- From: <msporny@digitalbazaar.com>
- Date: Tue, 09 Jan 2018 16:59:59 -0500
- To: Credentials CG <public-credentials@w3.org>
Thanks to Nate Otto for scribing this week! The minutes
for this week's Credentials CG telecon are now available:
https://w3c-ccg.github.io/meetings/2018-01-09/
Full text of the discussion follows for W3C archival purposes.
Audio from the meeting is available as well (link provided below).
----------------------------------------------------------------
Credentials CG Telecon Minutes for 2018-01-09
Agenda:
https://lists.w3.org/Archives/Public/public-credentials/2018Jan/0024.html
Topics:
1. Reintroduction for Kerri Lemoie
2. Announcements
3. Progress on current action items
4. DID Harmonization Proposal #1
5. Outreach
Action Items:
1. Chairs to figure out how to move data min and sel disc to
ccg, convert to respec make sure all contributors are members of
the CCG, do the appropriate IPR License.
Organizer:
Christopher Allen and Kim Hamilton Duffy and Joe Andrieu
Scribe:
Nate Otto
Present:
Nate Otto, Christopher Allen, Manu Sporny, Drummond Reed, Kerri
Lemoie, Kim Hamilton Duffy, Adrian Gropper, David Chadwick,
Lionel Wolberger, Markus Sabadello, Frederico Sportini, Ryan
Grant, Christian Lundkvist, Heather Vescent, Dave Longley, Andrew
Hughes, David I. Lehn, Ted Thibodeau, Chris Webber, Dan Burnett,
Akila Natarajan
Audio:
https://w3c-ccg.github.io/meetings/2018-01-09/audio.ogg
Nate Otto is scribing.
Christopher Allen: Thank you everybody for joining.
Christopher Allen: We have our regular standing items, our
introductions/reindroductions, progress, etc. We were scheduled
today to discuss the upcoming year's plans with Joe, but Joe is
not able to join due to family emergency. We decided to focus on
the results from the DID reconciliation.
Christopher Allen: If there's time at the end, we want to take
on some outreach questions, like how to get started.
Christopher Allen: Any other agenda items?
Manu Sporny: We upgraded the VOIPbot with features we might want
to tell others about. 5min.
Drummond Reed: +1 To learning about new voicebot features
Christopher Allen: Is there anybody where today is their first
meeting or haven't been on for a long time?
Topic: Reintroduction for Kerri Lemoie
Kerri Lemoie: I'm Kerri Lemoie, I've been working on Open Badges
for about 7 years. I helped join this group to work out some
original use cases. Rejoining to do some work on educational
credentials.
Many in group saying "Welcome back, Kerri!"
Kerri Lemoie: Thanks! :)
Topic: Announcements
Kim Hamilton Duffy: @Christophera if we have time I'd like to
give a quick overview of our edu verifiable claims (soon-to-be)
proposed work item.
Christopher Allen: Next agenda item Announcements. We will be
talking about DIDs.
Christopher Allen: The other thing in progress is we talked
about having a virtual hackathon Jan 15-19th, meeting in the
morning for standups. It's been argued that might be premature.
On the other hand time is marching forward. We will discuss if we
wanted to change the dates or proceed.
Subtopic - Publishing minutes and new voipbot commands
Manu Sporny:
https://github.com/w3c-ccg/w3c-ccg.github.io/blob/master/irc_ref.md
Manu Sporny: Publishing minutes has always fallen on my
shoulders because of technical limitations and limited people
knowing the commands. Now everybody can share in the wonderful
ceremony of publishing minutes. I updated the IRC Reference to
include every command for the voice bot and for publishing
minutes.
Kerri Lemoie: +1
Manu Sporny: We added a couple new VOIP commands. The first one
is "voip: number?" This will work across any of the community
groups that is using the voip bot
Manu Sporny: The next command is "voip: noise". If somebody is
making noise and you can't figure out who it is, you can ask who
needs to put themselves on mute.
Adrian Gropper: 345 Is me
Manu Sporny: The last new one I'm not going to run is the
publish command, which will take the log and publish it to an
S3-like server. This will publish the raw IRC log and the raw
.wav files. This is the critical piece that allows others to go
in and clean up the audio and the minutes. We hope that in the
future we have a live-scribing utility and webpage to correct the
minutes as we go. We don't have that yet, but we have the core
bits in place where manu doesn't have to be a bottleneck on
publishing minutes. We'll probably do a bit more work through the
week, but fundamentally publishing minutes is done. I spent total
of 80 hours last year doing that.
Drummond Reed: +1 To Manu not spending 80 hours publishing
minutes this year!!!
Manu Sporny: If you want to help figure out how to clean up the
minutes and publish them, contact me (manu) to learn how to
contribute.
Nate Otto: Great job, manu
Subtopic -- Open Badges
Kim Hamilton Duffy:
https://github.com/w3c-ccg/educational_verifiable_claims
Kim Hamilton Duffy:
https://github.com/w3c-ccg/educational_verifiable_claims/blob/master/open_badge_assertions_as_verifiable_claims.md
Kim Hamilton Duffy: Nate and Kerri and I who are on the call
have been working on Open Badges for many years. We have some new
work upcoming to bring together Verifiable Claims, Open Badges,
and Blockcerts
Kim Hamilton Duffy: Here are some links to proposals and drafts
we have been developing. I just wanted to let people know this is
in the pipeline as a tentative item for this year. I need to
propose it as an official work item to start working on.
Kim Hamilton Duffy: I think this is a great community to work on
these issues in, and looking forward to it.
Topic: Progress on current action items
Christopher Allen: Manu are you ready to go with veres one for
January?
Manu Sporny: Many pressures to get it done, but it's not there
yet
Christopher Allen: Ok, we'll move it to February
Christopher Allen: There are many other items... VC API and
polyfill. kimhd were you going to provide feedback?
Kim Hamilton Duffy: That item can be closed
Christopher Allen: David, you were going to review the spec to
make sure there were some loose ends documented.
David Chadwick: I reviewed the current text as it stands and
sent out an email on 21 Dec documenting the few errors in the
current text. I felt that was what the request was, to review the
current text. If you're suggesting something wider, like
suggesting new text, re-action it in the minutes and I'm happy to
go back.
Christopher Allen: Ok, the next work item is that the lifecycle
model had a bunch of things that belonged elsewhere. We should
move these things to issues or to other appropriate documents.
David Chadwick: Ok task is to review the lifecycle document and
document any issues to make sure problems are reviewed and
discussed.
Christopher Allen: I would like to close the lifecycle document
as a work item in the next couple months or so.
Christopher Allen: We have a lot of work items. We want to focus
on just 3-5 per week. We selected DIDs, registries, and data
minimization. Let's skip over DIDs for now since we'll talk about
that in a few minutes. On registries, Manu what's next?
Manu Sporny: Next is GitHub magic to set up all the
repositories. Then it's just into our normal edit cycle. People
suggest pull requests, we discuss them, then merge, rinse and
repeat forever.
Christopher Allen: Can you make a document about the process?
Manu Sporny: Thinking about where that needs to go. Chairs might
need to do that. I can work offline with the chairs to do that.
Christopher Allen: Next item is data minimization and selective
disclosure. Lionel?
Lionel Wolberger: First of all we have a draft that can be read.
Andrew spent a two-hour session with me. We are in GitHub, thanks
to kimhd.
Kim Hamilton Duffy:
https://github.com/WebOfTrustInfo/rebooting-the-web-of-trust-fall2017/blob/master/topics-and-advance-readings/Data-minimization-and-selective-disclosure.md
Kim Hamilton Duffy: http://bit.ly/rwotdatamin
Kim Hamilton Duffy: ^^ Data min and selective disclosure docs
Markus Sabadello: Sorry all I have to leave early today.. I sent
some comments about the DID Key Management Harmonization Proposal
#1 to the list, and I'm looking forward to the virtual hackathon
next week.
Lionel Wolberger: Kimhd I want to discuss what's written there.
There are two git links that seem relevant. First, "Data
Minimization" announced intentions prior to Rebooting. Next we
need readers, because we want to pull this together. We might be
looking at two different papers. Let's decide what we want to
achieve together on this call.
Kim Hamilton Duffy: Adding permissions for Lionel now
Christopher Allen: Moving this to the CCG means we need to put
something in the CCG GitHub; kimhd can get you started. We need
to make sure all contributors are members of the CCG or do the
appropriate IPR License. We can then plan a walkthrough for a
future event. Sound good?
Lionel Wolberger: Action items to move docs to CCG, Make sure
all contributors are members, Schedule a walkthrough. Should I do
that with kimhd ?
Kim Hamilton Duffy: Yes I can help though I'm not sure I
understand all the steps.
Christopher Allen: We should also move this into ReSpec format
Kim Hamilton Duffy: Let's create an action item for the share
permissions, and we'll figure out how to do the rest.
Lionel Wolberger: We're not doing content at the moment, we'll
do this admin stuff, and then once we're in CCG, we'll get more
perspectives on the content.
Christopher Allen: +1
Frederico Sportini: +1
Christopher Allen: Next agenda item is regarding the hackathon.
How many people were scheduling time to do the
hackathon/standups?
Manu Sporny: Digital Bazaar will have one or more people there.
Nate Otto: +1 But flexible except week of the 22ndish
ACTION: Chairs to figure out how to move data min and sel disc to
ccg, convert to respec make sure all contributors are members of
the CCG, do the appropriate IPR License.
Ryan Grant: +1
Ryan Grant: BTCR, for me
Kim Hamilton Duffy: +1 But don't have much free time that week :(
Christopher Allen: The plan for the hackathon was to have
standup meetings in the morning. Any other thoughts on what we
should focus on next week? Since we have 5 or so, that's enough
to say it's worth having the standups.
Manu Sporny: We'll be focused on Veres One...
Manu Sporny: And maybe some test suite stuff?
Kim Hamilton Duffy: I'll also be working on BTCR with @rgrant
Christopher Allen: I will send a note to the list with details.
We'll standup at noon EST each day in a zoom room I'll send the
link to
Christopher Allen: Moving onto the DID reconciliation proposal
Christopher Allen: Manu proposed an interesting compromise, and
I haven't heard any violent rejections. Manu do you want to
share?
Manu Sporny: Here's a link to the proposal
Topic: DID Harmonization Proposal #1
Manu Sporny: Here's the proposal:
https://lists.w3.org/Archives/Public/public-credentials/2018Jan/0022.html
Manu Sporny: Here's an email with the proposal. In the DID task
force, we've been talking the last couple weeks what a minimum
viable DID document looks like, what's the structure etc. What
came out of this discussion was a bunch of requirements.
Manu Sporny: I tried to detail what many of these requirements
are. Tried to collect all the requirements from all the DID
ledgers, because whatever we end up settling on has to meet every
one of those requirements. There was general consensus that we do
have some kind of key based use cases that are pretty high on
everyone's priority list, so we should be focusing on keys, but
there was a desire to not over-focus.
Manu Sporny: We should keep our eye on other use cases like
smart contracts, biometrics....
Manu Sporny: There were a lot of requirements that went into
discussion. We wanted to meet those requirements with a concrete
technical proposal.
Manu Sporny: This tries to propose a particular data structure
and provide justification for why that structure was selected.
This proposal probably contains bits... no single one of us was
happy with all of it, but it does address all of the requirements
as far as I can tell. drummond has weighed in with his thoughts
as has marcus (sp?).
Manu Sporny: Drummond, maybe you can elaborate more on that and
give us your thoughts?
Drummond Reed: First, I think it was quite a comprehensive
proposal. Manu saved me the work of coming up with the same
thing. Manu saved me a bunch of work coming up with a very good
writeup of the requirements and the proposal. I and Marcus
responded to it on the mailing list last night and have had a
chance to get feedback from decentralized identity foundation.
Feedback is positive.
Drummond Reed: Next thing is to basically determine for the main
folks who have been around the table is if this is an acceptable
strawman to start working with to dive into the details. We have
a 90 minute call Thursday this week focused on this topic. From
that call, I'd like to get down to a issues list and start
working those issues to start preparing the next draft of the
spec based on this proposal.
Christopher Allen: I have a question for both of you. How many
people do you think this quarter are prepared if we have these
things resolved to start implementing it so we can see if it
functions properly.
Nate Otto: +1 Concentric Sky could start prototyping in the next
3 months
Manu Sporny: I think Veres One, Sovrin, BTCR, and uPort would be
ready.=?
Christopher Allen: Manu is saying Veres One, Sovrin, BTCR and
uPort would be ready. kimhd on the queue?
Christian Lundkvist: UPort is pretty much ready to implement the
new DID spec whenever we reach agreement.
Drummond Reed: Yes, I agree with Manu. Sovrin is eager to
implement, and plans to follow with a Sovrin DID Method spec as
soon as possible after the DID spec is hardened.
Kim Hamilton Duffy: I had a question about whether we're
addressing concerns about algorithmic agility. Does publicKeyJWK
have a type matching type PublicSigningKey2017 so other key
definitions could not be provided there.
Manu Sporny: I'm waving my hands, because there are details that
matter. But fundamentally that's right, we're trying to constrain
the number of keys there to JWK
Christopher Allen: It sounds like we could incorporate these
changes into the spec in February? manu, reasonable?
Manu Sporny: Yes, we could likely do it by February. There's
some economic pressure on all of us to do it quickly.
Manu Sporny: Speaking for Digital Bazaar, we're trying to get it
done as soon as possible, and the same is true for uPort, Sovrin,
BTCR, but when it's ready it's ready. Spec readiness by
mid-February, as long as we don't discover nasty bits or
objections with harmonization, we could probably have it up and
have some implementation work started soon after.
Manu Sporny: Then dig into nittygritty details at next Rebooting
Web of Trust
Drummond Reed: Who is planning to be at the next RWOT? March 6-8
in Santa Barbara
Kim Hamilton Duffy: I'll be there
Manu Sporny: I'll be there...
Ryan Grant: +1
Christopher Allen: To put into everybody's heads, the 19th of
Feb is Presidents' Day, so maybe that week we should try to talk
with each other and dive into our implementation of stuff, which
might give us opportunity to have some code together by Rebooting
Web of Trust. Reasonable?
Manu Sporny: Yes
Drummond Reed: +1
Manu Sporny: +1 Seems reasonable...
Christopher Allen: Recognizing there might be delayed. Anybody
on core group of DID people have conferences or other events
20th-23rd that would preclude them doing something that week?
No objections raised.
Christian Lundkvist: Hmm, I'll be in Portugal in end of Feb
Drummond Reed: I think we want a sovereignty method spec as soon
as we have the DID spec hardened up. This is a deliverable due in
March
Christian Lundkvist: There may be a scheduling challenge for me.
Christopher Allen: It may be the BTCR people who may be lagging
a little here, because we are a little less coordinated with
them.
Christian Lundkvist: From the 18th onward, busy. ChristopherA:
Let us know as it firms up. We can make something work.
Topic: Outreach
Christopher Allen: Who should we be evangelizing for this next
round of DIDs, Rebooting, VC activities? What are the kinds of
claims we'll be making [with Verifiable Credentials]? Any
thoughts on how to get the right people to come to these
meetings? What do we need to do to give people a better entre to
getting started.
Lionel Wolberger: Does anyone have contact with the thought
leaders in SCORM/xAPI/Tin Can API ADL community, highly driven by
US Defense.
Heather Vescent: I have these contacts.
Lionel Wolberger: I know some people from TinCan API, I think we
can go in from that direction
Heather Vescent: I know pretty well people from ADL, finished a
year-long project with them. Can't find relevant docs right now
but can look it up.
Heather Vescent: Here is the link to their projects:
http://www.adlnet.org/projects
Christopher Allen: Yes, try to connect to find the right person
to evangelize and take a look at our work
Manu Sporny: We might want to circle back around to some of the
folks who helped us start this work. We've been kind of lacking
commerce use cases for a while. There's some interest in digital
coupons, identification mechanisms, payments. If anybody has any
commerce people, we should try to bring them in.
Manu Sporny: Government use cases. UK gov, NZ gov said they
really want to participate in this work, but not much follow-up
from them. Might want to follow up with them to see if they can
find some overlaps internally.
Heather Vescent: This is one of the interesting military
credentialing projects through the lab. I've seen a demo and it
is interesting. http://www.adlnet.org/MIL-CRED
Manu Sporny: Last one is one we discussed briefly with
ChristopherA and Joe. We keep talking about refugee use cases but
don't do something to get deeply involved. We continue to be
fairly detached from understanding the situations in refugee
camps and when traveling as refugees. The action there could be
to get more actively involved; do some information discovery
scouting to fold back into use cases for this group. Or reengage
with ID2020 or other refugee NGOs and try to get someone more
involved directly.
Christopher Allen:
https://twitter.com/socrates1024/status/949510445559353345
Christopher Allen: I wanted to point people to this thread from
Andrew MIller, cryptographer wanting solutions for storing
biometric informations that address some of the concerns and
criticisms here. This keeps on coming back to haunt us that we're
not thinking carefully enough about the biometric side of things.
His take was, "hey let's not have biometrics run by a government"
I would love to try to figure out how to get Andrew and others to
puzzle through the issues. If anybody has any thoughts
Christopher Allen: https://www.ieeeicicle.org/
Nate Otto: IEEE has started ICYCLE. Had yearly kickoff last
week. Low attendance so far, but there are industry players not
here [scribe assist by Kim Hamilton Duffy]
Kim Hamilton Duffy: ...He can take an action item to give them a
heads up
Kim Hamilton Duffy: To note on some low-level solutions to this.
Kim Hamilton Duffy: One thing that's frustrating is that our
information is very scattered. It's a chairs responsibility to
figure out, but in order to encourage ongoing involvement it's
important to have our information more organized. One aspect of
that is to work on the roadmap and to try to schedule meetings
with focus to allow people to get more value out of the roadmap
and schedule once they are engaged.
Kim Hamilton Duffy: We have our Github-pages website, but we
need an exhaustive cleanup/update of the information that is
there. That's critical co keeping ongoing engagement.
David Chadwick: I wanted to come back about the refugee case...
Is it actually refugees that you are interested in, or also
asylum seekers... all slightly different categories of people. I
have some knowledge about some of these, but want to know what
the use cases are.
Drummond Reed: I have to leave the call right at the top of the
hour, but on the refugee question, I just wanted to say that the
Sovrin Foundation has formed the Identity for All Council that
will be a group of experts focused entirely on using Sovrin DIDs
and verifiable claims for identity for displaced and at-risk
populations.
Manu Sporny: It's an open question, DavidC. There's a desire to
have a large impact, as large as possible with technologies that
we have, so focusing on a group that we could help the fastest
would be good, but there's even a questions of whether we can
help at all. A number of these refugees can't be solved by
technologies, as the problems are more political in nature. I was
thinking more along the lines of supporting people preflight,
in-flight, and after. Those of us who met through the ID2020
initiative saw what happens to people mostly in flight, but
that's only one aspect of it. We don't have enough exposure to
this issue. If we want to deal with it, we either need to get
more exposure, do research, or bring in new people who have the
experience.
Drummond Reed: Sovrin Foundation Trustee Peter Simpson is
currently implementing this in Thailand with 80,000 fishing fleet
worker already registered.
Drummond Reed: His effort is iRespond, http://irespond.org/
Christopher Allen: How do we find out who are doing national
identity systems seriously and be able to advise on
architectures? (e.g. Mexico)
Kerri Lemoie: https://www.w3.org/community/eocred-schema/
Drummond Reed: I have to drop now. Bye all.
Manu Sporny: No cross-pollination that I'm aware of... which is a
shame, we should really do more collaboration w/ them.
Kerri Lemoie: Real quick, I'm not sure people are aware there's
a W3C community group for educational and occupational
credentials, getting vocabulary built in schema.org This comes
out of Credential Engine.
Manu Sporny: Not aware of people doing location-based
credentials...
Lionel Wolberger: The simple word location. I think location
credentials are needed. They're a little more time-bound than
other credentials, but people want them for know-your-customer.
Anybody aware of people bringing location use cases into our
work? If not, I'd be interested in motivating that.
Christopher Allen: There are always privacy questions (I was
mentioning biometrics earlier), and we've been kind of lacking on
the privacy side of some of our credentials technologies... We
have it in our charter and our goals, but actually demonstrating
how to do the right level of privacy is what we need to do more
of.
Dave Longley: Only seen location verifiable credentials as a
simple proof of concept/demo of ideas (e.g. to get access to
certain media).
Lionel Wolberger: I've been working on the privacy-enhancing
technologies. I think location is amenable to selective
disclosure etc. If anybody knows ways to plug this use case, let
me know.
Christopher Allen: It sounds like we need to spend some time
developing our outreach lists. We'll be talking about it more in
our topic led by Joe. If you have any more ideas on what you'd
like to see accomplished by the end of the year, Joe sent out an
email to collect your thoughts.
Christopher Allen: Any last announcements or next week agenda
items?
Hearing none....
David Chadwick: Bye
Frederico Sportini: Bye
Christopher Allen: We'll call that a wrap for today's first call
of 2018, which I expect will be a very productive year for the
community group.. Thank you everybody for participation, and see
you next week.
Received on Tuesday, 9 January 2018 22:00:26 UTC