WoT Discovery

14 Sep 2020


Kaz_Ashimura, Michael_McCool, Andrea_Cimmino, Cristiano_Aguzzi, Farshid_Tavakolizadeh, Kunihiko_Toumura, Tomoaki_Mizushima, Michael_Koster


<kaz> scribenick: cris

McCool: any other agenda items for today?
... ok, let's look at the previous minutes

Previous minutes

McCool: ok minutes published with a small correction

TPAC planning

McCool: we did our part. (created issues and label them)
... I'm still organizing DID meeting. Sebastian is looking for the JSON-LD meeting
... any other thoughts for the F2F ?
... we have to fill some proposal topics in the agenda
... Is there any volunteer able to create a presentation about the current status of the spec?

Farshid: I am actually in vacation so I could not work a lot on this

McCool: is there any other from linksmart organization?
... let's leave this open
... is 40 minutes enough?

Farshid: I think we need more

McCool: let's break it down a little bit
... so now in total we have about 2 and half hours
... by the way it is a full day

<kaz> WoT vF2F dates: Oct 5. 7, 20, 21, 22

McCool: I put Farshid as the session leader

Andrea: I can help with the semantic section
... I can actually do also syntactic

Cristiano: I can help also

McCool: Ok I'll add your name at the top level
... I think the Introductions section can be just a walktrough to each mechanisms.
... Lagally made a nice uml sequence diagram that can help in the introduction section
... we can also put them in the specs
... I'll provide them
... we just need to focus on the discovery part of architecture lifecycle

<kaz> Lagally's lifecycle diagram 1

<kaz> Lagally's lifecycle diagram 2

Directory security requirements

McCool: what do we need for directory security?
... OAuth is an option
... we have that in the current specification document
... should we bind each TD in a directory to a particular user or owner?

Farshid: I think there is a note in document about this

McCool: I think that we should not tell to a directory the information about the owner.

Kaz: How can we define end-to-end security for discovery?

McCool: right, I think we should address this. Is there any cases where we need object security for metadata?
... we have https, but it can leak information in proxies.
... we are discussing about this in the security task force. We currently do not have completely addressed how to implement this
... there is one more thing. kaz, do you know if the new decentralized web charter address also local https ?

Kaz: not sure

<inserted> proposed Decentralized Web IG Charter

Kaz: there might be some standards (FIDO or Web-Auth) but we have to look at them in the detail

McCool: DID might help here; they handle certificates differently than https
... we probably should add the local interaction as a requirement for security in TDD document
... about user identities are we ok with using just OAuth?

Farshid: it is a good start

McCool: ok let's validate OAuth

Pull Requests

<inserted> PR 61

McCool: ok merge #61 it is pretty straightforward.
... How do you define a partial TD?

Farshid: it is a TD that does not have all the required fields of a TD

<inserted> PR 60

McCool: PR #60.
... we discussed last time and it seems that Toumura-san updated the PR with our feedback
... there is also a nice sequence diagram
... section 6-1 needs more text
... anyway I think it is ok, we can improve it later
... merged
... I'd add a comment metioning that metadata is not supposed to be provided in urls

<inserted> PR 68

McCool: PR 68 is good, merging

<inserted> PR 47

Andrea: I followed your feedback in PR 47

McCool: there are some conflicts now
... could you fix them ?
... Please Farshid and Cristiano can you review it?
... ok we'll merge this the next week

<kaz> proposed Decentralized Web IG Charter

Kaz: one final comment, the DW IG charter is just a template at the moment

McCool: ok thanks everybody for today

<kaz> [adjourned]

Summary of Action Items

Summary of Resolutions

[End of minutes]

Minutes manually created (not a transcript), formatted by David Booth's scribe.perl version (CVS log)
$Date: 2020/09/21 14:35:36 $