IRC log of wot-sec on 2021-05-17
Timestamps are in UTC.
- 12:03:23 [RRSAgent]
- RRSAgent has joined #wot-sec
- 12:03:23 [RRSAgent]
- logging to https://www.w3.org/2021/05/17-wot-sec-irc
- 12:03:53 [kaz]
- meeting: WoT Security
- 12:04:18 [kaz]
- Chair: McCool
- 12:04:39 [kaz]
- present+ Kaz_Ashimura, Michael_McCool, Oliver_Pfaff, Philipp_Blum
- 12:06:39 [Oliver]
- Scribe: Oliver
- 12:07:30 [Mizushima]
- Mizushima has joined #wot-sec
- 12:08:14 [zkis2]
- zkis2 has joined #wot-sec
- 12:08:25 [Oliver]
- Review meeting minutes 2021-05-10: wording change needed for TD Issue 940
- 12:09:25 [McCool]
- for example, LDS might choose to use full URLs for JSON-LD canonical form, which would be problematic for us
- 12:13:07 [Oliver]
- Review meeting minutes 2021-05-10: wording change needed in Signature section (attribute comment about Lagally action to OAuth)
- 12:13:43 [McCool]
- change "Michael Lagally will look into those points" to "Regarding moving the detailed OAuth2 description and recommendations to the security best practices document, I will follow up with Michael Lagally"
- 12:15:39 [Oliver]
- Review meeting minutes 2021-05-10: change for Signature section was reconsidered: remove the line about the above mentioned action
- 12:15:40 [kaz]
- (will be removed in the end since it's rather confusing)
- 12:15:49 [kaz]
- s/(will be removed in the end since it's rather confusing)//
- 12:16:49 [Oliver]
- Review meeting minutes 2021-05-10: one more wording change needed for TD Issue 940
- 12:17:23 [Oliver]
- Review meeting minutes 2021-05-10: minutes approved with the mentioned changes
- 12:18:41 [Oliver]
- https://github.com/w3c/wot-thing-description/issues/940: review of this issue
- 12:19:09 [kaz]
- i/940/topic: Issue 940/
- 12:19:18 [kaz]
- i/https/-> https/
- 12:20:37 [kaz]
- s/: review of this issue/ wot-thing-description issue 940 - Add optional proof section to TDs/
- 12:20:50 [kaz]
- i/topic: Issue 940/topic: TD Issue 940/
- 12:24:21 [kaz]
- -> https://github.com/w3c/strategy/issues/262#issuecomment-834479963 McCool's comment to the strategy issue 262
- 12:24:58 [Oliver]
- https://github.com/w3c/wot-thing-description/issues/940: W3C LDS WG adoption was considered and likely to happen
- 12:25:28 [kaz]
- i|940|-> https://github.com/w3c/lds-wg-charter/issues/78 McCool's issue on lds-wg-charter - W3C Web of Things (WoT) WG supports the W3C LDS WG|
- 12:26:06 [Oliver]
- https://github.com/w3c/wot-thing-description/issues/940: timeline is an issue. W3C LDS WG probably needs 2 years; TD signatures can probably not wait 2 years
- 12:31:02 [Oliver]
- https://github.com/w3c/wot-security/issues/166: discussion about ciphers. current proposal: SHA256 and ECDSA
- 12:32:01 [kaz]
- present+ Tomoaki_Mizushima
- 12:33:57 [Oliver]
- https://github.com/w3c/wot-security/issues/166: "ECDSA" was meant in sense of the NIST curves (secp)
- 12:38:40 [Oliver]
- https://github.com/w3c/wot-security/issues/166: NIST curves enjoy broad support (SW/FW/HW) but are subject of some concerns. Not all communities are equally happy with the NIST curves
- 12:41:12 [Oliver]
- An alternative is Curve25519 aka x25519. See https://ianix.com/pub/curve25519-deployment.html for "Things that use Curve25519"
- 12:47:07 [Oliver]
- https://github.com/w3c/wot-security/issues/166: likely starting points for elliptic curves for digital signatures: NIST P-256 and x25519
- 12:50:41 [Oliver]
- https://github.com/w3c/wot-security/issues/168: Use case questionaire status review
- 12:52:26 [zkis2]
- zkis2 has joined #wot-sec
- 12:52:32 [Oliver]
- https://github.com/w3c/wot-security/issues/166: review and comments by all particpants is invited
- 12:54:45 [McCool]
- https://github.com/w3c/wot-security-best-practices/pulls
- 12:55:32 [Oliver]
- WoT security best practices: discussed a PR "Move OAuth2 flows from Use Cases to Best Practices"
- 12:59:17 [Oliver]
- A merger shall be made to cover this PR
- 13:01:16 [McCool]
- https://github.com/w3c/wot-security-best-practices/issues/11
- 13:01:27 [Oliver]
- Meeting closed
- 13:01:43 [kaz]
- rrsagent, make log public
- 13:01:47 [kaz]
- rrsagent, draft minutes
- 13:01:47 [RRSAgent]
- I have made the request to generate https://www.w3.org/2021/05/17-wot-sec-minutes.html kaz
- 14:18:33 [kaz]
- kaz has joined #wot-sec
- 14:55:59 [zkis3]
- zkis3 has joined #wot-sec
- 14:59:38 [Zakim]
- Zakim has left #wot-sec
- 15:00:06 [zkis3]
- zkis3 has joined #wot-sec
- 15:28:40 [zkis2]
- zkis2 has joined #wot-sec