Meeting minutes
Minutes
<kaz> Aug-7
McCool: We agreed to review the minutes offline, but let's go over it to recap what we left last month
McCool: <approved>
PRs
McCool: 4 PR pending
PR 226
<McCool> PR 226 - Migrate to new ReSpec profile
McCool: It updates the respec version and address its lints
(merged)
PR 225
<McCool> PR 225 - Add DDoS Threats
McCool: It add a section about DDoS next to the current DoS section
McCool: I added the definition and then added few examples
McCool: I'd like to have more people to review it
PR 224
<McCool> PR 224 - Add anchors to threats
McCool: I would not merge this pr since it adds additional overhead and might desync
Luca: I agree, might be good to ask the respec developers to improve the usability
McCool: <closed with comment>
TPAC Agenda
<kaz> TPAC WoT agenda wiki
McCool: My intention is to have a small slide deck and then go over the documents
McCool: <Edits the wiki to link the documents>
<kaz> wot/planning/Security/README.md
Luca: The items in the list probably will go over the 30min alloted
McCool: <maps the section to a time budget to leave 10min for discussion>
Luca: We aren't many in the TF, we should take the TPAC as chance to enlist more people
Kaz: we need to think about deployment environment for actual IoT services like smart homes, smart buildings and smart cities
McCool: It's true, but we aren't going to do that during the TPAC
Kaz: We could at least reading an issue about detailed security constraints/scenarios
McCool: Security is quite horizontal, that applies to most use-cases
McCool: <Adds to the wiki a set of proposals to be discussed at TPAC>
Luca: I'm concerned about the relationship between the Security TF and the Use-Case TF
Luca: Most of the RECs we produce rely on already ratified protocols that bring by themselves security considerations
Luca: Most of the historical security concerns come from bad deployments and this is hard to fix
McCool: Also the Profile TF might bring security constraints and signal them over profiles as well
Luca: It is a good idea IMHO and we could discuss that to TPAC as well
McCool: Security experts are busy and valueble, we would use their time to review the other TF outputs
McCool: <Adds that to the Call to action section in the wiki>
<kaz> Security and Privacy on the TPAC WoT agenda wiki
<kaz> [adjourned]