12:06:01 <RRSAgent> RRSAgent has joined #wot-sec
12:06:01 <RRSAgent> logging to https://www.w3.org/2021/05/31-wot-sec-irc
12:06:05 <kaz> meeting: WoT Security
12:06:29 <kaz> present+ Kaz_Ashimura, Michael_McCool, Elena_Reshetova, Oliver_Pfaff, Philipp_Blum, Tomoaki_Mizushima
12:07:27 <elena> elena has joined #wot-sec
12:07:42 <elena> topic 1: meeting minutes
12:07:44 <kaz> scribenick: elena
12:07:50 <kaz> s/topic 1:/topic:/
12:09:41 <elena> https://www.w3.org/2021/05/24-wot-sec-minutes.html
12:14:40 <elena> McCool makes a summary of things discussed during the last meeting
12:14:58 <elena> McCool: any objections to publishing the minutes?
12:15:07 <elena> no objections, minutes accepted
12:15:13 <kaz> present+ Oliver_Pfaff, Tomoaki_Mizushima, Zoltan_Kis
12:15:45 <elena> topic: Fixing wot security best practices doc
12:16:33 <elena> McCool: we have a number of issues that needs fixing - can see in github issues. I have voluntered for some issues, others need more volunteers
12:17:47 <kaz> -> https://github.com/w3c/wot-security-best-practices/issues/14 wot-security-best-practices Issue 14 - TD Signatures and Object Security
12:18:43 <elena> McCool will do an initial cleanup for this issue and then Oliver can continue in July
12:19:46 <elena> issue: Update secure transport section https://github.com/w3c/wot-security-best-practices/issues/13
12:21:15 <elena> McCool is explaining the issue based on comments
12:22:44 <elena> McCool: if someone volunteers to help with this would be great or be a reviewer
12:23:42 <elena> Philipp can probably help with secure transport issue
12:24:04 <elena> McCool: if you can try to do a first draft for this
12:24:29 <elena> Philipp agrees to try
12:25:19 <elena> topic: PR for TD signatures
12:25:50 <elena> McCool: we need to have a proper security review for this one
12:26:24 <McCool> https://github.com/w3c/wot-thing-description/pull/1151
12:26:25 <elena> https://github.com/w3c/wot-thing-description/pull/1151
12:26:50 <kaz> s|https://github.com/w3c/wot-thing-description/pull/1151||
12:27:02 <elena> McCool: I did a first draft for this
12:27:36 <elena> McCool marking in the comments the parts that have been addressed via PR
12:31:49 <elena> McCool: I picked enveloped signature type because it is local to this document that it covers, it is also optional.
12:38:59 <elena> McCool: need to understand how to do canonicalization and name references
12:42:23 <zkis> present- Zoltan_Kis
12:43:02 <kaz> rrsagent, make log public
12:43:06 <kaz> rrsagent, draft minutes
12:43:06 <RRSAgent> I have made the request to generate https://www.w3.org/2021/05/31-wot-sec-minutes.html kaz
12:50:08 <elena> discussing the signature crypto algorithms
12:50:49 <elena> elena was proposing to include stronger cryptography options and making them defaults
12:51:19 <elena> Oliver was saying that there is no interest in the 384 versions, it is either 256-based on 512
12:51:46 <elena> at the end having a catalog of options and choices should be the best
12:56:02 <elena> McCool: does it make a difference to have hash and signature algorithm separately?
12:56:32 <elena> elena: usually they are used together as a pair of similar security strength algorithms
13:00:49 <elena> McCool: please review this PR and raise issues
13:01:24 <elena> McCool: next meeting lets discuss F2F planning, please take a look and suggest topic
13:01:45 <kaz> [adjourned]
13:01:49 <kaz> rrsagent, draft minutes
13:01:49 <RRSAgent> I have made the request to generate https://www.w3.org/2021/05/31-wot-sec-minutes.html kaz
15:00:53 <Zakim> Zakim has left #wot-sec