kaz: if possible, we should update the URL for the security Note in the NDSS paper with: https://www.w3.org/TR/2017/NOTE-wot-security-20171214/
mccool: looking through the prev
minutes
... one fix, number 20 should be 12
... CoI should be spelled out as "conflict of interest"
... minutes look good
... we published the Note on Sep. 24
... also NDSS paper has been submitted
<McCool> https://github.com/mmccool/ndss-wot-sec/blob/submission-5/ndss-wot-sec.pdf
<McCool> as submitted
<McCool> https://github.com/w3c/wot-security/issues/59
mccool: we talked about issue 59 about scripting api
<McCool> https://github.com/w3c/wot-scripting-api/issues/82#issuecomment-350662317
mccool: related to scripting issue
82
... resolution from the scripting call
[[
RESOLUTION: As discussed in the meeting on Dec
18, security data, like protocol bindings, need to be provided
when the Thing is provisioned, eg when the Thing runtime is set
up. The scripting API only deals with actions taken from
"inside" a Thing, and so this setup is out of scope. However,
for practical reasons, we do need to have an implementation
that allows this information to be specified. Therefore, the
node-wot API should be extended to support the
definition of security metadata during setup,
and this part of the API should be documented, but it should be
made clear that this part of the node-wot API is
non-normative.
]]
<McCool> consider this issue resolved now, but won't close it until we meet next time and can review with a larger set of people
<McCool> next meeting: Jan 8
[adjourned]