13:02:07 <RRSAgent> RRSAgent has joined #wot-sec
13:02:07 <RRSAgent> logging to https://www.w3.org/2021/02/22-wot-sec-irc
13:02:15 <kaz> Meeting: WoT Security
13:02:20 <kaz> regrets: Oliver
13:02:35 <kaz> present+ Kaz_Ashimura, Michael_McCool, Elena_Reshetova
13:02:39 <citrullin> citrullin has joined #wot-sec
13:02:41 <McCool> McCool has joined #wot-sec
13:02:42 <kaz> chair: McCool
13:02:45 <elena> elena has joined #wot-sec
13:05:23 <kaz> present+ Cristiano_Aguzzi, Philipp_Blum
13:06:47 <kaz> present+ Tomoaki_Mizushima
13:06:52 <kaz> Agenda: https://www.w3.org/WoT/IG/wiki/IG_Security_WebConf#22_February_2021
13:07:21 <kaz> scribenick: citrullin
13:07:43 <citrullin> mc: Checking minutes from last time.
13:08:32 <kaz> i|Checking|-> https://www.w3.org/2021/02/15-wot-sec-minutes.html Feb-15|
13:09:32 <citrullin> Philipp: Doesn't make it sense to have the discussion about MCUs etc. in Architecture.
13:09:44 <citrullin> mc: Yes, that is part of it.
13:10:18 <citrullin> Any objections for the minutes?
13:10:21 <citrullin> No objections
13:10:46 <citrullin> mc: Any quick updates?
13:10:48 <citrullin> None
13:11:04 <McCool> https://github.com/w3c/wot-thing-description/pull/1058
13:11:19 <citrullin> topic: Add Json pointer assertion
13:12:55 <kaz> -> https://github.com/w3c/wot-thing-description/pull/1058 wot-thing-description PR 1058 - Add JSON pointer assertion to definition of body sec location
13:13:49 <kaz> -> https://pr-preview.s3.amazonaws.com/mmccool/wot-thing-description/pull/1058.html#securityscheme 5.3.3.1 SecurityScheme
13:16:54 <citrullin> mc: Any comments?
13:16:56 <citrullin> chris: This is a good solution.
13:18:00 <citrullin> chris: Can you add "type": "object"?
13:18:08 <citrullin> mc adds it to the PR
13:18:56 <citrullin> mc: Any other comments?
13:19:40 <citrullin> chris: It should be a common practice to use the same place for the key.
13:20:03 <citrullin> mc: I thought about that. It is a 10% case.
13:20:10 <kaz> s/chris:/cris:/g
13:21:53 <citrullin> mc: We have to leave it the way it is for backwards compatibility.
13:25:19 <citrullin> topic: Proofs and Proofs of Chains
13:25:38 <citrullin> mc: Next big topic for us is probably Proofs and Proofs of Chains.
13:26:39 <citrullin> Philipp: I added a PR for this topic. The security hardware.
13:28:09 <kaz> -> https://github.com/w3c/wot-security/issues/166 Issue 166
13:29:15 <kaz> -> https://github.com/w3c/wot-security/pull/199 PR 199
13:29:42 <kaz> s/PR 199/PR 199 - Add crypto hardware survey in /background/
13:30:21 <citrullin> Philipp: Should I add a link to references in the Readme or in the table?
13:30:33 <citrullin> mc: Should be enough to add it in the Readme.
13:31:39 <citrullin> mc adds some comments in the PR.
13:33:02 <kaz> s/Issue 166/Issue 166 - Add integrity protection (proof section) to TDs/
13:36:53 <citrullin> mc: I am going replicate the ld-proofs community proposal and add a list of crypto functions available for it.
13:37:11 <citrullin> ld proofs -> https://w3c-ccg.github.io/ld-proofs/#linked-data-signatures
13:38:21 <citrullin> mc: YANG defined names for the crypto functions. It would be reasonable to use it.
13:38:25 <citrullin> YANG -> https://tools.ietf.org/html/draft-ietf-netconf-crypto-types-12
13:39:20 <kaz> rrsagent, make log public
13:39:30 <kaz> rrsagent, draft minutes
13:39:30 <RRSAgent> I have made the request to generate https://www.w3.org/2021/02/22-wot-sec-minutes.html kaz
13:40:09 <citrullin> mc adds comment to 166 -> https://github.com/w3c/wot-security/issues/166
13:45:12 <citrullin> mc: Anyone else having comments about signing?
13:45:17 <citrullin> No responses
13:45:21 <kaz> rrsagent, draft minutes
13:45:21 <RRSAgent> I have made the request to generate https://www.w3.org/2021/02/22-wot-sec-minutes.html kaz
13:45:37 <kaz> rrsagent, draft minutes
13:45:37 <RRSAgent> I have made the request to generate https://www.w3.org/2021/02/22-wot-sec-minutes.html kaz
13:48:16 <citrullin> topic: Consider security issues in Discovery
13:48:31 <citrullin> Consider security issues in Discovery -> https://github.com/w3c/wot-security/issues/196
13:52:14 <kaz> i/topic: Consider/topic: Issue 196 - Consider/
13:52:28 <citrullin> mc is going through the PR he created
13:53:21 <citrullin> Security and Privacy Considerations -> https://github.com/w3c/wot-discovery/pull/113
13:53:34 <kaz> rrsagent, draft minutes
13:53:34 <RRSAgent> I have made the request to generate https://www.w3.org/2021/02/22-wot-sec-minutes.html kaz
13:54:38 <kaz> -> ool/wot-discovery/pull/113.html#security-considerations 7. Security and Privacy Considerations from the preview of the above PR 113
13:55:58 <citrullin> mc: I think this is a work in progress.
13:56:20 <McCool> https://github.com/w3c/wot-discovery/pull/113
13:56:29 <citrullin> mc: Any comments?
13:58:18 <citrullin> No comments. mac adds some thoughts as a comment he had while going through it.
14:00:48 <citrullin> mc: Any other topics?
14:00:54 <citrullin> No answers
14:01:14 <kaz> [adjourned]
14:01:18 <kaz> rrsagent, draft minutes
14:01:18 <RRSAgent> I have made the request to generate https://www.w3.org/2021/02/22-wot-sec-minutes.html kaz
14:44:53 <zkis2> zkis2 has joined #wot-sec
15:35:23 <Zakim> Zakim has left #wot-sec