- From: Kazuyuki Ashimura <ashimura@w3.org>
- Date: Mon, 08 Feb 2021 20:47:08 +0900
- To: public-wot-ig@w3.org, public-wot-wg@w3.org
available at:
https://www.w3.org/2021/01/25-wot-sec-minutes.html
also as text below.
Thanks a lot for taking the minutes, Elena!
Kazuyuki
---
[1]W3C
[1] https://www.w3.org/
WoT Security
25 January 2021
[2]Agenda. [3]IRC log.
[2] https://www.w3.org/WoT/IG/wiki/IG_Security_WebConf#25_January_2021
[3] https://www.w3.org/2021/01/25-wot-sec-irc
Attendees
Present
Cristiano_Aguzzi, Elena_Reshetova, Kaz_Ashimura,
Michael_McCool, Oliver_Pfaff, Tomoaki_Mizushima
Regrets
-
Chair
McCool
Scribe
elena
Contents
1. [4]meeting minutes from last meeting
2. [5]let's look at the issue tracker
3. [6]Apikey and psk explanation improvement
4. [7]add URI template location for security scheme parameters
Meeting minutes
<McCool> [8]https://www.w3.org/WoT/IG/wiki/
IG_Security_WebConf#25_January_2021
[8] https://www.w3.org/WoT/IG/wiki/IG_Security_WebConf#25_January_2021
meeting minutes from last meeting
[9]https://www.w3.org/2021/01/18-wot-sec-minutes.html
[9] https://www.w3.org/2021/01/18-wot-sec-minutes.html
McCool: date needs to be corrected
McCool, any objections to the meeting minutes?
McCool: approved
let's look at the issue tracker
McCool: looking at issue 191
[10]https://github.com/w3c/wot-security/issues/191 - Review
security architecture of Home Assistant
[10] https://github.com/w3c/wot-security/issues/191
McCool: let's capture the important points from this issue into
our wot-security documentation
McCool creates wot-security/background/hubs.md and puts text
from issue 191 there
[11]https://github.com/w3c/wot-security/blob/master/background/
hubs.md
[11] https://github.com/w3c/wot-security/blob/master/background/hubs.md
McCool: now issue 191 can be closed.
McCool closes issue 191
McCool: other similar issues should contribute text in a form
of PR towards background/hubs
McCool: look at issue 187
[12]https://github.com/w3c/wot-security/issues/187 - Review
security architecture of OpenHAB
[12] https://github.com/w3c/wot-security/issues/187
McCool: adding text from issue 187 to background/hubs.md
McCool: we would need to have template for describing different
hubs
McCool: we will leave the issue 187 open for now in case Oliver
wants to make further edits
Apikey and psk explanation improvement
McCool: next let look into issues from agenda
First one: [13]https://github.com/w3c/wot-thing-description/
pull/1031 - Improve descriptions of apikey and psk security
schemes
[13] https://github.com/w3c/wot-thing-description/pull/1031
McCool: in TD call last week we discussed this
McCool: the new description seems to address the original
issue, but we need to covert a couple of statements to
assertions
McCool: how do people feel about making it an assertion?
Cristiano: agrees with this approach albeit testing this
assertion is a problem
McCool puts some comment into the issue
including the potential wording for the assertions
McCool: the important statement is to make sure that if someone
stores secret information (like keys, passwords, etc) in a TD,
then they are automatically not compliant with the TD spec
McCool: we will discuss this at next TD call
add URI template location for security scheme parameters
[14]https://github.com/w3c/wot-thing-description/pull/1032 -
WIP: Add URI template location for security scheme parameters
[14] https://github.com/w3c/wot-thing-description/pull/1032
McCool: this text is not quite ready yet
McCool: we can use uriVariables instead of uri and parameters
here
McCool puts a comment into 1032
together with an example on how it can look like
McCool: If anyone has more comments, please comment also
<kaz> [adjourned]
Minutes manually created (not a transcript), formatted by
[15]scribe.perl version 127 (Wed Dec 30 17:39:58 2020 UTC).
[15] https://w3c.github.io/scribe2/scribedoc.html
Received on Monday, 8 February 2021 11:47:13 UTC