W3C

– DRAFT –
WoT Architecture

13 April 2023

Attendees

Present
Ege_Korkan, Kaz_Ashimura, Kunihiko_Toumura, Michael_Lagally, Michael_McCool, Ryuichi_Matsukura, Tomoaki_Mizushima
Regrets
-
Chair
Lagally
Scribe
Ege, kaz

Meeting minutes

Minutes Review

<kaz> Apr-6

Lagally: anything to change?

McCool: there is an unintended pr merged, I think. I need to check what happened

<kaz> issue 903 - Verify DTLS textual changes

Lagally: what about the minutes themselves?

McCool: fine with me

Lagally: minutes are approved

At Risk Assertions Presentation

<kaz> Slides on Architecture at-risk features

McCool: there has been some updates already, we will have PRs to merge before testfest

McCool: here are the atrisk features
… we have 9 left
… I have removed from list one assertion
… they are all under security or privacy

Lagally: was it implemented or not needed?

McCool: it was implemented
… also I have created some relevant issues

McCool: there are some that are easy to implement
… some are difficult and some need more explanation

segmented network

McCool: this is about segmenting the network instead of device
… this is system level security

Ege: we do not have any optional assertions, not relevant for testfest

Lagally: I do not understand the first slide

Lagally: we should change the first sentence without changing the meaning

McCool: in the context it makes sense

Lagally: at least a comma

Lagally: what does implicit access control mean?

McCool: not the device but the network providing access control

Lagally: what do we try to do here? Isolate entities in the network?

McCool: these are mitigations to risks

Ege: happens with smart speakers a lot

Kaz: note that one of the main purposes of the Dev Meeting is clarifying what we really meant for each assertion. Given we ourselves are not 100% sure about some of the assertions, we should add further clarification (e.g., as Editor's Notes) back to the specifications.

arch-security-consideration-tls-recommended-priv

McCool: it is a bit annoying but possible
… professional developments generally do it

Ege: I have added that saywot implements it

arch-security-consideration-use-psk

McCool: we have a wording issue here
… we should use certificates
… if we cannot change it editorially, we should change it to informative

arch-security-consideration-dtls-1-3

McCool: tls 1.3 disallows some crypto suites
… however no libraries for dtls exist yet

Ege: http/3 uses QUIC over UDP so we can get more adoption

McCool: interesting, let's follow up

Lagally: it is good to have at least DTLS 1.2

McCool: we have that one passing already, this is a bit of a stretch goal

Lagally: how about recommending DTLS 1.2?

McCool: it has known problems

arch-security-consideration-use-hal

McCool: we should have more of this, since avoid direct is linked to it

arch-security-consideration-hal-refuse-unsafe

McCool: I have this problem at home where a led strip and if brightness of all leds are at full, you have hardware problems
… "HAL (Hardware Abstraction Layer)" should restrict it

Lagally: this is a fuzzy assertion, difficult to implement and understand

McCool: we can make it informative

Kaz: Also unsure about what "Hardware Abstraction Layer" means. We have to explain what a "Hardware Abstraction Layer" means here.

McCool: we can add informative text here

Ege: we have to approach these recommendations better for the next charter

Lagally: we should avoid this discussion for the next charter

arch-security-consideration-secure-update

McCool: We need TLS or other secure mechanisms to do the update

Lagally: how about removing post manufacturing

McCool: this is about after deployment

arch-security-consideration-communication-platform

McCool: there is a wording issue here, it should be a platformq

McCool: ege's comment makes sense here

McCool: I think that the implementation that does this is my ocf device

arch-privacy-consideration-explicit-pii

McCool: just the fact that TDs exist, have a risk of identifying a person

McCool: this can be satisfied by TDD implementations

PRs

PR 902

Lagally: can we merge this or needs review?

Lagally: also should we generate manual csv file?

Ege: how to prepare for developer meetup next time. This needs to be decided

McCool: for discovery, we can look in the first 10 minutes if others join

Kaz: we're already out of time, so when to have the discussion about this preparation work

Lagally: Let's continue the discussion during the next Architecture call.

Minutes manually created (not a transcript), formatted by scribe.perl version 210 (Wed Jan 11 19:21:32 2023 UTC).