See also: IRC log
<giuseppe> http://www.w3.org/2011/webtv/wiki/HNTF/Home_Network_TF_Discussions
giuseppe: didn't have time to update tracker but Wiki is updated.
Jan: In my latest email, I'm
proposing how the merge with ISSUE-26 may
happen.
... Bullets 2 and 3 are already covered.
... Bullet 1 on checking capabilities, I don't believe it's
covered.
... My suggestion is to update ISSUE-28 with an additional
bullet in the lines of what's in the email.
ISSUE-28?
<trackbot> ISSUE-28 -- Home Network Enabled User-Agent - Network Media Controller -- open
<trackbot> http://www.w3.org/2011/webtv/track/issues/28
Jan: Other comment is on ISSUE-26.
-> http://lists.w3.org/Archives/Public/public-web-and-tv/2011Aug/0018.html Jan's email on ISSUE-16 and ISSUE-26
Giuseppe: for issue 28, you can have a look directly at the requirements document.
Russell: I have no objection, I was looking at the scenario here.
Jan: I think most of the issues
in the use case of ISSUE-16 are covered. Russell, I think you
did a great job here. What's missing is bullet 1.
... [explanations on bullet 1]
Russell: It's really the case of a Web application being able to query the capabilities for Media Player characteristics.
Jan: We didn't necessarily
discover locally in our prototype. We could put a "may".
... We can use an example, in that case an example that we put
in our issue 16.
... There are a couple of configurations to discover the
capabilities of remote devices.
Russell: but the capabilities of the media server are not relevant.
Jan: it would be the renderer, I agree.
Russell: two answers. For the platform the app is running on, you would normally have an API to determine the capabilities of the platform you're running on.
Giuseppe: Isn't that already included in another use case?
Giuseppe: "Application
Discovering a Service"
... More generic.
... What you're discussing here could be another bullet to
refine what we have here.
... We could clarify that this may enable to ask capabilities
for the service.
Jan: I don't know if there are
for example players that advertise their capabilities.
... The nature of the issue is more related to UPnP model. I
didn't think the nature of that was on this generic
capabilities list.
... I didn't think the other issue covers advertising of
capabilities.
... I'm asking that ISSUE-28 have an additional bullet
explaining filtering based on the capabilities of the
renderer.
... If you refer to ISSUE-14, we can expand it to explain that
capabilities need to be advertised.
Russell: You suggest updating the
Home Network Media Player use case and the 3-box use case
(ISSUE-26 and ISSUE-28).
... to include discovery of capabilities.
Jan: do you think ISSUE-14 should be expanded as well?
Giuseppe: The requirements would
probably the same. We don't necessarily need to find use cases
that do not have overlap.
... Summary. Expand ISSUE-26 and ISSUE-28.
Jan: my email can be used as starting point. I'll wait for Russell to communicate back with proposed text.
Russell: ok, I'll do that.
<scribe> ACTION: Russell to propose text to expand ISSUE-26 and ISSUE-28 to address Jan's comment [recorded in http://www.w3.org/2011/08/09-webtv-minutes.html#action01]
<trackbot> Created ACTION-69 - Propose text to expand ISSUE-26 and ISSUE-28 to address Jan's comment [on Russell Berkoff - due 2011-08-16].
Giuseppe: Also, there are some
use cases that are missing requirements right now.
... Now that they are all in the same page (once we have close
Jan's issue), it's good to look at the document and see if
there are use cases that can be merged or adjusted.
Giuseppe: I think we agreed to close it, right?
Russell: yes, but I'd like another week to make sure that the use case is mapped appropriately.
Giuseppe: if you feel that can be
accomplished modifying an existing use case, that's an
option.
... OK, so we'll keep it open for this week and discuss it next
week
Russell: I updated the wiki based on last week's discussions (to remove DLNA-specific stuff).
Giuseppe: thanks, I'll have a look.
Giuseppe: we're basically done
with use cases.
... Next step is to refine requirements during August.
... And then propose that to the group.
... Discussion on priorities and next steps is important.
... One issue that remains is the one on security
<giuseppe> http://www.w3.org/2011/webtv/wiki/HNTF/Home_Network_TF_Discussions/Security
Giuseppe: I'm not sure if you had
a chance to look at it.
... There are two ways to merge it with requirements document.
One is as a use case.
... The other is to have a dedicated section on security.
Sounds more appropriate.
... Any comment or preference?
Jan: Could you touch on some of
the issues and then go on the possible solutions?
... Not entirely clear what the solutions are (device
pairing?)
Giuseppe: The idea is just to highlight the security and privacy issues.
Jan: My concern is that I'm trying to understand the two solutions.
Giuseppe: [going through the
security doc]. First of all, the list of security.
... There are more security issues. One could be fingerprinting
for instance.
... You need to know the trust level of an application.
... I list here the different options.
... certificate, modal dialog, white list provided by the
platform.
Jan: for certificate, do you mean
device manufacturers provide certificates? Can we expand on
that?
... For number 2, I presume that's a user-agent doing this. I'd
like more details on that.
Giuseppe: Understood. I'll try to be more verbose on these options, adding diagrams if possible.
Jan: It's a question of how you
manage the certificate. Eventually, when you grant access,
where is that managed? If the application runs and dies, does
it remember? Do you need to install a widget?
... These are the sort of questions I have.
Giuseppe: ok, I'll expand on this. The doc continues with different trust level options.
Jan: Can one take one step back and say that local content should only be accessible from local devices and say that device manufacturers are responsible to ensure that this is the case.
Russell: It's pretty hard to prevent an application from doing something wrong once installed.
Jan: requirements on the user agent
[more discussion on trust levels options]
Jan: The solution will never come to a solution in this group, but we could list a few requirements.
Giuseppe: sure, we don't have to
define the solutions here.
... I don't know if you had time to follow discussions on
service discovery in the DAP group.
... There's a proposal under discussion.
francois: comment matches Jan's comment. I wouldn't go too deep into solutions. Important to highlight security and privacy issues, suggest directions without going too deep into solutions and if possible extract requirements
Igarashi-San: I have comment on
home network. Very confusing terminology. These use cases
should not be limited to home network. Even with DLNA, there
are devices that can be outside the home.
... I suggest using local network instead of home network, or
local IP network.
Giuseppe: I think we use the term home network pretty much everywhere, would need to update the whole document.
Igarashi-San: Jan mentioned managed/unmanaged. But Web applications can run on other types of network, e.g. 3G. The device may not be able to guarantee where the application runs.
Russell: Is it at the same time or at different times?
Igarashi-San: Manufacturers cannot guarantee that an application runs only on one type of network.
Jan: when it comes to that
gateway functionality. How does it work with
applications?
... Should we restrict the requirements to that use case to
home networks only?
s/Russell: when/Jan: when/
Giuseppe: I'm not sure what you mean. Do you mean that an application should not have access to anything else than local network?
Jan: for the purpose of the
requirements, we only need to look at the home network.
... We don't need to worry about applications that are at the
border.
Giuseppe: I wouldn't
restrict.
... Applications that access data on both networks are
important. It may be disabled by default.
Jan: As you as you say "gateway",
you include remote access.
... If you do that, you open a whole list of problems.
Giuseppe: ok, fine.
[Giuseppe dropped from call, meeting ends]
<JanL> giuseppe called me
<JanL> he says he lost network connection
<JanL> so we should close the meeting
<JanL> we can discuss for another 5 minutes if we want to conclude anything
<JanL> otherwise we continue on the mailing list
<JanL> comments on writing to improve the security issue