[wot-discovery][DRAFT] minutes - 14 September 2020

available at:
  https://www.w3.org/2020/09/14-wot-discovery-minutes.html

also as text below.

Thanks a lot for taking the minutes, Cristiano!

Kazuyuki

---
   [1]W3C

      [1] http://www.w3.org/

                               - DRAFT -

                             WoT Discovery

14 Sep 2020

Attendees

   Present
          Kaz_Ashimura, Michael_McCool, Andrea_Cimmino,
          Cristiano_Aguzzi, Farshid_Tavakolizadeh,
          Kunihiko_Toumura, Tomoaki_Mizushima, Michael_Koster

   Regrets
          Christian_Glomb

   Chair
          McCool

   Scribe
          cris

Contents

     * [2]Topics
         1. [3]Previous minutes
         2. [4]TPAC planning
         3. [5]Directory security requirements
         4. [6]Pull Requests
     * [7]Summary of Action Items
     * [8]Summary of Resolutions
     __________________________________________________________

   <kaz> scribenick: cris

   McCool: any other agenda items for today?
   ... ok, let's look at the previous minutes

Previous minutes

   McCool: ok minutes published with a small correction

TPAC planning

   McCool: we did our part. (created issues and label them)
   ... I'm till organizing DID meeting. Sebastian is looking for
   the JSON-LD meeting
   ... any other thoughts for the F2F ?
   ... we have to fill some proposal topics in the agenda
   ... Is there any volunteer able to create a presentation about
   the current status of the spec?

   Farshid: I am actually in vacation so I could not work a lot on
   this

   McCool: is there any other from linksmart organization?
   ... let's leave this open
   ... is 40 minutes enough?

   Farshid: I think we need more

   McCool: let's break it down a little bit
   ... so now in total we have about 2 and half hours
   ... by the way it is a full day

   <kaz> WoT vF2F dates: Oct 5. 7, 20, 21, 22

   McCool: I put Farshid as the session leader

   Andrea: I can help with the semantic section
   ... I can actually do also syntactic

   Cristiano: I can help also

   McCool: Ok I'll add your name at the top level
   ... I think the Introductions section can be just a walktrough
   to each mechanisms.
   ... Lagally made a nice uml sequence diagram that can help in
   the introduction section
   ... we can also put them in the specs
   ... I'll provide them
   ... we just need to focus on the discovery part of architecture
   lifecycle

   <kaz> [9]Lagally's lifecycle diagram 1

      [9] https://github.com/w3c/wot-architecture/blob/master/images/message-flows/lifecycle-1.svg

   <kaz> [10]Lagally's lifecycle diagram 2

     [10] https://github.com/w3c/wot-architecture/blob/master/images/message-flows/lifecycle-2.svg

Directory security requirements

   McCool: what do we need for directory security?
   ... OAuth is an option
   ... we have that in the current specification document
   ... should we bind each TD in a directory to a particular user
   or owner?

   Farshid: I think there is a note in document about this

   McCool: I think that we should not tell to a directory the
   information about the owner.

   Kaz: How can we define end-to-end security for discovery?

   McCool: right, I think we should address this. Is there any
   cases where we need object security for metadata?
   ... we have https, but it can leak information in proxies.
   ... we are discussing about this in the security task force. We
   currently do not have completely addressed how to implement
   this
   ... there is one more thing. kaz, do you know if the new
   decentralized web charter address also local https ?

   Kaz: not sure

   <inserted> [11]proposed Decentralized Web IG Charter

     [11] https://w3c.github.io/charter-drafts/decentralized-charter.html

   Kaz: there might be some standards (FIDO or Web-Auth) but we
   have to look at them in the detail

   McCool: DID might help here; they handle certificates
   differently than https
   ... we probably should add the local interaction as a
   requirement for security in TDD document
   ... about user identities are we ok with using just OAuth?

   Farshid: it is a good start

   McCool: ok let's validate OAuth

Pull Requests

   <inserted> -> github.com/w3c/wot-discovery/pull/61 PR 61

   McCool: ok merge #61 it is pretty straightforward.
   ... How do you define a partial TD?

   Farshid: it is a TD that does not have all the required fields
   of a TD

   <inserted> -> github.com/w3c/wot-discovery/pull/60 PR 60

   McCool: PR #60.
   ... we discussed last time and it seems that Toumura-san
   updated the PR with our feedback
   ... there is also a nice sequence diagram
   ... section 6-1 needs more text
   ... anyway I think it is ok, we can improve it later
   ... merged
   ... I'd add a comment metioning that metadata is not supposed
   to be provided in urls

   <inserted> [12]PR 68

     [12] https://github.com/w3c/wot-discovery/pull/68

   McCool: PR 68 is good, merging

   <inserted> [13]PR 47

     [13] https://github.com/w3c/wot-discovery/pull/47

   Andrea: I followed your feedback in PR 47

   McCool: there are some conflicts now
   ... could you fix them ?
   ... Please Farshid and Cristiano can you review it?
   ... ok we'll merge this the next week

   <kaz> [14]proposed Decentralized Web IG Charter

     [14] https://w3c.github.io/charter-drafts/decentralized-charter.html

   Kaz: one final comment, the DW IG charter is just a template at
   the moment

   McCool: ok thanks everybody for today

   <kaz> [adjourned]

Summary of Action Items

Summary of Resolutions

   [End of minutes]
     __________________________________________________________


    Minutes manually created (not a transcript), formatted by
    David Booth's [15]scribe.perl version ([16]CVS log)
    $Date: 2020/09/21 09:43:19 $

     [15] http://dev.w3.org/cvsweb/~checkout~/2002/scribe/scribedoc.htm
     [16] http://dev.w3.org/cvsweb/2002/scribe/

Received on Monday, 21 September 2020 09:45:24 UTC