[MINUTES] W3C Credentials CG Call - 2018-01-09 12pm ET

Thanks to Nate Otto for scribing this week! The minutes
for this week's Credentials CG telecon are now available:

https://w3c-ccg.github.io/meetings/2018-01-09/

Full text of the discussion follows for W3C archival purposes.
Audio from the meeting is available as well (link provided below).

----------------------------------------------------------------
Credentials CG Telecon Minutes for 2018-01-09

Agenda:
  https://lists.w3.org/Archives/Public/public-credentials/2018Jan/0024.html
Topics:
  1. Reintroduction for Kerri Lemoie
  2. Announcements
  3. Progress on current action items
  4. DID Harmonization Proposal #1
  5. Outreach
Action Items:
  1. Chairs to figure out how to move data min and sel disc to 
    ccg, convert to respec make sure all contributors are members of 
    the CCG, do the appropriate IPR License.
Organizer:
  Christopher Allen and Kim Hamilton Duffy and Joe Andrieu
Scribe:
  Nate Otto
Present:
  Nate Otto, Christopher Allen, Manu Sporny, Drummond Reed, Kerri 
  Lemoie, Kim Hamilton Duffy, Adrian Gropper, David Chadwick, 
  Lionel Wolberger, Markus Sabadello, Frederico Sportini, Ryan 
  Grant, Christian Lundkvist, Heather Vescent, Dave Longley, Andrew 
  Hughes, David I. Lehn, Ted Thibodeau, Chris Webber, Dan Burnett, 
  Akila Natarajan
Audio:
  https://w3c-ccg.github.io/meetings/2018-01-09/audio.ogg

Nate Otto is scribing.
Christopher Allen:  Thank you everybody for joining.
Christopher Allen:  We have our regular standing items, our 
  introductions/reindroductions, progress, etc. We were scheduled 
  today to discuss the upcoming year's plans with Joe, but Joe is 
  not able to join due to family emergency. We decided to focus on 
  the results from the DID reconciliation.
Christopher Allen:  If there's time at the end, we want to take 
  on some outreach questions, like how to get started.
Christopher Allen:  Any other agenda items?
Manu Sporny:  We upgraded the VOIPbot with features we might want 
  to tell others about. 5min.
Drummond Reed: +1 To learning about new voicebot features
Christopher Allen:  Is there anybody where today is their first 
  meeting or haven't been on for a long time?

Topic: Reintroduction for Kerri Lemoie

Kerri Lemoie:  I'm Kerri Lemoie, I've been working on Open Badges 
  for about 7 years. I helped join this group to work out some 
  original use cases. Rejoining to do some work on educational 
  credentials.
Many in group saying "Welcome back, Kerri!"
Kerri Lemoie: Thanks! :)

Topic: Announcements

Kim Hamilton Duffy: @Christophera if we have time I'd like to 
  give a quick overview of our edu verifiable claims (soon-to-be) 
  proposed work item.
Christopher Allen:  Next agenda item Announcements. We will be 
  talking about DIDs.
Christopher Allen:  The other thing in progress is we talked 
  about having a virtual hackathon Jan 15-19th, meeting in the 
  morning for standups. It's been argued that might be premature. 
  On the other hand time is marching forward. We will discuss if we 
  wanted to change the dates or proceed.
Subtopic - Publishing minutes and new voipbot commands
Manu Sporny: 
  https://github.com/w3c-ccg/w3c-ccg.github.io/blob/master/irc_ref.md
Manu Sporny:  Publishing minutes has always fallen on my 
  shoulders because of technical limitations and limited people 
  knowing the commands. Now everybody can share in the wonderful 
  ceremony of publishing minutes. I updated the IRC Reference to 
  include every command for the voice bot and for publishing 
  minutes.
Kerri Lemoie: +1
Manu Sporny:  We added a couple new VOIP commands. The first one 
  is "voip: number?" This will work across any of the community 
  groups that is using the voip bot
Manu Sporny:  The next command is "voip: noise". If somebody is 
  making noise and you can't figure out who it is, you can ask who 
  needs to put themselves on mute.
Adrian Gropper: 345 Is me
Manu Sporny:  The last new one I'm not going to run is the 
  publish command, which will take the log and publish it to an 
  S3-like server. This will publish the raw IRC log and the raw 
  .wav files. This is the critical piece that allows others to go 
  in and clean up the audio and the minutes. We hope that in the 
  future we have a live-scribing utility and webpage to correct the 
  minutes as we go. We don't have that yet, but we have the core 
  bits in place where manu doesn't have to be a bottleneck on 
  publishing minutes. We'll probably do a bit more work through the 
  week, but fundamentally publishing minutes is done. I spent total 
  of 80 hours last year doing that.
Drummond Reed: +1 To Manu not spending 80 hours publishing 
  minutes this year!!!
Manu Sporny:  If you want to help figure out how to clean up the 
  minutes and publish them, contact me (manu) to learn how to 
  contribute.
Nate Otto:  Great job, manu
Subtopic -- Open Badges
Kim Hamilton Duffy: 
  https://github.com/w3c-ccg/educational_verifiable_claims
Kim Hamilton Duffy: 
  https://github.com/w3c-ccg/educational_verifiable_claims/blob/master/open_badge_assertions_as_verifiable_claims.md
Kim Hamilton Duffy:  Nate and Kerri and I who are on the call 
  have been working on Open Badges for many years. We have some new 
  work upcoming to bring together Verifiable Claims, Open Badges, 
  and Blockcerts
Kim Hamilton Duffy:  Here are some links to proposals and drafts 
  we have been developing. I just wanted to let people know this is 
  in the pipeline as a tentative item for this year. I need to 
  propose it as an official work item to start working on.
Kim Hamilton Duffy:  I think this is a great community to work on 
  these issues in, and looking forward to it.

Topic: Progress on current action items

Christopher Allen:  Manu are you ready to go with veres one for 
  January?
Manu Sporny:  Many pressures to get it done, but it's not there 
  yet
Christopher Allen:  Ok, we'll move it to February
Christopher Allen:  There are many other items... VC API and 
  polyfill. kimhd were you going to provide feedback?
Kim Hamilton Duffy:  That item can be closed
Christopher Allen:  David, you were going to review the spec to 
  make sure there were some loose ends documented.
David Chadwick:  I reviewed the current text as it stands and 
  sent out an email on 21 Dec documenting the few errors in the 
  current text. I felt that was what the request was, to review the 
  current text. If you're suggesting something wider, like 
  suggesting new text, re-action it in the minutes and I'm happy to 
  go back.
Christopher Allen:  Ok, the next work item is that the lifecycle 
  model had a bunch of things that belonged elsewhere. We should 
  move these things to issues or to other appropriate documents.
David Chadwick:  Ok task is to review the lifecycle document and 
  document any issues to make sure problems are reviewed and 
  discussed.
Christopher Allen:  I would like to close the lifecycle document 
  as a work item in the next couple months or so.
Christopher Allen:  We have a lot of work items. We want to focus 
  on just 3-5 per week. We selected DIDs, registries, and data 
  minimization. Let's skip over DIDs for now since we'll talk about 
  that in a few minutes. On registries, Manu what's next?
Manu Sporny:  Next is GitHub magic to set up all the 
  repositories. Then it's just into our normal edit cycle. People 
  suggest pull requests, we discuss them, then merge, rinse and 
  repeat forever.
Christopher Allen:  Can you make a document about the process?
Manu Sporny:  Thinking about where that needs to go. Chairs might 
  need to do that. I can work offline with the chairs to do that.
Christopher Allen:  Next item is data minimization and selective 
  disclosure. Lionel?
Lionel Wolberger:  First of all we have a draft that can be read. 
  Andrew spent a two-hour session with me. We are in GitHub, thanks 
  to kimhd.
Kim Hamilton Duffy: 
  https://github.com/WebOfTrustInfo/rebooting-the-web-of-trust-fall2017/blob/master/topics-and-advance-readings/Data-minimization-and-selective-disclosure.md
Kim Hamilton Duffy: http://bit.ly/rwotdatamin
Kim Hamilton Duffy: ^^ Data min and selective disclosure docs
Markus Sabadello: Sorry all I have to leave early today.. I sent 
  some comments about the DID Key Management Harmonization Proposal 
  #1 to the list, and I'm looking forward to the virtual hackathon 
  next week.
Lionel Wolberger:  Kimhd I want to discuss what's written there. 
  There are two git links that seem relevant. First, "Data 
  Minimization" announced intentions prior to Rebooting. Next we 
  need readers, because we want to pull this together. We might be 
  looking at two different papers. Let's decide what we want to 
  achieve together on this call.
Kim Hamilton Duffy: Adding permissions for Lionel now
Christopher Allen:  Moving this to the CCG means we need to put 
  something in the CCG GitHub; kimhd can get you started. We need 
  to make sure all contributors are members of the CCG or do the 
  appropriate IPR License. We can then plan a walkthrough for a 
  future event. Sound good?
Lionel Wolberger:  Action items to move docs to CCG, Make sure 
  all contributors are members, Schedule a walkthrough. Should I do 
  that with kimhd ?
Kim Hamilton Duffy:  Yes I can help though I'm not sure I 
  understand all the steps.
Christopher Allen:  We should also move this into ReSpec format
Kim Hamilton Duffy:  Let's create an action item for the share 
  permissions, and we'll figure out how to do the rest.
Lionel Wolberger:  We're not doing content at the moment, we'll 
  do this admin stuff, and then once we're in CCG, we'll get more 
  perspectives on the content.
Christopher Allen: +1
Frederico Sportini: +1
Christopher Allen:  Next agenda item is regarding the hackathon. 
  How many people were scheduling time to do the 
  hackathon/standups?
Manu Sporny: Digital Bazaar will have one or more people there.
Nate Otto: +1 But flexible except week of the 22ndish

ACTION: Chairs to figure out how to move data min and sel disc to 
  ccg, convert to respec make sure all contributors are members of 
  the CCG, do the appropriate IPR License.

Ryan Grant: +1
Ryan Grant: BTCR, for me
Kim Hamilton Duffy: +1 But don't have much free time that week :(
Christopher Allen:  The plan for the hackathon was to have 
  standup meetings in the morning. Any other thoughts on what we 
  should focus on next week? Since we have 5 or so, that's enough 
  to say it's worth having the standups.
Manu Sporny: We'll be focused on Veres One...
Manu Sporny: And maybe some test suite stuff?
Kim Hamilton Duffy: I'll also be working on BTCR with @rgrant
Christopher Allen:  I will send a note to the list with details. 
  We'll standup at noon EST each day in a zoom room I'll send the 
  link to
Christopher Allen:  Moving onto the DID reconciliation proposal
Christopher Allen:  Manu proposed an interesting compromise, and 
  I haven't heard any violent rejections. Manu do you want to 
  share?
Manu Sporny:  Here's a link to the proposal

Topic: DID Harmonization Proposal #1

Manu Sporny: Here's the proposal: 
  https://lists.w3.org/Archives/Public/public-credentials/2018Jan/0022.html
Manu Sporny:  Here's an email with the proposal. In the DID task 
  force, we've been talking the last couple weeks what a minimum 
  viable DID document looks like, what's the structure etc. What 
  came out of this discussion was a bunch of requirements.
Manu Sporny:  I tried to detail what many of these requirements 
  are. Tried to collect all the requirements from all the DID 
  ledgers, because whatever we end up settling on has to meet every 
  one of those requirements. There was general consensus that we do 
  have some kind of key based use cases that are pretty high on 
  everyone's priority list, so we should be focusing on keys, but 
  there was a desire to not over-focus.
Manu Sporny:  We should keep our eye on other use cases like 
  smart contracts, biometrics....
Manu Sporny:  There were a lot of requirements that went into 
  discussion. We wanted to meet those requirements with a concrete 
  technical proposal.
Manu Sporny:  This tries to propose a particular data structure 
  and provide justification for why that structure was selected. 
  This proposal probably contains bits... no single one of us was 
  happy with all of it, but it does address all of the requirements 
  as far as I can tell. drummond has weighed in with his thoughts 
  as has marcus (sp?).
Manu Sporny: Drummond, maybe you can elaborate more on that and 
  give us your thoughts?
Drummond Reed:  First, I think it was quite a comprehensive 
  proposal. Manu saved me the work of coming up with the same 
  thing. Manu saved me a bunch of work coming up with a very good 
  writeup of the requirements and the proposal. I and Marcus 
  responded to it on the mailing list last night and have had a 
  chance to get feedback from decentralized identity foundation. 
  Feedback is positive.
Drummond Reed:  Next thing is to basically determine for the main 
  folks who have been around the table is if this is an acceptable 
  strawman to start working with to dive into the details. We have 
  a 90 minute call Thursday this week focused on this topic. From 
  that call, I'd like to get down to a issues list and start 
  working those issues to start preparing the next draft of the 
  spec based on this proposal.
Christopher Allen:  I have a question for both of you. How many 
  people do you think this quarter are prepared if we have these 
  things resolved to start implementing it so we can see if it 
  functions properly.
Nate Otto: +1 Concentric Sky could start prototyping in the next 
  3 months
Manu Sporny: I think Veres One, Sovrin, BTCR, and uPort would be 
  ready.=?
Christopher Allen:  Manu is saying Veres One, Sovrin, BTCR and 
  uPort would be ready. kimhd on the queue?
Christian Lundkvist: UPort is pretty much ready to implement the 
  new DID spec whenever we reach agreement.
Drummond Reed: Yes, I agree with Manu. Sovrin is eager to 
  implement, and plans to follow with a Sovrin DID Method spec as 
  soon as possible after the DID spec is hardened.
Kim Hamilton Duffy:  I had a question about whether we're 
  addressing concerns about algorithmic agility. Does publicKeyJWK 
  have a type matching type PublicSigningKey2017 so other key 
  definitions could not be provided there.
Manu Sporny:  I'm waving my hands, because there are details that 
  matter. But fundamentally that's right, we're trying to constrain 
  the number of keys there to JWK
Christopher Allen:  It sounds like we could incorporate these 
  changes into the spec in February? manu, reasonable?
Manu Sporny:  Yes, we could likely do it by February. There's 
  some economic pressure on all of us to do it quickly.
Manu Sporny:  Speaking for Digital Bazaar, we're trying to get it 
  done as soon as possible, and the same is true for uPort, Sovrin, 
  BTCR, but when it's ready it's ready. Spec readiness by 
  mid-February, as long as we don't discover nasty bits or 
  objections with harmonization, we could probably have it up and 
  have some implementation work started soon after.
Manu Sporny:  Then dig into nittygritty details at next Rebooting 
  Web of Trust
Drummond Reed: Who is planning to be at the next RWOT? March 6-8 
  in Santa Barbara
Kim Hamilton Duffy: I'll be there
Manu Sporny: I'll be there...
Ryan Grant: +1
Christopher Allen:  To put into everybody's heads, the 19th of 
  Feb is Presidents' Day, so maybe that week we should try to talk 
  with each other and dive into our implementation of stuff, which 
  might give us opportunity to have some code together by Rebooting 
  Web of Trust. Reasonable?
Manu Sporny:  Yes
Drummond Reed: +1
Manu Sporny: +1 Seems reasonable...
Christopher Allen:  Recognizing there might be delayed. Anybody 
  on core group of DID people have conferences or other events 
  20th-23rd that would preclude them doing something that week?
No objections raised.
Christian Lundkvist: Hmm, I'll be in Portugal in end of Feb
Drummond Reed:  I think we want a sovereignty method spec as soon 
  as we have the DID spec hardened up. This is a deliverable due in 
  March
Christian Lundkvist:  There may be a scheduling challenge for me.
Christopher Allen:  It may be the BTCR people who may be lagging 
  a little here, because we are a little less coordinated with 
  them.
Christian Lundkvist:  From the 18th onward, busy. ChristopherA: 
  Let us know as it firms up. We can make something work.

Topic: Outreach

Christopher Allen:  Who should we be evangelizing for this next 
  round of DIDs, Rebooting, VC activities? What are the kinds of 
  claims we'll be making [with Verifiable Credentials]? Any 
  thoughts on how to get the right people to come to these 
  meetings? What do we need to do to give people a better entre to 
  getting started.
Lionel Wolberger:  Does anyone have contact with the thought 
  leaders in SCORM/xAPI/Tin Can API ADL community, highly driven by 
  US Defense.
Heather Vescent: I have these contacts.
Lionel Wolberger:  I know some people from TinCan API, I think we 
  can go in from that direction
Heather Vescent:  I know pretty well people from ADL, finished a 
  year-long project with them. Can't find relevant docs right now 
  but can look it up.
Heather Vescent: Here is the link to their projects: 
  http://www.adlnet.org/projects
Christopher Allen:  Yes, try to connect to find the right person 
  to evangelize and take a look at our work
Manu Sporny:  We might want to circle back around to some of the 
  folks who helped us start this work. We've been kind of lacking 
  commerce use cases for a while. There's some interest in digital 
  coupons, identification mechanisms, payments. If anybody has any 
  commerce people, we should try to bring them in.
Manu Sporny:  Government use cases. UK gov, NZ gov said they 
  really want to participate in this work, but not much follow-up 
  from them. Might want to follow up with them to see if they can 
  find some overlaps internally.
Heather Vescent: This is one of the interesting military 
  credentialing projects through the lab. I've seen a demo and it 
  is interesting. http://www.adlnet.org/MIL-CRED
Manu Sporny:  Last one is one we discussed briefly with 
  ChristopherA and Joe. We keep talking about refugee use cases but 
  don't do something to get deeply involved. We continue to be 
  fairly detached from understanding the situations in refugee 
  camps and when traveling as refugees. The action there could be 
  to get more actively involved; do some information discovery 
  scouting to fold back into use cases for this group. Or reengage 
  with ID2020 or other refugee NGOs and try to get someone more 
  involved directly.
Christopher Allen: 
  https://twitter.com/socrates1024/status/949510445559353345
Christopher Allen:  I wanted to point people to this thread from 
  Andrew MIller, cryptographer wanting solutions for storing 
  biometric informations that address some of the concerns and 
  criticisms here. This keeps on coming back to haunt us that we're 
  not thinking carefully enough about the biometric side of things. 
  His take was, "hey let's not have biometrics run by a government" 
  I would love to try to figure out how to get Andrew and others to 
  puzzle through the issues. If anybody has any thoughts
Christopher Allen: https://www.ieeeicicle.org/
Nate Otto:  IEEE has started ICYCLE. Had yearly kickoff last 
  week. Low attendance so far, but there are industry players not 
  here [scribe assist by Kim Hamilton Duffy]
Kim Hamilton Duffy: ...He can take an action item to give them a 
  heads up
Kim Hamilton Duffy:  To note on some low-level solutions to this.
Kim Hamilton Duffy:  One thing that's frustrating is that our 
  information is very scattered. It's a chairs responsibility to 
  figure out, but in order to encourage ongoing involvement it's 
  important to have our information more organized. One aspect of 
  that is to work on the roadmap and to try to schedule meetings 
  with focus to allow people to get more value out of the roadmap 
  and schedule once they are engaged.
Kim Hamilton Duffy:  We have our Github-pages website, but we 
  need an exhaustive cleanup/update of the information that is 
  there. That's critical co keeping ongoing engagement.
David Chadwick:  I wanted to come back about the refugee case... 
  Is it actually refugees that you are interested in, or also 
  asylum seekers... all slightly different categories of people. I 
  have some knowledge about some of these, but want to know what 
  the use cases are.
Drummond Reed: I have to leave the call right at the top of the 
  hour, but on the refugee question, I just wanted to say that the 
  Sovrin Foundation has formed the Identity for All Council that 
  will be a group of experts focused entirely on using Sovrin DIDs 
  and verifiable claims for identity for displaced and at-risk 
  populations.
Manu Sporny:  It's an open question, DavidC. There's a desire to 
  have a large impact, as large as possible with technologies that 
  we have, so focusing on a group that we could help the fastest 
  would be good, but there's even a questions of whether we can 
  help at all. A number of these refugees can't be solved by 
  technologies, as the problems are more political in nature. I was 
  thinking more along the lines of supporting people preflight, 
  in-flight, and after. Those of us who met through the ID2020 
  initiative saw what happens to people mostly in flight, but 
  that's only one aspect of it. We don't have enough exposure to 
  this issue. If we want to deal with it, we either need to get 
  more exposure, do research, or bring in new people who have the 
  experience.
Drummond Reed: Sovrin Foundation Trustee Peter Simpson is 
  currently implementing this in Thailand with 80,000 fishing fleet 
  worker already registered.
Drummond Reed: His effort is iRespond, http://irespond.org/
Christopher Allen:  How do we find out who are doing national 
  identity systems seriously and be able to advise on 
  architectures? (e.g. Mexico)
Kerri Lemoie: https://www.w3.org/community/eocred-schema/
Drummond Reed: I have to drop now. Bye all.
Manu Sporny: No cross-pollination that I'm aware of... which is a 
  shame, we should really do more collaboration w/ them.
Kerri Lemoie:  Real quick, I'm not sure people are aware there's 
  a W3C community group for educational and occupational 
  credentials, getting vocabulary built in schema.org This comes 
  out of Credential Engine.
Manu Sporny: Not aware of people doing location-based 
  credentials...
Lionel Wolberger:  The simple word location. I think location 
  credentials are needed. They're a little more time-bound than 
  other credentials, but people want them for know-your-customer. 
  Anybody aware of people bringing location use cases into our 
  work? If not, I'd be interested in motivating that.
Christopher Allen:  There are always privacy questions (I was 
  mentioning biometrics earlier), and we've been kind of lacking on 
  the privacy side of some of our credentials technologies... We 
  have it in our charter and our goals, but actually demonstrating 
  how to do the right level of privacy is what we need to do more 
  of.
Dave Longley: Only seen location verifiable credentials as a 
  simple proof of concept/demo of ideas (e.g. to get access to 
  certain media).
Lionel Wolberger:  I've been working on the privacy-enhancing 
  technologies. I think location is amenable to selective 
  disclosure etc. If anybody knows ways to plug this use case, let 
  me know.
Christopher Allen:  It sounds like we need to spend some time 
  developing our outreach lists. We'll be talking about it more in 
  our topic led by Joe. If you have any more ideas on what you'd 
  like to see accomplished by the end of the year, Joe sent out an 
  email to collect your thoughts.
Christopher Allen:  Any last announcements or next week agenda 
  items?
Hearing none....
David Chadwick: Bye
Frederico Sportini: Bye
Christopher Allen:  We'll call that a wrap for today's first call 
  of 2018, which I expect will be a very productive year for the 
  community group.. Thank you everybody for participation, and see 
  you next week.

Received on Tuesday, 9 January 2018 22:00:26 UTC