IRC log of wot-sec on 2021-05-17

Timestamps are in UTC.

12:03:23 [RRSAgent]
RRSAgent has joined #wot-sec
12:03:23 [RRSAgent]
logging to
12:03:53 [kaz]
meeting: WoT Security
12:04:18 [kaz]
Chair: McCool
12:04:39 [kaz]
present+ Kaz_Ashimura, Michael_McCool, Oliver_Pfaff, Philipp_Blum
12:06:39 [Oliver]
Scribe: Oliver
12:07:30 [Mizushima]
Mizushima has joined #wot-sec
12:08:14 [zkis2]
zkis2 has joined #wot-sec
12:08:25 [Oliver]
Review meeting minutes 2021-05-10: wording change needed for TD Issue 940
12:09:25 [McCool]
for example, LDS might choose to use full URLs for JSON-LD canonical form, which would be problematic for us
12:13:07 [Oliver]
Review meeting minutes 2021-05-10: wording change needed in Signature section (attribute comment about Lagally action to OAuth)
12:13:43 [McCool]
change "Michael Lagally will look into those points" to "Regarding moving the detailed OAuth2 description and recommendations to the security best practices document, I will follow up with Michael Lagally"
12:15:39 [Oliver]
Review meeting minutes 2021-05-10: change for Signature section was reconsidered: remove the line about the above mentioned action
12:15:40 [kaz]
(will be removed in the end since it's rather confusing)
12:15:49 [kaz]
s/(will be removed in the end since it's rather confusing)//
12:16:49 [Oliver]
Review meeting minutes 2021-05-10: one more wording change needed for TD Issue 940
12:17:23 [Oliver]
Review meeting minutes 2021-05-10: minutes approved with the mentioned changes
12:18:41 [Oliver] review of this issue
12:19:09 [kaz]
i/940/topic: Issue 940/
12:19:18 [kaz]
i/https/-> https/
12:20:37 [kaz]
s/: review of this issue/ wot-thing-description issue 940 - Add optional proof section to TDs/
12:20:50 [kaz]
i/topic: Issue 940/topic: TD Issue 940/
12:24:21 [kaz]
-> McCool's comment to the strategy issue 262
12:24:58 [Oliver] W3C LDS WG adoption was considered and likely to happen
12:25:28 [kaz]
i|940|-> McCool's issue on lds-wg-charter - W3C Web of Things (WoT) WG supports the W3C LDS WG|
12:26:06 [Oliver] timeline is an issue. W3C LDS WG probably needs 2 years; TD signatures can probably not wait 2 years
12:31:02 [Oliver] discussion about ciphers. current proposal: SHA256 and ECDSA
12:32:01 [kaz]
present+ Tomoaki_Mizushima
12:33:57 [Oliver] "ECDSA" was meant in sense of the NIST curves (secp)
12:38:40 [Oliver] NIST curves enjoy broad support (SW/FW/HW) but are subject of some concerns. Not all communities are equally happy with the NIST curves
12:41:12 [Oliver]
An alternative is Curve25519 aka x25519. See for "Things that use Curve25519"
12:47:07 [Oliver] likely starting points for elliptic curves for digital signatures: NIST P-256 and x25519
12:50:41 [Oliver] Use case questionaire status review
12:52:26 [zkis2]
zkis2 has joined #wot-sec
12:52:32 [Oliver] review and comments by all particpants is invited
12:54:45 [McCool]
12:55:32 [Oliver]
WoT security best practices: discussed a PR "Move OAuth2 flows from Use Cases to Best Practices"
12:59:17 [Oliver]
A merger shall be made to cover this PR
13:01:16 [McCool]
13:01:27 [Oliver]
Meeting closed
13:01:43 [kaz]
rrsagent, make log public
13:01:47 [kaz]
rrsagent, draft minutes
13:01:47 [RRSAgent]
I have made the request to generate kaz
14:18:33 [kaz]
kaz has joined #wot-sec
14:55:59 [zkis3]
zkis3 has joined #wot-sec
14:59:38 [Zakim]
Zakim has left #wot-sec
15:00:06 [zkis3]
zkis3 has joined #wot-sec
15:28:40 [zkis2]
zkis2 has joined #wot-sec