W3C

– DRAFT –
Automotive Working Group Teleconference

12 January 2021

Attendees

Present
Adnan, Daniel, Gunnar, Isaac, Magnus, MagnusG, Peter, Rudi, Ted, Ulf
Regrets
-
Chair
Peter
Scribe
ted

Meeting minutes

Peter: looking for status updates on VISS, Charter, etc

Ted: I need to bring v1 to Director for review for Proposed Rec but charter privacy topic has given me pause as we lack ACLs even in v1
… summarizes conversation with Wendy and Sam, next step

Peter agrees more a best practices topics

MagnusF: is the bar is too high, the OEMs will simply walk away
… OEM usually owns both ends of data at present, Massachusetts referendum aside
… it is also a legal issue
… like you (Ted) am a privacy pundit but that is personal opinion. idealistic and reality can clash
… I can perhaps have an informal discussion with Toyota legal

Ted: nearby on privacy topic is NSF CCRI proposal I'm working on with U Memphis and SRI, essentially our graph project https://www.w3.org/auto/wg/wiki/Vss_data with tighter controls for researchers. discussing privacy concerns with various stakeholders that are part of our outreach

Proxy reencyption

Isaac: proxy reencryption allows you start with a public key in the vehicle, all information leaving car would be encrypted with it
… later on you can decide who can decrypt without having to change anything on the car

MagnusF: proxy owns the private key?

Isaac: the private key that corresponds to the public one in the car, owner, fleet etc has it and can use proxy to reencrypt for third parties

MagnusF: today we have keys in a keystore that hits an edge server which is owned by the OEMs themselves
… data is typically scrubbed of personal information before reencrypted, sold and shared
… how is this different?

Isaac: the data manager, OEM in this case, can access the data in the clear
… this is encrypted end to end, including to third parties

Rudi: I have two concerns, first is PKI infrastructure and second is asymetric keys and compute intense
… large amount of data would consume too much resources. would prefer symmetric keys created on originating device
… server only has to modify reentitlement
… I don't consider data streams any different from media streams

Isaac: proxy would be same way

Ted: more on the 25th, wanted to provoke thought and attendence on that call. we often hear every byte counts so need to be mindful of that and would like to see something that can be selective in what it can reencrpyt based on sticky policy but maybe not doable on encrypted data in cloud

Isaac: you can stack data and use parameters and there are multiple proxy encryption schemes
… I wouldn't be too concerned about performance. we can figure out which scheme applies to requirements, what we want to do

Gunnar: very interesting and still reading up on how the proxy doesn't know about private key

Isaac: I'll send some good samples plus challenges
… some schemes are succeptible to collaborative attacks (eg data consumer and proxy)
… you should also have a separate key pair to authenticate the individuals

VSSo kickoff

Ted: the Auto Ontology CG is rebooting to address additional use cases and needs for vehicle data
… the timing is perfect as VSSo, the ontology for vehicle telematics signals received end of last year as a Member Submission
… VSSo uses the core vehicle ontology the CG created, and work for that is also kicking off
… we will be starting in the Auto BG for now, this work is in draft Auto WG recharter

W3C Auto Ontology CG

Auto Ontology coordination page

VSSo Member Submission

Automotive Core ontology

VSSo repo

Daniel: VSSo was based on VSS1, there were a few issues that came up and influenced refactoring on branches and positioning for example and now part of VSS2
… we can now start on ontology again. we have a chance to automate the process in order to keep VSSo in sync with VSS
… we have a proposal and repo
… if interested please join the call
… we submitted a paper to IEEE which sums up our thinking and can send to member-automotive@w3.org but please don't distribute it

Minutes manually created (not a transcript), formatted by scribe.perl version 127 (Wed Dec 30 17:39:58 2020 UTC).

Diagnostics

Succeeded: s/second/second is asymetric keys and /

Succeeded: s/@@bandwidth acls on encrypted?/thought and attendence on that call. we often hear every byte counts so need to be mindful of that and would like to see something that can be selective in what it can reencrpyt based on sticky policy but maybe not doable on encrypted data in cloud/

Succeeded: s/NSF CCRI @@/nearby on privacy topic is NSF CCRI proposal I'm working on with U Memphis and SRI, essentially our graph project https://www.w3.org/auto/wg/wiki/Vss_data with tighter controls for researchers. discussing privacy concerns with various stakeholders that are part of our outreach/

No scribenick or scribe found. Guessed: ted

Maybe present: MagnusF