Verifiable Claims Telecon Minutes for 2016-05-10

From: <msporny@digitalbazaar.com>
Date: Tue, 10 May 2016 12:23:08 -0400
To: Web Payments IG <public-webpayments-ig@w3.org>, Credentials CG <public-credentials@w3.org>
Message-Id: <1462897388564.0.13641@zoe>

Thanks to Nate Otto for scribing this week! The minutes
for this week's Verifiable Claims telecon are now available:

http://w3c.github.io/vctf/meetings/2016-05-10/

Full text of the discussion follows for W3C archival purposes.
Audio from the meeting is available as well (link provided below).

----------------------------------------------------------------
Verifiable Claims Telecon Minutes for 2016-05-10

Agenda:
https://lists.w3.org/Archives/Public/public-webpayments-ig/2016May/0009.html
Topics:
1. Introduction to Alok from Cambridge Blockchain
2. Review of Survey Status
3. Work on Existing Docs
4. Verifiable Claims Data Model Specification
5. Survey Results/Overview
6. One page W3C AC Rep Summary
7. Architecture Summary
8. Implementers Summary
Organizer:
Manu Sporny
Scribe:
Nate Otto
Present:
Nate Otto, Manu Sporny, Alok Bhargava, Jason Weaver, Dan Burnett,
Eric Korb, Richard Varn, Dave Longley, Brian Sletten, David
Ezell, Stuart Sutton, Rob Trainer, David I. Lehn, Colleen
Kennedy, Rebecca Simmons, Matt Stone
Audio:
http://w3c.github.io/vctf/meetings/2016-05-10/audio.ogg

Nate Otto is scribing.
Manu Sporny: Introduction to new participant, then go through
deliverables and their status.
Manu Sporny: As some of you may have heard, we're currently
talking with the credentials transparency initiative about some
naming conflicts, but we'll delay putting that on the agenda
until next week.
Manu Sporny: Any other items for the agenda to discuss today?

Topic: Introduction to Alok from Cambridge Blockchain

Alok Bhargava: I work for a company called Cambridge Blockchain;
young company in the identity space. Our CTO has a lot of
experience in blockchain as well as identity. He's not able to
participate. I'm looking to participate in this primarily to
learn about the push to standardize how identity is used on the
Internet. I have a very limited background in identity and
crypto. I have about 12 yrs experience
designing/building/marketing telecom systems. Role at Cambridge
Blockchain is VP of Product.
Manu Sporny: Welcome to the group, Alok

Topic: Review of Survey Status

Manu Sporny:
http://manu.sporny.org/tmp/vctf/VerifiableClaimsResponses-2016-05-06.png
Manu Sporny: Next up on the agenda is a review of the survey
status. Here is an image capture of the survey results.
Manu Sporny: We'll clean this up and put it into an HTML page at
some point.
Manu Sporny: We have a very healthy number of responses at this
point. We asked about 83 people to respond. That number of people
responding is a good sign. We have responses from the financial
sector, the education sector, healthcare, government, national
institutions, NGOs, entertainment industry, mobile vendors. A
very healthy set of people across multiple market vertcals.
Manu Sporny: I'm going to start going down from the top.
Manu Sporny: Very good support for the problem statement.
Manu Sporny: Up to around 96% positively responding that the
goals are good to pursue.
Manu Sporny: This is really good, because it means we have the
language on the problem we're trying to address in the goals and
scope of work down really well.
Manu Sporny: We asked if people's verifiable claims problems
would be addressed if the use cases proposed were expressed.
Manu Sporny: We really limited, narrowed the use cases to ensure
we had a narrow scope. Most people thought that more needed to be
done beyond these to fully meet their needs.
Manu Sporny: We limited use cases because large scopes make
people nervous, that you won't be able to achieve, or they would
have too broad reaching grant of patent rights.
Manu Sporny: We asked if people would join and participate, and
44% of respondants said that they would join and partcipate in
the work.
Manu Sporny: 34% Put themselves as other in this space. They
would mostly like to participate but don't know if they have the
bandwidth right now.
Manu Sporny: We definitely have 16, and potentially 4-5 more if
they find the time.
Manu Sporny: And typically as these things get officially
started more orgs join up.
Manu Sporny: We did get some feedback that they would like to
see more incubation of the work.
Manu Sporny: Some because they didn't see a specification, they
weren't sure about the architecture...
Manu Sporny: We did speak with the Web Payments IG. We're
getting close to the question of whether the WPIG would support
the work going forward. One of the big questions is if the
specification is created, who is going to implement it into their
products.
Manu Sporny: We're going to go around calling people to see if
we can put them down as implementers.
Manu Sporny: We're doing good with the survey. We found some
other items that we have to create to make sure the vote goes
well.
Jason Weaver: Are more responses desired?
Manu Sporny: Any questions on survey status or where we are with
the survey?
Manu Sporny: Are more responses desired? Yeah. If you haven't
taken the time to fill out the survey, please do it. If you know
an organization who really should have filled out the survey, get
them to fill it out as soon as possible.
Manu Sporny: We did a soft close on the survey last friday
(started reporting results), but still accepting responses.

Topic: Work on Existing Docs

Manu Sporny: Went into the work with Charter, Use Cases, and
FAQ. Now we're going to try to rev those documents in response to
survey. Not much work is needed, we'll try to get it done in the
next couple weeks.
Manu Sporny: Any questions on Charter, Use Cases, and FAQ?

Topic: Verifiable Claims Data Model Specification

Manu Sporny: Dan Burnett, I'm going to hope that you give a
quick overview of the Verifiable Claims data model.
Manu Sporny: When we got the survey, we got a number of people
saying "that's great that you're going to do the work", but if we
don't see a proposed technical solution that we have moderate
buy-in on, there's nothing to standardize, and we can't see if we
support it.
Dan Burnett: Very drafty spec proposal:
http://opencreds.org/specs/source/claims-data-model/
Manu Sporny: This is kind of a new dynamic at w3c. You used to
not need this (often counterproductive), but some big companies
are pushing for this
Dan Burnett: There is a draft document, includes some reSpec
errors to correct; includes some about identity.
Dan Burnett: We have a data model for how verifiable claims
work, but there are different languages that different users of
this technology would like to use to define the syntax for this
data mode.
Dan Burnett: Challenge: to show how data model can be
represented in the three syntaxes people want to use
Dan Burnett: Using the terms "claim" or "verifiable claim" to
mean what we used to call "credentials".
Dan Burnett: One of the things that wes important would be to
distinguish between claims, and "verifiable claims". The latter
has a signature.
Dan Burnett: In the data model, you'll see a section for claims,
and for verifiable claims.
Dan Burnett: You'll see examples of how to express these
Dan Burnett: One thing I wanted to write up, but no set location
to put it: how to write about identities. We need to have an
ability when we're talking about ids in claims, the ids are
suppose to reference identity @ids.
Dan Burnett: Until we figure out how to describe that more
generally, it's here.
Dan Burnett: A lot of text came from the original identities and
credentials document is here in appendices, pulling from as we
try to expand and write introduction/abstract, etc.
Dan Burnett: We have a bunch of reSpec errors. Shane and I are
fiddling with them for now.
Dan Burnett: Obviously drafty. If there are problems with the
webIDL, don't worry about that yet. If there's something
obviously wrong with the rest, let us know.
Eric Korb: Korb 908
Richard Varn: Did you start with the Open Badge Initiative for
what you'd expect to find in a spec, or is that something that
needs to be brought in still?
Richard Varn: I'm glad you're representing identity. It's
tricky, but it has to be done.
Dan Burnett: This started from:
http://opencreds.org/specs/source/identity-credentials/#expressing-identities-and-credentials
Dan Burnett: As far as what I started from, posting a link...
Dan Burnett: My history doesn't go far enough back to know where
all that came from. If I've put in something inappropriate or
left out something appropriate, let me know.
Dan Burnett: My aim was to show the data model, separate from a
syntax, and then show implementations in syntaxes.
Dan Burnett: We need to avoid problems with critics right away
who say something like "It needs to only be represented in
webIDL"
Manu Sporny: Richard, the specification we have right now in
this group, we believe can fit the Open Badges stuff in in its
entirety. Open Badge is just another claim as far as the system
is concerned. Whatever that claim is, we can just stick it in the
claim and see how that works. We haven't discussed this a lot in
this group recently. Would be good to hear from Nate and maybe
Kerri on where OBI fits in.
Manu Sporny: We should be good to go as far as open badges go.
Manu Sporny: Let me jump back. burn, thanks for putting this
into this new form. Spot on, I think it's great to explain what
the data model is in prose and then talk about how you express it
in JSON-LD, WebIDl, etc. Will work for a lot of communities. It
increases our ability to have this stuff reused.
Manu Sporny: For example, there has been a lot of interest in
blockchain communities to inject these credentials in sidechains
and other structures.
Manu Sporny: All in all, I think the spec is a step in the right
direction, Dan.
Manu Sporny: Two comments; One of them is the removal of the
word credential. We have decision to make on that if a credential
is a set of verifiable claims, for instance. The word identity as
well may be the other most controversial.
Dave Longley: +1 For using credential but burying it in the
document as just a container for claims
Dan Burnett: Actually debated for quite a while whether I wanted
to remove the word credential. If we started with the word
credential right at the top, I thought we'd have trouble based on
the conversation at the last month. But I wasn't trying to change
semantics (for what I'm calling "claims data set"), so if we need
to go back, we can.
Brian Sletten: I just want to get a sense because you said this
is a new thing being asked by some of the bigger members. Seems
like fluctuation on a sine wave -- we can't proceed without
technical details... we can't define technical details at this
stage.
Manu Sporny: There is disagreement. Some members think that this
is not appropriate to do at this stage. Others think it should
produced right now.
Manu Sporny: The reason we're producing this spec right now is
to answer the people who say "you don't have a technical
proposal".
Dan Burnett: Dlongley, the original doc had credential as a
container for claims, which means the main section titles would
talk about "credentials". I'd want to hear more about how you
think we could bury it while still having it be the outer
container name
Manu Sporny: For the organizations who say "you shouldn't enter
with a technical proposal", we say "we were asked to do a
technical proposal. None of this is set in stone; it's the job of
a working group to decide on the technical proposal". We're not
trying to make each side 100% happy but meet the minimum bar that
each side has.
Manu Sporny: This is one of the things we think we need to stave
off formal objection from some large organizations.
Manu Sporny: Does that make sense?
Brian Sletten: "Ish"
Jason Weaver: Richard asked about the model working with Open
Badges. My question stems from that. A lot of what we call these
things today are being exchanged in different regional standards.
How to PESC, __ align with the architecture?
Dan Burnett: I think by "bury" all we need to do is make the
main subject about "claims" ... start the document by talking
about what claims are and how this spec will detail how to model
them. then we can get into how a credential is a "set of claims"
... i just think we need to avoid having it front and center is
all. (i don't think we're too far off from that now) [scribe
assist by Dave Longley]
Manu Sporny: We are aware of PESC. We're trying to create a
generalized way of expressing claims. Anything those other
standards can express should be able to be expressed in this data
model. We do want strong semantics to go along with these claims.
It will probably be up to those standard-setting bodies to decide
how they want to express their claims in this data model. We have
not seen a case where a standard couldn't use this model to
express claims.
Jason Weaver: EMREX is the EU data standard
Dan Burnett: Dlongley, would love to talk with you offline after
the call. I will email you.
Manu Sporny: Key point is to make those groups understand that
we can build a way for our model to map to their data model. For
example, working with Credential Transparency Initiative to see
how we can express their model in our data model. Haven't had to
change the model. Just a matter of figuring out what the
vocabulary is.
Nate Otto: From the open badges perspective, we expect to be
able to express the open badges data model via a verifiable
claim. Given that it builds off of other specs - we'd specify how
you do an open badge using verifiable claims. [scribe assist by
Manu Sporny]
Dave Longley: +1 To nate
Manu Sporny: Until we have ratified specification, it'll be a
constant discussion on how best to express this stuff, but as
NateOtto says, there's no reason why we can't express many types
of data in this model. If you find a case where you can't, this
means we screwed up and it needs to be fixed.
Manu Sporny: If there's no more questions, burn hopefully you
have time over the coming month to keep whittling the spec down
to something we want to include in the package to the w3c for
voting.

Topic: Survey Results/Overview

Manu Sporny: Another document we need to generate is a summary
of the survey results.
Manu Sporny: It's pretty compelling to see all these
organizations agreeing with the work. Need a 1-2 pager overview
of that.

Topic: One page W3C AC Rep Summary

Manu Sporny: Another thing ACs asked for was a 1 pager specific
to advisory committee members. These people are usually asked to
vote on many things per month, and they're usually very busy.
Throwing them 20 pages will usually result in them not reading it
and not voting on it.
Manu Sporny: One of the AC reps asked us to come up with a good
1 pager overview to help them on this. This work has not been
started yet, needs to be done.
Manu Sporny: There were a list of questions that person included
in their response, we'll go over that. FAQ: Is there a clear
problem statement? Do you have buy-in? Is the scope narrow
enough? is there a spec? Who's going to implement?
Manu Sporny: Those are the general things AC Reps want answered.
(also: Why would this initiative need a standard in the space?)

Topic: Architecture Summary

Manu Sporny: Once we get all those answers onto a piece of
paper, that'll be the 1 pager opener.
Manu Sporny:
https://github.com/WebOfTrustInfo/ID2020DesignWorkshop/blob/master/topics-and-advance-readings/a-self-sovereign-identity-architecture.pdf
Manu Sporny: Next up is a summary of the architecture that we're
building.
Manu Sporny: There's a diagram on the first page of this pdf
where we're talking about issuers, holders, inspectors,
repositories.
Manu Sporny: We've started thinking about that architecture
through this UN rebooting trust workshop paper draft. We're
probably not going to include things like decentralized ledgers,
decentralized hash tables. We don't want to imply that that's
what we're working on in phase 1. Clearly all of us understand
that blockchains & DHTs will play a part at some point in the
future of this work.

Topic: Implementers Summary

Manu Sporny: Next document we're going to work on is this
implementers summary. We need to know who is going to implement
this work. If it's only 2-3, clearly we're not going to be able
to do this work. We need a bunch of orgs to say that "we will put
this into production"
Manu Sporny: We need to gather a list of those organizations.
Manu Sporny: That's all the items that came out of the survey
requests.
Manu Sporny: Charter, Use Cases, FAQ, Data Model, Architecture
Summary, Implementers Summary is what makes up the pack we'll
distribute for a vote. (did I miss one?)
Manu Sporny: +Survey results overview
David Ezell: July 1 Web Payments F2F has Verifiable Claims on
the agenda. Was going to send manu a note to coordinate
Manu Sporny: There's a question of whether the Web Payments IG
will support this work. We'll have these documents ready to go in
a month and a half before that face to face. That'll go up for an
advisory committee vote. Do people feel this timeline is too
long?
Richard Varn: I don't object to the timeline for this
standards-based work. I just see us like a squirrel in a cage
going and going forever. If this continues to stretch out
forever, do we have a plan B? We could have done a shorter
timeline approach and be already out in the world for
implementation
Manu Sporny: I'm becoming more and more convinced that this will
go forward at the W3C
David Ezell: The timeline is kind of artificial, mainly because
we have these face to face schedules. If the f2f worked two weeks
from now, we'd be doing it then.
David Ezell: I haven't heard a lot of concern raised at the IG
level
David Ezell: It's just a process to get people to vet their
concerns. I think this architecture document will help a lot. I
also think there is a related develoment at w3c that I want to
mention -- the browser extensions community group. It may turn
out that browser extensions are a way to get all this stuff
implemented. Which gets us out of the way of requiring a browser
vendor to write the code.
Manu Sporny: To be clear phase 1 and phase 2 don't require
browser vendor support. Clearly we want their support at one
point, but we don't want to put two mega-companies in the way of
deploying this ecosystem that we want to see.
David Ezell: The main point is that the IG is not intentionally
slowing this work down, it's just our schedule of face to faces
that sets times we can talk
Manu Sporny: Either the IG's going to get behind this and
support it or say No. At that point, either we go to Plan B or we
go straight to the general W3C for a vote.
Manu Sporny: By July 15 at the very latest July 30 we can start
votes. By August we'll know whether we have a WG or not, in time
for TPAC in portugal.
Manu Sporny: That's it for the call today. We'll meet again next
week to go over some of the concerns with the Credential
Transparency Inititative.
Manu Sporny: Thanks everybody for joining. Chat again next
Tuesday at the same time.

Received on Tuesday, 10 May 2016 16:25:47 UTC