McCool: still working on system setting for the penetration test
McCool: caught up on the previous
minutes
... went through them and fixed typos, etc.
... and accepted them
... would like to accept these minutes from April 15 as
well
(no objections)
McCool: accepted
McCool: security baseline defined
there
... very influential
... probably should follow this at some point
<McCool> The Internet of Things (IoT) Cybersecurity Improvement Act of 2019 would require that devices purchased by the U.S. government meet certain minimum security requirements.
McCool: there is a link on IoT
Cybersecurity Impeovement Act above
... should keep eyes on it
McCool: need to remind people from
Intel
... note that TAG review is delayed till May 8
... discussion on a possible procedure with the W3C
Management
... our spec has to be perfect for transition after the TAG
review
... external review deadline should be also May 8
... note that there are holidays many places this week
... in Japan, Europe, etc.
... we can still make progress in US, though
... we can get information back before May 15 for CR transition
McCool: we have 3 documents
... bunch of changes for terminology within the WoT
Architecture document
... need to check consistency
... proxy, intermidiately, etc.
... need a very quick review
... after CR transition, edit security docs for
consistency
... and publish updated Notes in mid-June
Kaz: security best practices Note and security test Note. right?
McCool: right
... what's the procedure?
Kaz: we can publish group Notes whenever we want, but need to get a whole group approval
McCool: this week is not good for
that purpose...
... need to change the reference
... want to cite "latest" version in Arch document, not dated
version
... but can we do that?
Kaz: we should use the dated URL for reference purposes, so need to check
McCool: target May 8 as meeting to have publication resolution for the Notes
Kaz: note that we can/should check all the reference documents and update the references based on the latest versions for every publication
McCool: btw, I think we need to go back to the security section of the architecture document and review it in detail
McCool: working on it
... system description about Intel's devices like the ones for
the demo at the Munich workshop
McCool: would like to concentrate on
the workshop demo
... and also penetration test after that
... will be traveling to IIC workshop on May 17-23
... system description for pen test by May 15
McCool: (adds comments on our intention to review the Architecture document)
McCool's comment for Issue 123
McCool: we can close this
... we agreed to do this, and also publish a testing plan Note
as well
McCool's comment for Issue 102
McCool: we now have separate testing
plan document
... (so closed Issue 23)
McCool: hopefully talk about the
system description for pen test
... and document publications
[adjourned]