Meeting minutes
<citrullin> https://
approved
Wide reviews
TD
wot-thing-description Issue 1497 - Identifiers don't seem to rotate enough
McCool: (adds a comment)
… Both PRs #1547 and Discovery PR #353 have now been merged.
… (and asks another review by @jyasskin)
Discovery
wot-discovery Issue 303 - Personal devices and public/private TDDs
McCool: (asks @harrisonsean for another review)
Architecture
wot-architecture Issue 643 - Finding a place to put the security paragraph in the bindings chapter
McCool: security mechanism to be mentioned around binding
McCool: seems like the section has been removed
… in general, there might be security details needed for bindings
… TD 2.0 should probably have protocol-specific security schemes included with the vocab extension for the protocol binding
… but don't have time in this round for 1.1
TD
PR 1547 already merged
Discovery
PR 353 already merged
AOB
McCool: need to clarify our vacation schedule
Brainstorming for the new Charter
<McCool> wot Issue 978 - Goals and Deliverable Discussion for WoT WG 2023 Proposed Charter
Philipp: I'm interested in: bootstrapping/onboarding, IPv6, and CoAP
McCool: (adds those topics to the GitHub Issue)
… (adds clarifications to each topic)
… onboarding: defined process for provisioning keys on protected networks. may also include registration with local WoT Discovery services.
… IPv6: changing IP addresses to enhance privacy. could use ULA (Unique Local Addresses).
<Mizushima> +1 kaz
Kaz: regarding the "IPv6" topic, etc., we should be careful about our target and scope
… I think our own targets are not those technical topics themselves but thinking about potential use cases/requirements, and clarify the necessary standards for those purposes
Philipp: note that my proposal is that we should think about not only the currently deployed mechanisms but also about the future possible mechanisms
McCool: (adds further clarifications to the topics)
… CoAP and MQTT: most focus on HTTP so far, but CoAP and MQTT are more common for IoT. We need a more flexible mechanism for defining security configuration in a protocol-specific way
Kaz: that sounds interesting but would imply we need a bit different mechanism than the protocol binding?
McCool: could probably be more vocabulary-dependent
Kaz: personally would agree but still wondering about the relationship with the protocol binding and binding templates
McCool: (then makes "onboarding" to "secure transport and onboarding")
… (also adds synchronization of time and geolocation data)
… there was a proposal on "Digital Twin" as well
… Trust management
Philipp: compactness and security, e.g., related to CBOR
McCool: right
… may have to look at security tradeoffs too
… also integrity
McCool's comments about the potential topics based on today's discussion
[adjourned]