Meeting minutes
Minutes
<dape> minutes 19 april, see
Daniel: the call after the vF2F
… (goes through the minutes)
… we'll postpone the publication
… topics related to discovery
… issues related to TD, discovery and security
… requirements on the (possible) management api
… any objections?
(none; approved)
<dape> minutes 26 April 2021,
Daniel: joint discussion with the Security TF
… we need some kind of management api to handle security
… any objections?
(none; approved)
Joint calls
Security
Issue 315 - Security TaskForce related issues
Cristiano: well summarized
Daniel: any other comments? fine?
Zoltan: need to create some deliverable on runtime
… different from the script api itself
Kaz: implementation guideline, you mean?
Zoltan: a bit different
Daniel: we could have some kind of management api. right?
Zoltan: might need a different mode
… what is defined by the current Scripting API is definition for client APIs
Kaz: in that case, a separate document on the possible management API?
Zoltan: a document about runtime of Scripting API
Kaz: not really sure about the difference between an "implementation guideline" and a "runtime document"
… but if we're ok with generating an informative WG Note about that, that's possible
… if we want to generate a separate group Note about some topics, we should summarize what to be described by that document and bring the idea to the main call to get a group resolution
Zoltan: ok
Daniel: ok
… but still not really sure about what to be done there
… would like to get consensus within this Scripting API first
Cristiano: don't have any strong opinion at the moment.
… different information could be included under one specific repository
Daniel: how to proceed?
Kaz: we should clarify what we want to document first :)
<zkis> https://
Zoltan: we can skim the issues listed here (=within the issue 315)
(issue 299 and 298 are included in issue 315)
Issue 299 - Chose a particular security schema for an ExposedThing
Daniel: we need to be careful about the API names
Zoltan: we can control the device remotely
Daniel: there is an MD file about our basic ideas
Zoltan: we should split the manager API topic from the Scripting API itself
… so we should move the content of "script-manger" area to another repository
script-manager area under wot-scripting-api repo
Zoltan: we need a separate namespace from the consumer discovery
… it requires a different level of permission
Daniel: the developer should have method to control it
… even though that is not the case with the node-wot implementation at the moment
Kaz: sorry but I still don't really understand your expectations...
… so would suggest you both clarify your expected features, phases, APIs, etc., first
… and then we can think about how to deal with those points by what kind of documents
Cristiano: exposedThing is almost a system-level API
… for system-level implementations, what is needed to be implemented?
Cristiano's comment on Issue 299
Daniel: this happens for exposedThing
Zoltan: we can take this forward but what security portion to be implemented?
… exposedThing has to be created
… and what to be provided by the runtime?
Cristiano: currently we don't do any validations
Zoltan: cat it include any kind of security specifications?
… wondering about what would be a better API definition
Daniel: we have a "wot" namespace already
… but what would be included in the runtime?
Zoltan: wot.runtime should have a different permission from wot.consume
… 3 different levels for consume, discover and expose
Cristiano: maybe we need those three levels
Daniel: wonder how to differentiate them
Zoltan: we can create a new runtime object for WoT
… but with a different permission level
… we have consume, expose and discover
… and what else?
… we can continue the discussion
Kaz: those three are rather different phases. right?
Zoltan: we use "phase" for provisioning, etc.
Kaz: in that case, maybe three different modes
Zoltan: need to continue the discussion
Discovery
Daniel: will we have a joint discussion with the Discovery TF today?
<cris> wot-thing-description Issue 1097 - Provide Typescript types definitions for Thing Descriptions
Zoltan: can be checked with McCool during the Security call
TD
Daniel: some description on the wot-scripting-api repo
[adjourned]