- From: Stone, Matt <matt.stone@pearson.com>
- Date: Tue, 3 Nov 2015 12:36:43 -0700
- To: Credentials CG <public-credentials@w3.org>
- Message-ID: <CA+w1=RR6FbR3E0ZaOAjR7C0+9iV1BJ_ocWeS13hEJB_BJviPyQ@mail.gmail.com>
+1 to Nate - heroic scribing!
=====
Matt Stone
501-291-1599
On Tue, Nov 3, 2015 at 11:59 AM, <msporny@digitalbazaar.com> wrote:
> Thanks to Nate Otto for scribing this week! The minutes
> for this week's Credentials CG telecon are now available:
>
> http://opencreds.org/minutes/2015-11-03/
>
> Full text of the discussion follows for W3C archival purposes.
> Audio from the meeting is available as well (link provided below).
>
> ----------------------------------------------------------------
> Credentials Community Group Telecon Minutes for 2015-11-03
>
> Agenda:
>
> https://lists.w3.org/Archives/Public/public-credentials/2015Nov/0001.html
> Topics:
> 1. Introductions to New Participants
> 2. Work Generated as a Result of W3C TPAC
> 3. WebDHT Spec Released
> 4. Reorganizing this group around new Task Force
> Organizer:
> Manu Sporny
> Scribe:
> Nate Otto
> Present:
> Nate Otto, Manu Sporny, Greg Kidd, Alex Jackl, Chris Webber, Dave
> Longley, Gregg Kellogg, Brian Sletten, Matt Stone, Stuart Sutton,
> Sunny Lee, David I. Lehn, Richard Varn, Eric Korb, Rob Trainer
> Audio:
> http://opencreds.org/minutes/2015-11-03/audio.ogg
>
> Nate Otto is scribing.
> Manu Sporny: On the agenda today, an overview of what happened
> at the Techncal Plenary last week. It went great.
> Manu Sporny: We have released a decentralized hash table for the
> web spec -- start the conversation on that technology
> Manu Sporny: Also, reorganize the group around new tasks
> Manu Sporny: And, new folks today: Greg and Alex - Introductions
> to them at the beginning of the call
> Manu Sporny: Any updates to the agenda or other items to add?
> ....
> No updates
>
> Topic: Introductions to New Participants
>
> Greg Kidd: I have a background in the payments world - Worked
> for the Federal reserve board of governors that runs the check
> clearing ACH system. Interested in identity. Interested in seeing
> standards promulgated so that folks only need to create an
> identity once and use it for distributed login to many systems.
> Manu Sporny: Welcome to the group
> Alex Jackl: I'm the CEO of Bardic Systems. We're a
> Technology/Managemnt consultancy in education. Co chair of
> experiential learning task force, and chair of the technical
> board of the schools and interoperability standards. Interests in
> making sure the work we're doing locally in credentialing is
> synchronized with global work. (scribe note: Alex, could you type
> the names of the orgs you mentioned, because I'm sure I wrote
> them down wrong)
> Manu Sporny: For new folks, one of the things we've been working
> on in this group over the last year is trying to start official
> working group at the W3C. We've been working on specs,
> technology, use cases, vision, all that stuff for the last year.
> Alex Jackl: Bardic Systems, Inc. (bardicsystems.com) is my
> company name... :-)
> Alex Jackl: PESC http://www.pesc.org/interior.php?page_id=246
> Manu Sporny: We had a little trouble with W3C management getting
> on board with the initiative, so in order to convince them, we
> went out to do a bunch of research about companies requirements.
> We presented this information at TPAC in Sapporo Japan last week.
> Manu Sporny: Specifically, we were presenting to two main
> groups. 1) the Web Payments Interest Group -- Payments depends on
> identity and credentialing pretty heavily. They're not taking on
> this topic in phase 1 of their work but may do so in phase 2. 2)
> The general W3C membership who are not in the Web Payments IG.
> Includes many browser manufacturers and many other companies
> participating in the W3C.
> Alex Jackl: Schools Interoperability Framework - specification
> run by Access For Learning Consortium (formerly SIFA) a4l.org
> Manu Sporny: Rather than go through a blow-by-blow (we don't
> have enough time to talk about all the hallway conversation about
> identity and credentialing), I'll try to summarize the outcomes
> Manu Sporny: The Web Payments IG has decided that there should
> probably be a Credentialiing Task Force. The purpose of this
> taskforce is to create a charter for an official Credentials WG
> at the W3C.
> Manu Sporny: This was more than we were asking for, so that's
> good. The Web Payments IG feels we should incubate the WG within
> the Web Payments IG with input from healthcare interests, and
> other WPIG consituents, then put the charter developed up for a
> vote
> Manu Sporny: Also, because of the data we gathered, the W3C
> management is on board, provided we can make the more reluctant
> members happy. Now they are certainly convinced that the W3C
> should do something about it, and are deferring to the Web
> Payments IG to decide how to go forward to do the work
> Manu Sporny: There were some concerns about how what we're doing
> fit with OpenID Connect, OAuth, JOSE. Those interests raised some
> questions that they feel MUST be answered before they would vote
> in favor of creating a Credentials WG
> Manu Sporny: Web Payments Interest Group appointed Manu to run
> the proposed task force
> Manu Sporny: The Technical Plenary day, we hosted an
> unconference session to invite any member who was not in the Web
> Payments work to also participate
> Manu Sporny: Let me share an image. I want you to see who was in
> the room
> A crowded room! (The Web Payments Interest Group)
> Manu Sporny: To get support from a group this size is a big
> deal. We only need 20 positive votes, and there were ~65 people
> in the room. These people are already convinced they want to do
> something around credentialing.
> Manu Sporny: On Wed, the Technical Plenary day, we picked a
> small room, because we hadn't done a lot of convassing group.
> Could fit 14, but 35 showed up.
> Manu Sporny: The chairs of the JOSE WG, OAuth WG, IETF Domain
> Leads for Security/Identity&Privacy, a number of very large
> browser manufacturers (which was interesting to see them
> interested so early in the cycle)
> Manu Sporny: There was a very healthy reception to the work. We
> showed the same presentation to show the data that shows this
> work is important
> Manu Sporny: There were many who were frustrated that it's
> taking this long to solve these problems. Reason: Everyone is
> being a bit cautious this time around, because of so many
> previous failed opportunities.
> Manu Sporny: Really positive outcomes.
> Manu Sporny: I did have a fairly in depth discussion with sir
> Tim Berners-Lee, who was very interested in the ID/Credentialing
> work as well as Linked Data Signatures. He has extended an
> invitation for us to chat with some of the groups he works with.
> Vint Cerf was also there. All were very supportive, mainly around
> security and the Web & Linked Data, but were also supportive of
> credentialing -- && see it as vital for the next generation of
> the Internet
> Manu Sporny: The other outcome of hallway discussion at TPAC:
> There is a push to fast-track community group work at the W3C.
> They're looking for CGs to take their work and fast-track it
> through the W3C process. The Credentials CG is one group that was
> identified as having a fast-trackable spec.
> Manu Sporny: Criteria for fast trackable specs: multiple
> implementations, tests, .... ID Credentials doesn't yet meet the
> bar, but RDF signatures is a candidate
> Manu Sporny: This was a firehose of information
> Manu Sporny: Questions / concerns from the group?
> Manu Sporny: There is an insane amount of work that the last
> week generated.
> Manu Sporny: We'll go through the to-do list for this group next
> up.
> Alex Jackl: Did you document the usage/needs research?
> Manu Sporny: We polled 58 organizations and got 44 responses.
> Manu Sporny: We asked each organization: What is your top use
> case, and what features do you want to see out of the Credentials
> work?
> Manu Sporny: Alex, here's the survey response data:
>
> https://lists.w3.org/Archives/Public/public-credentials/2015Oct/0016.html
> Nate Otto: What do you feel about the timeline? How do tasks
> line up with the calendar? [scribe assist by Manu Sporny]
> Manu Sporny: There is clearly a desire.. Before TPAC, there was
> pushback against moving quickly. Now there is a sense of urgency
> to move quickly. Everyone is now pushing us to get done more
> quickly than we have the people to do. We have far more work in
> front of us than people to do the work.
> Manu Sporny: Getting this WG spun up is pretty much on us at
> this point. The faster we can get through the background work,
> the faster it can start.
> Manu Sporny: We need to get the Web Payments IG to finally
> invite non IG participants into their group. One piece of
> pushback from meeting: a couple members said we know
> credentialiing is important outside of payments but we're here to
> work on payments so we shouldn't include education and healthcare
> angle. That got pushback, because folks felt technology should be
> generic enough -- counter-argument to that is that without input
> from healthcare & ed throughout entire process we might not make
> something useful to those sectors. Also the sectors putting the
> most money into this right now are healthcare and education with
> financial sector lagging behind. We need to clarify to that group
> so that this group's members can participate.
> Manu Sporny: We will likely shift these Tuesday calls to become
> the "Credentials Task Force calls"
> Manu Sporny: The Task Force will focus on the things we've
> already been focusing on in this group. It would now just be an
> official W3C activity.
> Manu Sporny: Near term, we need to get the task force stood up.
> Then, get the draft charter work through. Then, write a whole
> slew of supporting material: how we're different from prior
> techs, go through all those arguments, answer all those
> questions.
> Manu Sporny: There were some very informed people who have
> worked on this stuff over the last 15 years who were reluctant to
> sign off on this. Brad Hill from Facebook (ex-Paypal, deeply
> involved) felt we needed this documentation to be convincing to
> the security community.
> Manu Sporny: Bloomberg, PayPal concurs
> Manu Sporny: Todo: document all the criticisms and written
> answers to those criticisms.
> Chris Webber: Oh, I can probably make that!
> Manu Sporny: Face to face in SF next Feb or Mar. It would be
> smart for us to convince them to have a credentialing Face to
> Face at beginning or end of that meeting.
> Manu Sporny: Hopefully that meeting will be the final sign-off
> on the charter before sending it for the official vote.
> Manu Sporny: If we stick to that timeline, we will have an
> operational WG by march/early april 2016.
> Manu Sporny: The more work we get done on the technical specs
> between now and then, the faster we can get started.
> Nate Otto: Yes, have to do a lot of planning for BA over next
> several months - need to make sure this lines up well with that.
> [scribe assist by Manu Sporny]
> Manu Sporny: Any other thoughts/ concerns about what happened
> last week
> Dave Longley: Just a general thought: "Great work Manu"
> Manu Sporny: All the prep work we did over the last year really
> paid off at TPAC. I don't want to make it sound like it was all
> roses and unicorns and it was great, but all the criticisms that
> were raised we had answers to. I think that helped convince
> everyone that we were ready to go to the next stage.
> Manu Sporny: Thanks to everyone, that work helped us make this
> breakthrough at W3C.
> Manu Sporny: Now let's review all this work that's in front of
> us.
> Alex Jackl: Could you talk more about the pushback and what
> obstacles might show up along the way?
> Manu Sporny: There are two basic levels that the pushback
> occurred on. At the technical level; At the Political level
> Manu Sporny: The technical pushback has to do with questions
> around why we're not reusing some of the technology that exists
> out there. For example JOSE, which tells you how you digitally
> sign JSON data.
> Manu Sporny: We use a different approach called Linked Data
> Signatures. The JOSE group is asking us to defend why JOSE
> doesn't work for what we're trying to do. I met with Richard
> Barnes (sp) who's co-chair of JOSE group. His perspective: This
> stuff isn't rocket science. You just have to make sure the
> primitives you use are well tested. He'd be happier if we use the
> JOSE stack (& threw out some ideas for how that might work). The
> chairs of this work are very level headed.
> Manu Sporny: The other side of that coin is -- we sat down for a
> 1-on-1 with Tim Berners Lee & his group at MIT AI Lab, lots of
> future-looking web research. Tim felt the LD sigs work and
> dataset normalization needs to be done as soon as possible. He's
> been trying to get it done for close to a decade. dlongley has
> been involved.
> Manu Sporny: Tim had tried to address these problems a number of
> years ago, along with many other researchers.
> Manu Sporny: When it comes to the political stuff -- you can
> tell who the orgs concerned about this work by noticing their
> lack of presence in the room. e.g. in the Web Payments work, VISA
> and MasterCard aren't there. There's a perception that there
> isn't anything but downsides for them in the Web Payments work
> (but not true!). Big social networks like G+, FB aren't involved
> in identity work because it may disintermediate their place as
> providers
> Manu Sporny: The people who raise those points often try to
> raise this in process or technical issues ("we should be using
> IETF specs" ... )
> Manu Sporny: Can you talk about the browser manufactures being
> in the sessions
> Manu Sporny: The pushback was in the minority, but some of those
> players work for very large organizations, and we can't not
> respond to this.
> Gregg Kellogg: There was something you said about JSON-LD Patch
> along with LD signatures work? That's part of the LD platform,
> but curious why this was put together.
> Manu Sporny: I had a hallway chat related -- there are a number
> of specs associated with Linked Data that are languishing. Some
> of these specs are failrly complete and ready to go. RDF
> Normalization is an example of this. I have no familiarity with
> LD Patch, but it was suggested that it is in this same ballpark.
> The chances that another WG would be created around LD Patch are
> very low -- there isn't enough desire to overcome the heavy
> weight of the process. Some folks recommended putting specs that
> are ready to go to Recommendation status into this working group
> as well.
> Gregg Kellogg: If we're doing that, JSON-LD Framing really needs
> to be considered.
> Manu Sporny: Concern: if we put in too many specs, this
> lightweight process becomes a heaviweight process, and we might
> lose the ability to fast-track other specs.
> Manu Sporny: The process with these proposed fast track groups:
> The first publication you do as an official WG is skip right to
> the candidate Rec stage. WG lifespan is supposed to be a year,
> because we're supposed to have the implementations.
> Manu Sporny: The question is then, is LD Framing there? Is LD
> Patch there? Some people wanted to put LD Signatures there, but I
> have reservations.
> Manu Sporny: If it looks like we're headed toward success after
> 6months, then there will be an opportunity to fast track other
> things as well.
> Manu Sporny: That's generally the thought process threre.
> Manu Sporny: There is a desire to fast track something, to test
> out the process.
> Manu Sporny: We folks who have been working in this space for a
> while, we tend to test out new processes. We're being asked to be
> the guinea pig in this new fast track process.
> Gregg Kellogg: I'd be willing to participate
> Manu Sporny: Heads up... you might be called on to chair some
> groups
> Manu Sporny: That's where we are with the fast track work
>
> Topic: Work Generated as a Result of W3C TPAC
>
> Manu Sporny: https://github.com/opencreds/website/issues/14
> Manu Sporny: Really quickly in 15min, let's go over the work we
> have to do
> Manu Sporny: Create proposal for Credentials Task Force in Web
> Payments IG: need to do this this week.
> Manu Sporny: Standards Implementation Foundation is moving
> forward: a place to put money to pay people to write specs
> Manu Sporny: In order to speed up process, we need to funnel
> some money toward people doing this work. We have been asked to
> put in place a board of directors, as well as create an advisory
> committee
> Manu Sporny: Board will be people who are not receiving money
> from SIF and have demonstrated propensity to support the open
> source implementation
> Manu Sporny: Advisory Committee for Standards Implementation
> Foundation also
> Manu Sporny: We need to get the SIF spun up sooner rather than
> later, because there is a lot of pressure to get things done over
> the next few years
> Manu Sporny: Start conversation on Creating proposal for Fast
> Track Linked Data Platform WG (LD-Patch and RDF Dataset
> Normalization) right away
> Manu Sporny: Linked Data Key management spec needs to be
> created, lots of specification work on this list
> Manu Sporny: We need to make sure that Dataset Normalization
> spec does what the existing implementations do
> Manu Sporny: We need this to-do list pretty much done by the
> beginning of January. This is an incredibly aggressive timeline.
> If this work is slowed down, it will be our fault, not anybody
> else's.
> Manu Sporny: Any questions on the to-do list?
> Manu Sporny: Please suggest additions to the to-do list if
> something isn't on our radar
> Nate Otto: That's a dangerous suggestion, manu!
> Alex Jackl: Manu, are you the project manager for making sure
> these tasks get done?
> Manu Sporny: This group does not have a chair yet. I'm just
> organizing temporarily until chairs are selected. stonemat_ and
> Richard Varn have volunteered. I'd be happy to step away when
> possible, but until then, I'm the point of contact.
>
> Topic: WebDHT Spec Released
>
> Manu Sporny: http://opencreds.org/specs/source/webdht/
> Manu Sporny: One of the nice things about being trapped on an
> airplane for 11+ hours is you can do some spec-writing.
> Manu Sporny: I wrote down our current thinking for the Web DHT
> spec
> Brian Sletten: False. There is nothing nice about 11+ hour plane
> rides.
> Manu Sporny: The credentialing work requires that you assign
> credentials to a decentralized identifier, basically an
> identifier that people own. Domain names are not good enough
> (email addresses too) if you don't pay your yearly fees, etc. If
> you end up on the wrong side of a trademark dispute, or
> government watch list, your domains can be taken away.
> Manu Sporny: If we're going to tie identifiers to someone, we
> need to make sure they have control of their identifiers.
> Manu Sporny: Other methods exist: NameCoin, IPFS; there are all
> kinds of ways of doing this. The WebDHT method is a proposal
> built on web technologies & has a better chance of getting
> through the W3C process than others.
> Manu Sporny: Some proposals in this group, like authorization.io
> are built on WebDHT
> Manu Sporny: That document is out there now - The Web Payments
> IG is having a healthy discussion about this right now. Encourage
> all to read it to understand some of the assumptions that WebDHT
> is built on. It is completely uncertain when this may be taken to
> standards track
> Manu Sporny: So: that's WebDHT. Any questions?
>
> Topic: Reorganizing this group around new Task Force
>
> Manu Sporny: We've been operating for quite some time as a
> Community Group
> Manu Sporny: This type of group has no official standing at W3C.
> It's where most pre-standardization group at W3C is done. We have
> been fairly successful, and now people want to move this to the
> next stage.
> Manu Sporny: Question: should we add a new parallel call for the
> Task Force, or replace this call with the Task Force.
> Manu Sporny: The idea is that everyone who is currently
> participating will be able to continue to participate.
> Manu Sporny: What are the feeling of the folks on the call?
> Dave Longley: +1 Replacement if CG members can join.
> Chris Webber: +1 To replacing
> Matt Stone: Say for a minute if we added a second call, how
> would agendas differ?
> Nate Otto: +1 To replacing the call
> Gregg Kellogg: +1 For replacing call
> Brian Sletten: +1
> Alex Jackl: +1 For replacing
> Stuart Sutton: +1
> Manu Sporny: The big IF is with w3c membership. Typically
> non-W3C members are not allowed to participate in IG meetings.
> Manu will try to convince Web Payments IG chairs to invite
> non-members in. There is a concern around patent/royalty
> commitments.
> Manu Sporny: Other paying members can get annoyed when they see
> non-paying orgs participating in payment-only spaces.
> Manu Sporny: It looks like the group agrees -- we'll propose
> this in the Web Payments IG and see where that goes.
> Manu Sporny: We'll definitely want to meet again next week
> Manu Sporny: Anything else before we go?
> Chris Webber: Packed call!
> Chris Webber: But good coverage :)
> Alex Jackl: Glad to be participating... thank you
> Nate Otto: Lots of people talking about Backpack and OpenBadges
> - we may want to align that work with this work. [scribe assist
> by Manu Sporny]
> Manu Sporny: Congratulations to everyone on a victory well
> earned
> Eric Korb: +1 To all
>
>
>
>
>
Received on Tuesday, 3 November 2015 19:37:19 UTC