16:53:38 RRSAgent has joined #auto 16:53:38 logging to https://www.w3.org/2021/06/08-auto-irc 16:53:40 RRSAgent, make logs Public 16:53:41 Meeting: Automotive Working Group Teleconference 16:53:57 agenda+ Authorization levels 16:54:10 agenda+ Curve logging demo 16:54:18 scribe: ted 18:01:01 present+ Ulf, Isaac, Erik, Ted 18:01:34 Present+ Gunnar 18:02:07 Present+ Peter 18:02:11 Chair: Peter, Ted 18:02:23 Present+ MagnusG 18:04:01 zakim, take up agendum 1 18:04:02 agendum 1 -- Authorization levels -- taken up [from ted] 18:06:04 Ulf: on a high level Erik and I have defined the steps a client needs to take to obtain a valid token in our approaches 18:06:12 Present+ Carine, Arman 18:06:25 Present+ Glenn 18:06:55 ... alignment seems possible but needed to clear up assumptions on the Bosch flow 18:08:42 Erik: we should be able to share the off-list exchange 18:09:10 [Ted looks for copy to forward to member-automotive list while Erik shares screen on call] 18:09:40 Ulf: we have long and short term formats but can gloss over that for now 18:10:06 ... steps 1-6 that a client needs to do in VISSv2 model 18:10:26 ... we have three roles, user, application and device 18:10:44 ... if approved with credentials that back and match that client 18:11:24 @@link 18:13:03 ... also enumerate major use cases 18:13:52 s|@@link|https://lists.w3.org/Archives/Member/member-automotive/2021Jun/0002.html| 18:14:04 Present+ Adnan 18:14:56 Erik: what Sebastian and I did was create a corresponding client interaction without specifying how it gets the token to begin with 18:15:20 ... assumption is vehicle running in vehicle, needs to be able to operate without a network connection necessarily 18:15:50 ... we don't see the role base need 18:17:53 ... our token format, we provided an example in email but suggest Kuksa VAL repo for better view 18:18:27 https://github.com/eclipse/kuksa.val 18:19:15 Ulf: it is possible to combine some of our separated servers to be closer to Bosch model 18:20:08 ... this policy representation for RBAC can be used for granular access approach as well 18:21:38 Erik: it might be possible to support both role and granular, just where you expand details of access control 18:22:41 Ulf: the variations should be negotiable by client and handle different token formats 18:23:23 ... what you propose as a variability point is fine with me, might be worth giving this all some more thought 18:24:11 Erik: we left it as an unspecified method (token being issued) but need to know how it will be done practically. there are some open topics about how this would look/work in a vehicle 18:24:46 ... we wouldn't want token reused across vehicles, does it get provisioned at install or? 18:26:04 Ulf: it doesn't have to be a single flow/solution 18:27:29 Isaac: we thought there may be scenarios that influenced our requirements about wanting an access grant server 18:28:17 Ulf: worth stepping back and enumerating scenarios with third party applications, whether this will only reside in-vehicle etc 18:28:28 ... would Bosch produce that? 18:29:00 Erik: we could write it down but current view may differ, aspects evolve 18:31:29 Carine: we could have unspecified (out of scope) aspects but that can lead to interoperability issues as you mentioned 18:33:04 Erik: we will need something that generates a token obviously 18:34:34 Ulf: we could have variability on token generation 18:41:49 Ted agrees with Ulf, Bosch should come up with scenarios they want to support and think about tokens needing updating because of a security incident, allowing external devices etc 18:42:26 Ulf: we can have unspecified aspects but must make token formats clear at the least 18:45:08 zakim, take up agendum 2 18:45:08 agendum 2 -- Curve logging demo -- taken up [from ted] 18:45:43 Action Ted to look for useful minutes on access control requirements to share 18:45:51 [Ulf shares screen] 18:47:10 Ulf: I'm using some prepopulated sample data for speed, lat and long. I went with a sawtooth sample as it is good for testing curve 18:47:58 ... starting simulator, data store, VISS server 18:50:03 ... you can see how values are being pushed into state storage 18:50:34 ... now need to start a client and for it to be a request for a curve logging subscription 18:50:54 [Ulf has a file of sample client requests on screen, chooses appropriate one] 18:51:37 ... have a WebSocket client launched and connected, you see the response to subscribe request on subscription id, etc 18:53:38 ... we get an initial speed response and after some time you see we get additional values of speed, lat, long that match the error limit 18:54:09 ... it found the right peaks and valleys, trust me, from the sample provided 18:55:31 ... if you unsubscribe you get unsub response and rest of buffer is checked against curve and sends any there 18:55:59 ... finally it gives the last location 18:59:08 Ted: thanks Ulf, that showed a dramatic savings on bytes that need to be transmitted to provide adequate representation 18:59:42 Ulf: typical reduction is 85% 19:00:23 rrsagent, draft minutes\ 19:00:23 I'm logging. I don't understand 'draft minutes\', ted. Try /msg RRSAgent help 19:00:27 rrsagent, draft minutes 19:00:27 I have made the request to generate https://www.w3.org/2021/06/08-auto-minutes.html ted 19:12:29 rrsagent, draft minutes 19:12:29 I have made the request to generate https://www.w3.org/2021/06/08-auto-minutes.html ted 19:13:18 rrsagent, make log public 19:13:23 rrsagent, draft minutes 19:13:23 I have made the request to generate https://www.w3.org/2021/06/08-auto-minutes.html ted 19:13:52 caribou: getting 404 despite 3 publishrequests 19:17:12 I see it's there now