Meeting minutes
Issues and PRs
Ulf: [showing PR #431]
Ulf: the vehicle public key can be a unique identifier
… if not you need to check the VIN
Erik: it was a clarification. I'm fine with it
RESOLUTION: PR #431 can be merged
Ulf: there are issues that could be closed after some merged PRs
… Issue 382 was discussed, I believe I can write a PR
… We have not discussed #430
Erik: there have been different opinions on where the AGT and AT servers can be found
Ulf: there's a proposal for the protocols, default for HTTPS and MQTTS
… the others relying on https could use x443
Erik: do we assume that the AGT and AT will be in the same place?
Ulf: the AGT and AT typically in the cloud, the vehicle server is in the vehicle itself
… how the address is obtained seems out of scope
… it is deployment information
Peter: as an OEM I want to know how to obtain this
… and want to control the domain name
Ulf: Of course
Peter: I mean the AGT and AT will be fragmented all over the place if we let OEMs decide
… is there a security issue with that?
Ulf: I assume each OEM has its own AGT and AT
Peter: you need a way to know where the VISS server is
Ulf: I assume the client gets it from the OEM
… could we specify a protocol to get this information?
… there's a chicken and egg problem then
… getting the domain name for AGT/AT is not different from getting the VISS server IP
Peter: OEM may need a standard way of doing it
Ulf: we can revisit
Ulf: the format for the Access Token is normative, but the rest of the section is not
… we could write in a similar way so configuration can be specified differently
… I think we can start writing a PR
VSSo
[informal discussion on where to get the discusion next]