[wot-security] minutes - 3 February 2020

available at:

also as text below.




      [1] http://www.w3.org/

                               - DRAFT -


03 Feb 2020


      [2] https://www.w3.org/WoT/IG/wiki/IG_Security_WebConf#3_Feb_2020


          Kaz_Ashimura, Elena_Reshetova, Micael_McCool,





     * [3]Topics
         1. [4]Prev minutes
         2. [5]Issues and PRs
     * [6]Summary of Action Items
     * [7]Summary of Resolutions

Prev minutes

   <inserted> [8]Jan-27 minutes

      [8] https://www.w3.org/2020/01/27-wot-sec-minutes.html

   McCool: any objections?
   ... only one typo on "clearer"
   ... accept them?

   (no objections)

   McCool: the minutes accepted

Issues and PRs

   [9]Issue 35

      [9] https://github.com/w3c/wot-security/issues/35

   McCool: done for version 1.0
   ... (closed)

   [10]Issue 45

     [10] https://github.com/w3c/wot-security/issues/45

   McCool: we did add references to ISO specs, etc.
   ... may want to re-open a new issue for ver. 2.0
   ... (closed)

   [11]Issue 34

     [11] https://github.com/w3c/wot-security/issues/34

   McCool: still open
   ... need to deal with it after defining suitable "streaming

   [12]Issue 46

     [12] https://github.com/w3c/wot-security/issues/46

   McCool: where is this issue from?
   ... let's look into the fetch spec

   [13]fetch spec

     [13] https://fetch.spec.whatwg.org/

   McCool: (also looks into the WoT Security Guidelines)

   [14]WoT Security and Privacy Guidelines

     [14] https://www.w3.org/TR/2019/NOTE-wot-security-20191106/

   McCool: don't think we've discussed origin things
   ... still a "live" issue
   ... we don't actually reference CORS or Fetch in the Security
   Guidelines document
   ... not clear where to put them

   [15]Issue 51

     [15] https://github.com/w3c/wot-security/issues/51

   McCool: signed TDs
   ... we don't currently specify a signed packaging mechanism for
   ... relates to the issue of discovery
   ... leave this open, and assign to myself and Elena
   ... (adds the "Discovery" label to this issue 51)
   ... (also creates a new issue on "Scripting API for Discovery")

   <inserted> [16]new issue 160

     [16] https://github.com/w3c/wot-security/issues/160

   [17]Issue 52

     [17] https://github.com/w3c/wot-security/issues/52

   McCool: don't think this is a high priority right now
   ... (closed)

   [18]Issue 53

     [18] https://github.com/w3c/wot-security/issues/53

   McCool: feeding into the discovery design

   [19]Issue 54

     [19] https://github.com/w3c/wot-security/issues/54

   McCool: related to issue 148

   [20]Issue 148

     [20] https://github.com/w3c/wot-security/issues/148

   McCool: we need clearer definition of "authentication",
   "Authorization", etc.
   ... would be good to have more specific issues

   [21]Issue 55

     [21] https://github.com/w3c/wot-security/issues/55

   McCool: need to better document the requirements for different
   security schemas
   ... schemas based on standards (OAuth) are pretty clear but the
   more generic ones (PSK) need a little more explanation
   ... marking this as a TD issue as such explanations and
   definitions should probably in the TD spec

   [22]Issue 61

     [22] https://github.com/w3c/wot-security/issues/61

   McCool: relates to discovery
   ... also relates to the definition of "authentication", etc.

   (see also issue 148:

     [23] https://github.com/w3c/wot-security/issues/148

   McCool: let me assign this to myself
   ... for next meeting, we'll concentrate on the rest of page 1


Summary of Action Items

Summary of Resolutions

   [End of minutes]

    Minutes manually created (not a transcript), formatted by
    David Booth's [24]scribe.perl version 1.154 ([25]CVS log)
    $Date: 2020/02/10 13:12:08 $

     [24] http://dev.w3.org/cvsweb/~checkout~/2002/scribe/scribedoc.htm
     [25] http://dev.w3.org/cvsweb/2002/scribe/

Received on Tuesday, 11 February 2020 08:31:27 UTC