-
Notifications
You must be signed in to change notification settings - Fork 22
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Topology scenarios #50
Comments
@mkovatsc, thank you very much for the link! I have read through description and it would seem to me that security-wise this scenario is no different from scenario described here: https://rawgit.com/w3c/wot-security/master/index.html#interaction-between-wot-thing-and-wot-client-via-wot-servient-gateway with the exception of one more additional gateway in between (so basically two gateways in total: remote proxy gateway and local proxy gateway) and a NAT/Firewall in the middle. This is given that we assume that all participants talk to the nearest communication party using provided WoT interfaces AND communication is not end-to-end but terminates at the nearest point (i.e. we don't assume that application servient knows how to talk to local proxy servient or device servient, but considers that it is taking to remote proxy servient providing a WoT interface to it). But I think since we had such scenario for plugfest defined (and also for all future scenarios for plug fests), I will add it to the examples in the security doc and we can collectively gather feedback on what security issues people saw. Also, maybe for future plugfests, it would make sense to consider the scenario beforehand also from security point of view and maybe even setup some security goals for implementors and see what issues they will encounter. Otherwise it feels like we won't get people to try many security things in practice leading to us maybe even not seeing underlying issues and merely speculating on many things. |
I think we have this addressed now in the example section of the document: we have typical typologies and recommendations. |
I also believe we have addressed this. |
This document covers the setup for the Burlingame PlugFest:
https://github.com/w3c/wot/blob/master/plugfest/2017-burlingame/preparation.md#3-plugfest-scenarios
The text was updated successfully, but these errors were encountered: