WoT Security

16 Nov 2020



Kaz_Ashimura, Michael_McCool, Oliver_Pfaff, Jack_Dickinson, Tomoaki_Mizushima


Prev minutes


McCool: (goes through the minutes)
... any objections to publish the minutes?



Quick updates?


Issues on security for Discovery

<inserted> wot-security issues

McCool: anything we can close?
... maybe one missing thing on security for discovery
... cross-over issue with discovery
... unsecure directory service would be bad
... (goes through the issues from wot-discovery too)

wot-discovery issues

McCool: creates a new issue on security for directory

wot-discovery issue 96: Should security be mandatory on directories?

McCool: if mandatory, what scheme?
... what security is appropriate for what contexts?

wot-security issue 196: Consider security issues in Discovery

Issue 192 on lifecycle in Architectuere

Issue 192

McCool: was there any discussion on lifecycle during the Architecture call last week?

Kaz: no
... we just talked about the FPWD publication, recent use cases, etc.

McCool: there is still PR ongoing
... we should leave this open until the lifecycle is finalized
... the PR 539 has been merged, though

PR 539 merged on Oct 7

McCool: Oliver has agreed to review the current status and provide input on whether any additional updates are needed from a security perspective
... (assigns Oliver to Issue 192)

<McCool> https://github.com/w3c/wot-security/issues/192

Issue 191

Issue 191

McCool: this is an opensource home automation assistant tool
... would ask Cristiano himself to this issue
... to collect information
... (adds comments on possible questions)
... I'll take Issue 189 on ThingSpeak

Issue 189

McCool: Oliver to review Issue 187

Issue 187

McCool: do we have a right stuff for home assistants?
... (adds "Hubs" label to issues on home assistants)

Issue 191

Issue 189

Issue 188

<McCool> Issue 187

Issue 180

topic Issue 66 on Role of Platforms in WoT

Issue 66

McCool: are "Hubs" and "Platforms" the same thing?
... perhaps not

Issue 185 on Consider how to support object security

Issue 185

McCool: any opinions?
... next steps here would be (1) to find existing systems that use object security and consider how to model them (OCF 2.x?)
... (2) to build and experiment with some prototypes in a Plugfest
... before doing #2 above
... we would have to justify the effort with use cases, etc.
... could be the case if some major ecosystem we want to integrate with WoT requires object security
... smart city use case may require it

Kaz: yeah

Issue 195 on security guidance

Issue 195

McCool: could start by defining the contexts

new comment


Summary of Action Items

Summary of Resolutions

[End of minutes]

Minutes formatted by David Booth's scribe.perl version 1.152 (CVS log)
$Date: 2020/11/17 07:00:10 $