W3C home > Mailing lists > Public > public-wot-wg@w3.org > February 2020

[wot-security] minutes - 3 February 2020

From: Kazuyuki Ashimura <ashimura@w3.org>
Date: Tue, 11 Feb 2020 17:31:19 +0900
Message-ID: <87y2t9ttig.wl-ashimura@w3.org>
To: public-wot-ig@w3.org, public-wot-wg@w3.org
available at:
  https://www.w3.org/2020/02/03-wot-sec-minutes.html

also as text below.

Thanks,

Kazuyuki

---
   [1]W3C

      [1] http://www.w3.org/

                               - DRAFT -

                              WoT-Security

03 Feb 2020

   [2]Agenda

      [2] https://www.w3.org/WoT/IG/wiki/IG_Security_WebConf#3_Feb_2020

Attendees

   Present
          Kaz_Ashimura, Elena_Reshetova, Micael_McCool,
          Tomoaki_Mizushima

   Regrets

   Chair
          McCool

   Scribe
          kaz

Contents

     * [3]Topics
         1. [4]Prev minutes
         2. [5]Issues and PRs
     * [6]Summary of Action Items
     * [7]Summary of Resolutions
     __________________________________________________________

Prev minutes

   <inserted> [8]Jan-27 minutes

      [8] https://www.w3.org/2020/01/27-wot-sec-minutes.html

   McCool: any objections?
   ... only one typo on "clearer"
   ... accept them?

   (no objections)

   McCool: the minutes accepted

Issues and PRs

   [9]Issue 35

      [9] https://github.com/w3c/wot-security/issues/35

   McCool: done for version 1.0
   ... (closed)

   [10]Issue 45

     [10] https://github.com/w3c/wot-security/issues/45

   McCool: we did add references to ISO specs, etc.
   ... may want to re-open a new issue for ver. 2.0
   ... (closed)

   [11]Issue 34

     [11] https://github.com/w3c/wot-security/issues/34

   McCool: still open
   ... need to deal with it after defining suitable "streaming
   data"

   [12]Issue 46

     [12] https://github.com/w3c/wot-security/issues/46

   McCool: where is this issue from?
   ... let's look into the fetch spec

   [13]fetch spec

     [13] https://fetch.spec.whatwg.org/

   McCool: (also looks into the WoT Security Guidelines)

   [14]WoT Security and Privacy Guidelines

     [14] https://www.w3.org/TR/2019/NOTE-wot-security-20191106/

   McCool: don't think we've discussed origin things
   ... still a "live" issue
   ... we don't actually reference CORS or Fetch in the Security
   Guidelines document
   ... not clear where to put them

   [15]Issue 51

     [15] https://github.com/w3c/wot-security/issues/51

   McCool: signed TDs
   ... we don't currently specify a signed packaging mechanism for
   TDs
   ... relates to the issue of discovery
   ... leave this open, and assign to myself and Elena
   ... (adds the "Discovery" label to this issue 51)
   ... (also creates a new issue on "Scripting API for Discovery")

   <inserted> [16]new issue 160

     [16] https://github.com/w3c/wot-security/issues/160

   [17]Issue 52

     [17] https://github.com/w3c/wot-security/issues/52

   McCool: don't think this is a high priority right now
   ... (closed)

   [18]Issue 53

     [18] https://github.com/w3c/wot-security/issues/53

   McCool: feeding into the discovery design

   [19]Issue 54

     [19] https://github.com/w3c/wot-security/issues/54

   McCool: related to issue 148

   [20]Issue 148

     [20] https://github.com/w3c/wot-security/issues/148

   McCool: we need clearer definition of "authentication",
   "Authorization", etc.
   ... would be good to have more specific issues

   [21]Issue 55

     [21] https://github.com/w3c/wot-security/issues/55

   McCool: need to better document the requirements for different
   security schemas
   ... schemas based on standards (OAuth) are pretty clear but the
   more generic ones (PSK) need a little more explanation
   ... marking this as a TD issue as such explanations and
   definitions should probably in the TD spec

   [22]Issue 61

     [22] https://github.com/w3c/wot-security/issues/61

   McCool: relates to discovery
   ... also relates to the definition of "authentication", etc.

   (see also issue 148:
   [23]https://github.com/w3c/wot-security/issues/148)

     [23] https://github.com/w3c/wot-security/issues/148

   McCool: let me assign this to myself
   ... for next meeting, we'll concentrate on the rest of page 1
   issues

   [adjourned]

Summary of Action Items

Summary of Resolutions

   [End of minutes]
     __________________________________________________________


    Minutes manually created (not a transcript), formatted by
    David Booth's [24]scribe.perl version 1.154 ([25]CVS log)
    $Date: 2020/02/10 13:12:08 $

     [24] http://dev.w3.org/cvsweb/~checkout~/2002/scribe/scribedoc.htm
     [25] http://dev.w3.org/cvsweb/2002/scribe/
Received on Tuesday, 11 February 2020 08:31:27 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 11 February 2020 08:31:27 UTC