JOIN/SIGN UP
Already a Member? |
GET INVOLVED
Understanding and Engaging in COVESA Expert Groups & Projects |
COLLABORATIVE PROJECTS
HISTORICAL
SDV Telemetry Project - On Hold |
...
Kevin: CVII call of last week was positive, Q. can we embed our CCS poc in the bigger CVII picture ?
quick look at CCS Proof-Of-Concept - Work Breakdown Structure
Gunnar: there are 2 areas where it is still worth completing the implementation
the graphql implementaion
the access management
Iyyaz: concenring access management, are you looking for an implementation on the cloud side ?
@kevin: is it for the neutral server to authenticate or for 3rd parties ?
Kevin: this is for both
Gunnar: it does not replace the authentication on the pipe to the vehicle, VISS protocol does have a definition of access control
Gunnar: shows the vss-graphql repository
Christian H: why don't we collaborate with kuksa project on this, since they have implemented it
Gunnar: is it aligned with OAuth ?
Christian H: this is to be checked with Sebastian Schidlt
discussion on the various approaches of authentication
Gunnar / Ulf: we use the same authentication mechanism but not the same authentication token on the cloud side and the vehicle side
Iyyaz: what are the actions resulting from this discussion ?
Gunnar: IMHO there is a need to review the kuksa code to check what can be reused
Gunnar: there is a need to cross-check whether kuksa project supports OAuth with Sebastian until next call
Gunnar: IMHO a deep knowledge of the OAuth2 specfication is necessary
Gunnar: we might be willing to explore which implementation exist in the open source
Iyyaz: I have been using the okta implementation of OAuth2, it is actually a service, but provides some code examples of how the service can be used
okta supports jwt
okta claims you do not have to bother about the updates of the various software components used
Christian H: the authenticator should be the code we are looking for
Iyyaz: points to https://medium.com/decentralized-identity/the-universal-resolver-infrastructure-395281d2b540
Christian H: points to https://dev.uniresolver.io/
TODO look into the kuksa code
Christian: on Bosch side the developer is "wenwenchen", we should open a ticket in github to get in touch with the developer
Christian: I will check with wenwen which material is available for explaining the authentication approach in kuksa
Jira | ||||||
---|---|---|---|---|---|---|
|
TODO Iyyaz to explain the rationale for using an external authentication service (like okta)
Jira | ||||||
---|---|---|---|---|---|---|
|
Philippe: I recommend that we use the mailing list for this because it gives more visibilty than comments in a Jira ticket
Jira | ||||||
---|---|---|---|---|---|---|
|
Vehicle data model
Jira | ||||||
---|---|---|---|---|---|---|
|
Jira | ||||||
---|---|---|---|---|---|---|
|
...