IRC log of wot-sec on 2024-03-18

Timestamps are in UTC.

13:03:02 [RRSAgent]
RRSAgent has joined #wot-sec
13:03:06 [RRSAgent]
logging to https://www.w3.org/2024/03/18-wot-sec-irc
13:03:12 [kaz]
meeting: WoT Security
13:03:31 [kaz]
present+ Kaz_Ashimura, Jan_Romann, Michael_McCool
13:03:53 [McCool_]
McCool_ has joined #wot-sec
13:06:19 [kaz]
topic: Minutes
13:06:35 [kaz]
-> https://www.w3.org/2024/03/11-wot-sec-minutes.html Mar-11
13:06:49 [kaz]
present+ Tomoaki_Mizushima
13:07:38 [kaz]
mm: would check Mahda's availability
13:09:43 [kaz]
approved
13:10:12 [kaz]
topic: Security Categories
13:10:15 [McCool_]
https://github.com/w3c/wot-usecases/blob/mmccool-patch-2/USE-CASES/security-categories.csv
13:10:45 [McCool_]
https://github.com/w3c/wot-usecases/pull/255
13:11:21 [kaz]
s|https://github.com/w3c/wot-usecases/pull/255|-">https://github.com/w3c/wot-usecases/pull/255|-> https://github.com/w3c/wot-usecases/pull/255 PR 255 - @@@
13:11:28 [kaz]
mm: added some edits
13:12:08 [kaz]
... (goes through the updates within PR 255)
13:12:29 [kaz]
s/@@@/Update security-categories.csv/
13:12:56 [kaz]
... related issue on wot-usecases repo
13:14:08 [kaz]
... want to bring up is security/privacy consideration within the Use Case template
13:15:12 [kaz]
... to see if each use case correspond to each categorization, e.g, Public Service or not
13:15:18 [kaz]
s/e.g,/e.g.,/
13:17:07 [kaz]
jr: what's the different between "Private Information" and "Confidential Information"?
13:17:45 [kaz]
mm: PII and business confidential
13:17:46 [kaz]
q+
13:18:59 [kaz]
q+ That could be an initial definition, but "Private Information" is not equal to "PII"...
13:19:06 [kaz]
kaz: That could be an initial definition, but "Private Information" is not equal to "PII"...
13:19:09 [kaz]
q?
13:19:11 [kaz]
ack k
13:22:20 [kaz]
... PII is basically information to identify the user
13:22:51 [kaz]
... while "private information" could be broader and include "my shopping history"
13:22:56 [kaz]
ack k
13:23:19 [kaz]
mm: should say "private/PII" instead then
13:24:36 [kaz]
kaz: "business confidential" also could have several levels, e.g., personal level and company level
13:25:00 [kaz]
mm: we could think about several sub-categories to handle those levels
13:27:12 [kaz]
q?
13:27:55 [kaz]
... would work with David, etc., for further discussion
13:29:40 [kaz]
... also would add another column to capture if the submitter confirms the categorization
13:30:54 [kaz]
[adjourned]
13:30:58 [kaz]
rrsagent, make log public
13:31:02 [kaz]
rrsagent, draft minutes
13:31:04 [RRSAgent]
I have made the request to generate https://www.w3.org/2024/03/18-wot-sec-minutes.html kaz
13:41:21 [JKRhb]
JKRhb has joined #wot-sec
15:02:09 [JKRhb]
JKRhb has joined #wot-sec
15:26:26 [JKRhb]
JKRhb has joined #wot-sec
15:28:43 [Zakim]
Zakim has left #wot-sec
17:28:03 [JKRhb]
JKRhb has joined #wot-sec
17:56:39 [JKRhb]
JKRhb has joined #wot-sec
19:58:00 [JKRhb]
JKRhb has joined #wot-sec
20:19:29 [JKRhb]
JKRhb has joined #wot-sec
20:36:54 [JKRhb]
JKRhb has joined #wot-sec
20:47:19 [JKRhb]
JKRhb has joined #wot-sec
21:06:37 [JKRhb]
JKRhb has joined #wot-sec
21:48:15 [JKRhb]
JKRhb has joined #wot-sec
21:52:16 [JKRhb]
JKRhb has joined #wot-sec
21:57:07 [JKRhb]
JKRhb has joined #wot-sec