<inserted> scribenick: kaz
Kaz: due to overwrap with WISHI, we might be going to change the Testing slot right after this call
McCool: and make this call 1.5
hours
... 90% sure for that
... but there is no conflict next week
... asking the F-Interop guys about their preference now
... so hold it on at the moment
Matsukura: would like to start
discussion on preparation
... (shares his screen)
... was generating the preparation.md file on my local
branch
<ryuichi> https://github.com/mryuichi/documents/blob/master/preperation_June2018.md
(matsukura-san's branch above)
McCool: 2018-budang should be the place
Matsukura: will move it there
... for the next plugfest
... section 2.2
... servient list like this
... we generated this kind of table
... should generate this again for the Korea f2f as well
... and all are encouraged to generate
COMPANY-preparation.md
... who would join?
McCool: Intel
Kawaguchi: Panasonic
McCool: Siemens
Lagally: Oracle
Matsukura: who else?
... please generate your COMPANY-preparation.md and share it
asap
McCool: some testing stuff
... (shares his work)
... under 2018-bundang directory
... Security-Bundang... and Testing-Bundang...
McCool: [Scope]
... preparation for W3C WoT Plugfest wrt testing goals
... [Goals]
... three topics
... [Thing Description Validation]
... TD Playground
... runs json schema
... JSON schema + TD-validation.TTL (SHACL)
... going to create TD validation service
... based on help by Ege
... returns error codes
... also planning to provide Thing Directory
... if the TD is wrong, it would not accept the TD
... provide secure access as well
... with password, etc.
... would figure out it
... [Thing Network API Exerciser]
... another thing Ege is working on
... given a TD, goes over the network and invokes network
API
... e.g., get properties
... not "safe"
... [Thing Scripting API Test Suite]
... another thing
... collection of test scripts
... assuming node-wot
... [Thing Security Testing]
... automatically break into Web services
... design rules for TDs to catch common security issues
... simply flags for security
... get your TD, HTTP + Basic Auth
... no security is insecure
... second one is autonomous penetration test suite
... will do it manually invoked thing
... [Conclusion]
... let's start testing!
Kaz: minor typo
McCool: fixes it
... will update it
... next PlugFest preparation
McCool's slides on Bundang PlugFest preparation
McCool: Intel preparation
document
... this is my goal here
... [Planned Architecture]
... node-red orchestration
... camera service, speech service
... and OCF CoAP things
... couldn't do ABS thing
... would have this time
... with Amazon voice service
... most of them online
... still much to do
... [Collaborations and Use Cases]
... accessibility
... continue defining use cases with Paciello group
... AI integration
... connecting WoT Things with local/remote AI services
... specifically object recognition
... camera with web api
... that's my stuff
... will put into the template once it's done
<McCool> https://github.com/w3c/wot/blob/master/plugfest/2018-bundang/Intel-Bundang-PlugFest-Preparation.pdf
Nimura: question
... security stuff
... purpose of that is checking basic security
implementation
... but actual devices wouldn't that simple security?
McCool: there might be vulnerability
within your implementation
... still need guest password, etc.
... those standard penetration tool could be broken
... security hazard
... not trying to collect tools
Nimura: so checking the possible
vulnerability is the key
... another question
... security incorporated in architecture
... do you want to update the architecture document with
security portion?
McCool: good question
... you should make sure TDs are distributed
... avoid manipulating your TDs
... to be done by the plugfest but probably not next week
... would ping the TFs
... in practice not part of the standards
... but to be handled by WoT implementations
... break into some system
... btw, with HTTP+basic auth, you can get the password and
login to the system easily...
... will expand the plan through the next security call
Kaz: how to proceed?
... Matsukura-san, will generate the template for
COMPANY-preparation.md?
Matsukura: will do
... clarify the common part and generate some template
... and share with all
Kaz: do we have anything else for today?
Matsukura: question about McCool's
slides
... interested in your architecture
... but not sure how to connect with your servient
McCool: let me just say
... now testing online
... you can see my current system
... but TDs right now are not really good
... basically I have devices with TDs
... you want to access the devices?
... provides via HTTPS connection
... transparent portal
... using SSH tunnel
Matsukura: we can connect to the
portal
... with our application?
McCool: local Thing Directory and
remote Thing Directory
... remote directory refers to portal address
... but not sure about the local address yet
... assuming we have network address
Kaz: that kind of interface should be included in the template
McCool: can provide information, can
update TD as well
... I have two portals
... Japan portal and California portal
... Japan one should be faster
Matsukura: tx
<scribe> ACTION: Matsukura to generate template for COMPANY-preparation.md (and possibly common preparation.md)
Kaz: anything else for today?
(none)
Matsukura: thanks all!
[adjourned]