IG Security WebConf

From Web of Things Interest Group
Jump to: navigation, search

WebConf Information

Mondays at 8am EDT / 2pm CET / 10pm JST

WebEx

IRC

The IRC is used for the minutes, speaker queue, and sharing links etc.

Schedule

  • First Draft
    • Oct 27 - confirmed by WG, asked for FP publication, but too late for TPAC
  • W3C Note: FP Note
    • Probably will be out around Nov 16, week after TPAC
    • Updates after that can use the automatic system
  • Second draft: Dec 19 (Tues)
  • Third draft: early Feb (eg Feb 15 for NDSS; Elena may not be available)
  • After that: roughly every two months update

Agenda

Nov 20, 2017

  • Review of minutes from last meeting
  • Draft publication status
  • Review schedule
  • TPAC Post-mortem
  • WoT Security and Privacy Considerations
    • Publication status
    • Issues review
      • Existing issues
      • New Issues
  • NDSS DISS Workshop
  • Other work items

Pending Agenda Items (with Deadlines)

  • Review of Thing Description draft for First Draft release (end of August 2017)
  • Review Protocol Template draft for First Draft release (end of August 2017)
  • Goals for Fall 2017 F2F at TPAC (November 2017)
    • Review of Second Draft of all documents
  • Generate prioritized list of IoT systems/protocols (September 2017)
    • OCF, oneM2M, LwM2M, ZWave, AWS IoT/GG, etc
  • Generate prioritized list of mechanisms (September 2017)
    • OAuth, TLS, AES, etc
  • F2F Input and other thoughts
    • Questionaire data
    • Characteristic Thing
    • Zero-Trust Systems

Future Agenda Items

  • New Use Cases
  • Review of IETF-ACE, IIC-SF, CoAP and other security models
  • Discuss use of semantic annotations for security
  • Review existing threat models eg from IIC Security Framework
  • Review of existing security models and mechanisms in target protocols
      • Get that up somewhere for people to provide input
      • Some of the threats depend on the vulnerability of the protocols
    • Review COSE (although still in draft)
    • Use main call to synchronize this activity and gather feedback
    • Create a template so we can consolidate the information
    • Identify people or groups that can look at individual target protocols and mechanisms
  • Review issues and feedback on draft documents
    • Via github issues

Resources

Meeting Minutes

2017

Security and Privacy Questionnaires, Review Forms