McCool: short agenda: prev minutes, updates to TD/Arch, Issues/PRs
<inserted> mm: adds CTA/NIST for workshop to quick updates
https://www.w3.org/2019/04/29-wot-sec-minutes.html
McCool: (goes through the
minutes)
... publication schedule change, still ongoing
... also need to work on demos
... any issues?
(no objections)
McCool: accepting the minutes
McCool: talked with Mike Bergman from
CTA to invite them to the WoT workshop
... but unfortunately he can't come
McCool: joined the IIC security
call
... but just myself and the Chair there
... have not heard back from the others either
... so far we have got no feedback from TAG either
McCool: one of the issues
... best practices document and testing document don't have proper style yet
... so for the moment, we should remove the refs to them from the spec docs
... when we get to PR, we can add links back again
Kaz: those references are non-normative. right?
McCool: right
Elena: maybe better to start with the oldest one?
McCool: yeah, but maybe we can look at issue 122 first
McCool: (reopens the related TD issue 300)
McCool: now we can refer to the above
TD issue 300
... and security issue 122 itself can be closed
... (closes issue 122)
McCool: add a comment
... need to review before the Cork IIC meeting in May 2019.
Elena: after that, we should check the old issues
McCool: ok
McCool: current practices document
has gone away and turned into the Architecture document
... so would propose we close this issue itself (13) and create
a smaller issues related to particular things in the
Architecture document.
... (also adds some more comment to the TD issue 300)
McCool's updated comment on TD issue 300
McCool: (goes back to the security
issue 13)
... change the title to "Align with Architecture
document"
... and keep it
McCool: discovery and expose
... since we don't consider discovery any more
... also discovery is out of scope from our current
Charter
... if there was a service supporting discovery, and that
service was described with a TD, that TD could specify the
access rights and requirements for discovery
... TDs alone specify the interaction rights but say nothing
about discovery, and this is fine, since that is the scope of
the TD
... we already state the security properties that any TD
discovery mechanism should have, e.g., provide TDs only to
"authorized users". However, we are vague as to how that is
accomplished we state the goal, not the mechanism, which is
intentionally undefined
... my reading of what Zoltan was saying above is that is not
really an issue for the Scripting API. Or rather, access rights
are handled outside of the Scripting API.
... (and close it; issue 14)
McCool: done
... and closed
McCool: (goes back to issue 13, and
close it as well)
... because we already have an issue with the updated title
McCool: would cancel the call next week
Kaz: so the next call will occur on Monday, May 20?
McCool: will be traveling for the IIC
meeting on that day as well
... but still may be able to join
[adjourned]