14:07:59 RRSAgent has joined #wot-discovery 14:07:59 logging to https://www.w3.org/2022/09/26-wot-discovery-irc 14:08:27 meeting: WoT Security 14:08:57 present+ Kaz_Ashimura, Michael_McCool, Christiaon_Glomb, Farshid_Tavakolizadeh, Kunihiko_Toumura 14:09:29 acimmino has joined #wot-discovery 14:10:00 agenda: https://www.w3.org/WoT/IG/wiki/WG_WoT_Discovery_WebConf#26_September_2022 14:10:15 present+ Andrea_Cimmino 14:10:20 topic: Minutes 14:10:39 -> https://www.w3.org/2022/09/05-wot-discovery-minutes.html Sep-5 14:10:48 mm: (skims the minutes) 14:14:20 approved 14:14:23 topic: Logistics 14:14:40 mm: Discovery meeting cancelled next week due to Testfest? 14:14:48 ... any objections? 14:14:50 (none) 14:15:13 resolution: Discovery call cancelled on Oct 3 due to the Testfest 14:15:23 topic: PRs 14:15:51 subtopic: PR 411 14:16:02 -> https://github.com/w3c/wot-discovery/pull/411 PR 411 - Replace CoRE RD draft with RFC 9176 14:16:08 mm: any objections to merge this? 14:16:09 (none) 14:16:34 merged 14:17:07 subtopic: PR 412 14:17:18 -> https://github.com/w3c/wot-discovery/pull/412 PR 412 - Sept 2022 Implementation Report 14:17:28 mm: bunch of assertions added 14:17:38 ... typo fix as well 14:18:17 ... some of the assertions moved away 14:18:30 ... terminology clean up 14:18:33 s/up /up/ 14:19:24 ... did changes for at-risk features 14:19:46 ... would like to merge this 14:19:49 ... any objections? 14:19:51 (none) 14:19:59 zakim, who is on the call? 14:19:59 Present: Kaz_Ashimura, Michael_McCool, Christiaon_Glomb, Farshid_Tavakolizadeh, Kunihiko_Toumura, Andrea_Cimmino 14:20:07 present+ Tomoaki_Mizushima 14:20:09 merged 14:21:33 mm: shows the updated implementation report 14:21:34 @@@ 14:21:46 mm: Toumura-san, any results on UDP handling? 14:21:57 toumura: no, not so far 14:22:32 s|@@@|-> https://w3c.github.io/wot-discovery/testing/report.html#automated_validation_results Discovery Implementation Report - 8.1 Automated Validation Results 14:22:53 (discussion on tdd-absolute-time) 14:23:08 ft: defined by RFC 3339 14:23:28 mm: not really sure what "interpreted" here 14:23:29 [[ 14:23:37 Whenever an absolute time is expressed using dateTime it MUST be interpreted as date-time as specified in [[RFC3339]]. 14:23:38 ]] 14:23:47 mm: maybe the wording need to be fixed 14:24:09 ft: it's really implied 14:24:27 mm: it's just an editorial issue in English 14:24:33 ... let me think about that 14:24:45 ... (creates a new issue about that) 14:25:32 -> https://github.com/w3c/wot-discovery/issues/413 Issue 413 - Improve wording of tdd-absolute-time assertion 14:26:38 (discussion on tdd-http-unsupported-feature) 14:26:53 mm: manual test? 14:27:01 ... (creates a new issue) 14:27:16 -> https://github.com/w3c/wot-discovery/issues/414 Issue 414 - make tdd-http-unsupported-feature manual 14:27:58 (discussion on tdd-things-create-anonymous-td) 14:29:05 -> https://github.com/w3c/wot-discovery/issues/415 Issue 415 - confirm test results for tdd-things-create-anonymous-td 14:29:45 subtopic: Manual tests 14:29:55 -> https://w3c.github.io/wot-discovery/testing/report.html#manual_validation_results 8.2 Manual validation results 14:30:07 mm: maybe some of the manual tests should be informative 14:30:51 ... There are assertions on "Discoverer" 14:31:10 ... we have node-wot and NodeRED as implementations 14:31:31 ... some of the results are strange 14:32:02 ... e.g., not sure why discoverer-any-order doesn't pass 14:32:26 ... need to look at the actual CSV files again 14:33:55 ... (looks at the CSV files) 14:34:29 ... maybe need to clean up the results 14:35:03 cg: seems some overlaps there 14:35:11 mm: yeah, need to clean it up 14:35:53 ... (creates a new issue) 14:36:09 s/it up/logilab results up/ 14:36:42 -> https://github.com/w3c/wot-discovery/issues/416 Issue 416 - clean up logilab results 14:37:02 mm: (assigns it to Christian) 14:37:11 rrsagent, make log public 14:37:15 rrsagent, draft minutes 14:37:15 I have made the request to generate https://www.w3.org/2022/09/26-wot-discovery-minutes.html kaz 14:38:51 (tdd-context-injection) 14:39:02 mm: it's weird... 14:39:13 ... maybe need bug fixes 14:39:34 [[ 14:39:35 An Enriched TD MUST contain in its @context the URI https://w3c.github.io/wot-discovery/context/discovery-context.jsonld. 14:39:36 ]] 14:39:54 mm: the assertion the github.io URL 14:39:59 ... that's also weird 14:40:53 ... should resolve issue 148 14:41:05 -> https://github.com/w3c/wot-discovery/issues/148 Issue 148 - Discovery context and namespace under w3.org/ns 14:41:22 mm: we've agreed to go for the option 2 here 14:41:45 [[ 14:41:47 2. Continue to use github for now (makes testing easier), add an ednote saying it will be changed in the final version. (Late binding and back-patching) 14:41:48 ]] 14:43:19 mm: changing the label of the issue 148 to "Resolve by PR" 14:43:50 (tdd-http-representation-alternate-output) 14:43:59 mm: marking as at-risk at the moment 14:44:17 rrsagent, draft minutes 14:44:17 I have made the request to generate https://www.w3.org/2022/09/26-wot-discovery-minutes.html kaz 14:45:02 i/shows the updated i/topic: Updated implementation report/ 14:45:13 i/shows the updated i/subtopic: Automatic tests/ 14:45:14 rrsagent, draft minutes 14:45:14 I have made the request to generate https://www.w3.org/2022/09/26-wot-discovery-minutes.html kaz 14:45:23 topic: CR preparation 14:45:28 rrsagent, draft minutes 14:45:28 I have made the request to generate https://www.w3.org/2022/09/26-wot-discovery-minutes.html kaz 14:46:18 s/topic: CR preparation// 14:46:31 ft: related issue 185 14:47:07 -> https://github.com/w3c/wot-discovery/issues/185 Issue 185 - OAuth2 and SSE Notificiations 14:47:17 ft: Andrea might have an implementation 14:48:22 ac: also implemented SSE 14:49:32 ... the question is generating the client from the scratch 14:49:37 mm: right 14:50:25 ft: libraries don't provide storage to you 14:51:03 mm: it's a trade on the performance 14:51:26 ... your option 4 looks good but require extra implementation 14:51:42 [[ 14:51:44 4. Same as above, but with OAuth 2.0 Token Introspection 14:51:45 The server checks the token with auth-server periodically and disconnects the client if access is revoked. 14:51:45 Very secure 14:51:45 Most resource-friendly approach for the clients 14:51:46 Depending on the introspection interval, it could put high pressure on server and auth-server. 14:51:48 It requires some extra implementation on the server-side. 14:51:50 ]] 14:51:57 s/The ser/* The ser/ 14:52:03 s/Very/* Very/ 14:52:07 s/Most/* Most/ 14:52:16 s/Depen/* Depen/ 14:52:26 s/It require/* It require/ 14:52:40 rrsagent, draft minutes 14:52:40 I have made the request to generate https://www.w3.org/2022/09/26-wot-discovery-minutes.html kaz 14:57:22 mm: there is an implementation but we don't think that's enough to make this feature normative 14:57:40 ... assertions are all about the server, not the client; so we don't actually have tests that check for client-server interop. 14:57:58 -> https://github.com/w3c/wot-discovery/issues/185#issuecomment-1258165394 McCool's comments 14:58:14 mm: (creates a new issue) 14:58:38 -> https://github.com/w3c/wot-discovery/issues/417 Issue 417 - Should we make SSE informative? 15:00:16 mm: can we transition to PR if we can't get enough implementations for this? 15:00:29 kaz: no, need to identify this as at-risk 15:00:45 ... or we have to publish an updated draft as a CR 15:00:55 mm: ok 15:01:21 ... we need to continue to work 15:01:35 ... but due to the Testfest next week, maybe in 2 weeks 15:02:18 ... (adds a note "McCool will prep for mtg in two weeks" to the agenda) 15:02:20 [adjourned] 15:02:39 rrsagent, draft minutes 15:02:39 I have made the request to generate https://www.w3.org/2022/09/26-wot-discovery-minutes.html kaz