12:02:00 RRSAgent has joined #wot-sec 12:02:00 logging to http://www.w3.org/2017/08/11-wot-sec-irc 12:02:18 meeting: WoT IG - Security 12:03:03 present+ Kaz_Ashimura, Elena_Reshetova, Michael_Koster, Michael_McCool, Soumya_Kanti_Datta, Tomoaki_Mizushima, Uday_Davuluru 12:03:08 topic: new slot for the call 12:03:17 elena: not available this time on Friday 12:03:32 mm: let's create a doodle 12:03:37 kaz: will do 12:04:03 topic: agenda 12:04:15 elena: answers of the questionnaire? 12:04:21 ... we can walk through the results 12:04:39 mm: ok 12:06:48 kaz: btw, Sebastian mentioned he wanted one more week before the review for TD doc 12:07:03 ... he repeated that view today during the TD call today 12:07:37 McCool has joined #wot-sec 12:07:52 mm: updates the agenda wiki 12:08:32 ... created a branch for TD 12:08:40 ... can generate a pullrequest 12:09:07 ... the issue is there is some portion about security within the current TD doc 12:09:16 ... but not ready for review yet 12:09:47 ... but we can review the current version briefly 12:09:52 mjkoster has joined #wot-sec 12:10:06 -> https://w3c.github.io/wot-architecture/ TD draft 12:10:17 mm: there is a security section but very brief 12:10:43 elena: some more description in the Current Practices document 12:10:46 mm: right 12:10:53 ... what to for then? 12:11:30 ... the question is what is the minimal thing we need to do? 12:12:02 ... also not sure about the all the security options 12:12:32 elena: what is important is backtracking the model 12:12:41 ... security requirements for TD 12:12:47 q+ 12:13:02 elena: concrete measure 12:13:11 ... options for security 12:13:21 ... optional vs mandatory 12:13:40 ... privacy, security 12:13:51 ... why/when to use 12:14:06 mm: what situation requires you to use 12:14:13 ... how to organize this task? 12:14:23 ... what kind of structure? 12:14:44 elena: explain to people why security is needed for TD 12:14:51 q? 12:14:58 mm: threat 12:15:08 s/threat/thread model document/ 12:15:17 ... need different level of publication 12:15:24 ... we could create a wiki page 12:16:01 kaz: wiki, md or whatever 12:16:15 mm: standard document 12:16:28 ... 4. vocabulary definition 12:16:47 ... TD model has security portion 12:16:53 ... but quite empty 12:17:20 ... also the vocabulary sections are automatically generated based on some ontology 12:17:31 ... so we should not edit the section 4 directly 12:18:00 ... there is another security section "4.2.8 Security" 12:18:08 ... also "5.3 Security" 12:18:47 ... this is for serialization, e.g., JSON-LD 12:19:04 ... and section "6. Security" is empty 12:19:18 ... TD TF wanted us for review 12:19:25 ... let's think about outline 12:20:30 kaz: several viewpoints, e.g., author, developer, user? 12:20:40 mm: issue with the structure 12:20:46 ... and security mechanism 12:21:40 -> https://github.com/mmccool/wot-thing-description McCool's branch 12:21:48 mm: talked with several people 12:21:55 ... protocols to map to 12:22:15 ... CoAP, MQTT, HTTP 12:22:31 s|HTTP|HTTP/HTTPS| 12:22:43 ... Amazon started security on WebSocket 12:24:53 ... (updates the Security section on his branch) 12:25:48 ... the threat model has two assets: TD itself and the resources that can be accessed via the TD 12:26:09 ... risks: adversaries and prioritized threats 12:28:20 -> https://cdn.rawgit.com/mmccool/wot-thing-description/54dfad26/index.html McCools Update (rawgit) 12:30:07 mm: General: that we "do no harm": security of described protocols should be maintained. Don't introduce new security mechanisms, but do prederve functionality of existing mechanisms 12:30:45 ... Exposing: when exposing a TD, especially via the Scripting API, itshould be possible to use best practices for security 12:31:29 ... Consuming: a consumed TD should accurately reflect the actual security status of a target device 12:36:20 ... Protocols: we will prioritize the following protocols: HTTP(S), CoAP(S) 12:41:05 ... Recommended Practices 12:41:14 ... secure delivery and storage of TD 12:41:26 ... use of secure transports 12:42:47 ... use CoAPS and HTTPS rather tna CoAP and HTTP whenever possible 12:42:59 ... maintaining privacy 12:43:13 ... avoid exposing personally indentifiable information in a TD 12:43:24 ... avoid exposing an immutable hardware identfier 12:43:32 s/identfier/identifier/ 12:43:58 i|use of secure|implement an access control mechnism for the TD 12:45:17 ... APIs should only provide the functionality necessary, and no more 12:45:29 ... devices should be strongly encapsulated 12:45:40 ... consider different levels of access for different users 12:46:57 ... (will create a branch on McCool's branch) 12:47:05 er: can add some more edit as well 12:47:22 mm: we should concentrate on the security section 12:49:49 i need to leave early for other work. bbye 12:50:01 https://github.com/mmccool/wot-thing-description 12:50:40 topic: Threat model questionnaire 12:50:46 mm: quickly review the results 12:51:11 ... anything missing? 12:51:22 mk: no specific suggestions at the moment 12:51:32 s/missing/missing, Koster/ 12:53:17 kaz: can we see the results at some URL? 12:53:30 er: can create a snapshot and let you all know 12:53:41 ... (goes through the results) 12:54:18 ... [What are the typical high-level WoT use cases/scenarios when privacy might be at risk? 12:54:32 mm: separate sections for security and privacy? 12:54:43 ... would be better to have two separate sections 12:55:37 er: [What identifieres (device, thing, user, etc.) do the WoT define in the TD or other places? 12:55:46 mm: potentially use some ID 12:55:59 ... identifiers pointing software objects 12:56:10 ... destroy things we created 12:56:25 ... disconnected with the hardware itself 12:57:03 ... stable identifiers are used during the lifecycle 12:57:17 ... after that, the identifiers go away 12:57:59 ... name field and id field 12:58:07 ... URL field 12:58:12 ... we can change them 12:58:31 ... but vendor information, etc., should be protected 12:58:41 ... sensitive information 12:59:28 er: vendor id itself is not about the hardware? 12:59:38 mm: which device it is 12:59:45 ... you can talk with the driver 13:00:09 ... recommend we should not include vendor ID if sensitive 13:00:21 ... industry environment would make sense 13:00:39 ... let's add some recommendations to the security section 13:00:51 ... semantic information on the device 13:00:57 ... what's the least? 13:01:13 er: ok 13:01:20 ... and we asked about the purpose 13:01:32 ... [What is their purpose (why can they not be omitted)? 13:02:07 mm: the last person mentions that without id it's impossible to communicate 13:02:58 ... Elena, please create a PDF version of the results and share it with the group 13:03:00 er: ok 13:03:30 zkis has joined #wot-sec 13:03:45 mm: we'll do a doodle poll for the upcoming calls 13:04:40 [ adjourned ] 13:04:45 rrsagent, draft minutes 13:04:45 I have made the request to generate http://www.w3.org/2017/08/11-wot-sec-minutes.html kaz 13:05:06 rrsagent, make log public 13:05:07 rrsagent, draft minutes 13:05:07 I have made the request to generate http://www.w3.org/2017/08/11-wot-sec-minutes.html kaz 13:05:55 rrsagent, draft minutes 13:05:55 I have made the request to generate http://www.w3.org/2017/08/11-wot-sec-minutes.html kaz 13:06:07 Chair: McCool 13:06:08 rrsagent, draft minutes 13:06:08 I have made the request to generate http://www.w3.org/2017/08/11-wot-sec-minutes.html kaz 13:06:59 i/created a branch for TD/topic: TD Review/ 13:07:00 rrsagent, draft minutes 13:07:00 I have made the request to generate http://www.w3.org/2017/08/11-wot-sec-minutes.html kaz 14:26:35 Zakim has left #wot-sec 16:12:31 zkis has joined #wot-sec 17:32:44 zkis has joined #wot-sec 18:41:28 zkis has joined #wot-sec 19:18:34 zkis has joined #wot-sec