Re: Credentials CG Telecon Minutes for 2015-11-03

+1 to Nate - heroic scribing!


=====
Matt Stone
501-291-1599


On Tue, Nov 3, 2015 at 11:59 AM, <msporny@digitalbazaar.com> wrote:

> Thanks to Nate Otto for scribing this week! The minutes
> for this week's Credentials CG telecon are now available:
>
> http://opencreds.org/minutes/2015-11-03/
>
> Full text of the discussion follows for W3C archival purposes.
> Audio from the meeting is available as well (link provided below).
>
> ----------------------------------------------------------------
> Credentials Community Group Telecon Minutes for 2015-11-03
>
> Agenda:
>
> https://lists.w3.org/Archives/Public/public-credentials/2015Nov/0001.html
> Topics:
>   1. Introductions to New Participants
>   2. Work Generated as a Result of W3C TPAC
>   3. WebDHT Spec Released
>   4. Reorganizing this group around new Task Force
> Organizer:
>   Manu Sporny
> Scribe:
>   Nate Otto
> Present:
>   Nate Otto, Manu Sporny, Greg Kidd, Alex Jackl, Chris Webber, Dave
>   Longley, Gregg Kellogg, Brian Sletten, Matt Stone, Stuart Sutton,
>   Sunny Lee, David I. Lehn, Richard Varn, Eric Korb, Rob Trainer
> Audio:
>   http://opencreds.org/minutes/2015-11-03/audio.ogg
>
> Nate Otto is scribing.
> Manu Sporny:  On the agenda today, an overview of what happened
>   at the Techncal Plenary last week. It went great.
> Manu Sporny:  We have released a decentralized hash table for the
>   web spec -- start the conversation on that technology
> Manu Sporny:  Also, reorganize the group around new tasks
> Manu Sporny:  And, new folks today: Greg and Alex - Introductions
>   to them at the beginning of the call
> Manu Sporny:  Any updates to the agenda or other items to add?
>   ....
> No updates
>
> Topic: Introductions to New Participants
>
> Greg Kidd:  I have a background in the payments world - Worked
>   for the Federal reserve board of governors that runs the check
>   clearing ACH system. Interested in identity. Interested in seeing
>   standards promulgated so that folks only need to create an
>   identity once and use it for distributed login to many systems.
> Manu Sporny:  Welcome to the group
> Alex Jackl:  I'm the CEO of Bardic Systems. We're a
>   Technology/Managemnt consultancy in education. Co chair of
>   experiential learning task force, and chair of the technical
>   board of the schools and interoperability standards. Interests in
>   making sure the work we're doing locally in credentialing is
>   synchronized with global work. (scribe note: Alex, could you type
>   the names of the orgs you mentioned, because I'm sure I wrote
>   them down wrong)
> Manu Sporny:  For new folks, one of the things we've been working
>   on in this group over the last year is trying to start official
>   working group at the W3C. We've been working on specs,
>   technology, use cases, vision, all that stuff for the last year.
> Alex Jackl: Bardic Systems, Inc. (bardicsystems.com) is my
>   company name... :-)
> Alex Jackl: PESC  http://www.pesc.org/interior.php?page_id=246
> Manu Sporny:  We had a little trouble with W3C management getting
>   on board with the initiative, so in order to convince them, we
>   went out to do a bunch of research about companies requirements.
>   We presented this information at TPAC in Sapporo Japan last week.
> Manu Sporny:  Specifically, we were presenting to two main
>   groups. 1) the Web Payments Interest Group -- Payments depends on
>   identity and credentialing pretty heavily. They're not taking on
>   this topic in phase 1 of their work but may do so in phase 2. 2)
>   The general W3C membership who are not in the Web Payments IG.
>   Includes many browser manufacturers and many other companies
>   participating in the W3C.
> Alex Jackl: Schools Interoperability Framework - specification
>   run by Access For Learning Consortium (formerly SIFA)  a4l.org
> Manu Sporny:  Rather than go through a blow-by-blow (we don't
>   have enough time to talk about all the hallway conversation about
>   identity and credentialing), I'll try to summarize the outcomes
> Manu Sporny:  The Web Payments IG has decided that there should
>   probably be a Credentialiing Task Force. The purpose of this
>   taskforce is to create a charter for an official Credentials WG
>   at the W3C.
> Manu Sporny:  This was more than we were asking for, so that's
>   good. The Web Payments IG feels we should incubate the WG within
>   the Web Payments IG with input from healthcare interests, and
>   other WPIG consituents, then put the charter developed up for a
>   vote
> Manu Sporny:  Also, because of the data we gathered, the W3C
>   management is on board, provided we can make the more reluctant
>   members happy. Now they are certainly convinced that the W3C
>   should do something about it, and are deferring to the Web
>   Payments IG to decide how to go forward to do the work
> Manu Sporny:  There were some concerns about how what we're doing
>   fit with OpenID Connect, OAuth, JOSE. Those interests raised some
>   questions that they feel MUST be answered before they would vote
>   in favor of creating a Credentials WG
> Manu Sporny:  Web Payments Interest Group appointed Manu to run
>   the proposed task force
> Manu Sporny:  The Technical Plenary day, we hosted an
>   unconference session to invite any member who was not in the Web
>   Payments work to also participate
> Manu Sporny:  Let me share an image. I want you to see who was in
>   the room
> A crowded room! (The Web Payments Interest Group)
> Manu Sporny:  To get support from a group this size is a big
>   deal. We only need 20 positive votes, and there were ~65 people
>   in the room. These people are already convinced they want to do
>   something around credentialing.
> Manu Sporny:  On Wed, the Technical Plenary day, we picked a
>   small room, because we hadn't done a lot of convassing group.
>   Could fit 14, but 35 showed up.
> Manu Sporny:  The chairs of the JOSE WG, OAuth WG, IETF Domain
>   Leads for Security/Identity&Privacy, a number of very large
>   browser manufacturers (which was interesting to see them
>   interested so early in the cycle)
> Manu Sporny:  There was a very healthy reception to the work. We
>   showed the same presentation to show the data that shows this
>   work is important
> Manu Sporny:  There were many who were frustrated that it's
>   taking this long to solve these problems. Reason: Everyone is
>   being a bit cautious this time around, because of so many
>   previous failed opportunities.
> Manu Sporny:  Really positive outcomes.
> Manu Sporny:  I did have a fairly in depth discussion with sir
>   Tim Berners-Lee, who was very interested in the ID/Credentialing
>   work as well as Linked Data Signatures. He has extended an
>   invitation for us to chat with some of the groups he works with.
>   Vint Cerf was also there. All were very supportive, mainly around
>   security and the Web & Linked Data, but were also supportive of
>   credentialing -- && see it as vital for the next generation of
>   the Internet
> Manu Sporny:  The other outcome of hallway discussion at TPAC:
>   There is a push to fast-track community group work at the W3C.
>   They're looking for CGs to take their work and fast-track it
>   through the W3C process. The Credentials CG is one group that was
>   identified as having a fast-trackable spec.
> Manu Sporny:  Criteria for fast trackable specs: multiple
>   implementations, tests, .... ID Credentials doesn't yet meet the
>   bar, but RDF signatures is a candidate
> Manu Sporny:  This was a firehose of information
> Manu Sporny:  Questions / concerns from the group?
> Manu Sporny:  There is an insane amount of work that the last
>   week generated.
> Manu Sporny:  We'll go through the to-do list for this group next
>   up.
> Alex Jackl:  Did you document the usage/needs research?
> Manu Sporny:  We polled 58 organizations and got 44 responses.
> Manu Sporny:  We asked each organization: What is your top use
>   case, and what features do you want to see out of the Credentials
>   work?
> Manu Sporny: Alex, here's the survey response data:
>
> https://lists.w3.org/Archives/Public/public-credentials/2015Oct/0016.html
> Nate Otto:  What do you feel about the timeline? How do tasks
>   line up with the calendar? [scribe assist by Manu Sporny]
> Manu Sporny:  There is clearly a desire.. Before TPAC, there was
>   pushback against moving quickly. Now there is a sense of urgency
>   to move quickly. Everyone is now pushing us to get done more
>   quickly than we have the people to do. We have far more work in
>   front of us than people to do the work.
> Manu Sporny:  Getting this WG spun up is pretty much on us at
>   this point. The faster we can get through the background work,
>   the faster it can start.
> Manu Sporny:  We need to get the Web Payments IG to finally
>   invite non IG participants into their group. One piece of
>   pushback from meeting: a couple members said we know
>   credentialiing is important outside of payments but we're here to
>   work on payments so we shouldn't include education and healthcare
>   angle. That got pushback, because folks felt technology should be
>   generic enough -- counter-argument to that is that without input
>   from healthcare & ed throughout entire process we might not make
>   something useful to those sectors. Also the sectors putting the
>   most money into this right now are healthcare and education with
>   financial sector lagging behind. We need to clarify to that group
>   so that this group's members can participate.
> Manu Sporny:  We will likely shift these Tuesday calls to become
>   the "Credentials Task Force calls"
> Manu Sporny:  The Task Force will focus on the things we've
>   already been focusing on in this group. It would now just be an
>   official W3C activity.
> Manu Sporny:  Near term, we need to get the task force stood up.
>   Then, get the draft charter work through. Then, write a whole
>   slew of supporting material: how we're different from prior
>   techs, go through all those arguments, answer all those
>   questions.
> Manu Sporny:  There were some very informed people who have
>   worked on this stuff over the last 15 years who were reluctant to
>   sign off on this. Brad Hill from Facebook (ex-Paypal, deeply
>   involved) felt we needed this documentation to be convincing to
>   the security community.
> Manu Sporny:  Bloomberg, PayPal concurs
> Manu Sporny:  Todo: document all the criticisms and written
>   answers to those criticisms.
> Chris Webber: Oh, I can probably make that!
> Manu Sporny:  Face to face in SF next Feb or Mar. It would be
>   smart for us to convince them to have a credentialing Face to
>   Face at beginning or end of that meeting.
> Manu Sporny:  Hopefully that meeting will be the final sign-off
>   on the charter before sending it for the official vote.
> Manu Sporny:  If we stick to that timeline, we will have an
>   operational WG by march/early april 2016.
> Manu Sporny:  The more work we get done on the technical specs
>   between now and then, the faster we can get started.
> Nate Otto:  Yes, have to do a lot of planning for BA over next
>   several months - need to make sure this lines up well with that.
>   [scribe assist by Manu Sporny]
> Manu Sporny:  Any other thoughts/ concerns about what happened
>   last week
> Dave Longley:  Just a general thought: "Great work Manu"
> Manu Sporny:  All the prep work we did over the last year really
>   paid off at TPAC. I don't want to make it sound like it was all
>   roses and unicorns and it was great, but all the criticisms that
>   were raised we had answers to. I think that helped convince
>   everyone that we were ready to go to the next stage.
> Manu Sporny:  Thanks to everyone, that work helped us make this
>   breakthrough at W3C.
> Manu Sporny:  Now let's review all this work that's in front of
>   us.
> Alex Jackl:  Could you talk more about the pushback and what
>   obstacles might show up along the way?
> Manu Sporny:  There are two basic levels that the pushback
>   occurred on. At the technical level; At the Political level
> Manu Sporny:  The technical pushback has to do with questions
>   around why we're not reusing some of the technology that exists
>   out there. For example JOSE, which tells you how you digitally
>   sign JSON data.
> Manu Sporny:  We use a different approach called Linked Data
>   Signatures. The JOSE group is asking us to defend why JOSE
>   doesn't work for what we're trying to do. I met with Richard
>   Barnes (sp) who's co-chair of JOSE group. His perspective: This
>   stuff isn't rocket science. You just have to make sure the
>   primitives you use are well tested. He'd be happier if we use the
>   JOSE stack (& threw out some ideas for how that might work). The
>   chairs of this work are very level headed.
> Manu Sporny:  The other side of that coin is -- we sat down for a
>   1-on-1 with Tim Berners Lee & his group at MIT AI Lab, lots of
>   future-looking web research. Tim felt the LD sigs work and
>   dataset normalization needs to be done as soon as possible. He's
>   been trying to get it done for close to a decade. dlongley has
>   been involved.
> Manu Sporny:  Tim had tried to address these problems a number of
>   years ago, along with many other researchers.
> Manu Sporny:  When it comes to the political stuff -- you can
>   tell who the orgs concerned about this work by noticing their
>   lack of presence in the room. e.g. in the Web Payments work, VISA
>   and MasterCard aren't there. There's a perception that there
>   isn't anything but downsides for them in the Web Payments work
>   (but not true!). Big social networks like G+, FB aren't involved
>   in identity work because it may disintermediate their place as
>   providers
> Manu Sporny:  The people who raise those points often try to
>   raise this in process or technical issues ("we should be using
>   IETF specs" ... )
> Manu Sporny:  Can you talk about the browser manufactures being
>   in the sessions
> Manu Sporny:  The pushback was in the minority, but some of those
>   players work for very large organizations, and we can't not
>   respond to this.
> Gregg Kellogg:  There was something you said about JSON-LD Patch
>   along with LD signatures work? That's part of the LD platform,
>   but curious why this was put together.
> Manu Sporny:  I had a hallway chat related -- there are a number
>   of specs associated with Linked Data that are languishing. Some
>   of these specs are failrly complete and ready to go. RDF
>   Normalization is an example of this. I have no familiarity with
>   LD Patch, but it was suggested that it is in this same ballpark.
>   The chances that another WG would be created around LD Patch are
>   very low -- there isn't enough desire to overcome the heavy
>   weight of the process. Some folks recommended putting specs that
>   are ready to go to Recommendation status into this working group
>   as well.
> Gregg Kellogg:  If we're doing that, JSON-LD Framing really needs
>   to be considered.
> Manu Sporny:  Concern: if we put in too many specs, this
>   lightweight process becomes a heaviweight process, and we might
>   lose the ability to fast-track other specs.
> Manu Sporny:  The process with these proposed fast track groups:
>   The first publication you do as an official WG is skip right to
>   the candidate Rec stage. WG lifespan is supposed to be a year,
>   because we're supposed to have the implementations.
> Manu Sporny:  The question is then, is LD Framing there? Is LD
>   Patch there? Some people wanted to put LD Signatures there, but I
>   have reservations.
> Manu Sporny:  If it looks like we're headed toward success after
>   6months, then there will be an opportunity to fast track other
>   things as well.
> Manu Sporny:  That's generally the thought process threre.
> Manu Sporny:  There is a desire to fast track something, to test
>   out the process.
> Manu Sporny:  We folks who have been working in this space for a
>   while, we tend to test out new processes. We're being asked to be
>   the guinea pig in this new fast track process.
> Gregg Kellogg:  I'd be willing to participate
> Manu Sporny:  Heads up... you might be called on to chair some
>   groups
> Manu Sporny:  That's where we are with the fast track work
>
> Topic: Work Generated as a Result of W3C TPAC
>
> Manu Sporny: https://github.com/opencreds/website/issues/14
> Manu Sporny:  Really quickly in 15min, let's go over the work we
>   have to do
> Manu Sporny:  Create proposal for Credentials Task Force in Web
>   Payments IG: need to do this this week.
> Manu Sporny:  Standards Implementation Foundation is moving
>   forward: a place to put money to pay people to write specs
> Manu Sporny:  In order to speed up process, we need to funnel
>   some money toward people doing this work. We have been asked to
>   put in place a board of directors, as well as create an advisory
>   committee
> Manu Sporny:  Board will be people who are not receiving money
>   from SIF and have demonstrated propensity to support the open
>   source implementation
> Manu Sporny:  Advisory Committee for Standards Implementation
>   Foundation also
> Manu Sporny:  We need to get the SIF spun up sooner rather than
>   later, because there is a lot of pressure to get things done over
>   the next few years
> Manu Sporny:  Start conversation on Creating proposal for Fast
>   Track Linked Data Platform WG (LD-Patch and RDF Dataset
>   Normalization) right away
> Manu Sporny:  Linked Data Key management spec needs to be
>   created, lots of specification work on this list
> Manu Sporny:  We need to make sure that Dataset Normalization
>   spec does what the existing implementations do
> Manu Sporny:  We need this to-do list pretty much done by the
>   beginning of January. This is an incredibly aggressive timeline.
>   If this work is slowed down, it will be our fault, not anybody
>   else's.
> Manu Sporny:  Any questions on the to-do list?
> Manu Sporny:  Please suggest additions to the to-do list if
>   something isn't on our radar
> Nate Otto:  That's a dangerous suggestion, manu!
> Alex Jackl:  Manu, are you the project manager for making sure
>   these tasks get done?
> Manu Sporny:  This group does not have a chair yet. I'm just
>   organizing temporarily until chairs are selected. stonemat_ and
>   Richard Varn have volunteered. I'd be happy to step away when
>   possible, but until then, I'm the point of contact.
>
> Topic: WebDHT Spec Released
>
> Manu Sporny: http://opencreds.org/specs/source/webdht/
> Manu Sporny:  One of the nice things about being trapped on an
>   airplane for 11+ hours is you can do some spec-writing.
> Manu Sporny:  I wrote down our current thinking for the Web DHT
>   spec
> Brian Sletten: False. There is nothing nice about 11+ hour plane
>   rides.
> Manu Sporny:  The credentialing work requires that you assign
>   credentials to a decentralized identifier, basically an
>   identifier that people own. Domain names are not good enough
>   (email addresses too) if you don't pay your yearly fees, etc. If
>   you end up on the wrong side of a trademark dispute, or
>   government watch list, your domains can be taken away.
> Manu Sporny:  If we're going to tie identifiers to someone, we
>   need to make sure they have control of their identifiers.
> Manu Sporny:  Other methods exist: NameCoin, IPFS; there are all
>   kinds of ways of doing this. The WebDHT method is a proposal
>   built on web technologies & has a better chance of getting
>   through the W3C process than others.
> Manu Sporny:  Some proposals in this group, like authorization.io
>   are built on WebDHT
> Manu Sporny:  That document is out there now - The Web Payments
>   IG is having a healthy discussion about this right now. Encourage
>   all to read it to understand some of the assumptions that WebDHT
>   is built on. It is completely uncertain when this may be taken to
>   standards track
> Manu Sporny:  So: that's WebDHT. Any questions?
>
> Topic: Reorganizing this group around new Task Force
>
> Manu Sporny:  We've been operating for quite some time as a
>   Community Group
> Manu Sporny:  This type of group has no official standing at W3C.
>   It's where most pre-standardization group at W3C is done. We have
>   been fairly successful, and now people want to move this to the
>   next stage.
> Manu Sporny:  Question: should we add a new parallel call for the
>   Task Force, or replace this call with the Task Force.
> Manu Sporny:  The idea is that everyone who is currently
>   participating will be able to continue to participate.
> Manu Sporny:  What are the feeling of the folks on the call?
> Dave Longley: +1 Replacement if CG members can join.
> Chris Webber: +1 To replacing
> Matt Stone:  Say for a minute if we added a second call, how
>   would agendas differ?
> Nate Otto: +1 To replacing the call
> Gregg Kellogg: +1 For replacing call
> Brian Sletten: +1
> Alex Jackl: +1 For replacing
> Stuart Sutton: +1
> Manu Sporny:  The big IF is with w3c membership. Typically
>   non-W3C members are not allowed to participate in IG meetings.
>   Manu will try to convince Web Payments IG chairs to invite
>   non-members in. There is a concern around patent/royalty
>   commitments.
> Manu Sporny:  Other paying members can get annoyed when they see
>   non-paying orgs participating in payment-only spaces.
> Manu Sporny:  It looks like the group agrees -- we'll propose
>   this in the Web Payments IG and see where that goes.
> Manu Sporny:  We'll definitely want to meet again next week
> Manu Sporny:  Anything else before we go?
> Chris Webber: Packed call!
> Chris Webber: But good coverage :)
> Alex Jackl: Glad to be participating... thank you
> Nate Otto:  Lots of people talking about Backpack and OpenBadges
>   - we may want to align that work with this work. [scribe assist
>   by Manu Sporny]
> Manu Sporny:  Congratulations to everyone on a victory well
>   earned
> Eric Korb: +1 To all
>
>
>
>
>

Received on Tuesday, 3 November 2015 19:37:19 UTC