IG Security WebConf/2021
From Web of Things Interest Group
Agendas from WoT Security TF in 2021
Contents
- 1 13 December 2021
- 2 6 December 2021
- 3 29 November 2021
- 4 22 November 2021
- 5 15 November 2021
- 6 8 November 2021
- 7 1 November 2021
- 8 18 October 2021
- 9 20 September 2021
- 10 13 September 2021
- 11 6 September 2021
- 12 30 August 2021
- 13 26 July 2021
- 14 19 July 2021
- 15 12 July 2021
- 16 14 June 2021
- 17 31 May 2021
- 18 24 May 2021
- 19 17 May 2021
- 20 10 May 2021
- 21 3 May 2021
- 22 19 April 2021
- 23 12 April 2021
- 24 29 March 2021
- 25 22 March 2021
- 26 15 March 2021
- 27 8 March 2021
- 28 1 March 2021
- 29 22 February 2021
- 30 15 February 2021
- 31 8 February 2021
- 32 1 February 2021
- 33 25 January 2021
- 34 18 January 2021
- 35 11 January 2021
- 36 4 January 2021
13 December 2021
Note: last meeting in 2021.
Scribe: Jiye
- Minutes:
- Discuss TD/OAuth2 resolution
- Review Issues and PRs
- AOB
6 December 2021
Scribe: Kaz
- Minutes:
- See "Upcoming issues" above
- Need to deal with various issues in other documents
- Review issues and PRs
- AOB
29 November 2021
Scribe: Cristiano
- Minutes:
- See "Upcoming issues" above
- Need to deal with various issues in other documents
- Review issues and PRs
- AOB
22 November 2021
Scribe: Philipp
- Minutes:
- Review issues and PRs
- AOB
15 November 2021
Scribe: Kaz
- Minutes:
- Review issues and PRs
- AOB
8 November 2021
Scribe: Kaz
- Minutes:
- New attendees
- Jiye Park, Siemens
- Review issues and PRs
- AOB
1 November 2021
Scribe: Kaz
- Minutes:
- Meeting invite
- Review F2F minutes
- Capture action items
- Review revised schedule
- Review issues and PRs
- AOB
18 October 2021
Scribe: Philipp
- Minutes:
- Planning for F2F - Oct 28
- Meeting with DID and IETF/ITRF/T2TRG
- https://github.com/w3c/wot/issues/987
- Needs updates, e.g. to date and logistics
- Issues and PRs
- Review gaps in TD Implementation Report draft
- AOB
20 September 2021
Scribe: Kaz
- Minutes:
- PRs
- Issues
- AOB
13 September 2021
Scribe: Philipp
- Minutes:
- Signatures
- Other Issues & PRs
- AOB
6 September 2021
Scribe: Kaz
- Minutes:
- Signatures
- Oliver's Review
- Discussion - Next steps, alternatives
- Other Issues & PRs
- AOB
30 August 2021
Scribe: Philipp
- Minutes:
- Issues & PRs
- AOB
26 July 2021
Scribe: Kaz
- Minutes:
- Meeting schedule in August
- Best Practices
- Local Transport - cont'd
- https://github.com/w3c/wot-security-best-practices/issues/13
- Issues
- AOB
19 July 2021
Scribe: Philipp
- Minutes:
- Best Practices
- PRs
- Signing - Review
- Schedule
- July - McCool to cleanup spec
- August - Pfaff to review
- Sept - close/finalize
- Schedule
- AOB
12 July 2021
Scribe: Oliver
- Minutes:
- Best Practices
- Signing
- AOB
14 June 2021
CANCELLED
Scribe:
- Minutes:
- Best Practices
- Signing
- AOB
31 May 2021
Scribe: Elena
- Minutes:
- Best Practices
- Review of issues created last week
- Signing
- Pending PR for TD
- need to discuss keys
- F2F Planning
- Schedule
- AOB
24 May 2021
Note: Holiday in Europe and Canada today, but we met anyway and discussed the state of the Best Practices document, and added several issues for things that needed to be done to whip it into shape.
Regrets: Oliver, Elena
- Minutes:
- Best Practices
- OAuth2
- Local transport
- Discovery
- Usages, Updates, Issues
- Publication schedule
- AOB
17 May 2021
Regrets: Elena
Scribe: Oliver
- Minutes:
- Signing and Canonicalization
- Use Case Questionnaire
- Scripting Requirements
- Issues and PRs
- AOB
10 May 2021
Regrets: Oliver
Scribe: Kaz
- Minutes:
- Signing
- https://github.com/w3c/wot-thing-description/issues/940
- https://github.com/w3c/wot-security/issues/166
- XML Signature alignment
- Signature type? If we could have only one, what should it be?
- Requirements cont'd
- Linked Data Signature charter
- Use Case Questionnaire
- AOB
3 May 2021
Scribe: Cristiano
- Minutes
- Signing
- Oauth2 PR
- AOB
19 April 2021
Scribe: Philipp
- Minutes
- Quick Updates
- Next week joint call with Scripting
- Security TF issues
- Management API
- Discovery TF issues
- Logistics still under discussion
- Possible we will join Scripting (the hour before Security) and/or they just join our call next week (April 26); will send email
- Issues and PRs
- TD Canonicalization
- Not knowing default values for extensions is a big problem
- Signing
- Limit signing to only a particular context, not extensions
- Would not then be able to protect protocol bindings in particular
- Could later on extend to other extensions, once defaults are normative
- Server vs Client architecture
- Object security
- Useful for contexts in which other security is weak, e.g. local HTTP?
- OAuth2 Guidance
- Currently a bunch of material, including best practice assertions, in the use case document; does it belong there?
- TD Canonicalization
- Ongoing
- Other
- AOB
12 April 2021
Scribe: Elena
- Minutes
- Quick Updates
- Planning
- Issues and PRs
- Ongoing
- AOB
29 March 2021
Short meeting (30).
- Capture F2F outcomes
22 March 2021
Cancelled.
15 March 2021
Cancelled.
8 March 2021
Scribe: Elena
- Minutes
- Quick Updates
- Logistics
- Cancellations due to F2F
- F2F agenda review
- Note security sections under Architecture (lifecycle; final review?), Discovery (considerations, geolocation), and TD (body scheme, etc.).
- No special security session
- Planned publications (schedule review)
- Pre-CR drafts expected 1 May
- Should finalize updates based on drafts by July.
- Should formally publish Best Practices
- Issues and PRs
- Ongoing
- AOB
- Management API requirements being discussed for Scripting API
1 March 2021
No call due to plugfest.
22 February 2021
Scribe: Philipp
- Minutes
- Quick Updates
- Issues and PRs
- Ongoing
- AOB
- Management API requirements being discussed for Scripting API
15 February 2021
Scribe: Cristiano
- Minutes
- Quick Updates
- Issues and PRs
- Ongoing
- AOB
- Management API requirements being discussed for Scripting API
8 February 2021
Scribe: Oliver
- Minutes
- Quick Updates
- Issues and PRs
- Scripting - Partial TDs
- Followup:
- Validation
- Security scheme selection from inside Scripting API
- Management API (external setup) requirements
- Security definitions
- Default (top-level) security scheme (only one; arrays are deprecated in favor of combo scheme)
- Secret management requirements (external secret store, etc)
- Followup:
- URI template location parameter for security schemes
- Scripting - Partial TDs
- Ongoing
- AOB
1 February 2021
Scribe: Kaz
- Minutes
- Quick Updates
- Issues and PRs
- Addition of URI template parameter mechanism
- Security issues in Discovery
- Create security and privacy considerations section
- AOB
25 January 2021
Scribe: Elena
- Minutes
- Quick Updates
- Issues and PRs
- AOB
18 January 2021
Scribe: Oliver
- Minutes
- Quick Updates
- Issues and PRs
- AOB
11 January 2021
Scribe: Cristiano
- Minutes
- Quick Updates
- Issues and PRs
- AOB
4 January 2021
Scribe: McCool
- Minutes
- Quick Updates
- Schedule updates
- Issues and PRs
- AOB
