02 June 2021


Ege_Korkan, Kaz_Ashimura, Michael_Koster, Michael_McCool, Philipp_Blum, Tomoaki_Mizushima
Ege, mjk

Meeting minutes

minutes review

<kaz> May-26

<kaz> approved

<Ege> https://github.com/w3c/wot-thing-description/pull/1156


PR #1156

<kaz> PR 1156 - fix links, combo, date in the schema

PR #1156

Ege: subprotocol is an enum of the possible subprotocols

(reviewing problems in PR)

McCool: questions about use of "rel"

Ege: link validation is complicated due to the icon link type

Ege: it is correct

McCool: try to reduce lines where the brackets can be on one line

Koster: processors seem to always expand the brackets

McCool: (line by line review of the diff)

Mizushima: there is a problem on line 2

McCool: (fixed)

McCool: any objections to merging?

McCool: OK

McCool: review other PRs

PR #1151

<kaz> PR 1151 - WIP: TD Signatures

McCool: signatures, PR #1151

McCool: still some things yet to do

McCool: added support for XML signatures that have signatures for sub-sections of the document

McCool: it creates a digest and signs individual items in the digest

McCool: there needs to be a way to support keys in the TD
… or it could be a URL that points to the keys

McCool: there is a question of which curves to support beyond JWS
… testing could impose a practical limit on the number of curves we can support

McCool: there is an issue with including the digest as a mandatory element in TD

McCool: there could be 2-step validation, before and after

McCool: another question about expanding references
… we can't validate a TD with expanded references

McCool: we could build reference expansion into the processing
… the expanded form wouldn't be stored or validated

McCool: with PKI, the signatures aren't compared directly but decrypted and the hash compared

McCool: it introduces a dependency on signature type

Philipp: the curve selection is important; it's good to support a lot of curves, but maybe we don't need to test optional curves

McCool: we can't use a curve that we can't test, so we will need a small set

Philipp: we have the same situation in other areas, for example CBOR + JSON issue in the profiles

McCool: the testing doesn't need to include the mathematics of the curves
… we just use a library

kaz: the main consideration is 2 implementations

McCool: the TD feature we are testing is the signature wrapper

McCool: we should test the 3 reference types json pointer, json path, and xpath

Philipp: we should test the DID method

McCool: we have a general need to test URI methods

McCool: we get to a question of coverage vs. requirement

McCool: would like to merge this PR but it could be TD 2.0

McCool: any other PRs?

McCool: canonicalization wrt prefixes is still a question

McCool: any other topics?
… AOB?
… adjourn

Minutes manually created (not a transcript), formatted by scribe.perl version 136 (Thu May 27 13:50:24 2021 UTC).