w3c / automotive

W3C Automotive Working Group Specifications
Other
146 stars 68 forks source link

Issue 369. MQTT added to the TRANSPORT specification. #427

Closed UlfBj closed 2 years ago

UlfBj commented 3 years ago

Browser compatible version of the TRANSPORT document https://rawcdn.githack.com/UlfBj/automotive/5128aeca1313bd5264968455faa6ca2e179fcb21/spec/VISSv2_Transport.html

UlfBj commented 2 years ago

Updated readable version per comments above. https://rawcdn.githack.com/UlfBj/automotive/77032393cf469d35e1554035d30827b1a640a914/spec/VISSv2_Transport.html

SebastianSchildt commented 2 years ago

I feel there are two options

  1. Use the VIN directly, not "obfuscation", hashing. Argument: Access control you need on your broker anyway, and VIN is not "privacy" critical. You would now how to access a specific vehicle

  2. Just define an "identifier" (string? uuid?), and leave it up to the application/deployment: Argument: The person deploying VISS would now "what is what" (OEM might connect to VINs, fleet operator might have internal car numbers...). Raw VIN might still be an option. You loose "discoverability" based on VIN

Both work, I feel 2 is better.

"Mangling"/"Obfuuscating" the VIN in a standardised manner without random element so that 1:1 lookup table can be created just is effort in servers and clients, and provides not advantage over 1.

erikbosch commented 2 years ago

Concerning the VIN/Hash discussion - in the "core" document for tokens we say

VIN: The vehicle identification number. This may be a pseudo-VIN, or any other identity that uniquely links to the vehicle in the access control ecosystem.

Would the same (or similar) definition work here as well, instead of stating an explicit method (SHA256 Hash of VIN)? I assume that the "Vehicle Client" and/or "VISSv2 server" anyway need to be able to do a reverse lookup so it can update the right vehicle, and/or check that the used token gives rights to access data on this particular vehicle.

UlfBj commented 2 years ago

PR updated, see commit e159178 above. Link below shows latest version. https://rawcdn.githack.com/UlfBj/automotive/e1591783f88f3f4e0c17d252f9341c991aef6f2f/spec/VISSv2_Transport.html

tguild commented 2 years ago

Since VIN is Vehicle IDentification Number, we thought on call it might be best to clarify there is potentially no relation between VID and VIN.

That could be done by following up on this statement:

where VID is an identity that uniquely links to the vehicle in the access control ecosystem.

with:

This vehicle identity is not necessarily the manufacturer's Vehicle Identification Number (VIN).