14:01:30 RRSAgent has joined #wot-discovery 14:01:30 logging to https://www.w3.org/2021/04/12-wot-discovery-irc 14:02:16 ktoumura has joined #wot-discovery 14:03:27 https://www.w3.org/2021/03/08-wot-discovery-minutes.html 14:03:34 https://www.w3.org/2021/03/29-wot-discovery-minutes.html 14:03:49 meeting: WoT Discovery 14:04:18 present+ Kaz_Ashimura, Michael_McCool, Christian_Glomb, Farshid_Tavakolizadeh, Kunihiko_Toumura 14:05:06 MIzushima has joined #wot-discovery 14:05:26 Agenda: https://www.w3.org/WoT/IG/wiki/WG_WoT_Discovery_WebConf#12_April_2021 14:05:43 cris_ has joined #wot-discovery 14:07:10 present+ Tomoaki_Mizushima 14:07:53 scribenick: kaz 14:07:59 topic: Prev minutes 14:08:21 -> https://www.w3.org/2021/03/08-wot-discovery-minutes.html March-8 14:08:26 acimmino has joined #wot-discovery 14:08:36 mm: (goes through the minutes) 14:09:01 present+ Jack_Dickinson 14:09:06 zakim, who is on the call? 14:09:06 Present: Kaz_Ashimura, Michael_McCool, Christian_Glomb, Farshid_Tavakolizadeh, Kunihiko_Toumura, Tomoaki_Mizushima, Jack_Dickinson 14:09:18 FarshidT has joined #wot-discovery 14:09:27 present+ Andrea_Cimmino 14:09:49 -> https://www.w3.org/2021/03/29-wot-discovery-minutes.html March-29 14:09:59 i/29/(approved) 14:10:35 mm: we got a resolution about PR 145, and are waiting for the PR 14:10:37 ft: yes 14:10:51 s/the PR/an additional PR/ 14:12:54 mm: should add speaker's name for Cristiano's comment 14:12:57 kaz: will do 14:13:21 topic: Quick updates 14:13:38 subtopic: wot-security issue 196 14:13:54 -> https://github.com/w3c/wot-security/issues/196 wot-security issue 196 - Update security and privacy considerations in Discovery 14:14:01 mm: we had discussion about that 14:14:49 ... Maybe add note about use of object security in unencrypted networks, e.g. .local domains that can't use normal TLS? 14:14:56 ... need to talk with Ben about that point 14:15:13 ... planning to do some more work on this issue 14:15:22 ... also validation 14:16:06 s/... also validation// 14:16:13 subtopic: Canonicalization 14:16:30 -> https://github.com/w3c/wot-thing-description/pull/1086 wot-thing-description PR 1086 - Add section to define Canonical serialization 14:16:37 mm: also validation 14:17:17 -> https://github.com/w3c/wot-thing-description/pull/1085 wot-thing-description PR 1085 - WIP: Add Validation Section 14:17:25 mm: regarding the canonicalization 14:17:34 ... need discussion during the TD call on Wed 14:18:23 ... (shows Farshid's comment 3 days ago) 14:18:28 -> https://github.com/w3c/wot-thing-description/pull/1086#pullrequestreview-632217058 Farshid's comments 14:18:56 mm: we could leave this out 14:19:06 ... any more to track down? 14:19:35 -> https://github.com/w3c/wot-thing-description/pull/1086#discussion_r610486386 Farshid's 2nd comment 14:19:51 mm: what about the default? 14:20:06 ... the problem is we don't have information about the original user's assignment 14:20:33 ft: can understand it 14:20:40 ... but do we mandate it? 14:20:52 mm: (adds comments) 14:21:15 ft: people should be aware any kind of defaults will be removed 14:21:55 mm: yeah 14:22:14 ... The problem is that when you pull things into a database, you will fill in all the default values. Later you don't know whether a value was assigned during import or by the originator. Would only apply to defaults defined in the TD spec, not in extensions. 14:22:34 ... (also adds another comment) 14:23:08 i|also|-> https://github.com/w3c/wot-thing-description/pull/1086#discussion_r611673680 McCool's comment| 14:23:17 s/.../mm:/ 14:23:34 mm: do we need to have a special filter to get a canonical form? 14:24:14 ... concerned it's expensive to implement it 14:25:06 ... also if the signature is broken, the canonicalization will be also broken 14:25:44 mm: and then next, validation 14:26:14 -> https://github.com/w3c/wot-thing-description/pull/1085 wot-thing-description PR 1085 - WIP: Add Validation Section 14:26:42 i/and then/subtopic: PR 1085/ 14:27:02 rrsagent, make log public 14:27:07 rrsagent, draft minutes 14:27:07 I have made the request to generate https://www.w3.org/2021/04/12-wot-discovery-minutes.html kaz 14:27:30 mm: we have outstanding points with validation for directories 14:28:12 ... any other quick updates? 14:28:55 (none) 14:29:07 mm: regarding canonicalization... 14:29:15 ... (adds some more notes to the agenda wiki) 14:29:28 [[ 14:29:29 Pending, items to discuss 14:29:29 Plan B: store original string in directories still an option/safe fallback 14:29:30 ]] 14:30:02 mm: planning to do Call for Review today 14:30:15 ft: thought you sent a request 2 weeks ago 14:34:01 -> https://lists.w3.org/Archives/Member/member-wot-wg/2021Mar/0058.html message on editorial updates from McCool (Member-only) 14:34:25 kaz: to be strict, that message is not a call for consensus for publication 14:35:17 mm: still need to wrap-up 14:36:21 i/planning/topic: Publication preparation/ 14:36:33 -> https://github.com/w3c/wot-discovery/pull/151 PR 151 - HTML formatting and editorial notes 14:36:44 mm: (goes through the PR 151) 14:36:57 ft: I've added notes 14:38:32 -> https://pr-preview.s3.amazonaws.com/w3c/wot-discovery/151/e3ca84b...farshidtz:f68f63b.html HTML diff 14:39:40 mm: (creates a branch, wd-update-candidate, for the next publication) 14:40:02 -> https://github.com/w3c/wot-discovery/tree/wd-update-candidate wd-update-candidate branch 14:41:14 mm: the question is it would take two more weeks to get resolution for publication :( 14:41:42 kaz: if the final changes are just editorial, we can note that and ask the whole group for quick review, e.g., within one week 14:46:07 mm: (generates a request message and send it to the group) 14:46:51 topic: Issue 149 14:46:59 -> https://github.com/w3c/wot-discovery/issues/149 Issue 149 - Anonymous TDs in a directory 14:47:10 ft: (explains his generated issue) 14:47:42 mm: directory stores legal TD. right? 14:48:16 ft: potential privacy issue there 14:48:26 mm: (adds a comment) 14:48:52 ... possibly some auto-generated ID which is used only within the Directory service 14:49:02 s/some/we can use some/ 14:50:01 ft: thought we already had some discussion 14:50:04 mm: right 14:50:23 ft: where to put the ID? 14:50:32 ... not associated with the TD itself? 14:50:54 mm: technically, we could use some key separately from the TD itself 14:52:50 q+ 14:53:26 mt: would like to see the comments on the issue a bit more 14:53:54 ... how to solve the problem if there is no ID available? 14:54:59 s/mt:/ft:/ 14:55:08 ... can we improve the algorithm? 14:55:26 s/algorithm/signing algorithm/ 14:56:32 mm: I'm ok with generating a tentative ID and put it into the metadata part of the TD 14:57:13 ... we can have a chaining mechanism to handle that 14:58:50 kaz: do we have consensus to have an auto-generated ID, e.g., generated by the Directory, for the system-wide purposes? 14:59:00 mm: ok to use some local ID 14:59:20 ... e.g., could be a rotated ID 15:00:16 ... another question is if the local ID should be generated based on the original ID 15:00:38 ... but should be discussed separately 15:01:34 ... when we specify signing, we can include a "chaining" label to make sure this additional data does not break the signature 15:01:51 ... (then records our consensus from the call) 15:02:03 ... consensus: 15:02:17 ... 1. directory assigns a local ID to all TDs 15:02:38 ... 2. this ID can be (optionally) embedded in an enriched TD just like other metadata 15:03:08 ... 3. API needs to allow for looking up TDs by local ID (in a URL) 15:03:27 ... 4. signatures need to support chaining mechanism that omits enriched metadata 15:04:21 ft: maybe we should call it "proposal" at the moment given Victor is not here 15:04:32 mm: (changes "consensus" to "proposal") 15:05:52 [adjourned] 15:05:57 rrsagent, draft minutes 15:05:57 I have made the request to generate https://www.w3.org/2021/04/12-wot-discovery-minutes.html kaz 17:37:22 Zakim has left #wot-discovery