- From: Doug Schepers <doug@schepers.cc>
- Date: Mon, 2 May 2016 15:44:27 -0400
- To: Blockchain Workshop <public-blockchain-workshop@w3.org>
- DRAFT - Blockchain Workshop Open Program Committee Call 29 Apr 2016 See also: [2]IRC log [2] http://www.w3.org/2016/04/29-blockchain-irc Attendees Present Bailey, Reutzel, Joseph, Lubin Regrets Chair Doug Schepers (shepazu) Scribe wseltzer, hhalpin Contents * [3]Topics 1. [4]Welcome * [5]Summary of Action Items * [6]Summary of Resolutions __________________________________________________________ <shepazu> test <hhalpin> No more Zakim! <shepazu> hhalpin, how do we start the logger without Zakim <ChristopherA> I'm here. <vladzamfir> hi <shepazu> hi, vladzamfir <petertodd> hi <hhalpin> hey petertodd, are you in boston tomorrow? <hhalpin> If so, let's hang out <ebuchman> hi all! <petertodd> hhalpin: yes, but I get in late in the evening; there for all of sunday <ChristopherA> Christopher Allen - Blockstream (and #RebootingWebOfTrust and #ID2020Summit) <afdudley> hi. <afdudley> Rick Dudley, Eris Industries. <wseltzer> Wendy Seltzer, W3C <hhalpin> Harry Halpin, W3C <petertodd> peter todd, independent consultant and bitcoin core <ChristopherA> BTW, if you've not seen my long read blog post on Self-Sovereign Identity this week, it is at [7]http://www.lifewithalacrity.com/2016/04/the-path-to-self-sov erereign-identity.html [7] http://www.lifewithalacrity.com/2016/04/the-path-to-self-soverereign-identity.html <CMickeyB> mic bowman... intel <ChristopherA> It seems to be well accepted by the Internet Identity Workshop community, and applies blockchain principles. <vladzamfir> have not, but i do have a lot of thoughts about the topic :P <Shinichiro> HI <Shinichiro> Web Client now works. I'm Shin'ichiro Matsuo, Research Scientist and co-founder of BSafe.network. <marta_> Marta Piekarska, Security Architect @ Blockstream <Erik> Erik Anderson, Bloomberg <vladzamfir> I'm vlad zamfir, researcher at ethereum <ChristopherA> Christopher Allen - Principal Architect, Blockstream (and #RebootingWebOfTrust and #ID2020Summit) <ChrisTse> I'm Chris Tse, CTO of Monegraph. <wseltzer> Dazza Greenwood, Media Lab, Civics.com <shepazu> Dazza Greenwood, Media Lab <marta_> (also Phd Researcher at Technical University of Berlin and #RebootingWebOfTrust) <wseltzer> Joe Lubin, co-founder Ethereum <shepazu> Joe Lubin, Ethereum, ConsenSys <muneeb> Muneeb here. Cofounder Blockstack labs. Some of you might know us as the folks who built the onename app <wseltzer> Daniel Buchner, Microsoft blockchain identity <ebuchman> im ethan buchman, cofounder/CTO at Tendermint <wseltzer> Christopher Allen, Blockstream <wseltzer> Mic Bowman, Intel distributed ledgers research group <wseltzer> @@: Ethereum space <wseltzer> Muneeb, Blockstack lab, onename <wseltzer> Ryan Shea, Blockstack <wseltzer> John Lubich, Consensys, energy markets <ChristopherA> United Nations Digital Idenity Smmit [8]http://id2020summit.org & [9]http://www.RebootingWebOfTrust design workshops. [8] http://id2020summit.org/ [9] http://www.RebootingWebOfTrust/ <wseltzer> Mark D'Agostino, @@ <wseltzer> Shinichiro, @@ <wseltzer> Carla Reyes, Attorney <muneeb> That's Ryan Shea for Blockstack labs <wseltzer> Erik Anderson, Bloomberg, W3C Web Payments IG co-chair <wseltzer> ChrisTse, Monegraph; co-chair Permission and Exprexsions WG at W3C <wseltzer> Rick Dudley, Eris Industries <wseltzer> @@, Consensys <wseltzer> Harry Halpin, W3C, WebCrypto and WebAuthentication WGs <inserted> scribenick: wseltzer Wendy Seltzer, W3C Technology & Society Domain Bailey Reitzel, independent journalist covering digital currency <Erik> ChrisTse, Content Licensing is a perfect use case for Blockchain. I discussed this at the last W3C Web Payments Face to Face. Marta Piekarska, Blockstream, researcher, Rebooting Web of Trust Ethan Buchman, co-founder Tendermint Vlad, Consensys Welcome shepazu: Welcome, thanks for joining ... workshop page is a starting point; looking to PC to help refining ... W3C workshop, when we see an area that might benefit from standardization ... we want to hold a productive discussion to see if there's something we could help ... Goals, broadly, to look for standardization opportunitites re: blockchain and the Web ... *and the web* being the key ... what needs to be added to the Web, or added to the blockchain platform ... Invited you here to help shape the workshop ... hoping you'll join the PC ... PC helps design the agenda <Erik> Ya! :) shepazu: Thanks Bloomberg for sponsorship! ... Next Wednesday, we plan to announce publicly with call for participation ... call for statements of interest ... We have 60 seats, so we want to get the right participants into the room <ChristopherA> +q shepazu: before the workshop, we'll review submissions for relevance, interest ... During the workshop, we'll ask for chairs for session topics ... and after the workshop, help drafting report [note, the birds have been muted] <shepazu> [10]https://www.w3.org/2016/04/blockchain-workshop/ [10] https://www.w3.org/2016/04/blockchain-workshop/ shepazu: please review the workshop page, make sure it reflects what we want to see <muneeb> The birds was from my end. Apologies for that. I've muted myself please unmute at the other end :-) ChristopherA: I host design workshops, at rebooting web of trust, we suggest call for topics rather than call for papers ... that's a way to get the signal-to-noise management ... ask that they specify a use case, problem ... then the workshop uses unconference <ChristopherA> Key thing with topic subs vs paper subs is slightly lower bar <muneeb> Can you comment a bit more on why it might be too early for w3c W3C often uses "expression of interest" as that lower bar, similar to topics <ChristopherA> I think there are some select things that would be very useful. shepazu: input on goals? DanielB: identity offers the widest benefit I've seen in my experience ... something we'll be given away ... also speaking with Scott Jensen, Google's Physical Web ... identification issues of beacons <ChristopherA> #RebootingWebOfTrust community is also working on blockchain identity issues, both reservations against some approaches, and suggestions for others. DanielB: push notifications <ChristopherA> Also very interested in proof-of-publication and proof-of-existance is useful for web shepazu: thanks. Can you share a writeup that we might add to the web intro? Ryan_Shea: identity is a great place for W3C to get involved ... working with MS, Consensys around describing identity, building off schema.org, json-ld, jwt <dazzag> hi ChristopherA: identity, rebooting web of trust working with XDI, verified claims ... another issue, proof of publication, proof of existence approaches standardized <dazzag> Dazza raises hand for speaker queue ChristopherA: a logical addition to a signature <CMickeyB> gotta drop for a conflicting meeting... will catch up later ChristopherA: selective disclosure, for confidentiality and privacy <vladzamfir> the opportunity and risk of the WC3 getting involved in standards for identity, credentialing and access control systems is that they have strong network effects - the W3C could influence what protocols get adopted, which could potentially help things not go badly, but can also go badly shepazu: by queueing, you're committing to sending me email ... with explanation of your suggestion ... W3C has some activities that are browser focused; others that are more vocab, schema focused <ChristopherA> Another topic is wallets — they are not just for payments. shepazu: please help identify where you think your idea fits <John> just a quick point wrt to identity and the question of agency within the context of the physical infrastructure of the grid decentralizing <hhalpin> scribenick: hhalpin <wseltzer> Erik: identity, data security are critical Erik: When I say identity, I'm warning that this is a big pitfall ... what does that mean? ... does it mean hardware secure servce <Erik> [11]https://www.w3.org/community/hb-secure-services/ [11] https://www.w3.org/community/hb-secure-services/ Erik: W3C is in process of a few things <Erik> [12]https://w3c.github.io/websec/hasec-charter [12] https://w3c.github.io/websec/hasec-charter Erik: offer API-level access to hardware ... a surrogate for identity ... adding web of trust <vladzamfir> doing I/O with the blockchain requires that clients have information about the consensus protocol and trust model - we don't understand consensus protocols and their trust models well enough to standardize this interface, and it's not yet clear that we ever will <ChristopherA> Erik -> (and other people) I encourage identity folks to check out #RebootingWebOfTrust [13]http://www.WebOfTrust.info on May 21st & 22nd after the UN summit on Digital Identity. [13] http://www.WebOfTrust.info/ <ChristopherA> Another topic is architectures for layer between consensus and business logic <ebuchman> two standards im looking for in the industry: generic authenticateddatastructures (ideally including consensus, but as vlad alludes that may not be possible in general, maybe we have a few key types), and the interface between applications and consensus, as chris just said, and for which Tendermint has proposed TMSP <vladzamfir> anything that sits on a consensus protocol needs to understand what it would take to undermine the guarantees they rely on <Erik> Yes Christopher. I know John Edge, founder of ID2020 <Erik> Please look at this for use cases on the Web [14]https://www.w3.org/Payments/IG/wiki/Main_Page/FTF_Feb2016/B lockchain_and_the_Web [14] https://www.w3.org/Payments/IG/wiki/Main_Page/FTF_Feb2016/Blockchain_and_the_Web <ChristopherA> On the topic of what shouldn't be on the blockchain, there was an Internet Identity Workshop conference topic on this exact that there are some notes from. <shepazu> marta: also make sure that we avoid the "put a blockchain on it", and set guidelines on what should be applied to blockchain (on the Web) <Erik> <---- Bloomberg is a significannt to the Chromium Webkit. Please dont assume its all Browser vendor centric <dazzag> Dazza commented 1. would be helpful to have simple materials available for attendees to understand/stay focused on what sorts of things that are good candidates for standardization, when in the lifecycle is best/worst for standardization. Marta: What are the use-cases ... is it just 'put a blockchain' on it? hhalpin: We need to add WebCrypto extensions and Web Payments connection to Bitcoin ... on the agenda as well, maybe do another day for more fuzzy broadly scoped blockchain (i.e. Merkle tree) work? <dazzag> Dazza commented 2: We should make it easy to elicit input from a wide range of people and orgs and perspectives beyond those who will join us in person. Online, for example, using one or more methods one or more people on the program cmt could provide. hhalpin: note that lots of work like hardware backed security needs more browser support ... can we get Google and Mozilla on board? <Erik> I formerly disagree to the WebCrypto API as identity. Software based PKI identity is stolen everyday. those keys are stolen everyday dbuchner: I've been discussing this with Mozilla and Google, happy to help Erik, please point to attacks on WebCrypto keys. There are no known ones. I'm sure they exist, but its not exactly known. I do agree with hardware keys, and the FIDO/WebAuth appraoch seems solid to me. @@: There's lots of standards but mostly from venture-backed company, everyone has their own scribe: therefore, maybe W3C can be a good neutral party @@1: The topic of identity is crucial to decentralizing the grid, reconcile hardware owners and operators shepazu: Is there a Web aspect? <Erik> hhalpin: Use Case. Man in the browser that steals your software based PKI key. I can give you news articles EVERYDAY where PKI are stolen by ransomware. Erik: WebCrypto doesn't interface with traditional PKI on purpose ... furthermore, the browser vendors have made it clear that they have no interest currently this. ... I agree hardware tokens help, but they need to be scoped to the Web, i.e. same origin policy, which is precisely what WebAuth does ... last, you still haven't pointed me to an attack on actual WebCrypto keys. I think it's FUD that WebCrypto is less secure than any other software-based keys <ChristopherA> +1 on identifying risk surfaces vlad: We have to be careful re standards that have network effects we aren't aware of <Erik> Blockchain, as it applies to the web & data structure. 1) Identity. 2) Data Security/Privacy 3) Standard API to interface with Blockchain. 4) Data Structures and exchange format. shinichiro: How do we produce scientific engineering aspects ... key management is weak on bitcoin ... XAdes can contribute ... another body of ISO wants a new TC <afdudley> how do I get on the queue? <vladzamfir> hhalpin - issue is that we don't understand identity/credentialing/access policies that well, not that we don't understand network effects ;) <ChristopherA> We also should be talking some about how to move faster. <Shinichiro> XAdeS <ChristopherA> Early standards need be incremental if they set baseline, late standards can take longer <Shinichiro> Australian NB have proposed to initiate new TC in ISO. Note that we'd like to note that W3C provides royalty-fee recommendations, which is quite stronger than 'it's a standad cause we put it on the web-page' <ChristopherA> I do believe that the workshop itself should emerge these. shepazu: Please communicate with me ASAP before Wednesday, workshop is announced on Wednesday <Erik> Blockchain, as it applies to the web: 1) Identity 2) Data Security/Privacy & Crypto Key management 4) Standard API to interface with Blockchain 5) Data Structures and exchange format <ChristopherA> (I'm challenged next week because of Consensus & Hyperledger F2F) <afdudley> What is interledger? shepazu: If you have anyone outside this group who should be preferred? <Erik> Interledger = [15]https://www.w3.org/community/interledger/ [15] https://www.w3.org/community/interledger/ <afdudley> Yeah, so I think we need something like that for identity and objects. <vladzamfir> 4) is not close to possible at the moment So clearly missing on the call is the DCI initiative who are co-hosting or possibly co-chairing <shepazu> hhalpin, yes, Neha couldn't join today Second, in terms of banking RC3, and DCI and the other Bitcoin coredevs they host (why not have everyone in same room?) dazzag: We have DCI in the same lab as myself ... so we should be able to connect <dazzag> would be happy to help on the program cmt and moreover to help out <dazzag> harry - who is on from DCI? shepazu: We haven't decided on co-chairs ... please email me re Program Committee ASAP ... Workshop format <ChristopherA> For an example of a Design Workshop format, this is last november' #RebootingWebOfTrust [16]https://github.com/WebOfTrustInfo/rebooting-the-web-of-trus t/tree/master/event-documents/process [16] https://github.com/WebOfTrustInfo/rebooting-the-web-of-trust/tree/master/event-documents/process shepazu: iighting talks ... one or two different birds of a feather topic tables ... 'unconference style' ... to then give reports ... and then break up again <ChristopherA> I also helped design lightning talk format for Blockstack's last summit. shepazu: consequent to intial topic ... demos and panel sessions ... summarize and synthesize <ChristopherA> Design workshops come close to unconference/open space but some more facilitation. I would recommend doing short-term topics first in break-outs, then longer-term ChristopherA: In terms of the format I used, it was good to have people meet ... within 3 hours ... the things most worthwhile had came to top ... traditional uncofnrence tends to meander +1 ChristopherA scribe: for things that are only of interest ... for a few people Erik: I was looking at Christopher's document ... we dont' want just talks about startups that approach problem in same ways ... but going into use-cae ... should help narrow the topics shepazu: AOB? ... if not, I appreciate everyone's time ... and I hope most of you will be on program committee <ChristopherA> thank you everyone! shepazu: I hope talking to all of you more +1 thanks! Meeting Adjourned <wseltzer> Attendees: listed in intros Summary of Action Items Summary of Resolutions [End of minutes]
Received on Monday, 2 May 2016 19:44:55 UTC