MINUTES
15:30 Logistic & WG charter discussion
(10 min; Warren Kumari & Rob Wilton)

Warren: Giving a quick intro.
Toerless:
Thanks for making this group happen!
We should ask folks to provide feedback on whether this group is useful (and I agree that it is)
On Charter: Would like to also see “problem-statements” to be valid work in iotops / Warren: gap-analysis would have been better
Eliot: To answer question for Toerless, see my presentation later.

15:40 OMA/IoT device management protocol LwM2M with respect to device onboarding
(15 min; Hannes Tschofenig)

Mohit: Have been reading the specs. Question on ACLs: Is there anything that the xxx specs have to do in ACE or OAuth?
Hannes: OAuth and ACE would be a dynamic model, involving humans, and technicians. LWM2M doesn’t talk about more complex scenarios.
Henk: Would be interesting to see what do you want to see here (within this WG)?
Hannes: For us, what to maintain a lively exchange with IETF community, have lots of dependencies on IETF specifications, would like a better flow of information, and better understand how the specifications evolve.

15:55 Overview on the FIDO Alliance specification for device onboarding
(15 min; Geoffrey Cooper)

Henk: A lot of overlap in the general direction, but discrepencies in the details? What alignment and support do you see here?
Geoffrey: Thought about whether we should stop early. Would already have a protocols. Felt that there was an impedence mismatch. Need to have a place where you can do a massaging of the device. Use FDO onboarding to provision XXX credentials. We have also used to bring up the entire OS and container system. Destination has the ability to tailor the device (which we call late binding). But we are not trying to device management.
Ash Wilson: Question about why DNS was not used (for rendevous).
Geoffrey: Not the same server managing the IOT as managing the DNS. Easier within an organization to bring up an application server rather than having to manipulate he DNS. Also had a brake out mechanism. Rendevous mechanism is not a big server, but a little server.
Dan Harkins: What is in the XXX datastructure? What else does the manufacturer need to put in.
Geoffrey: Manufacturer certificate, Manufacturer key. As ownership voucher moves through the supply chain can build up a ledger of certificates as to where the device has been. If you have a reliable supply chain you would probably already have this mechanism.

16:10 Deep Thoughts on Network Onboarding Challenges
(10 min; Eliot Lear)
https://datatracker.ietf.org/doc/draft-lear-iotops-onboard-intr/?include_text=1

Henk: Huge fan of problem statements. Fleshing that out in a document would be a good first step.
Geoffrey: One issue is that the supply chain is going to be enormous. Need to think about how to get objects in a company and out to another one. This might be a way to think about the problem.
Eliot: Thank you, I’ll be in touch.

16:20 Provisioning of IoT devices: Home Routers
(10 min; Michael Richardson)

Henk: Will ask about a virtual interim as a question.
Erik: Will send comment to the list

RAISING HAND FOR TWO HUMS: WOULD YOU LIKE TO PARTICIPATE IN A NEAR TIME (4+ WEEKS’ISH) FOLLOW UP FIRST INTERIM MEETING? (HANDS ACTIVELY RAISED: YAY, HANDS ACTIVELY NOT RAISED: NAY)
RAISE HAND 26
DO NOT RAISE HAND 1
PARTICIPANTS 68