- From: Timothy Holborn <timothy.holborn@gmail.com>
- Date: Wed, 21 Sep 2022 09:39:05 +1000
- To: W3C AIKR CG <public-aikr@w3.org>
- Message-ID: <CAM1Sok201TYkf=oxDf9ZUhSjbmPZqqmw+Y=XX2W60-=+frzOMg@mail.gmail.com>
Whilst I think it's quite dangerous to protest, I don't think people should be defined by their wallets. That wasn't the intention, when I helped diversify from solely WebID. He who has the gold rules... Is only the golden rule for some. It's important to support a plurality of modalities. Else, no one will be able to do much at all - without asking for permission first. Something I remember TimBL speaking about, how he didn't need to ask vint for permission to build the web, at least the old version... Timh. On Wed, 21 Sept 2022, 9:23 am Paola Di Maio, <paola.dimaio@gmail.com> wrote: > Thank you Manu > > cc AI KR CG, FYI > > On Tue, Sep 20, 2022 at 8:55 AM Manu Sporny <msporny@digitalbazaar.com> > wrote: > >> What follows is an "information known to the general public" summary >> of what happened last week at the W3C Technical Plenary (W3C TPAC - >> where many of the global standards that drive the Verifiable >> Credentials and Decentralized Identifiers ecosystem are standardized). >> >> There is more that is member-confidential that went on, and none of >> that is covered in this email, though the most important things are >> public knowledge due to the fact that W3C's Working Group minutes are >> made public within hours/days of the member meetings -- hooray for >> transparency! I'm looking at you, ISO (and all the other organizations >> that don't make their meeting transcriptions public)! :P >> >> Apologies for the length, there is a lot to cover. >> >> ------------------------- >> The JSON-LD WG announced that JSON-LD is now published by 43% of all >> websites on the Internet (based on Common Crawl statistics data) in >> order to achieve better search rankings. To put that in perspective, >> Fetch is used by 38% of all websites. WebAuthn is used by 0.19% of all >> websites (ouch). More fun browser API stats at: >> >> https://chromestatus.com/metrics/feature/popularity >> >> It is worth noting that WebAuthn is typically implemented by the big >> identity providers (Google, Microsoft, Facebook) so measuring the >> number of domains that use it isn't a good measure of actual usage >> because everyone gets funneled through centralized IdP to use WebAuthn >> -- actual people impacted is probably be much higher, if only those >> large IdPs would share their numbers! :P >> ------------------------ >> The JSON-LD Working Group will be re-chartered to continue maintaining >> the specification, with the ability to add new features. There is work >> going into YAML-LD, and interest in taking up the CBOR-LD work as >> well. There is parallel work also being proposed on "labeled property >> graphs" (called RDF-star), which allow one to annotate properties >> themselves (of dubious value to VCs at present). That work might >> provide advantages to the path VCs have taken to date, but we won't >> know for another 2+ years. It is explicitly not going to be disruptive >> to what we've standardized to date at W3C. >> ------------------------- >> The DID Working Group meeting had significant attendance (40-50 >> people). The goal was to settle on the next Working Group Charter. The >> plan was to work towards agreeing to standardize a few DID Methods >> (like did:key and did:web), and possibly start standardizing DID >> Resolution. There were objections to standardizing DID Methods. If we >> don't standardize at least a few DID Methods, we know that there will >> be objections from some of the big-tech companies. There didn't seem >> to be objections to DID Resolution or maintaining DID Core. I was able >> to meet with some of the big tech companies and negotiate a potential >> path forward via DID Resolution (without standardizing any DID >> Methods). I still need to engage with some of the potential objectors >> to see if they'd be amenable to the plan. There is a decent chance >> they'll be ok with it. >> --------------------------- >> Support for the Verifiable Credentials Working Group is quite strong >> (and growing). We were given significant air time in the all-hands >> Advisory Committee meeting. The Working Group meeting hovered between >> 42-56 people, which is quite large for a W3C Working Group. >> There were no bombshells or any real drama to speak of in the meeting. >> The group seems to be on a good trajectory. In general, doing work on >> version 2.0 of anything tends to be easier than 1.0 because many of >> the guard rails are already established for the work. More on >> particular technology discussions that came up below. All slide decks >> presented at the meeting can be found here (the ACDC slides take up >> 112 slides, the other slide decks average around 10 slides per topic): >> >> >> https://docs.google.com/presentation/d/1hrqozY2EGZ8i8y40abyEuJmIb6hCiRS-37pdj6bhBLY/edit >> ------------------------------- >> I spent some time with the Accessible Platform Architectures Working >> Group (the group that produces accessibility documents like the Web >> Content Accessibility Guidelines that the US Government follows to >> ensure Section 508 compliance). As a result of the conversation, they >> will be working on a Digital Wallet Accessibility Guidelines document >> over the next 1-2 years to ensure that digital wallets meet the >> requirements of the 60 million people in the US with accessibility >> needs. That guide might be integrated (in time) into WCAG, which is >> incorporated into Section 508 in the US (and into other accessibility >> regulation documents in other countries). They took this as an action >> during the VCWG meeting and also provided some good news use cases >> that we should be interested in (for example, Verifiable Credentials >> for vaccination status of guide dogs crossing borders -- guide dogs >> can be kept for days in kennels if the vaccination paperwork isn't up >> to date, 'causing stress for both the animal and the individual >> needing the aid from the animal). >> ------------------------------- >> As mentioned above, the Verifiable Credentials WG meeting was fairly >> uneventful. Orie did a great job counter-acting some of the explosion >> of complexity being suggested for the core data model and keeping >> things simple via JSON-LD. The streamlining Data Integrity cryptosuites >> conversation didn't blow up into a hot mess and there seems to be a >> workable path forward there (though, the details matter and we'll get >> to those over the next couple of months). The holder binding >> discussion and the JSON Schemas discussion will be interesting, but >> non-disruptive. The RDF Dataset Canonicalization WG is under way and >> seems to be on a good trajectory. We stayed away from discussing >> digital wallet protocols, which was probably a good thing. >> ---------------------------------- >> The SD-JWT work was introduced to the group as a selective disclosure >> scheme for JSON payloads. There was some serious shade thrown at BBS >> and AnonCreds during the meeting by the EU Digital Identity initiative >> stating that "Our cryptographers have looked at both BBS and AnonCreds >> and rejected them for being overly complex". Both Avast and Digital >> Bazaar fired back noting the CFRG uptake of BBS at IETF and they >> backed off to a "Oh, I mean, it's on an experimental path, but we are >> committed to SD-JWT, which is not experimental and >> uses NIST-approved cryptography."... people should be worried about >> this. It feels rushed. >> The JWP stuff is even further behind. There was a suggestion that >> VC-JWT will be dropped for SD-JWT, or JWP, or maybe we'll keep all of >> them, or something better will come along. This work could have a >> negative effect on the greater community around VC interoperability. >> Adding two new "securing VC" mechanisms to the existing two mechanisms >> seems problematic. We'll have to give that spec more time to breathe >> and improve. >> ------------------------ >> >> Those are my notes, I hope they are useful to those that were not able >> to attend W3C TPAC. If others have notes on the stuff that's public >> knowledge (via transcripts), please share. >> >> -- manu >> >> -- >> Manu Sporny - https://www.linkedin.com/in/manusporny/ >> Founder/CEO - Digital Bazaar, Inc. >> News: Digital Bazaar Announces New Case Studies (2021) >> https://www.digitalbazaar.com/ >> >>
Received on Tuesday, 20 September 2022 23:39:27 UTC