14:03:44 <RRSAgent> RRSAgent has joined #wot-sec
14:03:48 <RRSAgent> logging to https://www.w3.org/2023/12/04-wot-sec-irc
14:03:54 <kaz> agenda: https://www.w3.org/WoT/IG/wiki/IG_Security_WebConf#4_December_2023
14:05:02 <kaz> chair: McCool
14:05:15 <kaz> present+ Kaz_Ashimura, Michael_McCool, Mahda_Noura
14:06:04 <Mizushima> Mizushima has joined #wot-sec
14:06:24 <kaz> rrsagent, make log public
14:06:29 <kaz> rrsagent, draft minutes
14:06:30 <RRSAgent> I have made the request to generate https://www.w3.org/2023/12/04-wot-sec-minutes.html kaz
14:08:10 <kaz> topic: Minutes
14:08:22 <kaz> -> https://www.w3.org/2023/11/27-wot-sec-minutes.html Nov-27
14:08:23 <kaz> approved
14:08:29 <kaz> topic: Cancellations
14:08:58 <kaz> -> https://www.w3.org/WoT/IG/wiki/Main_WoT_WebConf#Cancellations Cancellations (from the main wiki)
14:09:23 <kaz> mm: like the impact for Discovery, the Nordic Chapter CG will have their meeting on Dec 18 again
14:09:36 <kaz> ... how to deal with the collaboration in the future?
14:09:45 <kaz> q+
14:10:11 <kaz> ... regarding Dec-18, we've already made a decision to cancel our meetings, though
14:10:20 <kaz> q?
14:11:17 <kaz> kaz: they're a CG while we're a WG, so we should prioritize our own work
14:11:34 <kaz> ... let's talk with their Chairs about the future collaboration a bit more
14:11:36 <kaz> ack k
14:12:27 <kaz> mm: note Jan 10 will be the first call of 2024 for WoT
14:12:31 <kaz> ... not calls on Jan 8
14:12:59 <kaz> topic: How to accelerate the Security discussion
14:13:14 <kaz> mm: we need more people for Security/Privacy
14:13:18 <kaz> ... but how to do that?
14:13:46 <kaz> ... human resources for security/privacy is limited
14:14:02 <kaz> ... several possibilities
14:14:09 <kaz> ... search for people from Members
14:14:18 <kaz> ... or from Academic
14:14:32 <kaz> q+
14:15:22 <kaz> ack k
14:15:48 <kaz> kaz: for that purpose, we need to clarify our "need" and "requirement"
14:15:58 <kaz> ... e.g., IoT security expert
14:16:09 <kaz> mh: somebody in mind
14:16:36 <McCool_> https://vsr.informatik.tu-chemnitz.de/about/people/siegert/
14:16:43 <kaz> q+
14:16:59 <kaz> s|https://vsr.informatik.tu-chemnitz.de/about/people/siegert/||
14:17:55 <kaz> mm: we need a security expert and also a privacy expert
14:18:54 <kaz> ack k
14:18:55 <kaz> q+
14:23:17 <kaz> ack k
14:25:08 <kaz> kaz: btw, we need to get more participants from the Membership as well
14:25:12 <kaz> mm: yeah
14:26:03 <kaz> q+
14:27:16 <kaz> ack k
14:28:38 <kaz> topic: PR 249
14:29:17 <kaz> -> https://github.com/w3c/wot-usecases/pull/249 PR 249 - Update links in security use case categories using triple-square
14:30:33 <kaz> mm: would merge this PR
14:30:48 <kaz> merged
14:30:52 <kaz> rrsagent, draft minutes
14:30:54 <RRSAgent> I have made the request to generate https://www.w3.org/2023/12/04-wot-sec-minutes.html kaz
14:31:23 <kaz> topic: Issue 243
14:31:42 <kaz> -> https://github.com/w3c/wot-usecases/issues/243 Issue 243 - Update Security Requirements #243
14:32:00 <kaz> s/topic: PR/subtopic: PR/
14:32:01 <kaz> s/topic: PR/subtopic: PR/
14:32:18 <kaz> i|topic: PR 249|topic: Use Cases PRs|
14:32:20 <kaz> rrsagent, draft minutes
14:32:22 <RRSAgent> I have made the request to generate https://www.w3.org/2023/12/04-wot-sec-minutes.html kaz
14:32:43 <kaz> mm: (adds comments)
14:32:49 <kaz> -> https://github.com/w3c/wot-usecases/issues/243#issuecomment-1838759002 McCool's comments
14:33:42 <kaz> topic: Security Categories
14:33:54 <kaz> -> https://github.com/w3c/wot-usecases/blob/main/USE-CASES/security-categories.csv security-categories.csv
14:35:17 <kaz> mm: (goes through the CSV table and the use Cases document)
14:35:48 <kaz> -> https://w3c.github.io/wot-usecases/ WoT Use Cases and Requirements Editor's Draft
14:37:07 <kaz> mm: (shows the example of "Smart Agriculture")
14:40:55 <kaz> q+
14:43:03 <kaz> kaz: technically, date/time and location could be also privacy information
14:44:16 <kaz> mm: probably should split "Private Information" category into "Private Information (for PII)"
14:44:35 <kaz> ... and "Confidential Information" (e.g., business confidential)
14:45:50 <kaz> kaz: in that case, "business Confidential" implies "Private Information" as an organization/entity
14:46:26 <kaz> ... so thinking about level of entities, e.g., person and organization, would make sense
14:48:31 <kaz> i|technically|-> https://w3c.github.io/wot-usecases/#UC-open-field-agriculture-1 WoT Use Cases and Requirements - 2.1.2 Open-field Agriculture|
14:48:59 <kaz> q+
14:52:01 <kaz> ack k
14:52:38 <kaz> mm: "business confidential" information would cause damage of money/cost
14:53:18 <kaz> kaz: in that case, maybe it would be clearer to handle the impact and damage itself, e.g., "damage of cost", instead of "business confidential"
14:54:25 <kaz> subtopic: Livestock Health Management
14:54:52 <kaz> -> https://w3c.github.io/wot-usecases/#UC-livestock-health-management-1 2.1.6 Livestock Health Management
14:55:22 <kaz> mm: it's an interesting use case since these days we get issues on chicken flu, etc.
14:56:24 <kaz> q?
14:56:51 <kaz> s/chicken flu/bird flu/
14:57:49 <kaz> subtopic: Agricultural Machinery Management
14:58:11 <kaz> -> https://w3c.github.io/wot-usecases/#UC-agricultural-machinery-management-1 2.1.7 Agricultural Machinery Management
14:58:46 <kaz> q+
14:59:08 <kaz> ack k
15:00:42 <kaz> kaz: probably we need to think about the whole lifecycle of the machinery to discuss the potential damages
15:00:49 <kaz> ... when to have what kind of damages
15:02:13 <kaz> ... not only within the field but also the lifecycle, e.g., getting the machinery from the shop to the field by a truck
15:03:01 <kaz> mm: we're out of time. let's continue the discussion next week.
15:03:04 <kaz> [adjourned]
15:03:10 <kaz> rrsagent, draft minutes
15:03:11 <RRSAgent> I have made the request to generate https://www.w3.org/2023/12/04-wot-sec-minutes.html kaz
17:15:48 <Zakim> Zakim has left #wot-sec