See also: IRC log
<scribe> scribenick: kaz
elena: wondering about the workshop thing
mccool: IEEE S&P
... will discuss
[[
WoT Security and Privacy Considerations
Document status and issue review
Security sections in other documents
Document status and issue review
IoT Conference workshop update
NDSS proposal accepted
IEEE S&P deadline: Sept 20
Other work items
]]
mccool: workshop first
mccool: NDSS proposal
... submitted one and accepted
... Decentralized IoT Security and Standards
... submitted in parallel
... had a meeting
... to merge the two proposals
... fundamental issue for WoT is interoperability
... security for multiple interoperable implementations
... added a couple of topics
... 3 points
... Carsten, co-Chair
... similar proposal on TLS
... not our primary objective
... not optimal but still worth presenting our paper
... get discussion there
... could get people interested there
... networking purposes
... question is if we would like to submit a proposal for IEEE
S&P as well
... deadline Sep. 20
... can tune it up
... but should I?
barry: think we should
... target which help our work
mccool: right
... but some concern
... keep it different from NDSS
... any other comments?
... can submit a proposal asis
... more security people anyhow
... any suggestions?
... will circulate the proposal
... need to wrap up the proposal within 48h
... you can edit the proposal on Google doc
... let me know about your Google account
... will send invitation to you
mccool: so we'll do this
elena: goes through it
... had discussion with Matthias the other day
... adding pictures
mccool: rendered version?
https://rawgit.com/ereshetova/wot-security/working/index.html
kaz: does the above rawgit work fine?
mccool: fine
... contents extracted from the TD draft
... will work on the pull request
... one document for security
... summary within TD, etc.
elena: when to have more concrete content?
mccool: Thing Description
management
... threat model should go here (Recommended Security
Practices)
... publish this as a Note
... and put the threat model into it
elena: no text under 2.3 yet
... 2.3 Determining a suitable security architecture
mccool: we should put the material
here inline
... need TODOs as Editor's Note
elena: this is a working branch, not the main branch
mccool: pull request on the working
branch
... will add a tag
... (adds a tag, "TDmaterial" to the working branch
content)
... (also a branch, "TDmaterial")
... (merges the pull request 8 and add a comment to the pull
request)
... OK, but we probably want to pull back in the TD material,
so I branched as TDmaterial"
... any procedure to add Elena as an Editor?
zoltan: you can create a pull request for that?
mccool: ok
... will create a pull request then
... we can update the link for the threat model
elena: can we keep the threat model content a separate file?
mccool: there is a trade-off
... also should think about the references
... some of the references should go into the draft
mccool: will create a pull request to
put the thread model inline
... note that I'm working on the master branch and the working
branch
... on the working branch, will put the contents from the MD
files into the index.html file
... let's see an example of the TD repo
... or the architecture
mccool: we have summary in the main
docs
... remove the Editor's note and put text that we're working on
a separate security doc
mccool: let's go back to the prev minutes
mccool: CSS file for a WG Note
kaz: we can put "WG-NOTE" instead of
WD/ED for respec
... but we can keep "Editor's Draft" for the index.html on GitHub
... and I can change the CSS to "WG-NOTE" when we publish the draft as a WG Note
mccool: will also see that
... can we accept the minutes?
(no objections)
mccool: ok
mccool: Abstract is missing
... Elena, do you want to put a stab?
... it's the first thing people will read
... we should submit pull requests for the structure and the
individual sections
... each section can have one pull request
... will do mechanical edit to include MD file content
... and Elena will look into the Abstract
... and then section restructure
... if there is any conflict, we'll sort that out
elena: comments welcome for the structure
mccool: where the best practices come from
[adjourned]