W3C home > Mailing lists > Public > public-credentials@w3.org > August 2014

Credentials CG Telecon Minutes for 2014-08-26

From: <msporny@digitalbazaar.com>
Date: Tue, 26 Aug 2014 14:47:28 -0400
Message-Id: <1409078848783.0.12042@zoe>
To: Credentials CG <public-credentials@w3.org>
Thanks to Dave Longley for scribing this week! The minutes
for this week's Credentials CG telecon are now available:


Full text of the discussion follows for W3C archival purposes.
Audio from the meeting is available as well (link provided below).

Credentials Community Group Telecon Minutes for 2014-08-26

  1. Introductions
  2. Overview of W3C Community Group Process
  3. Charter Review
  4. Questions Related to CG Operation
  5. Use Case Review
  1. Hold a vote on the Credentials CG Charter starting Friday, 
    August 29th 2014 with the vote open for 2 weeks. Accept the 
    charter if 2/3rds majority of votes cast are in favor.
  Manu Sporny
  Dave Longley
  Dave Longley, Manu Sporny, Mark Leuba, Pindar Wong, David I. 
  Lehn, Bailey Reutzel, Sunny Lee, Chris MacAvoy, Mary Bold, 
  Richard Varn, Bill Gebert

Dave Longley is scribing.
Manu reviews the agenda with the telecon participants.
Manu Sporny:  On the agenda today, we're going to spend a good 
  chunk of time on introductions, Community Group process, charter 
  review, ensuring everyone's questions are answered, and use 
  cases. Anything else to update or add on the agenda? If not, 
  we'll begin.

Topic: Introductions

Mark Leuba:  My name is Mark Leuba and I'm an independent 
  consultant, was CTO/CIO with American Public University, I've 
  been working on projects periodically, with the obvious need for 
  security in identity. I saw the work on global payments and 
  understood that to be central to the value of secure mobile 
  identity. I'm interested in secure identity in educational and 
  institutional sphere, there aren't many solutions in this area 
  that are better than what this group is doing. I'd like to do 
  what I can to help support the standard.
Pindar Wong:  Hi, Pindar Wong from Hong Kong. I'm the Chairman of 
  VerifFi Ltd. I'm porting over from the Web Payments CG, very 
  interested in online identity. About 21 years ago there was a 
  famous cartoon with a dog in front of a computer that stated: "On 
  the Web, nobody knows you're a dog." I'd like to move the state 
  of the art forward. I'm interested in international property 
  trading, I'm involved in government from the policy side in Hong 
  Kong and China.
David I. Lehn:  I'm David Lehn from Digital Bazaar, I work on 
  standards around payments and finance.
Bailey Reutzel:  Hi, my name is Bailey Reutzel. I work for 
  Payments Source and write about global payments. I've also been 
  working on writing about credentials and anything standards 
  related and am here to help edit the specifications that this 
  group creates.
Sunny Lee:  I've been working on Mozilla OpenBadges for over 3 
  years, which is Mozilla's work on a badging/credentialing 
  standard. I've since left Mozilla and started at the Badge 
Dave Longley:  Hi my name is Dave Longley, co-founder and CTO of 
  Digital Bazaar, one of the primary authors of JSON-LD. I've been 
  involved with work around world standards and Linked Data for a 
  while now. [scribe assist by Manu Sporny]
Manu Sporny:  Hi, Manu Sporny - I've chaired the W3C RDFa 1.1 
  working group, Web Payments and JSON-LD work. I'm a co-author of 
  JSON-LD. I'm a founder and CEO of Digital Bazaar, where we spend 
  most of our time creating standards and technology around 
  hi-stakes credentials and payments on the Web. Credentials was 
  spin off from the web payments work, we know that the credentials 
  work will be useful for more than just banks and financial 
  institutions and we wanted to bring in a broader perspective. We 
  wanted to involve not just financial institutions, but 
  governments and educational institutions and others to focus on a 
  more general credentialing solution.
Chris MacAvoy:  Hi, Chris MacAvoy, I work with Sunny at the 
  OpenBadge Alliance. I've been working on that for a number of 
  years, working on the standards that define open badges, I'm 
  excited to be part of this group.
Mary Bold:  Thanks to Manu for bringing people together, I'm from 
  education and workforce sectors. I'm with a startup called 
  Accreditrust that is entering the arena of credentials. We're 
  committed to open standards. We see standards as crucial to the 
  adoption of any credentials, from low-stakes badge up to 
  hi-stakes for drivers license, university degree, etc. We think 
  that governments and other large orgs won't be ready to go down 
  the high-stakes credentialsroad until we've got standards in 
Richard Varn:  I'm a Distinguished Presidential Appointee at 
  Educational Testing Service and a former CIO for the state of 
  Iowa. I've had a long interest in credentials since my work as 
  the CIO of Iowa, working on many systems for identity 
  credentials, security. I've been pushing very hard to get ETS 
  involved in this credentials standardization effort. I can speak 
  to Mary's concerns and say we won't be able to adopt until there 
  is a decent standard.
Bill Gebert:  I'm a strategic adviser at ETS and have worked with 
  them for over 10 years. Previously I was involved in VerticalNet 
  during the dotCom boom in the late 90's early 2000s. I look 
  forward to participating in this group
Manu Sporny:  Just to mention a few of the people that couldn't 
  make the call today. Tim Holborn runs a Web Civics group out of 
  Australia, his focus is on people owning their own credentials, 
  comes from data privacy perspective. Evgeny Vinogradov is from 
  Yandex which is basically the Google of Russia, they run payment, 
  identity systems but this is late in the day for him so he's not 
  here. Markus Lanthaler wanted to be here as well, one of the 
  co-authors of JSON-LD and is focused on REST APIs for 
  transmitting data back and forth. He is involved in Social Web 
  Technical Working Group at W3C and we should be having crosschat 
  with them, as we decide what specs we want to focus on here, 
  anything else as far as intros are concerned before we move on?
Manu Sporny:  In general, I think we're off to a great start. We 
  have folks from the financial, education, open source, web 
  standards sectors here, great to have diverse industries on the 
  same call, that's not easy to do.
Manu Sporny:  I really appreciate everyone showing up and being a 
  part of the conversation.

Topic: Overview of W3C Community Group Process

Manu Sporny:  The company group process is very lightweight, we 
  don't have a lot of W3C support until we go to them directly and 
  ask for it. So all the intellectually property stuff is dealt 
  with in a light manner, every org is expected to do some IP 
  release (you did this when you signed up to the group), if you 
  are on the mailing list don't mention an IP/patent stuff at all 
  if you don't want us to know about it (or risk your filing 
Manu Sporny:  The W3C CG process is designed to incubate 
  technology, it's the same process we used to incubate JSON-LD and 
  push it through W3C. It can be a fairly rapid process, we were 
  able to go from JSON-LD CG through to a standard in ~3 years, 
  which is very fast vs. usual 5-7 year timeframe.
Manu Sporny:  We will iterate on the tech here and then take that 
  output and give it to W3C to create the standard
Manu Sporny:  What the tech is and what it does will be what we 
  discuss in the next months here
Manu Sporny:   We will have weekly telecons, agenda is created by 
  the group, if someone wants to talk about something they send 
  something to the mailing list to get it put on the agenda, group 
  talks about technical nature of the work, what specs need to be 
  written, volunteers go off and write them, once they are in a 
  good state to get pushed through W3C standardization process, 
  then we agree as a group to push it to the formal process at W3C, 
  which involves identifying patent/IP issues, etc
Manu Sporny:  Once it's in W3C process at that point a more 
  deliberate/slow process takes over
Manu Sporny:  So to recap, we meet weekly, talk about technical 
  issues, write specs, then we hand it off to the official W3C 
  technical standardization process
Manu Sporny:  If they pick it up, then it would take 3-4 years to 
  reach official status
Manu Sporny:  Any questions about the process?
Mary Bold:  I've got a question about logistics. I'm sure Yandex 
  doesn't need me worrying about them, please discuss if there will 
  be alternate times for meetings or will Yandex catch up / get to 
  calls as they need, we have international group and want to make 
  this work for as many as we can
Manu Sporny:  There is a precedent for having alternate calls for 
  folks in non-western hemisphere, we could have the calls at 10am 
  ET it would be better for him, it makes it 7pm for Evgeny 
  (Yandex), he's good at following the minutes, it's really based 
  on demand, if majority of folks are in EU, if we get 
  Australia/China/Russia/etc then we'll make the call match that 
  time zone.
Pindar Wong:  Normally the minutes are usually quite complete so 
  it's pretty easy to catch up on what the group is up to
Pindar Wong:  If you can't make the calls the minutes are usually 
  scribed well
Manu Sporny:  We try to run this group in a fair way. So everyone 
  gets a chance to scribe, you'll know well in advance when to 
  scribe. Dave longley volunteered today, but we'll alternate 
  throughout, everything in this call is recorded, audio, detailed 
  minutes, we are as transparent as possible, this is fairly 
  unique, not every group records the audio and the minutes. If, 
  for whatever reason, if you say something in the audio for 
  whatever reason that is supposed to be a trade secret (or not 
  widely publicized) we can go and cut it from the audio, you have 
  to let us know and we'll do that, but it takes some time to do it
Manu Sporny:  The minutes we try to get up shortly after the 
Manu Sporny:  Any questions?
No other questions.

Topic: Charter Review

Manu Sporny: http://www.w3.org/community/credentials/charter/
Manu Sporny:  There is a draft charter that is up, we've gotten 
  input from a number of orgs that want to participate including 
  most of the folks on the call today, the charter has basically 
  been taken from the Web Payments group and JSON-LD group, been 
  slightly modified, is battle tested, works fairly well, never had 
  an issue with how decisions are made, etc. charter outlines our 
  scope of work, focuses on digitally verifiable credentials
Manu Sporny:  Identity credentials work started in web payments 
  and badge alliance work is in scope
Manu Sporny:  We are trying to be focused yet inclusive
Manu Sporny:  I didn't hear anyone introduce themselves today 
  that might be doing stuff that wouldn't fit into the scope of 
  work for the charter
Manu Sporny:  Any questions on scope of work?
No question on scope of work.
Manu Sporny:  There is a section on work items in the charter, 
  right now we only have three items, to be clear this charter 
  hasn't been ratified by the group so proposals can be made to 
  change it, the three items now are HTTP signature specification, 
  that is being pushed through IETF, it is expected to be co-owned 
  by Web Payments group and Credentials group and IETF and is 
  low-level can be used in a number of use cases
Manu Sporny:  The HTTP signature spec lets you verify that a 
  piece of software that sent you a message is operating on a 
  particular entity's behalf behalf, so if someone sends you a 
  credential then you can know that the person on the other end is 
  who you think they are (the US Government, for instance)
Manu Sporny:  It verifies that the message channel is secure over 
  just plain old HTTPS.
Manu Sporny:  Another spec is secure messaging, that allows you 
  to put your stamp of approval on a particular credential, that is 
  being shared with Web Payments CG, Credentials CG, the Social Web 
  group may pick up the work
Manu Sporny:  The last one is the Identity Credentials spec that 
  tells you how to express a credential in JSON-LD
Manu Sporny:  The reason we are starting with those, DB created 
  the vast majority of the specs, we have handed all IP over to W3C 
  which must happen for a worldwide standard, it's good to start 
  these groups with some tech from some company to ground the 
Manu Sporny:  Otherwise you go in circles about what the group is 
Manu Sporny:  I certainly don't want to put anyone on the spot 
  today on tech that their orgs may contribute to the work we're 
  doing here, that said, does anyone want to raise any other work 
  items to pick up in this group?
Manu Sporny:  Any other tech to pick up?
Pindar Wong:  Given that this group is just getting going, what 
  is important is to let people know this group exists to let 
  people know about the question you just asked, as this group 
  becomes more well known I expect others to answer, it's important 
  to get the word out
Manu Sporny:  Yes, thank you, and we've got a number of events 
  coming up where we can do that
Manu Sporny:  Moving down the charter, we have dependencies, 
  liaisons, etc.
Manu Sporny:  There are a number of other W3C tech groups, etc. 
  to talk to to make sure orgs such as IMF global, etc. know what's 
  going on
Manu Sporny:  We're very interested in reaching out and making 
  sure they know that we're doing work that relates to work they 
  are doing as well
Manu Sporny:  Next week, Mary, Pindar, myself, folks from EFF, 
  and other educational/payment-related orgs, are going to be at 
  the Internet Governance Forum, put on by the UN, to talk about 
  what we're doing.
Manu Sporny:  The work that we're doing here is meant to be 
  purely technical, any policy should be moved out of the group to 
  venues like the IGF. W3C works well by keeping policy discussion 
  out of technical groups, IGF and forums like it are the right 
  place for policy discussions.
Manu Sporny:  We are primary focused on technology, not rule of 
  law, regulation, etc. though it will certainly affect this work
Manu Sporny:  If we can identify good external groups to pick up 
  non-technical conversations, we should do that.
Manu Sporny:  Any questions on scope of work?
No questions.
Manu Sporny:  W3C operates by consensus; groups operating under 
  and near it try and make sure as many people as possible are 
  happy with the technical discussions we're making
Manu Sporny:  In lieu of that, if there are objections, we ask 
  the objector if they see it as a blocking issue ... meaning 
  whether or not we can continue without fully addressing their 
Manu Sporny:  Usually takes a week or two to deal with it 
  objections. If we can't resolve an objection then we move to a 
  chair decision or a vote which is very rare.
Manu Sporny:  Having a formal vote is very rare, it's a multiweek 
  process that slows everything down
Manu Sporny:  We're trying to effectively build the same 
  capability and we're all working together
Manu Sporny:  The decision making process is outline in the 
  charter, we go to working consensus, if no consensus, chair makes 
  a decision if [missed] then it goes to a formal vote
Manu Sporny:  Speaking of chair we don't have one yet
Manu Sporny:  The group will need to decide who the chair will be 
  over the next couple of weeks, we can operate without one for a 
  while, but W3C wants us to name one, can be up to 3 chairs, if we 
  have this many people on the call i'd expect at least two chairs 
  to share the load of running the group
Manu Sporny:  As far as process is concerned we are very 
  transparent, everything minuted, general public can see the whole 
Manu Sporny:  Don't say anything to put your org in a tough 
  position, but since we focus on technology usually not an issue
Manu Sporny:  That's effectively the charter, any concerns about 
  how this group runs or the decision process?
Pindar Wong:  A vote on the charter is expected by September 
  15th? can we discuss that?
Manu Sporny:  We needed to have this call to make sure people 
  knew about it could discuss it, we hope to have a vote by then, 
  really we don't need one but it makes things go more smoothly 
  with W3C. For example, an org could come in that wants the group 
  to fail and say the process isn't formal enough because there 
  isn't an agreed upon charter and thus the entire output of the 
  work should be ignored. So, the sooner we get a charter in place 
  the better.
Manu Sporny:  Sept 15th is the hope, but it could be longer, 
  October, etc.
Mary Bold:  To pick up on Pindar's point, if we use the calendar 
  to anchor this decision, would it be wise to have chairs and 
  charter before TPAC? We can advance the work there and it's 
  several days prior to Halloween in US, that's the last week of 
Mary Bold:  Could we talk about having several weeks with charter 
  endorsements and a couple of co-chairs so we have that show of 
  strength in the next couple months?
Mary Bold:  Give us a couple of weeks to locate willing co-chairs 
  to bring us some stature
Manu Sporny:  Yes, and the sooner we get all that process out of 
  the way the sooner we can discuss the technology which is the 
  main reason we're here.
Manu Sporny:  It's really only limited by how quickly everyone in 
  the group can move.
Manu Sporny:  Next week a number of people will be at IGF, but 
  maybe by next call we can put forth a proposal to get things 
Manu Sporny:  Other option is to do it over the mailing list.
Manu Sporny:  Today or tomorrow or the day after we can start a 
  vote on the charter and have two weeks for voting and then we'll 
  have an operational charter if it passes
Manu Sporny:  Other people on the call will have to give their 
Manu Sporny:  My personal preference would be to do it as quickly 
  as possible, it's not a very controversial charter, we've used it 
  in other groups and gotten their experimental tech all the way 
  through the W3C process
Pindar Wong:  I'd been in favor in started as soon as possible
Manu Sporny:  Chairs will be whomever volunteers. I'll be way too 
  busy to chair, but I can support by doing the administrative 
  stuff, taking of minutes, posting them, etc. i can help there as 
  well as make sure we're staying within CG and W3C process.
Manu Sporny:  If you've never chaired a W3C group in the past 
  don't let that prevent you here, you'll have plenty of help
Manu Sporny:  Any other comments for voting on the charter?
Manu Sporny:  If there are no objections I'll put it up for a 
  vote this week
No objections.

PROPOSAL:  Hold a vote on the Credentials CG Charter starting 
  Friday, August 29th 2014 with the vote open for 2 weeks. Accept 
  the charter if 2/3rds majority of votes cast are in favor.

Dave Longley: +1
Chris MacAvoy: +1
Sunny Lee: +1
Manu Sporny: +1
Bailey Reutzel: +1
Richard Varn: +1
Pindar Wong: +1
David I. Lehn: +1
Mary Bold: +1
Bill Gebert: +1

RESOLUTION: Hold a vote on the Credentials CG Charter starting 
  Friday, August 29th 2014 with the vote open for 2 weeks. Accept 
  the charter if 2/3rds majority of votes cast are in favor.

Manu Sporny:  Any questions related to the charter?
No questions related to the Charter.

Topic: Questions Related to CG Operation

Pindar Wong:  All the work is in English?
Manu Sporny:  All W3C work is required to be in English, if our 
  technical work makes it all the way through the W3C process then 
  there will be translations from English to other languages
Manu Sporny:  Yes, Pindar, it's a part of the W3C that all work, 
  meetings, documents written in English
Manu Sporny:  Any other questions related to CG operation?
Manu Sporny:  For those of you not on the IRC channel, you 
  definitely want to be on it in later meetings, you can connect 
  with a web browser, it's important for a variety of reasons. The 
  first is ensuring the minutes are correct, so if you see the 
  scribe misrepresent what you said you can correct what you said 
  at that point, we share links in there on the topics we're 
  discussing, you can control the voice channel so you can tell 
  what's going on, there's a voip-bot you can tell to mute you, 
  disconnect/alias you, tell it that you want to speak, if there 
  was a heated discussion we ask people to put themselves on a 
  speaking queue and we'll go through the order in the queue, very 
  useful if lots of people join
Manu Sporny:  You put yourself on the queue by saying "q+" and 
  take yourself off by saying "q-"

Topic: Use Case Review

Manu Sporny: 
Manu Sporny:  We had lots of orgs at Web Payments Workshop like 
  Bloomberg, Google, US Federal Reserve, AT&T, Telefonica, PCI 
  Security Standards Council, etc. A lot of companies there 
  outlining use cases around identity.
Manu Sporny:  The Web Payments CG has been refining these 
  identity use cases over the past couple of months, but is handing 
  the identity use cases over to this group to make sure this group 
  takes those use cases into account.
Manu Sporny:  Throwing that out there so if people didn't know 
  about those use cases they do now, and we'll need to add more use 
  cases around credentials in education and those sort sof things 
  in this group
Manu Sporny:  Any questions on the use cases?
No questions about use cases
Manu Sporny:  If there are no other comments or questions, we'll 
  go ahead and end the call now, the next call will not be next 
  week because a number of us will be at IGF talking about 
  credentials, policy, law all around this stuff, we'll post the 
  results of that to the credentials CG mailing list
Manu Sporny:  But the next call will be the week after that same 
  time and day, etc. (September 9th, 2014).
Manu Sporny:  Any other questions?
Sunny Lee: Thank you everyone!
None, lots of "thank you"s
Manu Sporny:  The sooner we get through this administrative 
  stuff, the sooner we can focus on the tech.
Received on Tuesday, 26 August 2014 18:47:52 UTC

This archive was generated by hypermail 2.4.0 : Thursday, 24 March 2022 20:24:38 UTC