Meeting minutes
Minutes review
<McCool> https://
McCool: I looked into several IETF documents.
… having some thoughts how to proceed with it.
McCool: Anyone having objections?
no objections.
Local transport and secure onboarding
https://
McCool: I read the IETF specification and added a PR for the security-best-practices accordingly.
McCool: Problem is that TLS 1.3 has been released, but DTLS 1.3 hasn't been released yet.
Jiye: For TLS1.3 this privacy expose risk is not happening?
McCool: I don't know if that is a problem in TLS1.3.
McCool: Offline and local networks are different. Local networks only have a NAT, while offline networks don't have a connection to the Internet at all. We should split that up in different sections.
<McCool> https://
Jiye: I wanted to talk about the onboarding stuff.
mm added a comment to PR #28
https://
McCool: I think the terminology is confusing.
Jiye: I agree. What is the onboarding, config, certificates? We should clarify the context.
McCool: The context should be WoT. We can assume that the certificates situation is solved.
Jiye: In order to setup the device we may want to use a mobile phone.
McCool: We have a lifecycle section in the architecture section. It is a bit contradicting and too short anyways.
McCool: We have the problem that the term "onboarding" is used for a lot of things in the industry.
McCool: There is also a discussion about group keys.
McCool: In general groups keys are problematic and have holes in them. They are also difficult to update.
McCool adds a comment to #28
https://
McCool: I need to re-read the specification. I am going to add all the references when I find them to the comments.
ACTION: Separate local and offline sections.
ACTION: deal with TLS1.3 and DTLS1.3
ACTION: finish reading DID, VC, SZTP, BRSKI, Authz, EST
ACTION: Also should look at MUDs to document trust relationships
<kaz> [adjourned]