Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add a draft proposal of requirements. #5

Merged
merged 3 commits into from Jun 8, 2017

Conversation

Projects
None yet
2 participants
@dajiaji
Copy link
Member

commented Jun 6, 2017

No description provided.

@tomoyukilabs

This comment has been minimized.

Copy link
Member

commented Jun 6, 2017

Great! Thanks, @dajiaji! I'll add several comments inline. PTAL.

First, I would like to merge this PR after you check my comments. Then, I would like to suggest several modifications by submitting another PR.

UseCases.md Outdated
- #T.B.D.
- Network environment: a local network and/or a global network
- Certificate issuer: public CA / corporate or organizational CA / private CA
- Privacy scope: public / per service or device manufacturer / private

This comment has been minimized.

Copy link
@tomoyukilabs

tomoyukilabs Jun 6, 2017

Member

We can omit this section for now, IMO.

This comment has been minimized.

Copy link
@dajiaji

dajiaji Jun 6, 2017

Author Member

Thank you for your review. Okay, you can omit the section.

@tomoyukilabs
Copy link
Member

left a comment

@dajiaji I've attached several comments inline. Please check these comments and revise your draft if needed.

- The UA (the web browser mentioned in the use cases above) shall be able to securely discover the presence of HTTPS/WSS server capable devices (hereinafter just called 'device') that are connected to the local network.
- A secure context loaded from the internet to the UA (hereinafter just called 'secure context') should also be able to discover target device capabilities that are actively (e.g., turned on) connected to the local network (e.g., device type, identity of a set of Web APIs, and so on).
- A secure context shall be able to get access to the locally discovered device based on the user consent.
- If there are multiple devices in local network, the UA shall be able to provide the user with a way to select one device at a time which she intends to use on the secure context.

This comment has been minimized.

Copy link
@tomoyukilabs

tomoyukilabs Jun 7, 2017

Member

Several questions:

  • Should we limit network scope of devices to the same local network?
  • Should the UA provide a way to limit devices to ones which has capabilities requested by the users?
  • Should the UA avoid exposing the device list to web apps?

This comment has been minimized.

Copy link
@dajiaji

dajiaji Jun 7, 2017

Author Member

Should we limit network scope of devices to the same local network?

I'd like to focus on the case to simplify our discussion if there isn't anyone who wants to consider more complicated local network environment.

Should the UA provide a way to limit devices to ones which has capabilities requested by the users?

I'm not sure but yes, I think so. We need more discussion but you can add the requirement.

Should the UA avoid exposing the device list to web apps?

Yes. Please add the requirement.

This comment has been minimized.

Copy link
@tomoyukilabs

tomoyukilabs Jun 8, 2017

Member

Okay, I'll merge this as it is for now. These items could be discussed later in #4.

UseCases.md Outdated

## <a name="req-03"></a>REQ-03: Issuing TLS server certificate for device

(Are there any solution to realize the use cases above without issuing a TLS server certificate to the device ?)

This comment has been minimized.

Copy link
@tomoyukilabs

tomoyukilabs Jun 7, 2017

Member

Please add "Note:" at the top of the sentence.

This comment has been minimized.

Copy link
@dajiaji

dajiaji Jun 7, 2017

Author Member

Okay. Thanks.

UseCases.md Outdated

(Are there any solution to realize the use cases above without issuing a TLS server certificate to the device ?)

- The device must have a way to get a server certificate which the UA can trust after connecting to the local network because an IP address and a domain name of a device in local network is changeable.

This comment has been minimized.

Copy link
@tomoyukilabs

tomoyukilabs Jun 7, 2017

Member

s/changeable/subject to change/

This comment has been minimized.

Copy link
@dajiaji

dajiaji Jun 7, 2017

Author Member

Thanks. I've modified the draft. Can you please check and merge it ?

@tomoyukilabs tomoyukilabs merged commit 38ab715 into httpslocal:master Jun 8, 2017

@dajiaji

This comment has been minimized.

Copy link
Member Author

commented Jun 9, 2017

Thanks for merging it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.