IRC log of wot-sec on 2017-08-23

Timestamps are in UTC.

13:05:16 [RRSAgent]
RRSAgent has joined #wot-sec
13:05:16 [RRSAgent]
logging to http://www.w3.org/2017/08/23-wot-sec-irc
13:05:18 [kaz]
present+ Kaz_Ashimura, Elena_Reshetova, Michael_Koster, Soumya_Kanti_Datta, Tomoaki_Mizushima, Zoltan_Kis
13:05:26 [kaz]
present+ Michael_McCool, Barry_Leiba
13:05:33 [kaz]
Meeting: WoT IG - Security
13:05:36 [soumya]
soumya has joined #wot-sec
13:07:31 [kaz]
zakim, pick a scribe
13:07:31 [Zakim]
Not knowing who is chairing or who scribed recently, I propose Michael_McCool
13:07:39 [kaz]
zakim, pick a scribe
13:07:39 [Zakim]
Not knowing who is chairing or who scribed recently, I propose Zoltan_Kis
13:07:59 [kaz]
zakim, pick a scribe
13:07:59 [Zakim]
Not knowing who is chairing or who scribed recently, I propose Elena_Reshetova
13:08:40 [kaz]
scribenick: elena
13:09:29 [elena]
McCool: agenda, change security task force meeting to Monday 3pm finland time?
13:09:42 [elena]
no objections, meeting time changed
13:10:21 [elena]
McCool: next agenda item, first draft for overall arch. and TD document security sections
13:10:30 [elena]
McCool: next wednesday is fist deadline
13:10:55 [elena]
McCool: monday is a final time for changes, after goes to review
13:12:00 [elena]
McCool: another item overal direction, general things go to architecture document, td doc only to have specifics
13:12:25 [zkis]
elena: yes, PR was made to mccool's repo with the TD
13:12:47 [elena]
next we are discussion PR that elena did with changes in TD security section
13:13:59 [naka]
naka has joined #wot-sec
13:14:16 [kaz]
i|change security|topic: Logistics|
13:14:59 [kaz]
i|next agenda item|topic: Documents status|
13:15:26 [kaz]
s/next wednesday/next wednesday, Aug. 30,/
13:16:45 [kaz]
s/discussion/discussing/
13:16:48 [elena]
pr would be accepted to mccool repo, he would cleanup etc
13:18:12 [elena]
elena: it would be nice to cross reference to threat model
13:18:29 [elena]
elena: when writing security sections in different docs
13:22:18 [elena]
McCool: insert link to threat model in TD security section
13:23:35 [elena]
elena: use of secure transport should move to general architecture doc section
13:24:05 [McCool]
https://github.com/mmccool/wot-architecture/tree/security
13:24:10 [elena]
McCool: what pieces from generic practice document should be moved to the security architecture or TD sections?
13:26:13 [kaz]
q+
13:26:21 [elena]
McCool: will do a first pass on generic arch. document security section, elena will take second pass
13:27:01 [McCool]
q?
13:27:17 [kaz]
https://github.com/w3c/wotwg/pull/5#issuecomment-32374263
13:27:42 [elena]
kaz: what is procedure from url above?
13:28:04 [kaz]
https://services.w3.org/htmldiff?doc1=https%3A%2F%2Fw3c.github.io%2Fwot-scripting-api%2F&doc2=https%3A%2F%2Fraw.githubusercontent.com%2Fdanielpeintner%2Fwot-scripting-api%2Fmaster%2Findex.html htmldiff
13:28:28 [elena]
we will do html diff according to above
13:29:21 [elena]
zkis, could McCool merge the PR above from Zoltan?
13:29:21 [kaz]
kaz: Zoltan was proposing a procedure (pullrequest 5) and everybody is encouraged to use htmldiff
13:29:27 [kaz]
https://github.com/w3c/wotwg/pull/5
13:29:58 [elena]
resolution: will be merged
13:30:46 [kaz]
q?
13:30:48 [kaz]
ack k
13:35:42 [elena]
McCool: access token currently for entire TD and not for individual entries
13:35:55 [elena]
elena: this is not good and won't scale in general
13:36:25 [kaz]
present+ Katsuyoshi_Naka
13:37:33 [elena]
McCool: we will need to double check this and discuss further
13:38:19 [elena]
McCool: minimize application functionality should go to general architecture
13:38:57 [kaz]
-> https://github.com/mmccool/wot-thing-description/pull/1 pullrequest for wot-thing-description on McCool's repo
13:39:26 [elena]
McCool: testing should also be moved into general document
13:40:02 [elena]
McCool: WoT API needs to be added to terminology list for further discussion
13:42:12 [elena]
question: what should be extracted from general consideration document security section?
13:42:24 [elena]
elena: will take a pass on thinking and moving stuff
13:42:55 [kaz]
-> http://w3c.github.io/wot/current-practices/wot-practices.html WoT Best Practices document
13:43:18 [elena]
McCool will create first PR, elena will do a next pass
13:43:23 [kaz]
s/general consideration/the WoT Current Practices/
13:43:48 [elena]
everyone should read it and say their objections if any or recommendations
13:44:36 [elena]
McCool: what are the best available practices and reference to them?
13:45:22 [elena]
McCool will update the list of references from set that people recommended over email
13:46:18 [kaz]
rrsagent, draft minutes
13:46:18 [RRSAgent]
I have made the request to generate http://www.w3.org/2017/08/23-wot-sec-minutes.html kaz
13:47:28 [elena]
McCool: we need to submit proposal for workshop for S&P IEEE workshop by 20 of september
13:47:48 [elena]
anyone wants to volunteer?
13:48:08 [kaz]
-> https://www.ieee-security.org/TC/SP2018/workshops.html IEEE workshop page
13:48:47 [elena]
McCool will try to do the first pass on it
13:48:54 [elena]
others need to review
13:49:14 [elena]
we should discuss it during next meeting
13:49:58 [kaz]
s|workshops|cfworkshops|
13:50:00 [elena]
McCool: will ask around who else wants to participate in workshop/share costs
13:51:06 [elena]
McCool: workshop probably is one day and asking people to submit short papers
13:52:50 [elena]
kaz: we will need to talk about it during next chairs meeting
13:54:41 [elena]
another option to consider is NDSS workshop in February
13:54:55 [elena]
but deadline is august 31st, so very soon
13:55:20 [elena]
next meeting is next monday
13:55:34 [kaz]
rrsagent, make log public
13:55:40 [kaz]
rrsagent, draft minutes
13:55:40 [RRSAgent]
I have made the request to generate http://www.w3.org/2017/08/23-wot-sec-minutes.html kaz
13:55:53 [barryleiba]
barryleiba has left #wot-sec