See also: IRC log
<scribe> scribenick: kaz
mccool: goes through the prev minutes
kaz: Soumya is already included in the wot-security-tf team
mccool: the minutes are fine by
me
... any objections?
(none)
minutes approved
kaz: can send a publication request on 27th
mccool: ok
... schedule looks good
pr 47 - remove redundant security objectives content
mccool: will clean this up
... objections to merge this?
... straight forward
(no objections)
mccool: merges pr 47
... working branch is merged now
https://services.w3.org/htmldiff
mccool: terminology changes
... solution including the entire hardware as well?
... (goes through the changes)
... acronym "Mgm" means "Management"
... Management API or management interface?
zoltan: not API
mccool: "interface" for network API
zoltan: no management API for Scripting API (so far)
mccool: scripting api will talk with network interface. right?
zoltan: API has a bit easier
connotation
... service carried out by network interface would require
security
mccool: any other interesting
points?
... (security objectives)
... TBD here and there (right above "2.3.2 Scenario 2 -
Business/Corporate environment")
... added section "3. Existing Security Best Practices in
related fields"
... here most about TD
... "4.1 Secure Practices for designing a Thing
Description"
... section 8
... no summary yet
... lot of work to do
... fine with going with this as a FP Note?
... Elena, could you create a PR on management?
... let's ask the group for review on Wednesday, Oct. 25
... please state issues by Wednesday
... I'm OK with this published as a first Note
... ready or not?
barry: let's start the review
uday: would leave the
majority
... fine as the first draft
mccool: Zoltan?
zoltan: think mature as a first draft
mccool: ok
... let's move forward
... if there are too many issues on Wednesday, let's have
discussion at TPAC
elena: Matthias's comment?
mccool: you can ask him to review the latest draft
<McCool> https://rawgit.com/w3c/wot-security/working/index.html#examples-of-wot-security-configurations
mccool: let's see if there is anything to be merged before the publication
<inserted> kaz: we should merge all the changes to the master branch before asking the whole group for publication approval
<McCool> McCool: I will merge changes to master branch, then send email to group pointing at result as RC
<McCool> ... after Elena changes Mgm API -> Management Interface
issue 46 on "Reference Fetch standard in addition to CORS"
mccool: stay open
issue 44 on "Make links to the WoT Terminology from the WoT Architecture document"
mccool: how to refer definitions from
external files?
... using ReSpec
zoltan: you can do that in
ReSpec
... attach tags
... link to external documents
... you can remove definitions inside the draft later
issue 41 on "Clean up Security Objectives section"
mccool: can close it?
elena: ok
mccool: closed issue 41
issue 40 on "Align Threat model with IETF IoT RFC"
mccool: assign to Elena
issue 32 on " Cite WoT Architecture Doc in Intro"
mccool: done
... closes the issue 32
mccool: CFP done
... working on logistics for white paper
mccool: working on POC
... a few things to discuss on security
... after TPAC, concrete discussion on security
... the goal is using TLS, etc., for the interface
... CoAPS, HTTPS, etc.
... anything else?
elena: nothing from me
mccool: ok
... the next meeting should be the last one before TPAC
... (creating a new issue)