W3C home > Mailing lists > Public > public-wot-wg@w3.org > August 2021

[wot-security] minutes - 19 July 2021

From: Kazuyuki Ashimura <ashimura@w3.org>
Date: Mon, 02 Aug 2021 19:49:21 +0900
Message-ID: <87r1fcnmtq.wl-ashimura@w3.org>
To: public-wot-ig@w3.org, public-wot-wg@w3.org
available at:

also as text below.

Thanks a lot for taking the minutes, Philipp!



      [1] https://www.w3.org/

                              WoT Security

19 July 2021

   [2]IRC log.

      [2] https://www.w3.org/2021/07/19-wot-sec-irc


          Kaz_Ashimura, Michael_McCool, Oliver_Pfaff,
          Philipp_Blum, Tomoaki_Mizushima





    1. [3]Minutes review
    2. [4]Best practices document

Meeting minutes

  Minutes review

   <kaz> [5]Jul-12

      [5] https://www.w3.org/2021/07/12-wot-sec-minutes.html

   McCool: Any objections?
   … no objections

  Best practices document

   McCool: Added a couple of PRs to fix up some things. It is a
   work in progress.

   McCool: I suggest we go through the easy ones first.

   [6]PR 17

      [6] https://github.com/w3c/wot-security-best-practices/pull/17

   McCool: Any objections to merge?
   … no objections. merged.

   [7]PR 18

      [7] https://github.com/w3c/wot-security-best-practices/pull/18

   McCool: I commented out the summary. Any objections to merge?
   … no objections. merged.

   [8]PR 19

      [8] https://github.com/w3c/wot-security-best-practices/pull/19

   McCool: We agreed on adding an editors note to the section.
   Oliver wants to work on it.

   McCool: Any objections to merge this?
   … no objections. Merged.

   [9]PR 20

      [9] https://github.com/w3c/wot-security-best-practices/pull/20

   McCool: Isn't ready to merge yet. Some rendering issues.

   McCool: Respec looks for MUST, SHOULD etc. Since this isn't a
   formative document, I have to rewrite it.

   McCool: Any objections to merge it when it is fixed?
   … no objections.

   <McCool> [10]https://github.com/w3c/

     [10] https://github.com/w3c/wot-security-best-practices/pull/21

   Philipp: It is pretty straight forward. TLS 1.3 makes it also
   possible to use Raw Public Keys. So, I added that to the spec
   with the references to it.

   Oliver: TLS 1.3 is still the exception. 1.2 is still mostly

   McCool: Firefox and Chrome support it. That is good. Some
   mobile browser don't.

   Philipp: tbf, you can use a customized app for it which
   supports 1.3.

   McCool: iPhone might be an issue here though. They force you to
   use webkit.

   McCool: Should we add an editors note here?

   Philipp: I think that is a good idea.

   mm adds a comment to issue 13

   [11]issue 13

     [11] https://github.com/w3c/wot-security-best-practices/issues/13

   Oliver: We have a much more mature ecosystem for netconf/yang
   WG in the IETF.

   McCool: Any objections to merge 21?
   … no objections.

   <McCool> [12]https://github.com/w3c/wot-security/issues/201

     [12] https://github.com/w3c/wot-security/issues/201

   McCool: The scripting people have some issues we should

   McCool: Maybe we can look into DID to distribute keys.

   <kaz> [adjourned]

    Minutes manually created (not a transcript), formatted by
    [13]scribe.perl version 136 (Thu May 27 13:50:24 2021 UTC).

     [13] https://w3c.github.io/scribe2/scribedoc.html
Received on Monday, 2 August 2021 10:49:25 UTC

This archive was generated by hypermail 2.4.0 : Monday, 2 August 2021 10:49:27 UTC