
>
>       [1] http://www.w3.org/
>
>                                - DRAFT -
>
>                                WoT-IG/WG
>
> 19 Dec 2018
>
>    [2]Agenda
>
>       [2] https://www.w3.org/WoT/IG/wiki/Main_WoT_WebConf#19_Dec_2018
>
> Attendees
>
>    Present
>           Kaz_Ashimura, Michael_McCool, Daniel_Peintner,
>           Ege_Korkan, Michael_Lagally, Tomoaki_Mizushima,
>           Toru_Kawaguchi, Michael_Koster, Kunihiko_Toumura,
>           Tetsushi_Matsuda, Sebastian_Kaebisch, Ryuichi_Matsukura,
>           Taki_Kamiya
>
>    Regrets
>
>    Chair
>           McCool
>
>    Scribe
>           kawaguch
>
> Contents
>
>      * [3]Topics
>          1. [4]Quick updates
>          2. [5]TestFest
>          3. [6]IG draft charter
>          4. [7]WoT Workshop
>          5. [8]F2F logistic
>          6. [9]WoT Architecture Draft
>          7. [10]New Documents
>          8. [11]Schedule
>          9. [12]First Meeting in 2019
>         10. [13]TestFest results (revisited)
>      * [14]Summary of Action Items
>      * [15]Summary of Resolutions
>      __________________________________________________________
>
>    <McCool>
>    [16]https://www.w3.org/WoT/IG/wiki/Main_WoT_WebConf#19_Dec_2018
>
>      [16] https://www.w3.org/WoT/IG/wiki/Main_WoT_WebConf#19_Dec_2018
>
>    <kaz> scribenick: kawaguch
>
> Quick updates
>
>    McCool: OpenFog has merged with IIC
>
> TestFest
>
>    <kaz> [17]current report
>
>      [17] https://cdn.staticaly.com/gh/mmccool/wot-thing-description/updated-test-results/testing/report.html
>
>    McCool: Updated some results
>    ... summray is in good shape
>    ... missing part is mostly for events and security
>    ... and some for data model
>    ... Will wait for update until Friday
>
>    Koster: Will give updates
>
>    Daniel: Will take look at Node-WoT
>    ... but not see much progress before Xmas
>
>    McCool: Biggest gap is security so expect update from Node-WoT
>
>    Daniel: ... Let's discuss after new year
>    ... Intel updated TDs aligning to newest spec and added
>    metadatas
>
>    <Zakim> kaz, you wanted to ask Daniel if he knows the
>    implementation results from Siemens
>
>    Kaz: Is there Siemens result?
>
>    Ege: The word 'implemented' was unclear internally
>
>    McCool: Implementation criteria was not linked from readme
>
> IG draft charter
>
>    McCool: merged Lagally's PR but we got a last-minute comment
>    and still need some more time to finalize the draft Charter
>    ... Kaz talked with Philippe and would like to extend the
>    current Charter period by 3 months
>    ... W3M will discuss that today
>
>    Kaz: if we can get 3-month extension, we need to wrap up the
>    draft charter by the end of January
>
>    McCool: It's still on the table but not a burning issue this
>    moment
>
> WoT Workshop
>
>    Sebastian: Still waiting W3C for authorize
>    ... The date is end of May
>
>    <McCool> May 27-29 (I think)
>
>    <kaz> [18]Sebastian's issue on workshop
>
>      [18] https://github.com/w3c/wot/issues/605
>
>    Sebastian: Two days for Web of Things workshop and one open day
>    ... time for sending demonstrator for Web of Things
>    ... also inviting other expert such as OPC-UA, press media
>    ... we can show how successful Web of Things be
>    ... with demonstration and social event
>    ... With papers submitted and reviewed by program committee
>    ... Outcome of workshop will be discussion for new charter for
>    next WG
>    ... We are trying to set up web page for this workshop
>    ... It will be at Munich from 27th to 29th May
>
>    Lagally: Call for paper until end of March
>    ... One more goal is to attract more people joining to IG
>
>    McCool: we are working for CfP document through the workshop
>    mailing list
>    ... Siemens is willing to support us for location covering 150
>    people
>    ... This is not an academy-focused workshop and expects input
>    from industry
>
> F2F logistic
>
>    McCool: the date is confirmed
>
>    <kaz>
>    [19]https://www.w3.org/WoT/IG/wiki/F2F_meeting,_28_January-2_Fe
>    bruary_2019,_Princeton,_NJ,_USA
>
>      [19] https://www.w3.org/WoT/IG/wiki/F2F_meeting,_28_January-2_February_2019,_Princeton,_NJ,_USA
>
>    McCool: 28th Jan to 2nd Feb
>
>    Sebastian: Location is secured
>    ... Siemens office
>    ... Two days for TestFest instead of Plugfest
>
>    McCool: Feel free to add ideas for plenary
>
>    Lagally: We need ESTA for travel to US
>
>    <kaz> [20]https://esta.cbp.dhs.gov/esta/
>
>      [20] https://esta.cbp.dhs.gov/esta/
>
>    Sebastian: Also Ege needs an invitation letter
>
>    Kaz: I've been working with the W3C/MIT Team for that purpose,
>    and am asking them to provide an invitation letter
>
> WoT Architecture Draft
>
>    McCool: How can we reboot and what resource is needed.
>
>    Kaz: Matsukura-san would like to make some smaller draft for
>    update
>
>    McCool: We need to deal with this before January meeting
>    ... I will ask editors to present plan to complete by January
>    meeting
>
>    Lagally: I would like to participant, so any regular call?
>
>    McCool: Good point. Let's make a doodle pole, Kaz
>
>    Kaz: Will do
>
>    <kaz> ACTION: kaz to generate a doodle poll for the expected
>    wot architecture calls
>
>    <trackbot> Created ACTION-150 - Generate a doodle poll for the
>    expected wot architecture calls [on Kazuyuki Ashimura - due
>    2018-12-26].
>
>    Lagally: Would like to know how PRs are handled
>
>    Kaz: I think Matsukura-san will present a draft at at the
>    Januray 9th call
>
>    Matsukura: yeah
>
>    <mlagally__> Lagally: can we please make sure my PR gets merged
>    into the Architecture draft before restructuring to make sure
>    the work is not lost
>
> New Documents
>
>    McCool: We will create two W3C notes
>    ... related to security
>    ... Testing Plan and Best Practices
>    ... Two github repo is to be prepared
>    ... wot-security-best-practices and wot-security-testing-plan
>
>    Lagally: too many documents
>
>    McCool: Will be short documents
>    ... Bunch of small documents would be easier
>    ... If we put it in a big document need to update more
>    frequently
>
>    Kaz: I agree McCool from W3C point of view
>
>    RESOLUTION: Will make two group notes and create two GitHub
>    repos
>
>    <kaz> ACTION: kaz to create the expected 2 GH repos for 2
>    security documents (wot-security-best-practices,
>    wot-security-testing-plan)
>
>    <trackbot> Created ACTION-151 - Create the expected 2 gh repos
>    for 2 security documents (wot-security-best-practices,
>    wot-security-testing-plan) [on Kazuyuki Ashimura - due
>    2018-12-26].
>
> Schedule
>
>    McCool: End of Jan we have F2F meeting and wrapping up by the
>    end of February
>
>    Sebastian: By the end of this week plan to have in a good shape
>    for TD documents
>    ... Semantic transformation is not in TD but other in document
>    ... Providing examples for features by the end of this week
>    ... Features is covered except for 'read all properties'
>    ... Internally plan to update Node-WoT from beginning of
>    january
>
>    McCool: We should not have major changes after the middle of
>    January
>    ... because we have a TestFest at the end of January
>
>    Daniel: One more issue is URI parameters
>
>    Sebastian: It's already in TD from Lyon
>
>    Daniel: Will check for the issue
>
>    <kaz> s/WIll check/Some discussion during the Scripting calls.
>    Some discussion during the Scripting calls. Will check/
>
>    McCool: Make a decision at face to face for features marked at
>    risk
>    ... Consensus is not to push scripting api as rec track
>
>    Koster: Scripting API exists and implemented in Node-WoT
>
>    McCool: Will focus on TD first and Scripting API can be
>    followed
>    ... Security and Privacy also can be followed after TD
>
> First Meeting in 2019
>
>    McCool: First meeting will be on January 7th
>
>    Taki: I can host TD meeting on January 4th
>    ... Will ask members for participation by e-mail
>
> TestFest results (revisited)
>
>    <Zakim> kaz, you wanted to ask Sebastian to work with Daniel,
>    etc., to provide implementation reports
>
>    Kaz: Sebastian, please provide TestFest result CSV files
>
>    McCool: We still have some missing assertions such as how
>    security schemes are handled
>    ... bunch of gaps from TD spec
>    ... Issue is document stracture
>    ... Will think about for fix
>    ... Schemes reuses labels
>    ... They will show up in table but does not show up in
>    assertions
>    ... Will make PRs over the break
>
>    Kaz: Any update for tooling?
>
>    McCool: There is AJV validator
>    ... There is some issues and talking with programmer
>    ... For automatic validation there is no update
>    ... For now manual validation would be Ok
>    ... Will close the meeting
>
>    <kaz> [adjourned]
>
> Summary of Action Items
>
>    [NEW] ACTION: kaz to create the expected 2 GH repos for 2
>    security documents (wot-security-best-practices,
>    wot-security-testing-plan)
>    [NEW] ACTION: kaz to generate a doodle poll for the expected
>    wot architecture calls
>
> Summary of Resolutions
>
>     1. [21]Will make two group notes and create two GitHub repos
>
>    [End of minutes]
>      __________________________________________________________
>
>
>     Minutes manually created (not a transcript), formatted by
>     David Booth's [22]scribe.perl version 1.154 ([23]CVS log)
>     $Date: 2018/12/20 03:15:52 $
>
>      [22] http://dev.w3.org/cvsweb/~checkout~/2002/scribe/scribedoc.htm
>      [23] http://dev.w3.org/cvsweb/2002/scribe/

Received on Monday, 7 January 2019 14:48:44 UTC