12:05:23 <RRSAgent> RRSAgent has joined #wot-sec
12:05:23 <RRSAgent> logging to https://www.w3.org/2022/05/30-wot-sec-irc
12:05:31 <kaz> meeting: WoT Security
12:05:47 <kaz> chair: McCool
12:06:07 <kaz> present+ Kaz_Ashimura, Jan_Romann, Jiye_Park, Meyyu_Hao, Michael_McCool
12:06:40 <kaz> agenda: https://www.w3.org/WoT/IG/wiki/IG_Security_WebConf#30_May_2022
12:06:58 <McCool> McCool has joined #wot-sec
12:08:09 <kaz> scribenick: jiye
12:10:20 <kaz> topic: Minutes
12:10:24 <kaz> -> https://www.w3.org/2022/05/23-wot-sec-minutes.html May-23
12:10:27 <kaz> (approved)
12:10:48 <jiye> topic: Discovery
12:10:49 <kaz> i/app/scribenick: kaz/
12:10:55 <kaz> scribenick: jiye
12:11:29 <kaz> -> https://github.com/w3c/wot-discovery/pull/313 wot-discovery PR 313 - Security Bootstrapping
12:12:31 <jiye> mm: we got a lot of comments from farshidtz, it would be good if we can merge PR today
12:22:17 <jiye> jy: do we need to consider different protocols such as CoAP as well?
12:23:51 <jiye> mm: yes, I was think about it, but it is kinda rushed. There are two options either we have CoAP with similar contents, or we allows only HTTP
12:27:52 <jiye> mm: Discovery picture is not clear and order to explain is wrong in the picture, so I made a PR explaining better
12:31:10 <jiye> mm: in the chapter, "Security boostrapping MUST... " should we need SHOUD here?
12:31:52 <jiye> ...: if we have MUST here, when there is better mechanism, we won't be able to use it
12:32:33 <jiye> jr: if you use NOSEC here then does not imply SHOULD already?
12:35:31 <kaz> rrsagent, make log public
12:35:36 <kaz> rrsagent, draft minutes
12:35:36 <RRSAgent> I have made the request to generate https://www.w3.org/2022/05/30-wot-sec-minutes.html kaz
12:35:39 <jiye> mm: we have a sentence that if bootstrapping is not provided what happens, so SHOULD is a good idea
12:35:50 <jiye> jy: agreed
12:35:52 <jiye> jr: agreed
12:36:16 <jiye> mm: will work a bit more on this and try to merge it today
12:37:50 <jiye> jr: when is the deadline for CoAP + discovery?
12:39:47 <jiye> mm: May 5, 2022 -Normative feature freeze. At least we need to make a branch and merge after that. I would like to test it in Testfest 2, June 6-10, 2022. I know you are playing with MQTT but MQTT is not feasible option.
12:40:03 <jiye> ...: However, CoAP shouldn't be that difficult
12:40:31 <jiye> jr: I am currently working on implementing Discovery, I will try to get it it there by next week
12:45:29 <kaz> topic: Wide reviews
12:46:11 <kaz> -> https://github.com/w3c/wot-architecture/labels/security-needs-resolution wot-architecture issues labeled with "security-needs-resolution"
12:46:39 <kaz> -> https://github.com/w3c/wot-thing-description/labels/security-needs-resolution wot-thing-description issues labeled with "security-needs-resolution"
12:47:06 <kaz> -> https://github.com/w3c/wot-discovery/labels/security-needs-resolution wot-discovery issues labeled with "security-needs-resolution"
12:48:20 <McCool> https://github.com/w3c/wot-architecture/issues/770
12:51:11 <jiye> -> https://github.com/w3c/wot-thing-description/issues/1497
12:51:18 <McCool> https://github.com/w3c/wot-discovery/issues/303
12:53:22 <jiye> mm: no objection to make assertion ?
12:53:26 <jiye> jy: no objection
12:53:40 <jiye> jr: it makes sense
12:55:50 <jiye> jr: aren't we already discuss about it ?
12:56:08 <jiye> mm: yes, we discuss about the ID rotating and tracking ..etc
12:56:44 <jiye> topic: summary
12:56:56 <jiye> mm: I would like to get some feedback from people about Secure bootstrapping
12:57:55 <kaz> [adjourned]
12:58:04 <kaz> rrsagent, make log public
12:58:09 <kaz> rrsagent, draft minutes
12:58:09 <RRSAgent> I have made the request to generate https://www.w3.org/2022/05/30-wot-sec-minutes.html kaz
14:26:53 <Zakim> Zakim has left #wot-sec
17:40:36 <zkis> zkis has joined #wot-sec
21:18:36 <zkis> zkis has joined #wot-sec
21:33:36 <zkis> zkis has joined #wot-sec
21:47:36 <zkis_> zkis_ has joined #wot-sec