Meeting minutes
Minutes
McCool: (goes through the minutes)
<luca_barbato> w3c/
Luca: would add the above PR to the agenda
McCool: ok
… minutes themselves look fine
approved
PRs
PR 216
PR 216 - Update IETF references, clean up whitespace
McCool: looks reasonable
… referring to the RFCs
… my question is if it's appropriate to call RFCs "IETF standards"
Jan: should be fine
McCool: ok
PR 217
PR 217 - Expand introduction section
McCool: figures are removed?
Jan: right
McCool: a bit confused
… and concerned maybe there is some duplicate
McCool: (goes through the Preview instead of the Diff)
… ISO resources should be referenced. right?
Kaz: should improve the text and the structure
McCool: why don't you add a subtitle "Outline" right bfore "The rest of this document is..."?
Kaz: yeah, we can start with something like that
McCool: (adds a comment to the PR)
… some improvements needed
… e.g., put last paragraph of the section 1 in to sub section, "Outline"
… use a bulleted list to make it easier to read
… avoid making descriptions self-referential (lifecycle section explains the lifecycle)
Profile issues
McCool: still several remaining issues to be addressed
Issue 221
wot-profile issue 221 - Security Schemes are too loose
McCool: need clarification on how to use security schemes
… Ben provided several examples on what he did
McCool: (shows section "5.4 Security")
WoT Profile Editor's Draft - 5.4 Security
McCool: what is missing here is how to handle header, cookie, etc.
McCool: let me put comments on the generic issue 6
… current text still doesn't have limitations on use of "in" and "name"
… let's focus on claning up the internal content of the sction first
… later on we can discuss whether or not it belongs inside a specific profile
generic issue - wot-profile issue 6 - Recommended Security
Kaz: I'm OK with improving the WoT Profile spec incrementally
… but it sounds to me we need clarification on how to implement actual WoT-based systems based on the WoT specs
… so not 100% sure if it would be really the best solution to put all the necessary information around how to use the WoT features to the WoT Profile spec
… probably we need bigger discussion about that
McCool: yeah, would suggest incremental improvement in the short term
Kaz: yeah, I'm OK with the short-term improvement itself
… but we need bigger discussion about best practices and implementation guidelines for WoT-based system development at some point
McCool: right
… let's focus on cleaning up the internal text of the WoT Profile spec now
… As Ben points out, since we only do HTTP in the current WoT Profile spec
… but in the long run, we'll have to restructure things and have a security section for each profile
… think the default values are already defined by the WoT Thing Description spec
WoT Thing Description 1.1 ED - 5.4 Default Value Definitions
McCool: actually, don't see the default value for OAuth...
… (adds another comment to the wot-profile issue 6)
… The "basic" scheme MUST use the default values for "in" and "name" of "header" and "Authorization" as defined in the Thing Description 1.1 spec.
Kaz: which section do you want to refer to for that purpose?
McCool: the ReSpec reference simply use the whole document as the reference
Kaz: that's true, but we ourselves should be aware which section and text describes what
McCool: right
Kaz: if section "5.4 Default Value Definitions" itself doesn't have the description, some other section has some description. that's what you mean. right?
… my question is if the Thing Description 1.1 spec has enough description and necessary assertion for that
… or we need to have some text within Profile instead
McCool: Thing Description 1.1 spec has many options
… I'll do a PR on that point
Charter discussion
PR 77
wot-charter-drafts PR 77 - Expand description of Onboarding in Details
McCool: question around description on Onboarding
related issue 67 - What does "onboarding" involve?
Kaz: this discussion is already too much detail
… of course we need discussion on what we need around IoT system lifecycle in general including onboarding
… however, the question is to what level can we try to work on around onboarding and system lifecycle
McCool: right
… please continue to think about that
… (adds comment to issue 67)
… agree there is a possibility that we don't want to commit to doing onboarding in the Charter itself.
… would suggest we merge this PR for now
… but will create another PR to take the mention of onboaring out of the Charter
… later when we do detailed planning we can decide if we want to tackle this in this Charter or not
[adjourned]