Meeting minutes
Minutes
<kaz> May-23
(approved)
Discovery
<kaz> wot-discovery PR 313 - Security Bootstrapping
McCool: we got a lot of comments from farshidtz, it would be good if we can merge PR today
Jiye: do we need to consider different protocols such as CoAP as well?
McCool: yes, I was think about it, but it is kinda rushed. There are two options either we have CoAP with similar contents, or we allows only HTTP
McCool: Discovery picture is not clear and order to explain is wrong in the picture, so I made a PR explaining better
McCool: in the chapter, "Security boostrapping MUST... " should we need SHOULD here?
… : if we have MUST here, when there is better mechanism, we won't be able to use it
Jan: if you use NOSEC here then does not imply SHOULD already?
McCool: we have a sentence that if bootstrapping is not provided what happens, so SHOULD is a good idea
Jiye: agreed
Jan: agreed
McCool: will work a bit more on this and try to merge it today
Jan: when is the deadline for CoAP + discovery?
McCool: May 5, 2022 -Normative feature freeze. At least we need to make a branch and merge after that. I would like to test it in Testfest 2, June 6-10, 2022. I know you are playing with MQTT but MQTT is not feasible option.
… : However, CoAP shouldn't be that difficult
Jan: I am currently working on implementing Discovery, I will try to get it it there by next week
Wide reviews
<kaz> wot-architecture issues labeled with "security-needs-resolution"
<kaz> wot-thing-description issues labeled with "security-needs-resolution"
<kaz> wot-discovery issues labeled with "security-needs-resolution"
<McCool> https://
https://
<McCool> https://
McCool: no objection to make assertion ?
Jiye: no objection
Jan: it makes sense
Jan: aren't we already discuss about it ?
McCool: yes, we discuss about the ID rotating and tracking ..etc
summary
McCool: I would like to get some feedback from people about Secure bootstrapping
<kaz> [adjourned]