Specify self-described exploration #115
Conversation
|
This is a good start and I think it should be merged, perhaps after marking up the assertions with the right "spans" and giving them unique IDs. However, the reference to WOT-SECURITY is not normative, and the text does not go as far as to state that security is mandatory, etc. I see at least that it insists on HTTPS, although this is actually troublesome in a "local" network and we may want to also allow CoAPS (CoAP + DTLS). I should also say in general we avoid saying "HTTPS", instead (e.g. in the security doc) say "HTTP over TLS". We might also want to mention that one of the purposes of using TLS, etc. is to hide the request itself from listeners (although a listener can still see the IP request happening, at least without SecIP). We can deal with some of these security issues in the S&P section, but maybe we can add some assertions (in a followup PR) about general requirements (e.g. any security scheme used should provide access only to authorized users, should protect confidentiality of the request, etc). |
The assertions are from the existing spec in chapter 5. I have actually added an ednote to highlight the same issue. Assertions added in this PR have the correct span and class. |
farshidtz
force-pushed
the
self-description
branch
from
471a567
to
0ee7abc
Compare
|
Removed the reference to security spec. Added comment (in code) for additional self-describing protocols. In case we add CoAP, we need to also consider CoAP's Discovery and its relation with the Introduction mechanisms. |
This PR specifies the self-description mechanism.
Moreover, it adds the fundamental terminologies similar to those in https://www.w3.org/TR/wot-thing-description11/#terminology.
Preview | Diff