- From: Kazuyuki Ashimura <ashimura@w3.org>
- Date: Fri, 31 Jul 2020 19:41:22 +0900
- To: public-wot-wg@w3.org
available at:
https://www.w3.org/2020/07/15-wot-td-minutes.html
also as text below.
Thanks a lot for taking the minutes, Michael Koster!
Kazuyuki
---
[1]W3C
[1] http://www.w3.org/
- DRAFT -
WoT-WG - TD-TF
15 Jul 2020
[2]Agenda
[2] https://www.w3.org/WoT/IG/wiki/WG_WoT_Thing_Description_WebConf#Agenda
Attendees
Present
Kaz_Ashimura, Michael_McCool, Taki_Kamiya,
Michael_Koster, Tomoaki_Mizushima, Daniel_Peintner
Regrets
Chair
Taki
Scribe
Koster
Contents
* [3]Topics
1. [4]Review minutes from virtual F2F TD session
2. [5]Technical issues
3. [6]Issue #926 - oauth client and device flows
4. [7]Issue 901
5. [8]Issue 922 - how to describe api key in a query
6. [9]Issue 923 - phillips hue security scheme with
URI-key
7. [10]Issue 899 - dynamically created resources
* [11]Summary of Action Items
* [12]Summary of Resolutions
__________________________________________________________
<kaz> scribenick: mjk__
Review minutes from virtual F2F TD session
Taki: any objections to the minutes?
<kaz> [13]vF2F minutes
[13] https://www.w3.org/2020/06/22-26-wot-vf2f-minutes.html
McCool: already decided to publish them in the main call
Taki: last week minutes, any comments or objections?
<kaz> [14]July-10
[14] https://www.w3.org/2020/07/10-wot-td-minutes.html
Taki: minutes from July 10th approved
Technical issues
<kaz> [15]Issue 926
[15] https://github.com/w3c/wot-thing-description/issues/926
Issue #926 - oauth client and device flows
<McCool_>
[16]https://github.com/w3c/wot-usecases/blob/master/USE-CASES/o
auth.md
[16] https://github.com/w3c/wot-usecases/blob/master/USE-CASES/oauth.md
McCool: reviewed the various flows, some deprecated terms
... discussion of specific flow types: code, client, implicit,
password
... there is a device flow to be added in addition to code and
device
... not planning to use implicit or password flows
<kaz> [17]PR 927
[17] https://github.com/w3c/wot-thing-description/pull/927
<kaz> [18]proposed section "5.3.3.8 OAuth2SecurityScheme"
[18] https://pr-preview.s3.amazonaws.com/mmccool/wot-thing-description/pull/927.html#oauth2securityscheme
McCool: also edited the table in the TD editors draft section
5.3.3.8
... added normative assertions to the specification
... users can define additional flows by adding .ttl files,
using password and implicit as examples
<kaz> [19]files changed
[19] https://github.com/w3c/wot-thing-description/pull/927/files
McCool: changed the ontology as well
... updated the official nomenclature for "OAuth 2.0"
... should these changes be a maintenance release or queued up
for 2.0
... should not break any existing TD
... no change to the JSON schema file, should be 1.1 compatible
... we can hold for now and discuss more in the security tf
Issue 901
<kaz> [20]Issue 901
[20] https://github.com/w3c/wot-thing-description/issues/901
McCool: need to read this issue and think about it more
Issue 922 - how to describe api key in a query
<inserted> [21]Issue 922
[21] https://github.com/w3c/wot-thing-description/issues/922
McCool: seems to be a testing problem, to elaborate and test
for all the possible cases
... will assign issue to mm
... write 4 different test scripts
Daniel: will look at node-wot to see what is implemented
<dape>
[22]https://github.com/eclipse/thingweb.node-wot/tree/master/pa
ckages/binding-http#feature-matrix
[22] https://github.com/eclipse/thingweb.node-wot/tree/master/packages/binding-http#feature-matrix
<dape> ... apikey for consumer only
McCool: discussion of header vs. query options
... whether to change the default to header, would be a
breaking change
Issue 923 - phillips hue security scheme with URI-key
<inserted> [23]Issue 923
[23] https://github.com/w3c/wot-thing-description/issues/923
McCool: will need to use a URI template and define a new scheme
for apikey
... where do we indicate the name of the template variable,
could use a fixed naming scheme
... will follow up on the issue
Issue 899 - dynamically created resources
<inserted> [24]Issue 899
[24] https://github.com/w3c/wot-thing-description/issues/899
McCool: dynamic TDs are troublesome for directories because of
the cache syncing issues
... personally like the action description
Daniel: dynamic TDs may not be the right pattern for actions,
but dynamic TD may have other use cases for changing resources
... it would be a lower frequency and not as problematic
McCool: there are update cases but only for low rate of
updates, not per millisecond
Daniel: agree
McCool: td signing will make it not a lightweight process
... still favors an action description
... need to use the action description as a template
Koster: still need to do the design and make some examples
... opc-ua has a long-running call called a program
... distinguished from a short running call, which is called a
method
Daniel: there is an opc-ua binding in node-wot contributed by
Cristiano and (Luca Sciullo)
Taki: other topics for today?
Kaz: do we want to wait for 30 minutes for Ege?
McCool: if there are no specific topics, we could adjourn
Taki: will send Ege an email
... adjourned
Summary of Action Items
Summary of Resolutions
[End of minutes]
__________________________________________________________
Minutes manually created (not a transcript), formatted by
David Booth's [25]scribe.perl version ([26]CVS log)
$Date: 2020/07/16 14:06:33 $
[25] http://dev.w3.org/cvsweb/~checkout~/2002/scribe/scribedoc.htm
[26] http://dev.w3.org/cvsweb/2002/scribe/
Received on Friday, 31 July 2020 10:41:26 UTC