previous minutes: https://www.w3.org/2017/12/18-wot-sec-minutes.html
mccool: one more meeting before Elena
leaving
... need to talk about plugfest planning
... and f2f planning
elena: when/where?
mccool: in March in Prague
... OCF meeting (March 19-23)
... WoT PlugFest (March 24-25)
... WoT f2f (March 26-29)
... plugfest call will be held on Wed (Jan 10)
... can show slides
... on possible support for TLS, etc.
... not everyone is aware of security (at the moment)
elena: should take a look from
security viewpoint
... e.g., sensor/actuator within some network and application
from outside
mccool: right
... TLS and tokens
... among OAuth
elena: how normally PlugFests set
up/down?
... can we see the high-level scenario?
mccool: still on planning phase
... personally want to see security aspects
... how to generalize multiple participants
... so far we didn't consider security
... but we have to go beyond that
elena: if we put too much it wouldn't be accomplished
mccool: right
... might want to start with simple provisioning
... there is more specific things to do
... one discussion we had during the scripting call is
affection of security information to the metadata
... set up out of bound
zoltan: provisioning is not part of the current scripting api
mccool: how can we prototype?
... need to document it
<zkis> provisioning may be covered by a scripting API with a different entry point than the WoT API
mccool: (shows the 2018-prague area
for plugfest)
... (and then 2017-burlingame area)
(to be merged with the HTML)
mccool: [p5. Issues for the
next]
... issues here
... TD distribution and management should be done in a secure
manner
... this week (on Wed) we should have more detailed
discussion
... would accomplish voice interface
... all the stuff inside a secure mechanism
... that's my preference
kostelena: we should put all of them together
mccool: paper on the queue
... and still under review
mccool: another topic on the
queue
... negotiating with the NDSS co-Chair for submitting a paper
to this ws
[[
*Important Dates*
Paper submission deadline: February 28, 2018
Acceptance Notification: March 31, 2018
Camera-Ready Paper Submission: April 30, 2018
]]
mccool: thinking about security
aspects
... semantic tagging for security
... policy information marked up by semantic tagging
... let me know if you have any ideas
... this workshop itself is more about semantic
interoperability
mccool: need to see the Editor's
notes
... create GitHub issues based on those notes
kaz: maybe I should check the possible difference between the publication version and the Editor's draft just to make sure
mccool: (shows pullrequest 62)
mccool: conversion from "Thing" to
"System" seems ok
... (browses some more keywords, e.g., "System Maintainer",
"Security Owner")
... have to read through all the changes before merging
... and another pullrequest 37
mccool: need to check with Dave
... (add a comment to the issue 37)
... regarding pullrequest 62, I'll check all the changes
including the threat model with IETF IoT RFC #40
... Kaz, can you check the diff between the Editor's draft
(master branch) and the published version?
kaz: will quickly do
mccool: will review the PRs
... and accept them (if it's ok)
... we should be thinking about security for plugfest
... also will review the security document
mccool: got a comment from Wendy
mccool: will respond to Wendy
... (goes through other issues)
mccool: maybe can assign issue 39 to Elena
mccool: will check with Dave
mccool: any objections to accept the minutes?
(none)
[adjourned]