- From: <msporny@digitalbazaar.com>
- Date: Tue, 03 Nov 2015 13:59:17 -0500
- To: Credentials CG <public-credentials@w3.org>
Thanks to Nate Otto for scribing this week! The minutes
for this week's Credentials CG telecon are now available:
http://opencreds.org/minutes/2015-11-03/
Full text of the discussion follows for W3C archival purposes.
Audio from the meeting is available as well (link provided below).
----------------------------------------------------------------
Credentials Community Group Telecon Minutes for 2015-11-03
Agenda:
https://lists.w3.org/Archives/Public/public-credentials/2015Nov/0001.html
Topics:
1. Introductions to New Participants
2. Work Generated as a Result of W3C TPAC
3. WebDHT Spec Released
4. Reorganizing this group around new Task Force
Organizer:
Manu Sporny
Scribe:
Nate Otto
Present:
Nate Otto, Manu Sporny, Greg Kidd, Alex Jackl, Chris Webber, Dave
Longley, Gregg Kellogg, Brian Sletten, Matt Stone, Stuart Sutton,
Sunny Lee, David I. Lehn, Richard Varn, Eric Korb, Rob Trainer
Audio:
http://opencreds.org/minutes/2015-11-03/audio.ogg
Nate Otto is scribing.
Manu Sporny: On the agenda today, an overview of what happened
at the Techncal Plenary last week. It went great.
Manu Sporny: We have released a decentralized hash table for the
web spec -- start the conversation on that technology
Manu Sporny: Also, reorganize the group around new tasks
Manu Sporny: And, new folks today: Greg and Alex - Introductions
to them at the beginning of the call
Manu Sporny: Any updates to the agenda or other items to add?
....
No updates
Topic: Introductions to New Participants
Greg Kidd: I have a background in the payments world - Worked
for the Federal reserve board of governors that runs the check
clearing ACH system. Interested in identity. Interested in seeing
standards promulgated so that folks only need to create an
identity once and use it for distributed login to many systems.
Manu Sporny: Welcome to the group
Alex Jackl: I'm the CEO of Bardic Systems. We're a
Technology/Managemnt consultancy in education. Co chair of
experiential learning task force, and chair of the technical
board of the schools and interoperability standards. Interests in
making sure the work we're doing locally in credentialing is
synchronized with global work. (scribe note: Alex, could you type
the names of the orgs you mentioned, because I'm sure I wrote
them down wrong)
Manu Sporny: For new folks, one of the things we've been working
on in this group over the last year is trying to start official
working group at the W3C. We've been working on specs,
technology, use cases, vision, all that stuff for the last year.
Alex Jackl: Bardic Systems, Inc. (bardicsystems.com) is my
company name... :-)
Alex Jackl: PESC http://www.pesc.org/interior.php?page_id=246
Manu Sporny: We had a little trouble with W3C management getting
on board with the initiative, so in order to convince them, we
went out to do a bunch of research about companies requirements.
We presented this information at TPAC in Sapporo Japan last week.
Manu Sporny: Specifically, we were presenting to two main
groups. 1) the Web Payments Interest Group -- Payments depends on
identity and credentialing pretty heavily. They're not taking on
this topic in phase 1 of their work but may do so in phase 2. 2)
The general W3C membership who are not in the Web Payments IG.
Includes many browser manufacturers and many other companies
participating in the W3C.
Alex Jackl: Schools Interoperability Framework - specification
run by Access For Learning Consortium (formerly SIFA) a4l.org
Manu Sporny: Rather than go through a blow-by-blow (we don't
have enough time to talk about all the hallway conversation about
identity and credentialing), I'll try to summarize the outcomes
Manu Sporny: The Web Payments IG has decided that there should
probably be a Credentialiing Task Force. The purpose of this
taskforce is to create a charter for an official Credentials WG
at the W3C.
Manu Sporny: This was more than we were asking for, so that's
good. The Web Payments IG feels we should incubate the WG within
the Web Payments IG with input from healthcare interests, and
other WPIG consituents, then put the charter developed up for a
vote
Manu Sporny: Also, because of the data we gathered, the W3C
management is on board, provided we can make the more reluctant
members happy. Now they are certainly convinced that the W3C
should do something about it, and are deferring to the Web
Payments IG to decide how to go forward to do the work
Manu Sporny: There were some concerns about how what we're doing
fit with OpenID Connect, OAuth, JOSE. Those interests raised some
questions that they feel MUST be answered before they would vote
in favor of creating a Credentials WG
Manu Sporny: Web Payments Interest Group appointed Manu to run
the proposed task force
Manu Sporny: The Technical Plenary day, we hosted an
unconference session to invite any member who was not in the Web
Payments work to also participate
Manu Sporny: Let me share an image. I want you to see who was in
the room
A crowded room! (The Web Payments Interest Group)
Manu Sporny: To get support from a group this size is a big
deal. We only need 20 positive votes, and there were ~65 people
in the room. These people are already convinced they want to do
something around credentialing.
Manu Sporny: On Wed, the Technical Plenary day, we picked a
small room, because we hadn't done a lot of convassing group.
Could fit 14, but 35 showed up.
Manu Sporny: The chairs of the JOSE WG, OAuth WG, IETF Domain
Leads for Security/Identity&Privacy, a number of very large
browser manufacturers (which was interesting to see them
interested so early in the cycle)
Manu Sporny: There was a very healthy reception to the work. We
showed the same presentation to show the data that shows this
work is important
Manu Sporny: There were many who were frustrated that it's
taking this long to solve these problems. Reason: Everyone is
being a bit cautious this time around, because of so many
previous failed opportunities.
Manu Sporny: Really positive outcomes.
Manu Sporny: I did have a fairly in depth discussion with sir
Tim Berners-Lee, who was very interested in the ID/Credentialing
work as well as Linked Data Signatures. He has extended an
invitation for us to chat with some of the groups he works with.
Vint Cerf was also there. All were very supportive, mainly around
security and the Web & Linked Data, but were also supportive of
credentialing -- && see it as vital for the next generation of
the Internet
Manu Sporny: The other outcome of hallway discussion at TPAC:
There is a push to fast-track community group work at the W3C.
They're looking for CGs to take their work and fast-track it
through the W3C process. The Credentials CG is one group that was
identified as having a fast-trackable spec.
Manu Sporny: Criteria for fast trackable specs: multiple
implementations, tests, .... ID Credentials doesn't yet meet the
bar, but RDF signatures is a candidate
Manu Sporny: This was a firehose of information
Manu Sporny: Questions / concerns from the group?
Manu Sporny: There is an insane amount of work that the last
week generated.
Manu Sporny: We'll go through the to-do list for this group next
up.
Alex Jackl: Did you document the usage/needs research?
Manu Sporny: We polled 58 organizations and got 44 responses.
Manu Sporny: We asked each organization: What is your top use
case, and what features do you want to see out of the Credentials
work?
Manu Sporny: Alex, here's the survey response data:
https://lists.w3.org/Archives/Public/public-credentials/2015Oct/0016.html
Nate Otto: What do you feel about the timeline? How do tasks
line up with the calendar? [scribe assist by Manu Sporny]
Manu Sporny: There is clearly a desire.. Before TPAC, there was
pushback against moving quickly. Now there is a sense of urgency
to move quickly. Everyone is now pushing us to get done more
quickly than we have the people to do. We have far more work in
front of us than people to do the work.
Manu Sporny: Getting this WG spun up is pretty much on us at
this point. The faster we can get through the background work,
the faster it can start.
Manu Sporny: We need to get the Web Payments IG to finally
invite non IG participants into their group. One piece of
pushback from meeting: a couple members said we know
credentialiing is important outside of payments but we're here to
work on payments so we shouldn't include education and healthcare
angle. That got pushback, because folks felt technology should be
generic enough -- counter-argument to that is that without input
from healthcare & ed throughout entire process we might not make
something useful to those sectors. Also the sectors putting the
most money into this right now are healthcare and education with
financial sector lagging behind. We need to clarify to that group
so that this group's members can participate.
Manu Sporny: We will likely shift these Tuesday calls to become
the "Credentials Task Force calls"
Manu Sporny: The Task Force will focus on the things we've
already been focusing on in this group. It would now just be an
official W3C activity.
Manu Sporny: Near term, we need to get the task force stood up.
Then, get the draft charter work through. Then, write a whole
slew of supporting material: how we're different from prior
techs, go through all those arguments, answer all those
questions.
Manu Sporny: There were some very informed people who have
worked on this stuff over the last 15 years who were reluctant to
sign off on this. Brad Hill from Facebook (ex-Paypal, deeply
involved) felt we needed this documentation to be convincing to
the security community.
Manu Sporny: Bloomberg, PayPal concurs
Manu Sporny: Todo: document all the criticisms and written
answers to those criticisms.
Chris Webber: Oh, I can probably make that!
Manu Sporny: Face to face in SF next Feb or Mar. It would be
smart for us to convince them to have a credentialing Face to
Face at beginning or end of that meeting.
Manu Sporny: Hopefully that meeting will be the final sign-off
on the charter before sending it for the official vote.
Manu Sporny: If we stick to that timeline, we will have an
operational WG by march/early april 2016.
Manu Sporny: The more work we get done on the technical specs
between now and then, the faster we can get started.
Nate Otto: Yes, have to do a lot of planning for BA over next
several months - need to make sure this lines up well with that.
[scribe assist by Manu Sporny]
Manu Sporny: Any other thoughts/ concerns about what happened
last week
Dave Longley: Just a general thought: "Great work Manu"
Manu Sporny: All the prep work we did over the last year really
paid off at TPAC. I don't want to make it sound like it was all
roses and unicorns and it was great, but all the criticisms that
were raised we had answers to. I think that helped convince
everyone that we were ready to go to the next stage.
Manu Sporny: Thanks to everyone, that work helped us make this
breakthrough at W3C.
Manu Sporny: Now let's review all this work that's in front of
us.
Alex Jackl: Could you talk more about the pushback and what
obstacles might show up along the way?
Manu Sporny: There are two basic levels that the pushback
occurred on. At the technical level; At the Political level
Manu Sporny: The technical pushback has to do with questions
around why we're not reusing some of the technology that exists
out there. For example JOSE, which tells you how you digitally
sign JSON data.
Manu Sporny: We use a different approach called Linked Data
Signatures. The JOSE group is asking us to defend why JOSE
doesn't work for what we're trying to do. I met with Richard
Barnes (sp) who's co-chair of JOSE group. His perspective: This
stuff isn't rocket science. You just have to make sure the
primitives you use are well tested. He'd be happier if we use the
JOSE stack (& threw out some ideas for how that might work). The
chairs of this work are very level headed.
Manu Sporny: The other side of that coin is -- we sat down for a
1-on-1 with Tim Berners Lee & his group at MIT AI Lab, lots of
future-looking web research. Tim felt the LD sigs work and
dataset normalization needs to be done as soon as possible. He's
been trying to get it done for close to a decade. dlongley has
been involved.
Manu Sporny: Tim had tried to address these problems a number of
years ago, along with many other researchers.
Manu Sporny: When it comes to the political stuff -- you can
tell who the orgs concerned about this work by noticing their
lack of presence in the room. e.g. in the Web Payments work, VISA
and MasterCard aren't there. There's a perception that there
isn't anything but downsides for them in the Web Payments work
(but not true!). Big social networks like G+, FB aren't involved
in identity work because it may disintermediate their place as
providers
Manu Sporny: The people who raise those points often try to
raise this in process or technical issues ("we should be using
IETF specs" ... )
Manu Sporny: Can you talk about the browser manufactures being
in the sessions
Manu Sporny: The pushback was in the minority, but some of those
players work for very large organizations, and we can't not
respond to this.
Gregg Kellogg: There was something you said about JSON-LD Patch
along with LD signatures work? That's part of the LD platform,
but curious why this was put together.
Manu Sporny: I had a hallway chat related -- there are a number
of specs associated with Linked Data that are languishing. Some
of these specs are failrly complete and ready to go. RDF
Normalization is an example of this. I have no familiarity with
LD Patch, but it was suggested that it is in this same ballpark.
The chances that another WG would be created around LD Patch are
very low -- there isn't enough desire to overcome the heavy
weight of the process. Some folks recommended putting specs that
are ready to go to Recommendation status into this working group
as well.
Gregg Kellogg: If we're doing that, JSON-LD Framing really needs
to be considered.
Manu Sporny: Concern: if we put in too many specs, this
lightweight process becomes a heaviweight process, and we might
lose the ability to fast-track other specs.
Manu Sporny: The process with these proposed fast track groups:
The first publication you do as an official WG is skip right to
the candidate Rec stage. WG lifespan is supposed to be a year,
because we're supposed to have the implementations.
Manu Sporny: The question is then, is LD Framing there? Is LD
Patch there? Some people wanted to put LD Signatures there, but I
have reservations.
Manu Sporny: If it looks like we're headed toward success after
6months, then there will be an opportunity to fast track other
things as well.
Manu Sporny: That's generally the thought process threre.
Manu Sporny: There is a desire to fast track something, to test
out the process.
Manu Sporny: We folks who have been working in this space for a
while, we tend to test out new processes. We're being asked to be
the guinea pig in this new fast track process.
Gregg Kellogg: I'd be willing to participate
Manu Sporny: Heads up... you might be called on to chair some
groups
Manu Sporny: That's where we are with the fast track work
Topic: Work Generated as a Result of W3C TPAC
Manu Sporny: https://github.com/opencreds/website/issues/14
Manu Sporny: Really quickly in 15min, let's go over the work we
have to do
Manu Sporny: Create proposal for Credentials Task Force in Web
Payments IG: need to do this this week.
Manu Sporny: Standards Implementation Foundation is moving
forward: a place to put money to pay people to write specs
Manu Sporny: In order to speed up process, we need to funnel
some money toward people doing this work. We have been asked to
put in place a board of directors, as well as create an advisory
committee
Manu Sporny: Board will be people who are not receiving money
from SIF and have demonstrated propensity to support the open
source implementation
Manu Sporny: Advisory Committee for Standards Implementation
Foundation also
Manu Sporny: We need to get the SIF spun up sooner rather than
later, because there is a lot of pressure to get things done over
the next few years
Manu Sporny: Start conversation on Creating proposal for Fast
Track Linked Data Platform WG (LD-Patch and RDF Dataset
Normalization) right away
Manu Sporny: Linked Data Key management spec needs to be
created, lots of specification work on this list
Manu Sporny: We need to make sure that Dataset Normalization
spec does what the existing implementations do
Manu Sporny: We need this to-do list pretty much done by the
beginning of January. This is an incredibly aggressive timeline.
If this work is slowed down, it will be our fault, not anybody
else's.
Manu Sporny: Any questions on the to-do list?
Manu Sporny: Please suggest additions to the to-do list if
something isn't on our radar
Nate Otto: That's a dangerous suggestion, manu!
Alex Jackl: Manu, are you the project manager for making sure
these tasks get done?
Manu Sporny: This group does not have a chair yet. I'm just
organizing temporarily until chairs are selected. stonemat_ and
Richard Varn have volunteered. I'd be happy to step away when
possible, but until then, I'm the point of contact.
Topic: WebDHT Spec Released
Manu Sporny: http://opencreds.org/specs/source/webdht/
Manu Sporny: One of the nice things about being trapped on an
airplane for 11+ hours is you can do some spec-writing.
Manu Sporny: I wrote down our current thinking for the Web DHT
spec
Brian Sletten: False. There is nothing nice about 11+ hour plane
rides.
Manu Sporny: The credentialing work requires that you assign
credentials to a decentralized identifier, basically an
identifier that people own. Domain names are not good enough
(email addresses too) if you don't pay your yearly fees, etc. If
you end up on the wrong side of a trademark dispute, or
government watch list, your domains can be taken away.
Manu Sporny: If we're going to tie identifiers to someone, we
need to make sure they have control of their identifiers.
Manu Sporny: Other methods exist: NameCoin, IPFS; there are all
kinds of ways of doing this. The WebDHT method is a proposal
built on web technologies & has a better chance of getting
through the W3C process than others.
Manu Sporny: Some proposals in this group, like authorization.io
are built on WebDHT
Manu Sporny: That document is out there now - The Web Payments
IG is having a healthy discussion about this right now. Encourage
all to read it to understand some of the assumptions that WebDHT
is built on. It is completely uncertain when this may be taken to
standards track
Manu Sporny: So: that's WebDHT. Any questions?
Topic: Reorganizing this group around new Task Force
Manu Sporny: We've been operating for quite some time as a
Community Group
Manu Sporny: This type of group has no official standing at W3C.
It's where most pre-standardization group at W3C is done. We have
been fairly successful, and now people want to move this to the
next stage.
Manu Sporny: Question: should we add a new parallel call for the
Task Force, or replace this call with the Task Force.
Manu Sporny: The idea is that everyone who is currently
participating will be able to continue to participate.
Manu Sporny: What are the feeling of the folks on the call?
Dave Longley: +1 Replacement if CG members can join.
Chris Webber: +1 To replacing
Matt Stone: Say for a minute if we added a second call, how
would agendas differ?
Nate Otto: +1 To replacing the call
Gregg Kellogg: +1 For replacing call
Brian Sletten: +1
Alex Jackl: +1 For replacing
Stuart Sutton: +1
Manu Sporny: The big IF is with w3c membership. Typically
non-W3C members are not allowed to participate in IG meetings.
Manu will try to convince Web Payments IG chairs to invite
non-members in. There is a concern around patent/royalty
commitments.
Manu Sporny: Other paying members can get annoyed when they see
non-paying orgs participating in payment-only spaces.
Manu Sporny: It looks like the group agrees -- we'll propose
this in the Web Payments IG and see where that goes.
Manu Sporny: We'll definitely want to meet again next week
Manu Sporny: Anything else before we go?
Chris Webber: Packed call!
Chris Webber: But good coverage :)
Alex Jackl: Glad to be participating... thank you
Nate Otto: Lots of people talking about Backpack and OpenBadges
- we may want to align that work with this work. [scribe assist
by Manu Sporny]
Manu Sporny: Congratulations to everyone on a victory well
earned
Eric Korb: +1 To all
Received on Tuesday, 3 November 2015 18:59:45 UTC