Credentials CG Telecon Minutes for 2015-11-03

Thanks to Nate Otto for scribing this week! The minutes
for this week's Credentials CG telecon are now available:

http://opencreds.org/minutes/2015-11-03/

Full text of the discussion follows for W3C archival purposes.
Audio from the meeting is available as well (link provided below).

----------------------------------------------------------------
Credentials Community Group Telecon Minutes for 2015-11-03

Agenda:
  https://lists.w3.org/Archives/Public/public-credentials/2015Nov/0001.html
Topics:
  1. Introductions to New Participants
  2. Work Generated as a Result of W3C TPAC
  3. WebDHT Spec Released
  4. Reorganizing this group around new Task Force
Organizer:
  Manu Sporny
Scribe:
  Nate Otto
Present:
  Nate Otto, Manu Sporny, Greg Kidd, Alex Jackl, Chris Webber, Dave 
  Longley, Gregg Kellogg, Brian Sletten, Matt Stone, Stuart Sutton, 
  Sunny Lee, David I. Lehn, Richard Varn, Eric Korb, Rob Trainer
Audio:
  http://opencreds.org/minutes/2015-11-03/audio.ogg

Nate Otto is scribing.
Manu Sporny:  On the agenda today, an overview of what happened 
  at the Techncal Plenary last week. It went great.
Manu Sporny:  We have released a decentralized hash table for the 
  web spec -- start the conversation on that technology
Manu Sporny:  Also, reorganize the group around new tasks
Manu Sporny:  And, new folks today: Greg and Alex - Introductions 
  to them at the beginning of the call
Manu Sporny:  Any updates to the agenda or other items to add? 
  ....
No updates

Topic: Introductions to New Participants

Greg Kidd:  I have a background in the payments world - Worked 
  for the Federal reserve board of governors that runs the check 
  clearing ACH system. Interested in identity. Interested in seeing 
  standards promulgated so that folks only need to create an 
  identity once and use it for distributed login to many systems.
Manu Sporny:  Welcome to the group
Alex Jackl:  I'm the CEO of Bardic Systems. We're a 
  Technology/Managemnt consultancy in education. Co chair of 
  experiential learning task force, and chair of the technical 
  board of the schools and interoperability standards. Interests in 
  making sure the work we're doing locally in credentialing is 
  synchronized with global work. (scribe note: Alex, could you type 
  the names of the orgs you mentioned, because I'm sure I wrote 
  them down wrong)
Manu Sporny:  For new folks, one of the things we've been working 
  on in this group over the last year is trying to start official 
  working group at the W3C. We've been working on specs, 
  technology, use cases, vision, all that stuff for the last year.
Alex Jackl: Bardic Systems, Inc. (bardicsystems.com) is my 
  company name... :-)
Alex Jackl: PESC  http://www.pesc.org/interior.php?page_id=246
Manu Sporny:  We had a little trouble with W3C management getting 
  on board with the initiative, so in order to convince them, we 
  went out to do a bunch of research about companies requirements. 
  We presented this information at TPAC in Sapporo Japan last week.
Manu Sporny:  Specifically, we were presenting to two main 
  groups. 1) the Web Payments Interest Group -- Payments depends on 
  identity and credentialing pretty heavily. They're not taking on 
  this topic in phase 1 of their work but may do so in phase 2. 2) 
  The general W3C membership who are not in the Web Payments IG. 
  Includes many browser manufacturers and many other companies 
  participating in the W3C.
Alex Jackl: Schools Interoperability Framework - specification 
  run by Access For Learning Consortium (formerly SIFA)  a4l.org
Manu Sporny:  Rather than go through a blow-by-blow (we don't 
  have enough time to talk about all the hallway conversation about 
  identity and credentialing), I'll try to summarize the outcomes
Manu Sporny:  The Web Payments IG has decided that there should 
  probably be a Credentialiing Task Force. The purpose of this 
  taskforce is to create a charter for an official Credentials WG 
  at the W3C.
Manu Sporny:  This was more than we were asking for, so that's 
  good. The Web Payments IG feels we should incubate the WG within 
  the Web Payments IG with input from healthcare interests, and 
  other WPIG consituents, then put the charter developed up for a 
  vote
Manu Sporny:  Also, because of the data we gathered, the W3C 
  management is on board, provided we can make the more reluctant 
  members happy. Now they are certainly convinced that the W3C 
  should do something about it, and are deferring to the Web 
  Payments IG to decide how to go forward to do the work
Manu Sporny:  There were some concerns about how what we're doing 
  fit with OpenID Connect, OAuth, JOSE. Those interests raised some 
  questions that they feel MUST be answered before they would vote 
  in favor of creating a Credentials WG
Manu Sporny:  Web Payments Interest Group appointed Manu to run 
  the proposed task force
Manu Sporny:  The Technical Plenary day, we hosted an 
  unconference session to invite any member who was not in the Web 
  Payments work to also participate
Manu Sporny:  Let me share an image. I want you to see who was in 
  the room
A crowded room! (The Web Payments Interest Group)
Manu Sporny:  To get support from a group this size is a big 
  deal. We only need 20 positive votes, and there were ~65 people 
  in the room. These people are already convinced they want to do 
  something around credentialing.
Manu Sporny:  On Wed, the Technical Plenary day, we picked a 
  small room, because we hadn't done a lot of convassing group. 
  Could fit 14, but 35 showed up.
Manu Sporny:  The chairs of the JOSE WG, OAuth WG, IETF Domain 
  Leads for Security/Identity&Privacy, a number of very large 
  browser manufacturers (which was interesting to see them 
  interested so early in the cycle)
Manu Sporny:  There was a very healthy reception to the work. We 
  showed the same presentation to show the data that shows this 
  work is important
Manu Sporny:  There were many who were frustrated that it's 
  taking this long to solve these problems. Reason: Everyone is 
  being a bit cautious this time around, because of so many 
  previous failed opportunities.
Manu Sporny:  Really positive outcomes.
Manu Sporny:  I did have a fairly in depth discussion with sir 
  Tim Berners-Lee, who was very interested in the ID/Credentialing 
  work as well as Linked Data Signatures. He has extended an 
  invitation for us to chat with some of the groups he works with. 
  Vint Cerf was also there. All were very supportive, mainly around 
  security and the Web & Linked Data, but were also supportive of 
  credentialing -- && see it as vital for the next generation of 
  the Internet
Manu Sporny:  The other outcome of hallway discussion at TPAC: 
  There is a push to fast-track community group work at the W3C. 
  They're looking for CGs to take their work and fast-track it 
  through the W3C process. The Credentials CG is one group that was 
  identified as having a fast-trackable spec.
Manu Sporny:  Criteria for fast trackable specs: multiple 
  implementations, tests, .... ID Credentials doesn't yet meet the 
  bar, but RDF signatures is a candidate
Manu Sporny:  This was a firehose of information
Manu Sporny:  Questions / concerns from the group?
Manu Sporny:  There is an insane amount of work that the last 
  week generated.
Manu Sporny:  We'll go through the to-do list for this group next 
  up.
Alex Jackl:  Did you document the usage/needs research?
Manu Sporny:  We polled 58 organizations and got 44 responses.
Manu Sporny:  We asked each organization: What is your top use 
  case, and what features do you want to see out of the Credentials 
  work?
Manu Sporny: Alex, here's the survey response data: 
  https://lists.w3.org/Archives/Public/public-credentials/2015Oct/0016.html
Nate Otto:  What do you feel about the timeline? How do tasks 
  line up with the calendar? [scribe assist by Manu Sporny]
Manu Sporny:  There is clearly a desire.. Before TPAC, there was 
  pushback against moving quickly. Now there is a sense of urgency 
  to move quickly. Everyone is now pushing us to get done more 
  quickly than we have the people to do. We have far more work in 
  front of us than people to do the work.
Manu Sporny:  Getting this WG spun up is pretty much on us at 
  this point. The faster we can get through the background work, 
  the faster it can start.
Manu Sporny:  We need to get the Web Payments IG to finally 
  invite non IG participants into their group. One piece of 
  pushback from meeting: a couple members said we know 
  credentialiing is important outside of payments but we're here to 
  work on payments so we shouldn't include education and healthcare 
  angle. That got pushback, because folks felt technology should be 
  generic enough -- counter-argument to that is that without input 
  from healthcare & ed throughout entire process we might not make 
  something useful to those sectors. Also the sectors putting the 
  most money into this right now are healthcare and education with 
  financial sector lagging behind. We need to clarify to that group 
  so that this group's members can participate.
Manu Sporny:  We will likely shift these Tuesday calls to become 
  the "Credentials Task Force calls"
Manu Sporny:  The Task Force will focus on the things we've 
  already been focusing on in this group. It would now just be an 
  official W3C activity.
Manu Sporny:  Near term, we need to get the task force stood up. 
  Then, get the draft charter work through. Then, write a whole 
  slew of supporting material: how we're different from prior 
  techs, go through all those arguments, answer all those 
  questions.
Manu Sporny:  There were some very informed people who have 
  worked on this stuff over the last 15 years who were reluctant to 
  sign off on this. Brad Hill from Facebook (ex-Paypal, deeply 
  involved) felt we needed this documentation to be convincing to 
  the security community.
Manu Sporny:  Bloomberg, PayPal concurs
Manu Sporny:  Todo: document all the criticisms and written 
  answers to those criticisms.
Chris Webber: Oh, I can probably make that!
Manu Sporny:  Face to face in SF next Feb or Mar. It would be 
  smart for us to convince them to have a credentialing Face to 
  Face at beginning or end of that meeting.
Manu Sporny:  Hopefully that meeting will be the final sign-off 
  on the charter before sending it for the official vote.
Manu Sporny:  If we stick to that timeline, we will have an 
  operational WG by march/early april 2016.
Manu Sporny:  The more work we get done on the technical specs 
  between now and then, the faster we can get started.
Nate Otto:  Yes, have to do a lot of planning for BA over next 
  several months - need to make sure this lines up well with that. 
  [scribe assist by Manu Sporny]
Manu Sporny:  Any other thoughts/ concerns about what happened 
  last week
Dave Longley:  Just a general thought: "Great work Manu"
Manu Sporny:  All the prep work we did over the last year really 
  paid off at TPAC. I don't want to make it sound like it was all 
  roses and unicorns and it was great, but all the criticisms that 
  were raised we had answers to. I think that helped convince 
  everyone that we were ready to go to the next stage.
Manu Sporny:  Thanks to everyone, that work helped us make this 
  breakthrough at W3C.
Manu Sporny:  Now let's review all this work that's in front of 
  us.
Alex Jackl:  Could you talk more about the pushback and what 
  obstacles might show up along the way?
Manu Sporny:  There are two basic levels that the pushback 
  occurred on. At the technical level; At the Political level
Manu Sporny:  The technical pushback has to do with questions 
  around why we're not reusing some of the technology that exists 
  out there. For example JOSE, which tells you how you digitally 
  sign JSON data.
Manu Sporny:  We use a different approach called Linked Data 
  Signatures. The JOSE group is asking us to defend why JOSE 
  doesn't work for what we're trying to do. I met with Richard 
  Barnes (sp) who's co-chair of JOSE group. His perspective: This 
  stuff isn't rocket science. You just have to make sure the 
  primitives you use are well tested. He'd be happier if we use the 
  JOSE stack (& threw out some ideas for how that might work). The 
  chairs of this work are very level headed.
Manu Sporny:  The other side of that coin is -- we sat down for a 
  1-on-1 with Tim Berners Lee & his group at MIT AI Lab, lots of 
  future-looking web research. Tim felt the LD sigs work and 
  dataset normalization needs to be done as soon as possible. He's 
  been trying to get it done for close to a decade. dlongley has 
  been involved.
Manu Sporny:  Tim had tried to address these problems a number of 
  years ago, along with many other researchers.
Manu Sporny:  When it comes to the political stuff -- you can 
  tell who the orgs concerned about this work by noticing their 
  lack of presence in the room. e.g. in the Web Payments work, VISA 
  and MasterCard aren't there. There's a perception that there 
  isn't anything but downsides for them in the Web Payments work 
  (but not true!). Big social networks like G+, FB aren't involved 
  in identity work because it may disintermediate their place as 
  providers
Manu Sporny:  The people who raise those points often try to 
  raise this in process or technical issues ("we should be using 
  IETF specs" ... )
Manu Sporny:  Can you talk about the browser manufactures being 
  in the sessions
Manu Sporny:  The pushback was in the minority, but some of those 
  players work for very large organizations, and we can't not 
  respond to this.
Gregg Kellogg:  There was something you said about JSON-LD Patch 
  along with LD signatures work? That's part of the LD platform, 
  but curious why this was put together.
Manu Sporny:  I had a hallway chat related -- there are a number 
  of specs associated with Linked Data that are languishing. Some 
  of these specs are failrly complete and ready to go. RDF 
  Normalization is an example of this. I have no familiarity with 
  LD Patch, but it was suggested that it is in this same ballpark. 
  The chances that another WG would be created around LD Patch are 
  very low -- there isn't enough desire to overcome the heavy 
  weight of the process. Some folks recommended putting specs that 
  are ready to go to Recommendation status into this working group 
  as well.
Gregg Kellogg:  If we're doing that, JSON-LD Framing really needs 
  to be considered.
Manu Sporny:  Concern: if we put in too many specs, this 
  lightweight process becomes a heaviweight process, and we might 
  lose the ability to fast-track other specs.
Manu Sporny:  The process with these proposed fast track groups: 
  The first publication you do as an official WG is skip right to 
  the candidate Rec stage. WG lifespan is supposed to be a year, 
  because we're supposed to have the implementations.
Manu Sporny:  The question is then, is LD Framing there? Is LD 
  Patch there? Some people wanted to put LD Signatures there, but I 
  have reservations.
Manu Sporny:  If it looks like we're headed toward success after 
  6months, then there will be an opportunity to fast track other 
  things as well.
Manu Sporny:  That's generally the thought process threre.
Manu Sporny:  There is a desire to fast track something, to test 
  out the process.
Manu Sporny:  We folks who have been working in this space for a 
  while, we tend to test out new processes. We're being asked to be 
  the guinea pig in this new fast track process.
Gregg Kellogg:  I'd be willing to participate
Manu Sporny:  Heads up... you might be called on to chair some 
  groups
Manu Sporny:  That's where we are with the fast track work

Topic: Work Generated as a Result of W3C TPAC

Manu Sporny: https://github.com/opencreds/website/issues/14
Manu Sporny:  Really quickly in 15min, let's go over the work we 
  have to do
Manu Sporny:  Create proposal for Credentials Task Force in Web 
  Payments IG: need to do this this week.
Manu Sporny:  Standards Implementation Foundation is moving 
  forward: a place to put money to pay people to write specs
Manu Sporny:  In order to speed up process, we need to funnel 
  some money toward people doing this work. We have been asked to 
  put in place a board of directors, as well as create an advisory 
  committee
Manu Sporny:  Board will be people who are not receiving money 
  from SIF and have demonstrated propensity to support the open 
  source implementation
Manu Sporny:  Advisory Committee for Standards Implementation 
  Foundation also
Manu Sporny:  We need to get the SIF spun up sooner rather than 
  later, because there is a lot of pressure to get things done over 
  the next few years
Manu Sporny:  Start conversation on Creating proposal for Fast 
  Track Linked Data Platform WG (LD-Patch and RDF Dataset 
  Normalization) right away
Manu Sporny:  Linked Data Key management spec needs to be 
  created, lots of specification work on this list
Manu Sporny:  We need to make sure that Dataset Normalization 
  spec does what the existing implementations do
Manu Sporny:  We need this to-do list pretty much done by the 
  beginning of January. This is an incredibly aggressive timeline. 
  If this work is slowed down, it will be our fault, not anybody 
  else's.
Manu Sporny:  Any questions on the to-do list?
Manu Sporny:  Please suggest additions to the to-do list if 
  something isn't on our radar
Nate Otto:  That's a dangerous suggestion, manu!
Alex Jackl:  Manu, are you the project manager for making sure 
  these tasks get done?
Manu Sporny:  This group does not have a chair yet. I'm just 
  organizing temporarily until chairs are selected. stonemat_ and 
  Richard Varn have volunteered. I'd be happy to step away when 
  possible, but until then, I'm the point of contact.

Topic: WebDHT Spec Released

Manu Sporny: http://opencreds.org/specs/source/webdht/
Manu Sporny:  One of the nice things about being trapped on an 
  airplane for 11+ hours is you can do some spec-writing.
Manu Sporny:  I wrote down our current thinking for the Web DHT 
  spec
Brian Sletten: False. There is nothing nice about 11+ hour plane 
  rides.
Manu Sporny:  The credentialing work requires that you assign 
  credentials to a decentralized identifier, basically an 
  identifier that people own. Domain names are not good enough 
  (email addresses too) if you don't pay your yearly fees, etc. If 
  you end up on the wrong side of a trademark dispute, or 
  government watch list, your domains can be taken away.
Manu Sporny:  If we're going to tie identifiers to someone, we 
  need to make sure they have control of their identifiers.
Manu Sporny:  Other methods exist: NameCoin, IPFS; there are all 
  kinds of ways of doing this. The WebDHT method is a proposal 
  built on web technologies & has a better chance of getting 
  through the W3C process than others.
Manu Sporny:  Some proposals in this group, like authorization.io 
  are built on WebDHT
Manu Sporny:  That document is out there now - The Web Payments 
  IG is having a healthy discussion about this right now. Encourage 
  all to read it to understand some of the assumptions that WebDHT 
  is built on. It is completely uncertain when this may be taken to 
  standards track
Manu Sporny:  So: that's WebDHT. Any questions?

Topic: Reorganizing this group around new Task Force

Manu Sporny:  We've been operating for quite some time as a 
  Community Group
Manu Sporny:  This type of group has no official standing at W3C. 
  It's where most pre-standardization group at W3C is done. We have 
  been fairly successful, and now people want to move this to the 
  next stage.
Manu Sporny:  Question: should we add a new parallel call for the 
  Task Force, or replace this call with the Task Force.
Manu Sporny:  The idea is that everyone who is currently 
  participating will be able to continue to participate.
Manu Sporny:  What are the feeling of the folks on the call?
Dave Longley: +1 Replacement if CG members can join.
Chris Webber: +1 To replacing
Matt Stone:  Say for a minute if we added a second call, how 
  would agendas differ?
Nate Otto: +1 To replacing the call
Gregg Kellogg: +1 For replacing call
Brian Sletten: +1
Alex Jackl: +1 For replacing
Stuart Sutton: +1
Manu Sporny:  The big IF is with w3c membership. Typically 
  non-W3C members are not allowed to participate in IG meetings. 
  Manu will try to convince Web Payments IG chairs to invite 
  non-members in. There is a concern around patent/royalty 
  commitments.
Manu Sporny:  Other paying members can get annoyed when they see 
  non-paying orgs participating in payment-only spaces.
Manu Sporny:  It looks like the group agrees -- we'll propose 
  this in the Web Payments IG and see where that goes.
Manu Sporny:  We'll definitely want to meet again next week
Manu Sporny:  Anything else before we go?
Chris Webber: Packed call!
Chris Webber: But good coverage :)
Alex Jackl: Glad to be participating... thank you
Nate Otto:  Lots of people talking about Backpack and OpenBadges 
  - we may want to align that work with this work. [scribe assist 
  by Manu Sporny]
Manu Sporny:  Congratulations to everyone on a victory well 
  earned
Eric Korb: +1 To all

Received on Tuesday, 3 November 2015 18:59:45 UTC