elena: wondering about the possible changes for the Architecture
mccool: there is a repo for
wot-architecture
... we can create an issue about this pull request
elena: lifecycle should be described in the Architecture
<McCool> https://github.com/w3c/wot-security/issues/65
mccool: have just created the above
issue
... pictures would be helpful
... issue 65 on "Consider moving Thing lifecycle discussion to
Architecture"
Pull Request 63 initial text for lifecycle
mccool: having a picture would be good
mccool: IIC document has lifecycle
definition
... normally you need provisioning
elena: depends on what your security
provisioning model is like
... might be going back from re-provisioning to operational
state
... not sure we need to re-invent lifecycle definition,
though
... we should add some stronger statement for the Editor's note
here
... we have to make some assumption
mccool: let's state our
assumption
... devices in secure/compromise state
... just keep it under control
... we don't really worry about updates
... devices may go down and come back
... or new devices come back
elena: what is available on WoT
layer?
... and what is out of scope?
mccool: let's update the Editor's note
elena: will update it
mccool: ok
... btw, can you make the next call?
elena: planning to join it
mccool: will accept it once you're ok
<Zakim> kaz, you wanted to ask if we need some mechanism to identify some specific device from the others
kaz: what kind of picture for this?
mccool: SVG-based one?
kaz: the content is some kind of state transition. right?
mccool: yes
elena: can draw a state transition diagram
mccool: we'll have a PlugFest during the Prague f2f
mccool: (shows the above f2f
wiki)
... adds topics to the agenda input section
... payments moderated by McCool
... and more general discussion
... Elena for PlugFest security postmortem
... McCool for Validation
elena: how is the functional
testing?
... issue on compatibility?
... which way to go, validation and/or testing
mccool: (adds comments to
"Validation")
... what do we mean by "Validation"
... and how to do it?
elena: useful to try hackathon
mccool: (adds comments to
"Validation" again)
... "white-hat hackathon" and penetration testing
... how long do we need for each topic?
... (adds proposed time to each topic)
... PlugFest Security Postmortem - 30m
... Use Cases - 40m
... Payments - 20m
... Validation - 40m
elena: who is most connected with the industrial scenario?
mccool: maybe Siemens and Lemonbeat?
elena: I'll do lifecycle update first
mccool: McCool for lifecycle under Architecture
elena: will try to join the meeting (remotely) but maybe will have difficulty
mccool: ok
... (putting some more topic)
... "Liaisons and other connections" as a new topic
... McCool for OpenFog and OCF
mccool: (mentions his status about
travel planning)
... maybe will miss the IETF hackathon
... probably will attend the data modeling part and the
security part of the OCF meeting
... can we invite somebody from OCF?
koster: good idea
mccool: we have the PlugFest calls
once a week on Wednesday
... will generate some slides and ping you (Elena)
koster: let's discuss that on Wednesday
mccool: reasonable security use
case
... could go back to the previous PlugFest and see which part
could be modified
... making the old stuff secure would be a good starting
point
elena: is our security goal same as
the main goal of the PlugFest?
... can we add security portion to the main goal?
mccool: how to secure semantic discovery, etc.
mccool: (goes through the prev
minutes)
... accept the minutes?
(ok)
[adjourned]