11:54:38 RRSAgent has joined #wot-sec 11:54:42 logging to https://www.w3.org/2023/03/13-wot-sec-irc 11:59:29 McCool has joined #wot-sec 12:01:16 meeting: WoT Security 12:01:25 present+ Kaz_Ashimura, Michael_McCool 12:03:34 present+ Tomoaki_Mizushima 12:04:54 agenda: https://www.w3.org/WoT/IG/wiki/IG_Security_WebConf#13_March_2023 12:10:26 Jiye has joined #wot-sec 12:11:35 present+ Jiye_Park 12:11:52 scribenick: kaz 12:12:02 topic: Minutes 12:12:15 -> https://www.w3.org/2023/03/06-wot-sec-minutes.html Mar-6 12:13:53 approved 12:14:03 topic: Logistics 12:14:16 mm: timezone change due to the DST 12:14:32 ... European time will be back in two weeks 12:14:44 jp: I myself am fine with the current time 12:15:30 topic: Security PRs 12:16:09 subtopic: R 219 12:16:22 -> https://github.com/w3c/wot-security/pull/219 PR 219 - Fix OSCORE reference 12:16:25 mm: seems fine 12:16:39 jp: fine by me 12:17:02 merged 12:17:27 subtopic: PR 218 12:17:43 -> https://github.com/w3c/wot-security/pull/218 PR 218 - Remove Editor's note on RFC references 12:18:01 mm: seems ok 12:18:12 ... but removing two

tags... 12:19:00 ... (fixes the HTML) 12:19:20 ... should be valid now 12:20:10 merged 12:20:14 subtopic: PR 217 12:20:28 -> https://github.com/w3c/wot-security/pull/217 PR 217 - Expand introduction section 12:20:52 mm: references are added 12:21:16 ... document subsection is nailed down here... 12:21:54 s/subsection/outline subsection/ 12:22:12 -> https://pr-preview.s3.amazonaws.com/w3c/wot-security/217/66d919a...JKRhb:06133ab.html#document-outline dff - 1.2 Document Outline 12:22:20 rrsagent, make log public 12:22:24 rrsagent, draft minutes 12:22:25 I have made the request to generate https://www.w3.org/2023/03/13-wot-sec-minutes.html kaz 12:22:56 mm: expanded to include references on all the sections 12:24:22 ... a bit odd to have the terminology section at the end but should be ok 12:24:36 q+ 12:26:02 ... why don't we do the following... 12:26:17 ... (adds some fixed to the text for "Introduction") 12:28:02 ... (then adds "Discovery" to the "Related W3C Documents") 12:29:16 kaz: maybe it would be better to mention "Related WoT Specs" first 12:29:25 ... then "WoT group pages" next 12:29:29 ... separately 12:29:32 mm: sure 12:34:12 ... (adds some more editorial fixes) 12:34:20 ... any other thoughts? 12:34:42 kaz: maybe we can't fix this part, but it would be better to have the Terminology section earlier 12:34:45 mm: right 12:34:50 ... let's handle that separately 12:35:06 present+ Jan_Romann 12:35:09 q? 12:35:11 ack k 12:35:16 rrsagent, draft minutes 12:35:17 I have made the request to generate https://www.w3.org/2023/03/13-wot-sec-minutes.html kaz 12:36:01 merged 12:36:17 chair: McCool 12:36:26 subtopic: PR 210 12:36:44 -> https://github.com/w3c/wot-security/pull/210 PR 210 - Proposed Changes for 2023 Update 12:37:13 mm: there is some ongoing discussion around Profile 12:37:33 JKRhb has joined #wot-sec 12:37:37 ... basic profile vs generic password keys, etc. 12:37:47 ... want to get feedback 12:37:54 ... that's a pretty long discussion 12:38:46 topic: Charter topics 12:39:12 s/topic: Charter topics// 12:39:22 topic: Charter topics 12:39:32 mm: discussion on Architecture 12:40:40 subtopic: Issue 16 12:40:51 -> https://github.com/w3c/wot-charter-drafts/issues/16 Issue 16 - Architecture Restructuring 12:41:18 mm: there is some discussion around the Charter to make the Architecture spec potentially informative 12:41:49 jkrhb_ has joined #wot-sec 12:41:59 ... how to deal with all the security portions within Architecture if it becomes an informative Note? 12:43:55 -> https://w3c.github.io/wot-charter-drafts/wot-wg-2023-details.html details 12:44:09 mm: onboarding is important 12:44:46 ... thinking about smart homes, smart cities, smart factories, etc., as well 12:44:59 ... need key management for smart factories 12:45:42 jy: are we working on Onboarding for the next Charter? 12:46:11 -> https://w3c.github.io/wot-charter-drafts/wot-wg-2023-details.html Draft Charter 12:46:20 mm: took out Onboarding from the Charter itself 12:46:40 ... we got feedback on Onboarding 12:48:14 ... my personal opinion is keep the Architecture normative 12:49:18 ... if we move topics from the Architecture out to another spec, it might be going to make it (Architecture) have Security as the only normative content 12:49:39 ... note that changing the Charter would require another AC Review 12:50:12 ... if we have four year for the next Charter, it might make sense to have a normative deliverable for Security 12:50:18 ... but we just have two years 12:50:43 ... so my suggestion is 12:50:51 ... keeping the Architecture normative 12:50:58 ... and extend the security portions within it 12:51:37 jp: think that would be reasonable 12:52:30 mm: that said we still need further investigation around prototypes 12:53:18 ... one question to be asked more broadly about full stuck of WoT 12:54:12 ... think supports from the Security TF about my proposed direction 12:54:30 ... keeping the Architecture spec normative 12:54:36 ... let me capture that 12:59:07 proposed text for arch feedback for next charter: Notes from Security TF call: - Discussed whether it would be better to have normative security content in Architecture or in a new normative Security document - Consensus was that since it is still unclear whether we will be doing onboarding, and without it the normative security content is relatively short, it would be better to leave the normative security content in Architecture (which means A[CUT] 12:59:38 s/ (which means A[CUT]// 13:00:05 (the above text is fine) 13:01:03 -> https://github.com/w3c/wot-charter-drafts/issues/16#issuecomment-1466099128 McCool's comments 13:01:17 topic: AOB 13:01:45 mm: Profile topics to be discussed next week 13:01:49 [adjourned] 13:02:09 rrsagent, draft minutes 13:02:10 I have made the request to generate https://www.w3.org/2023/03/13-wot-sec-minutes.html kaz 14:01:28 Mizushima has left #wot-sec 14:26:03 Ege has joined #wot-sec 14:53:16 Zakim has left #wot-sec