IRC log of wot-sec on 2019-09-09
Timestamps are in UTC.
- 10:13:38 [RRSAgent]
- RRSAgent has joined #wot-sec
- 10:13:38 [RRSAgent]
- logging to https://www.w3.org/2019/09/09-wot-sec-irc
- 10:13:44 [kaz]
- Meeting: WoT Security
- 10:14:05 [kaz]
- present+ Michael_McCool, Elena_Reshetova, Tomoaki_Mizushima, Kaz_Ashimura
- 10:14:16 [kaz]
- topic: Quick updates
- 10:14:18 [kaz]
- (none)
- 10:14:24 [kaz]
- topic: Previous minutes
- 10:15:08 [kaz]
- -> https://www.w3.org/2019/09/02-wot-sec-minutes.html Prev minutes
- 10:15:20 [kaz]
- mm: any objections to accept the minutes?
- 10:15:21 [kaz]
- (none)
- 10:15:29 [kaz]
- mm: accept the previous minutes
- 10:16:18 [kaz]
- Agenda: https://www.w3.org/WoT/IG/wiki/IG_Security_WebConf#Agenda
- 10:16:47 [kaz]
- topic: Definition PR in Architecture
- 10:17:04 [kaz]
- -> https://github.com/w3c/wot-architecture/pull/384 PR 384
- 10:17:14 [kaz]
- mm: created a PR based on ISO standard definition
- 10:18:03 [kaz]
- ... ISO/IEC 2382 and ISO/IEC 27000
- 10:18:38 [kaz]
- ... put some explanatory text
- 10:18:56 [McCool]
- https://github.com/w3c/wot-architecture/pull/384/files
- 10:19:28 [kaz]
- kaz: seems the link for 2382 is wrong (same as 27000)
- 10:19:31 [kaz]
- mm: will fix it
- 10:19:49 [kaz]
- ... we'll make decision during the Architecture call on Thursday
- 10:20:08 [kaz]
- ... there is a note on PII here
- 10:21:14 [kaz]
- ... added description on information privacy as well
- 10:21:28 [kaz]
- ... ISO 2382 and ISO 29100
- 10:21:49 [kaz]
- ... and then
- 10:21:57 [kaz]
- ... security
- 10:22:23 [kaz]
- ... confidentiality, integrity and availability of information
- 10:22:52 [kaz]
- ... and then add a note "please refer to this document (ISO 27000)"
- 10:23:33 [kaz]
- ... also add a note saying " it is desirable that these properties be maintained both in normal operation and when the system is subject to attack"
- 10:24:15 [kaz]
- ... also definition of "private life"
- 10:24:54 [kaz]
- ... any comments?
- 10:25:11 [kaz]
- s/any/any other/
- 10:26:15 [kaz]
- mm: (fixes the wrong link for "ISO 2382")
- 10:32:09 [kaz]
- ... wondering if we need to add an entry to the ReSpec reference DB
- 10:34:09 [kaz]
- topic: WG Charter
- 10:34:52 [kaz]
- -> https://github.com/w3c/wot/pull/862 WG Charter PR (round 2)
- 10:35:17 [kaz]
- -> https://github.com/w3c/wot/pull/862/files Changes
- 10:35:30 [kaz]
- mm: (goes through the changes)
- 10:37:01 [kaz]
- ... how to allow access to metadata?
- 10:38:03 [kaz]
- ... changed "parties" to "users" ..
- 10:38:03 [kaz]
- s/../.../
- 10:38:29 [kaz]
- topic: Profiles
- 10:39:11 [McCool]
- https://github.com/w3c/wot-profile/issues/6
- 10:39:19 [kaz]
- er: don't really understand which profiles are for waht
- 10:39:24 [kaz]
- s/waht/what/
- 10:39:45 [kaz]
- mm: would be fixed within TD
- 10:40:14 [kaz]
- ... we're generating a document on "Requirements from WG participants for the profile"
- 10:41:34 [kaz]
- -> https://github.com/w3c/wot-profile/blob/master/REQUIREMENTS.md Requirements
- 10:42:40 [kaz]
- mm: it's just outline
- 10:42:49 [kaz]
- ... we'll discuss this during TPAC
- 10:42:52 [zkis__]
- zkis__ has joined #wot-sec
- 10:43:18 [kaz]
- ... there is a proposal to make TD less complicated
- 10:44:19 [kaz]
- ... human readability vs machine-to-machine communication
- 10:44:43 [kaz]
- er: what about security?
- 10:44:55 [kaz]
- ... we have security best practice document
- 10:45:08 [kaz]
- ... how does things relate to each other?
- 10:45:18 [kaz]
- mm: some of the combinations would make sense
- 10:45:45 [kaz]
- er: any plan to merge the best practice with this?
- 10:45:51 [kaz]
- mm: not really
- 10:46:09 [kaz]
- ... we have limitation
- 10:46:35 [kaz]
- ... but there is a relationship and we should not duplicate
- 10:47:08 [kaz]
- er: ok
- 10:48:14 [kaz]
- mm: we need to figure out developer status
- 10:48:43 [kaz]
- ... there should be a mechanism to allow "nosec" but only in a developer context
- 10:49:24 [kaz]
- er: e.g., people working within a local network
- 10:50:28 [kaz]
- mm: we have to have discussion at TPAC
- 10:50:36 [kaz]
- ... also need to find use cases
- 10:51:56 [kaz]
- er: btw, we needed to update the Architecture document with updated definition?
- 10:52:25 [kaz]
- mm: working on the original issue and newly generated definition based on the CR version of the Architecture draft
- 10:53:22 [kaz]
- ... let's discuss the detail at TPAC
- 10:54:53 [kaz]
- ... if you have any ideas, please put that on the TPAC f2f wiki
- 10:55:13 [kaz]
- er: Asian time?
- 10:55:25 [kaz]
- mm: TPAC will be held in Fukuoka, so JST
- 10:55:44 [kaz]
- ... would make sure you can make the f2f remotely
- 10:56:14 [kaz]
- ... let's meet (or talk on webex) at TPAC next week!
- 10:56:16 [kaz]
- [adjourned]
- 10:56:24 [kaz]
- rrsagent, make log public
- 10:56:31 [kaz]
- rrsagent, draft minutes
- 10:56:31 [RRSAgent]
- I have made the request to generate https://www.w3.org/2019/09/09-wot-sec-minutes.html kaz
- 11:00:53 [zkis]
- zkis has joined #wot-sec
- 11:02:36 [McCool]
- McCool has left #wot-sec
- 12:15:21 [Zakim]
- Zakim has left #wot-sec
- 14:15:26 [zkis]
- zkis has joined #wot-sec
- 14:47:06 [zkis]
- zkis has joined #wot-sec