[wot-security] minutes - 12 July 2021 from Kazuyuki Ashimura on 2021-07-20 (public-wot-wg@w3.org from July 2021)

From: Kazuyuki Ashimura <ashimura@w3.org>
Date: Tue, 20 Jul 2021 15:01:41 +0900
To: public-wot-ig@w3.org, public-wot-wg@w3.org
Message-ID: <877dhlbk1m.wl-ashimura@w3.org>
available at:
  https://www.w3.org/2021/07/12-wot-sec-minutes.html

also as text below.

Thanks a lot for taking the minutes, Oliver!

Kazuyuki

---
   [1]W3C

      [1] https://www.w3.org/

                              WoT Security

12 July 2021

   [2]IRC log.

      [2] https://www.w3.org/2021/07/12-wot-sec-irc

Attendees

   Present
          Kaz_Ashimura, Michael_McCool, Oliver_Pfaff,
          Philipp_Blum, Tomoaki_Mizushima

   Regrets
          -

   Chair
          McCool

   Scribe
          Oliver

Contents

    1. [3]Minutes

Meeting minutes

   <kaz> [4]vF2F minutes

      [4] https://www.w3.org/2021/06/21-30-wot-vf2f-minutes.html

  Minutes

   <kaz> [5]May-31

      [5] https://www.w3.org/2021/05/31-wot-sec-minutes.html

   Meeting minutes of last WoT Security call are reviewed

   Some tweaks are identified

   No objections => minutes will be published

   <kaz> (typo fixed)

   F2F meeting review

   <kaz> [6]vF2F minutes

      [6] https://www.w3.org/2021/06/21-30-wot-vf2f-minutes.html

   Follow-ups needed for several items discussed at F2F

   This includes canoncalization&signing and localizer
   improvements

   Wording changes for the F2F minutes were identified

   Security section of the F2F minutes are regarded and marked as
   'reviewed'

   <McCool> [7]https://github.com/w3c/wot/blob/main/PRESENTATIONS/
   2021-06-online-f2f/2021-06-30-WoT-F2F-Security-McCool.pdf

      [7] https://github.com/w3c/wot/blob/main/PRESENTATIONS/2021-06-online-f2f/2021-06-30-WoT-F2F-Security-McCool.pdf

   <McCool> [8]https://github.com/w3c/wot-thing-description/pull/
   1151

      [8] https://github.com/w3c/wot-thing-description/pull/1151

   Above F2F presentation and PR were considered again and
   discussed

   Design rationale behind TD Signatures was reviewed: i.
   signature object is JWS ii. signature algs are JWA plus its ECC
   add-ons iii. pre-sign/verify transform is extended 'extended
   canoncaliztion' iv. key identification model is
   profiled/sub-setted

   Next step: closer review (@Oliver)

   Discussed [9]https://github.com/w3c/
   wot-security-best-practices/issues/13 next

      [9] https://github.com/w3c/wot-security-best-practices/issues/13

   <kaz> [10]Issue 13 - Update Secure Transport

     [10] https://github.com/w3c/wot-security-best-practices/issues/13

   Philipp will provide initial input for this issue in a PR

   Vacation schedule was discussed

   Signing and Best Practices should get updates before the end of
   July

   <McCool> [11]https://pr-preview.s3.amazonaws.com/mmccool/
   wot-architecture/pull/602.html

     [11] https://pr-preview.s3.amazonaws.com/mmccool/wot-architecture/pull/602.html

   <kaz> [12]wot-thing-description PR 602 - Refactor TD/Discovery
   Material in Section 8

     [12] https://github.com/w3c/wot-architecture/pull/602

   Reviews needed - from a security perspective - for the above
   mentioned WoT Architecture document. Task gets first assigned
   to Philipp

   Meeting closed


    Minutes manually created (not a transcript), formatted by
    [13]scribe.perl version 136 (Thu May 27 13:50:24 2021 UTC).

     [13] https://w3c.github.io/scribe2/scribedoc.html
Received on Tuesday, 20 July 2021 06:01:46 UTC