Meeting minutes
Minutes
McCool: minutes looks OK
Kaz: will just fix the style (because we forgot to specify the scribenick for citrullin)
Signatures
wot-thing-description PR 1151 - WIP: TD Signatures
McCool: (describes the summary)
… discussion on the relationship with XML Signature
McCool: would like to summarize the points maybe using a table
… a concern is what IETF is doing recently
… don't know people think what kind of strategy
Oliver: good summary
… 3 actions to do here
… 1. work on description
… 2. need for interoperable implementations
… 3. clarifying IETF's approach
… there is a gap in JWS
… Plugfest could be used to check the interoperability
… and we could give some suggestion to IETF
McCool: one possible thing
… signature as an experimental extension
… then later on, could change it based on IETF's work
Oliver: IETF JOSE is a closed WG but COSE WG is still open
… it's working on CBOR, though
McCool: COSE is mandate for CBOR
… not necessarily correct for JOSE
… my feeling is we need much modularity
… if we did it as an extension, push off the feature till the next spec
… we could write a context file which use it
… recommend some method to handle the signature
… not MUST but simply recommend
… and for the next Charter we'll make commitment
Oliver: people would like to focus on the signature part
… regardless of the TD part
Philipp: make sense to describe that within the Security Best Practices document?
McCool: would make sense
Kaz: would agree with that direction for this Charter period
McCool: ok
… (describes updated actions)
… extract the current spec for signatures and put it in a separate document
Kaz: where to put that?
McCool: maybe under my private repo?
Kaz: maybe a bit confusing
… would be better to create yet another dedicated repo for that purpose
McCool: ok
… what would be a good name?
Kaz: simply a subdirectory of wot-security, e.g., signature?
McCool: would have trouble with HTML rendering...
(some more discussion on the possible name for the repo)
Kaz: btw, we should have some more discussion with the TAG and the Security groups too
McCool: yeah, the question here is when we want to use it
fyi, XML Signature Syntax and Processing Version 2.0 REC
Kaz: think we should start with discussion with PLH and Ralph
McCool: (adds some more comments on expected actions)
… we need to collaborate with IETF too
… when is there next meeting?
McCool: IETF 112 will be held Nov 6-12
Kaz: technically, we can invite somebody from IETF to our vF2F during TPAC
McCool: yeah, we can do that too
… e.g., Carsten Bormann
… we need at least one implementation for IETF, and two if we want to make it a W3C REC
… wondering if we want to include this into our next WoT WG Charter
… not crit for TD 2.0.ical if it becomes an IETF RFC and we simply cite it
… for TD 1.x, it would be optional/experimental and invokable by using an extension vocabulary.
Issue 16
Issue 16 - Expand Acknowledgements
McCool: need to check who made contributions
… (checks the GitHub repository)
Issue 14
Issue 14 - TD Signatures, Key Management, and Object Security
<citrullin> related PR 1151 on the wot-thing-description repo
also another comment to TD PR 1151
[adjourned]