- From: <msporny@digitalbazaar.com>
- Date: Tue, 26 Aug 2014 14:47:28 -0400
- To: Credentials CG <public-credentials@w3.org>
Thanks to Dave Longley for scribing this week! The minutes for this week's Credentials CG telecon are now available: http://opencreds.org/minutes/2014-08-26/ Full text of the discussion follows for W3C archival purposes. Audio from the meeting is available as well (link provided below). ---------------------------------------------------------------- Credentials Community Group Telecon Minutes for 2014-08-26 Agenda: http://lists.w3.org/Archives/Public/public-credentials/2014Aug/0001.html Topics: 1. Introductions 2. Overview of W3C Community Group Process 3. Charter Review 4. Questions Related to CG Operation 5. Use Case Review Resolutions: 1. Hold a vote on the Credentials CG Charter starting Friday, August 29th 2014 with the vote open for 2 weeks. Accept the charter if 2/3rds majority of votes cast are in favor. Organizer: Manu Sporny Scribe: Dave Longley Present: Dave Longley, Manu Sporny, Mark Leuba, Pindar Wong, David I. Lehn, Bailey Reutzel, Sunny Lee, Chris MacAvoy, Mary Bold, Richard Varn, Bill Gebert Audio: http://opencreds.org/minutes/2014-08-26/audio.ogg Dave Longley is scribing. Manu reviews the agenda with the telecon participants. Manu Sporny: On the agenda today, we're going to spend a good chunk of time on introductions, Community Group process, charter review, ensuring everyone's questions are answered, and use cases. Anything else to update or add on the agenda? If not, we'll begin. Topic: Introductions Mark Leuba: My name is Mark Leuba and I'm an independent consultant, was CTO/CIO with American Public University, I've been working on projects periodically, with the obvious need for security in identity. I saw the work on global payments and understood that to be central to the value of secure mobile identity. I'm interested in secure identity in educational and institutional sphere, there aren't many solutions in this area that are better than what this group is doing. I'd like to do what I can to help support the standard. Pindar Wong: Hi, Pindar Wong from Hong Kong. I'm the Chairman of VerifFi Ltd. I'm porting over from the Web Payments CG, very interested in online identity. About 21 years ago there was a famous cartoon with a dog in front of a computer that stated: "On the Web, nobody knows you're a dog." I'd like to move the state of the art forward. I'm interested in international property trading, I'm involved in government from the policy side in Hong Kong and China. David I. Lehn: I'm David Lehn from Digital Bazaar, I work on standards around payments and finance. Bailey Reutzel: Hi, my name is Bailey Reutzel. I work for Payments Source and write about global payments. I've also been working on writing about credentials and anything standards related and am here to help edit the specifications that this group creates. Sunny Lee: I've been working on Mozilla OpenBadges for over 3 years, which is Mozilla's work on a badging/credentialing standard. I've since left Mozilla and started at the Badge Alliance. Dave Longley: Hi my name is Dave Longley, co-founder and CTO of Digital Bazaar, one of the primary authors of JSON-LD. I've been involved with work around world standards and Linked Data for a while now. [scribe assist by Manu Sporny] Manu Sporny: Hi, Manu Sporny - I've chaired the W3C RDFa 1.1 working group, Web Payments and JSON-LD work. I'm a co-author of JSON-LD. I'm a founder and CEO of Digital Bazaar, where we spend most of our time creating standards and technology around hi-stakes credentials and payments on the Web. Credentials was spin off from the web payments work, we know that the credentials work will be useful for more than just banks and financial institutions and we wanted to bring in a broader perspective. We wanted to involve not just financial institutions, but governments and educational institutions and others to focus on a more general credentialing solution. Chris MacAvoy: Hi, Chris MacAvoy, I work with Sunny at the OpenBadge Alliance. I've been working on that for a number of years, working on the standards that define open badges, I'm excited to be part of this group. Mary Bold: Thanks to Manu for bringing people together, I'm from education and workforce sectors. I'm with a startup called Accreditrust that is entering the arena of credentials. We're committed to open standards. We see standards as crucial to the adoption of any credentials, from low-stakes badge up to hi-stakes for drivers license, university degree, etc. We think that governments and other large orgs won't be ready to go down the high-stakes credentialsroad until we've got standards in place. Richard Varn: I'm a Distinguished Presidential Appointee at Educational Testing Service and a former CIO for the state of Iowa. I've had a long interest in credentials since my work as the CIO of Iowa, working on many systems for identity credentials, security. I've been pushing very hard to get ETS involved in this credentials standardization effort. I can speak to Mary's concerns and say we won't be able to adopt until there is a decent standard. Bill Gebert: I'm a strategic adviser at ETS and have worked with them for over 10 years. Previously I was involved in VerticalNet during the dotCom boom in the late 90's early 2000s. I look forward to participating in this group Manu Sporny: Just to mention a few of the people that couldn't make the call today. Tim Holborn runs a Web Civics group out of Australia, his focus is on people owning their own credentials, comes from data privacy perspective. Evgeny Vinogradov is from Yandex which is basically the Google of Russia, they run payment, identity systems but this is late in the day for him so he's not here. Markus Lanthaler wanted to be here as well, one of the co-authors of JSON-LD and is focused on REST APIs for transmitting data back and forth. He is involved in Social Web Technical Working Group at W3C and we should be having crosschat with them, as we decide what specs we want to focus on here, anything else as far as intros are concerned before we move on? Manu Sporny: In general, I think we're off to a great start. We have folks from the financial, education, open source, web standards sectors here, great to have diverse industries on the same call, that's not easy to do. Manu Sporny: I really appreciate everyone showing up and being a part of the conversation. Topic: Overview of W3C Community Group Process Manu Sporny: The company group process is very lightweight, we don't have a lot of W3C support until we go to them directly and ask for it. So all the intellectually property stuff is dealt with in a light manner, every org is expected to do some IP release (you did this when you signed up to the group), if you are on the mailing list don't mention an IP/patent stuff at all if you don't want us to know about it (or risk your filing deadlines). Manu Sporny: The W3C CG process is designed to incubate technology, it's the same process we used to incubate JSON-LD and push it through W3C. It can be a fairly rapid process, we were able to go from JSON-LD CG through to a standard in ~3 years, which is very fast vs. usual 5-7 year timeframe. Manu Sporny: We will iterate on the tech here and then take that output and give it to W3C to create the standard Manu Sporny: What the tech is and what it does will be what we discuss in the next months here Manu Sporny: We will have weekly telecons, agenda is created by the group, if someone wants to talk about something they send something to the mailing list to get it put on the agenda, group talks about technical nature of the work, what specs need to be written, volunteers go off and write them, once they are in a good state to get pushed through W3C standardization process, then we agree as a group to push it to the formal process at W3C, which involves identifying patent/IP issues, etc Manu Sporny: Once it's in W3C process at that point a more deliberate/slow process takes over Manu Sporny: So to recap, we meet weekly, talk about technical issues, write specs, then we hand it off to the official W3C technical standardization process Manu Sporny: If they pick it up, then it would take 3-4 years to reach official status Manu Sporny: Any questions about the process? Mary Bold: I've got a question about logistics. I'm sure Yandex doesn't need me worrying about them, please discuss if there will be alternate times for meetings or will Yandex catch up / get to calls as they need, we have international group and want to make this work for as many as we can Manu Sporny: There is a precedent for having alternate calls for folks in non-western hemisphere, we could have the calls at 10am ET it would be better for him, it makes it 7pm for Evgeny (Yandex), he's good at following the minutes, it's really based on demand, if majority of folks are in EU, if we get Australia/China/Russia/etc then we'll make the call match that time zone. Pindar Wong: Normally the minutes are usually quite complete so it's pretty easy to catch up on what the group is up to Pindar Wong: If you can't make the calls the minutes are usually scribed well Manu Sporny: We try to run this group in a fair way. So everyone gets a chance to scribe, you'll know well in advance when to scribe. Dave longley volunteered today, but we'll alternate throughout, everything in this call is recorded, audio, detailed minutes, we are as transparent as possible, this is fairly unique, not every group records the audio and the minutes. If, for whatever reason, if you say something in the audio for whatever reason that is supposed to be a trade secret (or not widely publicized) we can go and cut it from the audio, you have to let us know and we'll do that, but it takes some time to do it Manu Sporny: The minutes we try to get up shortly after the telecons Manu Sporny: Any questions? No other questions. Topic: Charter Review Manu Sporny: http://www.w3.org/community/credentials/charter/ Manu Sporny: There is a draft charter that is up, we've gotten input from a number of orgs that want to participate including most of the folks on the call today, the charter has basically been taken from the Web Payments group and JSON-LD group, been slightly modified, is battle tested, works fairly well, never had an issue with how decisions are made, etc. charter outlines our scope of work, focuses on digitally verifiable credentials Manu Sporny: Identity credentials work started in web payments and badge alliance work is in scope Manu Sporny: We are trying to be focused yet inclusive Manu Sporny: I didn't hear anyone introduce themselves today that might be doing stuff that wouldn't fit into the scope of work for the charter Manu Sporny: Any questions on scope of work? No question on scope of work. Manu Sporny: There is a section on work items in the charter, right now we only have three items, to be clear this charter hasn't been ratified by the group so proposals can be made to change it, the three items now are HTTP signature specification, that is being pushed through IETF, it is expected to be co-owned by Web Payments group and Credentials group and IETF and is low-level can be used in a number of use cases Manu Sporny: The HTTP signature spec lets you verify that a piece of software that sent you a message is operating on a particular entity's behalf behalf, so if someone sends you a credential then you can know that the person on the other end is who you think they are (the US Government, for instance) Manu Sporny: It verifies that the message channel is secure over just plain old HTTPS. Manu Sporny: Another spec is secure messaging, that allows you to put your stamp of approval on a particular credential, that is being shared with Web Payments CG, Credentials CG, the Social Web group may pick up the work Manu Sporny: The last one is the Identity Credentials spec that tells you how to express a credential in JSON-LD Manu Sporny: The reason we are starting with those, DB created the vast majority of the specs, we have handed all IP over to W3C which must happen for a worldwide standard, it's good to start these groups with some tech from some company to ground the discusison Manu Sporny: Otherwise you go in circles about what the group is building Manu Sporny: I certainly don't want to put anyone on the spot today on tech that their orgs may contribute to the work we're doing here, that said, does anyone want to raise any other work items to pick up in this group? Manu Sporny: Any other tech to pick up? Pindar Wong: Given that this group is just getting going, what is important is to let people know this group exists to let people know about the question you just asked, as this group becomes more well known I expect others to answer, it's important to get the word out Manu Sporny: Yes, thank you, and we've got a number of events coming up where we can do that Manu Sporny: Moving down the charter, we have dependencies, liaisons, etc. Manu Sporny: There are a number of other W3C tech groups, etc. to talk to to make sure orgs such as IMF global, etc. know what's going on Manu Sporny: We're very interested in reaching out and making sure they know that we're doing work that relates to work they are doing as well Manu Sporny: Next week, Mary, Pindar, myself, folks from EFF, and other educational/payment-related orgs, are going to be at the Internet Governance Forum, put on by the UN, to talk about what we're doing. Manu Sporny: The work that we're doing here is meant to be purely technical, any policy should be moved out of the group to venues like the IGF. W3C works well by keeping policy discussion out of technical groups, IGF and forums like it are the right place for policy discussions. Manu Sporny: We are primary focused on technology, not rule of law, regulation, etc. though it will certainly affect this work Manu Sporny: If we can identify good external groups to pick up non-technical conversations, we should do that. Manu Sporny: Any questions on scope of work? No questions. Manu Sporny: W3C operates by consensus; groups operating under and near it try and make sure as many people as possible are happy with the technical discussions we're making Manu Sporny: In lieu of that, if there are objections, we ask the objector if they see it as a blocking issue ... meaning whether or not we can continue without fully addressing their concerns Manu Sporny: Usually takes a week or two to deal with it objections. If we can't resolve an objection then we move to a chair decision or a vote which is very rare. Manu Sporny: Having a formal vote is very rare, it's a multiweek process that slows everything down Manu Sporny: We're trying to effectively build the same capability and we're all working together Manu Sporny: The decision making process is outline in the charter, we go to working consensus, if no consensus, chair makes a decision if [missed] then it goes to a formal vote Manu Sporny: Speaking of chair we don't have one yet Manu Sporny: The group will need to decide who the chair will be over the next couple of weeks, we can operate without one for a while, but W3C wants us to name one, can be up to 3 chairs, if we have this many people on the call i'd expect at least two chairs to share the load of running the group Manu Sporny: As far as process is concerned we are very transparent, everything minuted, general public can see the whole process Manu Sporny: Don't say anything to put your org in a tough position, but since we focus on technology usually not an issue Manu Sporny: That's effectively the charter, any concerns about how this group runs or the decision process? Pindar Wong: A vote on the charter is expected by September 15th? can we discuss that? Manu Sporny: We needed to have this call to make sure people knew about it could discuss it, we hope to have a vote by then, really we don't need one but it makes things go more smoothly with W3C. For example, an org could come in that wants the group to fail and say the process isn't formal enough because there isn't an agreed upon charter and thus the entire output of the work should be ignored. So, the sooner we get a charter in place the better. Manu Sporny: Sept 15th is the hope, but it could be longer, October, etc. Mary Bold: To pick up on Pindar's point, if we use the calendar to anchor this decision, would it be wise to have chairs and charter before TPAC? We can advance the work there and it's several days prior to Halloween in US, that's the last week of October. Mary Bold: Could we talk about having several weeks with charter endorsements and a couple of co-chairs so we have that show of strength in the next couple months? Mary Bold: Give us a couple of weeks to locate willing co-chairs to bring us some stature Manu Sporny: Yes, and the sooner we get all that process out of the way the sooner we can discuss the technology which is the main reason we're here. Manu Sporny: It's really only limited by how quickly everyone in the group can move. Manu Sporny: Next week a number of people will be at IGF, but maybe by next call we can put forth a proposal to get things adopted Manu Sporny: Other option is to do it over the mailing list. Manu Sporny: Today or tomorrow or the day after we can start a vote on the charter and have two weeks for voting and then we'll have an operational charter if it passes Manu Sporny: Other people on the call will have to give their preference. Manu Sporny: My personal preference would be to do it as quickly as possible, it's not a very controversial charter, we've used it in other groups and gotten their experimental tech all the way through the W3C process Pindar Wong: I'd been in favor in started as soon as possible Manu Sporny: Chairs will be whomever volunteers. I'll be way too busy to chair, but I can support by doing the administrative stuff, taking of minutes, posting them, etc. i can help there as well as make sure we're staying within CG and W3C process. Manu Sporny: If you've never chaired a W3C group in the past don't let that prevent you here, you'll have plenty of help Manu Sporny: Any other comments for voting on the charter? Manu Sporny: If there are no objections I'll put it up for a vote this week No objections. PROPOSAL: Hold a vote on the Credentials CG Charter starting Friday, August 29th 2014 with the vote open for 2 weeks. Accept the charter if 2/3rds majority of votes cast are in favor. Dave Longley: +1 Chris MacAvoy: +1 Sunny Lee: +1 Manu Sporny: +1 Bailey Reutzel: +1 Richard Varn: +1 Pindar Wong: +1 David I. Lehn: +1 Mary Bold: +1 Bill Gebert: +1 RESOLUTION: Hold a vote on the Credentials CG Charter starting Friday, August 29th 2014 with the vote open for 2 weeks. Accept the charter if 2/3rds majority of votes cast are in favor. Manu Sporny: Any questions related to the charter? No questions related to the Charter. Topic: Questions Related to CG Operation Pindar Wong: All the work is in English? Manu Sporny: All W3C work is required to be in English, if our technical work makes it all the way through the W3C process then there will be translations from English to other languages Manu Sporny: Yes, Pindar, it's a part of the W3C that all work, meetings, documents written in English Manu Sporny: Any other questions related to CG operation? Manu Sporny: For those of you not on the IRC channel, you definitely want to be on it in later meetings, you can connect with a web browser, it's important for a variety of reasons. The first is ensuring the minutes are correct, so if you see the scribe misrepresent what you said you can correct what you said at that point, we share links in there on the topics we're discussing, you can control the voice channel so you can tell what's going on, there's a voip-bot you can tell to mute you, disconnect/alias you, tell it that you want to speak, if there was a heated discussion we ask people to put themselves on a speaking queue and we'll go through the order in the queue, very useful if lots of people join Manu Sporny: You put yourself on the queue by saying "q+" and take yourself off by saying "q-" Topic: Use Case Review Manu Sporny: https://www.w3.org/community/webpayments/wiki/UseCases#Identity Manu Sporny: We had lots of orgs at Web Payments Workshop like Bloomberg, Google, US Federal Reserve, AT&T, Telefonica, PCI Security Standards Council, etc. A lot of companies there outlining use cases around identity. Manu Sporny: The Web Payments CG has been refining these identity use cases over the past couple of months, but is handing the identity use cases over to this group to make sure this group takes those use cases into account. Manu Sporny: Throwing that out there so if people didn't know about those use cases they do now, and we'll need to add more use cases around credentials in education and those sort sof things in this group Manu Sporny: Any questions on the use cases? No questions about use cases Manu Sporny: If there are no other comments or questions, we'll go ahead and end the call now, the next call will not be next week because a number of us will be at IGF talking about credentials, policy, law all around this stuff, we'll post the results of that to the credentials CG mailing list Manu Sporny: But the next call will be the week after that same time and day, etc. (September 9th, 2014). Manu Sporny: Any other questions? Sunny Lee: Thank you everyone! None, lots of "thank you"s Manu Sporny: The sooner we get through this administrative stuff, the sooner we can focus on the tech.
Received on Tuesday, 26 August 2014 18:47:52 UTC