18:03:46 <RRSAgent> RRSAgent has joined #auto
18:03:46 <RRSAgent> logging to https://www.w3.org/2021/10/19-auto-irc
18:03:48 <Zakim> RRSAgent, make logs Public
18:03:49 <Zakim> Meeting: Automotive Working Group Teleconference
18:04:01 <ted> agenda+ MQTT
18:04:50 <ted> agenda+ MQTT
18:04:57 <ted> agenda+ Issues and PR
18:05:39 <ted> zakim, next agendum
18:05:39 <Zakim> agendum 1 -- MQTT -- taken up [from ted]
18:05:40 <ted> https://github.com/w3c/automotive/issues/369
18:06:37 <ted> Ulf: proposal I made earlier wasn't regular MQTT interface but an alternative that exposes the functionality of CORE spec over MQTT similar to how you can interact over WSS and HTTPS
18:07:47 <ted> … I've implemented this as well, back in February
18:08:30 <ted> … there was some pushback at having a protocol on top of MQTT and wanted to get some MQTT experts to provide more input
18:10:07 <ted> … I find value in having VISS over MQTT instead of using their more traditional route with eg broker
18:10:32 <ted> Gunnar: I think it is perfectly fine emphasizing same is being done with WS and HTTP
18:11:37 <ted> Present+ Isaac, Ulf, Peter, Gunnar, Ashish, Erik, MagnusG, Adnan
18:11:51 <ted> Isaac: this might affect the security model of MQTT
18:12:22 <ted> … with that protocol, the different points would be talking through the broker
18:14:52 <ted> …  we use long term tokens and could allow them to be used across protocols
18:15:39 <ted> Ulf: good point, wonder if that would be better as a feature for next release
18:16:09 <ted> … or as Isaac describes, we can do our own end to end encryption using the long term access control mechanism
18:17:10 <ted> Gunnar: perhaps later version indeed and based on interest of participants. with WS and HTTP we require use of TLS
18:18:05 <ted> Erik: would it be worth identifying use cases where we are fine without encryption?
18:19:03 <ted> Ulf: agree with Isaac the weak point in MQTT is the broker but one can presume it is well secured in vehicle implementations
18:19:43 <ted> Isaac: we need to emphasize importance of being sure where MQTT broker is running, maybe give a few scenarios where it would be acceptible
18:21:14 <ted> https://www.w3.org/community/autowebplatform/wiki/Best_Practices
18:21:38 <ted> Ted: suggest longer portions, eg example architecture scenarios where it is safer would belong on BP
18:22:01 <ted> Ulf: so are people alright with me proceeding with this proposal?
18:24:00 <ted> Gunnar: including making clear the risk/concern?
18:24:15 <ted> … how broker could expose data for instance
18:24:25 <ted> Ulf: alright, I'll try to write this
18:24:31 <ted> Isaac: willing to help
18:26:27 <ted> zakim, next agendum
18:26:27 <Zakim> agendum 2 -- Issues and PR -- taken up [from ted]
18:26:28 <ted> https://github.com/w3c/automotive/issues/382
18:26:53 <ted> Ulf: currently in the model we have role based system and a purpose model requiring a policy document
18:27:37 <ted> … the access token are not explicitly shown but purpose, scope is provided and policy document used to map to specific signals allowed
18:28:02 <ted> … there was some discussion about having signals in the access token itself
18:29:53 <ted> … a simpler auth flow the client has received a token out of bounds of the spec
18:31:27 <ted> … this Signal Access Control (SAC) token would include explicit signals and remove the role based part along with policy document
18:32:28 <ted> Isaac: I meant to contribute to the issue based on previous discussion but forgot
18:34:52 <ted> Ulf: Erik, I encourage you to take a look at this proposal since we did so responding to desire to make an alternative path per Sebastian's request
18:37:24 <ted> Isaac: we could perhaps keep the access token server
18:38:45 <ted> Ulf: if you could write that please
18:38:49 <ted> Isaac: noted
18:40:14 <ted> Ted: ideal would be transparent to client application which path is provided
18:40:19 <ted> s/path/auth path/
18:41:15 <ted> Isaac: there may be a couple alternatives to discuss
18:44:08 <ted> https://github.com/w3c/automotive/issues/422
18:44:42 <ted> Ulf: question is whether we can have multiple purposes in the same token
18:45:07 <ted> https://www.w3.org/2021/10/12-auto-minutes.html#t02
18:45:39 <ted> Isaac: it is difficult to handle multiple tokens within a client
18:46:42 <ted> Ulf: the access grant token contains the authorized roles. with that single token it is possible the handle multiple purposes for that specific role
18:48:49 <ted> … one scope claim is possible
18:49:45 <ted> Isaac: if requesting multiple signals across purposes would you be able to send multiple tokens?
18:50:16 <ted> Ulf: no
18:52:09 <ted> Ted: two ideas, customizable new roles for specific purposes
18:52:13 <ted> [ick]
18:52:33 <ted> … or SAC we were just talking about for alternate auth path of previous issue
18:52:38 <ted> Ulf: interesting
18:55:02 <ted> … SAC could handle tailored access
18:56:32 <ted> Isaac: it could make sense
18:56:52 <RRSAgent> I have made the request to generate https://www.w3.org/2021/10/19-auto-minutes.html ted
18:58:21 <ted> Ulf: I'll provide a comment to this issue
18:58:30 <RRSAgent> I have made the request to generate https://www.w3.org/2021/10/19-auto-minutes.html ted
18:58:50 <ted> Scribe: Ted
18:59:00 <ted> Chair: Peter, Ted
18:59:03 <RRSAgent> I have made the request to generate https://www.w3.org/2021/10/19-auto-minutes.html ted