[wot-security][DRAFT] minutes - 9 November 2020

available at:
  https://www.w3.org/2020/11/09-wot-sec-minutes.html

also as text below.

Thanks a lot for taking the minutes, Oliver!

Kazuyuki

---
   [1]W3C

      [1] http://www.w3.org/

                               - DRAFT -

                              WoT Security

09 Nov 2020

Attendees

   Present
          Kaz_Ashimura, Michael_McCool, Elena_Reshetova,
          Jack_Dickinson, Oliver_Pfaff, Tomoaki_Mizushima,
          Zoltan_Kis

   Regrets
          Cristiano_Aguzzi

   Chair
          McCool

   Scribe
          Oliver

Contents

     * [2]Topics
     * [3]Summary of Action Items
     * [4]Summary of Resolutions
     __________________________________________________________

   <scribe> Scribe: Oliver

   <kaz> [5]Sep-21

      [5] https://www.w3.org/2020/09/21-wot-sec-minutes.html

   <kaz> [6]vTPAC

      [6] https://www.w3.org/2020/10/05-22-wot-minutes.html

   Last meeting was Sept. 21, 2020

   Today about reviewing what happened in the meanwhile and plan
   next steps

   McCool: (continue to) coordinate with IRTF T2TRG
   ... some WoT Security document cleanups needed including but
   not limited to life-cycle

   <McCool>
   [7]https://www.w3.org/2020/10/05-22-wot-minutes.html#item06

      [7] https://www.w3.org/2020/10/05-22-wot-minutes.html#item06

   No objection for publishing WoT Security meeting minutes for
   Sept. 21, 2020 => get published

   <McCool>
   [8]https://github.com/w3c/wot/blob/master/PRESENTATIONS/2020-10
   -online-f2f/2020-10-22-WoT-F2F-Security-McCool.pdf

      [8] https://github.com/w3c/wot/blob/master/PRESENTATIONS/2020-10-online-f2f/2020-10-22-WoT-F2F-Security-McCool.pdf

   Review of TPAC esp. the WoT Security slides for TPAC

   WoT Security status presentation was delivered at TPAC by M.
   McCool and recap'ed during this call

   Discussion on whether 'order' is meaningful in combo schemes
   and should be elaborated more

   Issue shall be created to care about whether (and how) or not
   to make 'order' meaningful in combo security schemes

   <McCool> [9]https://github.com/w3c/wot-security/issues/193

      [9] https://github.com/w3c/wot-security/issues/193

   OAuth presentation was delivered at TPAC by C. Aguzzi and
   recap'ed during this call

   Modulo Client Grant Type/Flow most OAuth flows are not
   well-suited for WoT. This should be explicitly addressed in
   guidance info

   Issue #194 created for creating such guidance

   Composition is a concern: API dedicated to application resp.
   security functionality. Which mixture? Which relationship? What
   for which usage? What to call/enforce when?...

   <McCool> proposal: accept the Security sections (Overview and
   OAuth2) sections of the TPAC 2020 minutes as revised and
   reviewed.

   No objections against publishing the WoT Security-specific
   portion of the TPAC meeting notes => get published

   RESOLUTION: accept the Security sections (Overview and OAuth2)
   sections of the TPAC 2020 minutes as revised and reviewed.

   Manifest of next step items collected and captured in the call
   meetings

   <McCool> [10]https://github.com/w3c/wot-security/issues/195

     [10] https://github.com/w3c/wot-security/issues/195

   Dec 7 will probably be the last WoT Security call this year

   Meeting closed

Summary of Action Items

Summary of Resolutions

    1. [11]accept the Security sections (Overview and OAuth2)
       sections of the TPAC 2020 minutes as revised and reviewed.

   [End of minutes]
     __________________________________________________________


    Minutes manually created (not a transcript), formatted by
    David Booth's [12]scribe.perl version ([13]CVS log)
    $Date: 2020/11/16 08:14:20 $

     [12] http://dev.w3.org/cvsweb/~checkout~/2002/scribe/scribedoc.htm
     [13] http://dev.w3.org/cvsweb/2002/scribe/

Received on Monday, 16 November 2020 08:30:03 UTC