- From: Kazuyuki Ashimura <ashimura@w3.org>
- Date: Tue, 11 Feb 2020 17:31:19 +0900
- To: public-wot-ig@w3.org, public-wot-wg@w3.org
available at:
https://www.w3.org/2020/02/03-wot-sec-minutes.html
also as text below.
Thanks,
Kazuyuki
---
[1]W3C
[1] http://www.w3.org/
- DRAFT -
WoT-Security
03 Feb 2020
[2]Agenda
[2] https://www.w3.org/WoT/IG/wiki/IG_Security_WebConf#3_Feb_2020
Attendees
Present
Kaz_Ashimura, Elena_Reshetova, Micael_McCool,
Tomoaki_Mizushima
Regrets
Chair
McCool
Scribe
kaz
Contents
* [3]Topics
1. [4]Prev minutes
2. [5]Issues and PRs
* [6]Summary of Action Items
* [7]Summary of Resolutions
__________________________________________________________
Prev minutes
<inserted> [8]Jan-27 minutes
[8] https://www.w3.org/2020/01/27-wot-sec-minutes.html
McCool: any objections?
... only one typo on "clearer"
... accept them?
(no objections)
McCool: the minutes accepted
Issues and PRs
[9]Issue 35
[9] https://github.com/w3c/wot-security/issues/35
McCool: done for version 1.0
... (closed)
[10]Issue 45
[10] https://github.com/w3c/wot-security/issues/45
McCool: we did add references to ISO specs, etc.
... may want to re-open a new issue for ver. 2.0
... (closed)
[11]Issue 34
[11] https://github.com/w3c/wot-security/issues/34
McCool: still open
... need to deal with it after defining suitable "streaming
data"
[12]Issue 46
[12] https://github.com/w3c/wot-security/issues/46
McCool: where is this issue from?
... let's look into the fetch spec
[13]fetch spec
[13] https://fetch.spec.whatwg.org/
McCool: (also looks into the WoT Security Guidelines)
[14]WoT Security and Privacy Guidelines
[14] https://www.w3.org/TR/2019/NOTE-wot-security-20191106/
McCool: don't think we've discussed origin things
... still a "live" issue
... we don't actually reference CORS or Fetch in the Security
Guidelines document
... not clear where to put them
[15]Issue 51
[15] https://github.com/w3c/wot-security/issues/51
McCool: signed TDs
... we don't currently specify a signed packaging mechanism for
TDs
... relates to the issue of discovery
... leave this open, and assign to myself and Elena
... (adds the "Discovery" label to this issue 51)
... (also creates a new issue on "Scripting API for Discovery")
<inserted> [16]new issue 160
[16] https://github.com/w3c/wot-security/issues/160
[17]Issue 52
[17] https://github.com/w3c/wot-security/issues/52
McCool: don't think this is a high priority right now
... (closed)
[18]Issue 53
[18] https://github.com/w3c/wot-security/issues/53
McCool: feeding into the discovery design
[19]Issue 54
[19] https://github.com/w3c/wot-security/issues/54
McCool: related to issue 148
[20]Issue 148
[20] https://github.com/w3c/wot-security/issues/148
McCool: we need clearer definition of "authentication",
"Authorization", etc.
... would be good to have more specific issues
[21]Issue 55
[21] https://github.com/w3c/wot-security/issues/55
McCool: need to better document the requirements for different
security schemas
... schemas based on standards (OAuth) are pretty clear but the
more generic ones (PSK) need a little more explanation
... marking this as a TD issue as such explanations and
definitions should probably in the TD spec
[22]Issue 61
[22] https://github.com/w3c/wot-security/issues/61
McCool: relates to discovery
... also relates to the definition of "authentication", etc.
(see also issue 148:
[23]https://github.com/w3c/wot-security/issues/148)
[23] https://github.com/w3c/wot-security/issues/148
McCool: let me assign this to myself
... for next meeting, we'll concentrate on the rest of page 1
issues
[adjourned]
Summary of Action Items
Summary of Resolutions
[End of minutes]
__________________________________________________________
Minutes manually created (not a transcript), formatted by
David Booth's [24]scribe.perl version 1.154 ([25]CVS log)
$Date: 2020/02/10 13:12:08 $
[24] http://dev.w3.org/cvsweb/~checkout~/2002/scribe/scribedoc.htm
[25] http://dev.w3.org/cvsweb/2002/scribe/
Received on Tuesday, 11 February 2020 08:31:27 UTC