13:24:42 <RRSAgent> RRSAgent has joined #httpslocal
13:24:42 <RRSAgent> logging to https://www.w3.org/2018/10/25-httpslocal-irc
13:24:55 <kaz> meeting: HTTPS Local Network CG
13:26:48 <yamada> yamada has joined #httpslocal
13:27:57 <r_kato> r_kato has joined #httpslocal
13:28:44 <yamada> yamada has joined #httpslocal
13:33:29 <kouhei> kouhei has joined #httpslocal
13:33:37 <yhirano_> yhirano_ has joined #httpslocal
13:33:47 <wooglae> wooglae has joined #httpslocal
13:33:57 <McCool> McCool has joined #httpslocal
13:34:05 <kminami> kminami has joined #httpslocal
13:34:29 <Mizushima> Mizushima has joined #httpslocal
13:34:35 <t_homma> t_homma has joined #httpslocal
13:34:58 <urata> https://github.com/httpslocal/group/wiki/Meeting2018Oct25TPAC#agenda
13:35:06 <McCool> https://github.com/w3c/wot/blob/master/PRESENTATIONS/wot-https-local-10-2018.pptx
13:36:57 <skk> skk has joined #httpslocal
13:37:02 <ryo-k> ryo-k has joined #httpslocal
13:37:18 <horiuchi> horiuchi has joined #httpslocal
13:37:29 <ryo-k> Presentation material (will repost in GitHub repository later): https://s01.ninja/files/1025_httpslocal.pdf
13:37:52 <urata> starting meeting by Igarashi-san who is chair
13:38:11 <urata> Ajitomi-san is one of presenter
13:38:15 <urata> introduction
13:38:19 <urata> Mizushima-san
13:38:31 <urata> Maccool san from Intel@tokyo
13:39:11 <urata> Igarashi, Aitomi, Sakakibara, Kajiwara, Kim, Hirano
13:39:26 <urata> Horiushi, Minami, Yamada, Honma
13:39:31 <skk> present+ Hiroshi Sakakibara
13:40:14 <kouhei> present+ Kouhei Ueno from Google
13:40:27 <yhirano_> present+
13:40:28 <Mizushima> present+ Tomoaki_Mizushima
13:41:16 <Mizushima> present + Michael McCool
13:41:24 <urata> Explaining Agenda
13:41:42 <Mizushima> present+ Micheal McCool
13:41:52 <urata> Present by Kajiwara-san
13:42:13 <urata> https://s01.ninja/files/1025_httpslocal.pdf
13:42:39 <urata> Why we need https-local?
13:44:01 <urata> Browser requires https for various powerful features
13:44:39 <urata> installing self singed root CA is not good solution
13:45:12 <urata> Introduce Github repo (refer slide)
13:45:28 <dajitomi> dajitomi has joined #httpslocal
13:45:30 <tomoyuki> tomoyuki has joined #httpslocal
13:45:47 <tomoyuki> rrsagent, make minutes v2
13:45:47 <RRSAgent> I have made the request to generate https://www.w3.org/2018/10/25-httpslocal-minutes.html tomoyuki
13:45:58 <urata> Scenario Overview
13:46:06 <urata> 1. direct access from UA
13:46:14 <urata> 2. Machine to Machine
13:46:18 <urata> 3. Cross Origin
13:46:35 <urata> Home NAS device example
13:46:35 <tomoyuki> rrsagent, make logs public
13:47:23 <urata> UC-07: Secure offline communication for Home Automation
13:47:45 <igarashi> igarashi has joined #httpslocal
13:48:28 <tomoyuki> Chair: igarashi, dajitomi
13:49:13 <urata> https://github.com/httpslocal/usecases
13:49:26 <urata> use case description
13:49:31 <tomoyuki> Agenda: https://github.com/httpslocal/group/wiki/Meeting2018Oct25TPAC#agenda
13:50:11 <urata> Senario: PublicCA Cert for devices accessible globally
13:50:27 <urata> e.g. Mozilla's Things Gateway
13:50:31 <tomoyuki> s/Senario/Scenario/
13:51:04 <urata> Pros, Cons explained (refer slide)
13:51:41 <urata> Scenario: Public CA Cer for devices accessible only in the local network
13:52:16 <urata> Scenario: Private CA Cert
13:53:38 <urata> Scenario: Self-Signed Certificate
13:56:06 <urata> Move on: Missing use case? Scope too large?
13:56:40 <urata> Questions?
13:56:42 <plinss> plinss has joined #httpslocal
13:57:28 <urata> McCool: use cases such as network camera
13:57:36 <Mizushima> Mizushima has joined #httpslocal
13:57:55 <urata> .. lot of iot devices deployed
13:59:06 <urata> present+ peter
13:59:13 <McCool> https://github.com/w3c/wot/blob/master/PRESENTATIONS/wot-https-local-10-2018.pptx
13:59:18 <ryo-k> scribenick: ryo-k
14:00:08 <ryo-k> mmc: Presenting the current state of Web of Things standardization and strawman proposal for httpslocal
14:00:14 <tomoyuki> Topic: HTTPS in Local Network from the aspect of W3C WoT WG
14:00:42 <ryo-k> ...: WoT CR to be published in January
14:01:34 <ryo-k> ...: We still have a window for few small features, but not much space
14:02:23 <ryo-k> ...: Deliverables: Thing Description (JSON serialization, JSON-LD)
14:02:25 <ryo-k> ...
14:03:20 <tomoyuki> rrsagent, make minutes v2
14:03:20 <RRSAgent> I have made the request to generate https://www.w3.org/2018/10/25-httpslocal-minutes.html tomoyuki
14:03:36 <ryo-k> ...: (showing JSON-LD version of TD)
14:04:55 <urata> ...: slide page 4
14:05:12 <ryo-k> ...: Use case of httpslocal - Have a directory of local device, and have it deliver TDs securely
14:07:30 <ryo-k> igarashi: q. security scheme standardized?
14:07:58 <ryo-k> mmc: there are 8 of them
14:08:05 <urata> ...: s
14:08:27 <urata> ...: slide page 5
14:08:54 <urata> ...: slide page 6
14:09:12 <ryo-k> ...: security schemes are overridable in a nested object
14:09:27 <ryo-k> ...: security schemes : oauth2, psk, digest...
14:09:45 <ryo-k> ...: (strawman)
14:09:55 <urata> ...: slide page 8
14:10:16 <ryo-k> ...: there are standardized work in CoAPS specification. psk, cert, public
14:11:06 <ryo-k> ...: one option here: what if we used these with HTTPS?
14:11:12 <ryo-k> CoAP spec: https://tools.ietf.org/html/rfc7252
14:11:59 <ryo-k> mmc: Public key is like using a local CA.
14:12:36 <ryo-k> ...: "psk": key pre-distribution is needed
14:12:58 <ryo-k> igarashi: We need a scheme that works under un-managed networks
14:13:18 <tomoyuki> rrsagent, make minutes v2
14:13:18 <RRSAgent> I have made the request to generate https://www.w3.org/2018/10/25-httpslocal-minutes.html tomoyuki
14:13:43 <ryo-k> mmc: Do our current set of parameters support the use cases?
14:14:05 <ryo-k> igarashi: We have already discussed pre-shared key based protocols such as J-PAKE
14:14:47 <ryo-k> mmc: This is more for machine-to-machine than for browsers
14:15:36 <ryo-k> igarashi: psk/dtls/coaps equivalently secure as tls1.3?
14:16:02 <ryo-k> mmc: dtls should be equivalently secure
14:17:14 <ryo-k> ...: Next thing on rechartered WG is to have a discovery service
14:18:16 <ryo-k> igarashi: browser vendor support for coaps?
14:18:33 <john_dai> john_dai has joined #httpslocal
14:19:15 <ryo-k> mmc: actually mozilla just took out coaps. they might be going for their gateway product. google chrome does not support
14:19:29 <ryo-k> kouhei: does psk with https mean extending TLS?
14:19:35 <Mizushima> Mizushima has joined #httpslocal
14:19:56 <ryo-k> mmc: psk works under coap
14:20:20 <tomoyuki> rrsagent, make minutes
14:20:20 <RRSAgent> I have made the request to generate https://www.w3.org/2018/10/25-httpslocal-minutes.html tomoyuki
14:20:27 <ryo-k> ...: it's where the key comes from
14:21:18 <tomoyuki> rrsagent, make logs public
14:21:21 <ryo-k> ryo-k: does that result in modifying all the tls libraries in the wild?
14:21:50 <ryo-k> mmc: maybe the configuration files. currently this is a strawman proposal to take the definition of coaps and adapt it to https
14:24:32 <urata> Topic: Review and Discussion on Proposals [Presenters: Igarashi-san]
14:25:14 <tomoyuki> rrsagent, make minutes v2
14:25:14 <RRSAgent> I have made the request to generate https://www.w3.org/2018/10/25-httpslocal-minutes.html tomoyuki
14:25:21 <ryo-k> Topic: Publicly Trusted Cert. and Local Network Discovery by Tatsuya Igarashi (@igarashi50)
14:26:33 <ryo-k> igarashi: Background. We had breakout sessions / discussions throughout 5 years of TPAC
14:27:09 <ryo-k> ...: Some solutions for using publicly trusted certificates on local servers e.g. PLEX
14:27:33 <urata> https://github.com/httpslocal/group/blob/master/20181025_F2F_TPAC2018/PubliclyTrustedCert_and_LocalNetworkDiscovery_W3C_TPAC2018.pdf
14:27:57 <ryo-k> ...: We may use Let's Encrypt to get publicly trusted certs
14:28:36 <ryo-k> ...: Talks on Local Network Discovery under W3C. Web and TV IG, DAS WG, Second Screen CG
14:29:14 <ryo-k> ...: Why publicly trusted certs? (1) Not easy for consumers to install private cert
14:29:37 <ryo-k> ...: also very risky to install private certs onto their devices
14:29:54 <tomoyuki> rrsagent, make log public
14:30:20 <tomoyuki> rrsagent, draft minutes v2
14:30:20 <RRSAgent> I have made the request to generate https://www.w3.org/2018/10/25-httpslocal-minutes.html tomoyuki
14:31:17 <ryo-k> ...: Messy for users to manage security of many devices from different vendors.
14:31:34 <ryo-k> ...: (3) costly for small companies to manage private PKI.
14:32:23 <ryo-k> ,,,: Issues
14:32:53 <ryo-k> ...: (1) scalability/privacy of public dns/CT servers
14:33:33 <ryo-k> s/,,,/.../
14:34:20 <ryo-k> ...: (2) name binding issues
14:34:57 <urata> binding public domain and local network is the issue
14:35:20 <ryo-k> ...: in case of PLEX, the server should know the URL of devices in a secure manner
14:36:36 <ryo-k> ...: using mDNS in public DNS works only for managed networks
14:36:50 <ryo-k> kouhei: what is the threat model for privacy issues when using PLEX?
14:38:25 <ryo-k> igarashi: The domain name might include personal information eg. owner name, and if these are disclosed through CT logs, they are now in the public
14:40:25 <ryo-k> ...: PLEX means assigning global names to private IP address
14:40:58 <ryo-k> ...: They can know about your private IP address
14:41:02 <urata> sakakibara: DNS has lot of privacy information is issue?
14:41:16 <ryo-k> kouhei: what's the point on personalizing domain names?
14:41:57 <ryo-k> igarashi: You need a human-readable name so that users can distinguish between devices
14:42:40 <ryo-k> hirano: the names should be unique, (how to handle uniqueness?)
14:43:07 <ryo-k> igarashi: please look at the URL for details
14:44:15 <urata> PLEX solution: https://support.plex.tv/articles/206225077-how-to-use-secure-server-connections/
14:45:18 <ryo-k> hirano: PLEX solution proposed by browser vendor?
14:46:00 <ryo-k> igarashi: No, we asked them about how they think. There is a scalability problem with CT servers
14:46:47 <urata> igarashi: PLEX solution has discovery issue
14:48:27 <urata> igarashi: introduce candidate solutions
14:48:31 <ryo-k> igarashi: Solution proposal. About scalability issue, short-term STAR certificates may work, because they don't need to be registered to CT logs
14:49:02 <ryo-k> ...: alternatively, using Technically Constrained Subordinate CA Certificate defined by CABF Baseline guideline
14:49:27 <ryo-k> ...: Not supported by all major browsers yet
14:49:46 <urata> ajitomi: this solution is for intranet?
14:50:34 <urata> igarashi: no, not limited to that
14:51:20 <ryo-k> ...: about binding issue, extension to local network discovery can address the issue
14:52:16 <tomoyuki> rrsagent, make minutes v2
14:52:16 <RRSAgent> I have made the request to generate https://www.w3.org/2018/10/25-httpslocal-minutes.html tomoyuki
14:52:40 <urata> igarashi: (propose strawman idea figure)
14:52:50 <ryo-k> ...: W3C is a good place for this discussion, because secure contexts/mixed content is discussed under Web Security Standards under W3C
14:53:26 <ryo-k> ...: (slide of proposal @ TPAC2017)
14:54:29 <urata> Topic: Draft proposals for supporting local HTTPS without publicly trusted Certificates by Daisuke Ajitomi
14:55:17 <ryo-k> ajitomi: Proposals NOT based on genuine Web PKI certificates
14:55:21 <urata> https://github.com/httpslocal/group/blob/master/20181025_F2F_TPAC2018/20181025.w3c-tpac.httpslocal.proposal.pdf
14:55:58 <ryo-k> ...: HTTPS for Local Domains by Martin Thomson @ Mozilla
14:59:40 <ryo-k> ...: Issues for Web PKI-based solutions. (1) The device vendor should be responsible for guaranteeing the authenticity of the device, not the user
15:00:19 <ryo-k> igarashi: there should be a different guideline for local devices. local devices need necessarily not comply to webtrust
15:00:40 <ryo-k> ajitomi: (2) Readability/memorability of domain names
15:01:05 <ryo-k> ...: .local indicate that they are local network devices
15:01:19 <urata> Martin's proposal: https://docs.google.com/document/d/170rFC91jqvpFrKIqG4K8Vox8AL4LeQXzfikBQXYPmzU/edit
15:01:20 <ryo-k> ...: Martin's proposal
15:02:03 <ryo-k> ...: challenge for local domains - names are not unique
15:02:14 <ryo-k> ...: solution - extending the origin makes this possible
15:02:23 <ryo-k> ...: web origin consists of scheme host port
15:02:40 <urata> ...: proposed solution "extending origin"
15:02:43 <ryo-k> ...: adding additional property to that tuple guarantees uniqueness
15:03:58 <urata> ...: (showing UI figure in page 6)
15:04:44 <urata> igarashi: if there is lot of printers in a room, this can be an issue
15:05:21 <ryo-k> igarashi: some kind of discovery api would be necessary if there are multiple devices of same vendor exists
15:05:41 <ryo-k> hirano: maybe discovery api out of scope for https in local domains?
15:07:38 <ryo-k> igarashi: the proposal does not talk about uniqueness of local domains.
15:08:43 <ryo-k> kouhei: it addresses the uniqueness of local domains by extending the "origin" by adding SPKI hash
15:09:50 <ryo-k> ajitomi: (shows the URL with SPKI hash, talks about TBD details)
15:09:51 <urata> martin proposed URL example: https://_NPNE4IG2GJ4VAL4DCHL64YSM5BII4A2X.printer.local
15:10:20 <ryo-k> ...: Has drawbacks, like key changes, address changes, ...
15:10:53 <ryo-k> @2: How does the browser find out which IP address "printer.local" ?
15:11:07 <ryo-k> igarashi: they may be discovered through mDNS
15:11:13 <ryo-k> hirano: communication encrypted?
15:12:09 <ryo-k> ajitomi: the way to install private CA on the browser is not mentioned
15:12:14 <tomoyuki> rrsagent, make minutes v2
15:12:14 <RRSAgent> I have made the request to generate https://www.w3.org/2018/10/25-httpslocal-minutes.html tomoyuki
15:12:41 <ryo-k> ajitomi: Ajitomi-san's proposal
15:12:46 <urata> Ajitomi-san's proposal: https://github.com/dajiaji/proposals/blob/abstract_proposal/draft_proposal_supporting_local_https_communication.md
15:13:13 <ryo-k> ...: Two access patterns, normal access and cross-origin access pattern
15:13:36 <ryo-k> (btw, the m2m case and direct access case in my slide corresponds to the "normal access case" in his slides
15:14:19 <ryo-k> ...: 3 candidate solutions. PAKE-based approach, OAuth/ACE based approach, Device vendor issued certificate
15:15:06 <ryo-k> ...: 1. User's approval, 2. webauthn-like trust model (app layer solution), 3. trust model (tls-layer solution)
15:15:23 <ryo-k> ...: 1. Use PAKE based on user's approval
15:15:54 <kminami> kminami has joined #httpslocal
15:16:17 <ryo-k> ...: Add type: "pake" parameter to fetch API. In this case, a confirmation UI is shown
15:17:15 <ryo-k> ...: before 2 and 3, describe WebAuthn's trust model
15:17:40 <ryo-k> ...: There is a trust relation between FIDO server and Authenticator / RP and FIDO server
15:18:27 <ryo-k> ...: This trust model can be matched
15:19:37 <tomoyuki> regrets+ Tomoyuki_Shimizu
15:20:16 <ryo-k> ...: approach 2: calls fetch API with rpk + raw public key or fingerprint / pkix + SPKI based fingerprint
15:21:15 <tomoyuki> rrsagent, draft minutes v2
15:21:15 <RRSAgent> I have made the request to generate https://www.w3.org/2018/10/25-httpslocal-minutes.html tomoyuki
15:21:49 <urata> ...:
15:23:16 <ryo-k> igarashi: In the WebAuthn case the authenticator device is guaranteed to be secured, but we cannot assume that local device is secured in this case
15:24:25 <ryo-k> ajitomi: (approach 3) use private CA certs based on device attestation and user approval
15:24:51 <ryo-k> ...: needs same kind of extension to fetch API
15:25:13 <ryo-k> ...: browser regards this value (spki fingerprint) as a temporary trust anchor
15:26:08 <ryo-k> horiuchi: in this case, authorization server needs to know that resource server is in local network. how does it do so?
15:26:43 <ryo-k> ajitomi: addressed in last TPAC, please check slide
15:26:50 <ryo-k> Topic: Wrap-up
15:27:24 <ryo-k> igarashi: one of the big issue is that we need to distinguish between managed and unmanaged network
15:27:28 <urata>  igarashi: Martin's idea is for managed network
15:27:35 <ryo-k> ...: we mostly worked on unmanaged network
15:31:34 <ryo-k> kouhei: think the use cases are sufficient, but what are the technical constraints?
15:33:22 <ryo-k> igarashi: next steps: we need to clear the scope. continue discussion on GitHub / follow-up F2F meeting
15:33:41 <horiuchi> horiuchi has joined #httpslocal
15:33:53 <tomoyuki> rrsagent, make logs member-visible
15:34:29 <tomoyuki> rrsagent, make logs public
15:34:41 <tomoyuki> rrsagent, make minutes v2
15:34:41 <RRSAgent> I have made the request to generate https://www.w3.org/2018/10/25-httpslocal-minutes.html tomoyuki
15:43:08 <tomoyuki> rrsagent, bye
15:43:08 <RRSAgent> I see no action items