Meeting minutes
Minutes
<kaz> July-11
Minutes from last meeting: slight corrections, approved
PR 376
PR 376: Add missing tdd-things-update-contenttype to manual.csv
New assertion included: merged
Testing
<kaz> 2022-July Testfest
Links in wot-testing/events/2022.07.Online corrected appropriately
Testing next week: check schedule
& participation - Discovery call will be cancelled - logistics
in
https://
manual.csv and test tool should be up-to-date, however assertions related to event filtering might fail
Event Filtering assertion should be fixed
<kaz> 3-wd draft: 7.3.2.2 Events API
Farshid: What if Event type is missing?: need clarifications
mmc asks farshid to open an issue / PR
<McCool_> Farshid will reword following assertion to make it clearer that it is conditional: "The server MUST support event filtering based on the event type given by the client upon subscription."
McCool: Implementations should be updated and both manual as well as auto assertion tests should be run
<McCool_>
https://
McCool: Currently ahead of schedule wrt. CR transition, no severe feedback gotten yet (especially wrt. security)
Farshid: Will create
new implementation report directory and update https://
Use links whenever possible (manual.csv and template.csv)
Publication preparation
<kaz> Pubrules checker
McCool: which Patent Policy to be used?
Kaz: For today, we should use the old one, and should switch to new Patent Policy after getting the W3M approval for the new (extended) WG Charter.
McCool: farshid should fix affiliation / hyperlink related to it
Links to "Hydra" are reported broken by the checker, even though they are not
<kaz> kaz: In that case
In that case, maybe that's caused by some additional tooling mechanism, so please don't worry.
<glomb> kaz: Not considered an issue ...
TAG Review feedback
<glomb> TAG Issue 736: Web of Things (WoT) Architecture 1.1
<glomb> Testable statements for Security and Privacy needed
<glomb> mmc: E.g. "Denial of Service" - should be more precise
<McCool_> follow assertion might be considered a statement of policy: "If Things cannot be individually secured with transport security and authentication and authorization, a separate network SHOULD be set up, i.e. with an alternative SSID, and used only for IoT devices. "
Kaz: ideally, we should describe within each feature description what is the expected behavior of each implementation of the WoT Discovery specification's feature based on the requirements, e.g., the mitigation description.
McCool: Could have a separate section about "mitigation" or "downgrade to informative statements"
McCool: ... and mark them as proposals
McCool: However, security reviewers asked us to make normative statements
McCool: But cannot make it an assertion if not test-able
<kaz> [adjourned]