mmccool
commented
5 years ago After architecture document is finalized (goes to CR) we should revisit our security docs to make things consistent. Right now it's still (unfortunately) in a state of flux.
Open takuki opened 5 years ago
mmccool
commented
5 years ago After architecture document is finalized (goes to CR) we should revisit our security docs to make things consistent. Right now it's still (unfortunately) in a state of flux.
mmccool
commented
5 years ago In our security TF call April 29 we agreed to do a review and update of the security docs immediately after the CR transition of the Arch doc, at which point the terminology definitions will be firm. When the Arch and TD docs go to REC they can be updated to point to the latest publiched version of the security Note.
mmccool
commented
5 years ago This is probably a special case (or an instance) of vocabulary updates aligning wot-security with the Architecture CR: https://github.com/w3c/wot-security/issues/126
mmccool
commented
5 years ago We should try to address this ASAP so we can push out an update. It might be fixed already, and we may want to use "Intermediary" to be consistent with the Arch document.
takuki
commented
5 years ago The updated section 7.3 seems consistent with Architecture document (section 9.2.2.1 and 9.2.3 in particular).
Section 7.3 contains this statement:
We refer to this configuration as a "Split Proxy" because the combination of the Local and Remote Proxy together act like a single proxy service.
I understand Proxy as a service (or a function) of an entity (such as an Intermediary). Therefore, I think "Local and Remote Proxy" in the above quoted sentence should be "Local and Remote Intermediary".
mmccool
commented
5 years ago A Proxy is a special case of an Intermediary that provides a specific service, and generally is not expected to modify content, except for encryption/decryption "wrapping". An Intermediary can provide all kinds of other services that a Proxy might not, including content translation. It might be better to add a sentence saying a Proxy is a special case of an Intermediary, but keep the terms "Local and Remote Proxy".
mmccool
commented
2 years ago This is being worked on in Architecture which IMO is where definitions of terminology belong. There is also an open issue/PR there to sort out the terms "Hub", "Gateway", etc. and use them consistently. See https://github.com/w3c/wot-architecture/pull/603
In section "7.3 Basic Interaction between WoT Thing and WoT Client via a Split Proxy" of the wot-security WG note draft, Proxy and Gateway are used interchangeably. The prose uses "gateway" while the diagram uses the term "proxy". Personally "proxy" is more abstract term, I prefer it to "gateway". The diagram and the prose should be made consistent in terms of the use of terminology.