Credentials CG Telecon Minutes for 2015-10-20

Thanks to Manu Sporny and Matt Stone and Dave Longley for scribing this week! The minutes
for this week's Credentials CG telecon are now available:

http://opencreds.org/minutes/2015-10-20/

Full text of the discussion follows for W3C archival purposes.
Audio from the meeting is available as well (link provided below).

----------------------------------------------------------------
Credentials Community Group Telecon Minutes for 2015-10-20

Agenda:
  https://lists.w3.org/Archives/Public/public-credentials/2015Oct/0017.html
Topics:
  1. W3C TPAC Credentials Presentation
  2. Introduction to Rebecca Simmons
  3. Introduction to Deb Everhart
  4. Linked Data Signatures Update
  5. HTTP Signatures Update
Organizer:
  Manu Sporny
Scribe:
  Manu Sporny and Matt Stone and Dave Longley
Present:
  Manu Sporny, Matt Stone, John Tibbetts, Deb Everhart, Eric Korb, 
  Nate Otto, Rebecca Simmons, Dave Longley, Sunny Lee, Annie 
  Janssen, Stuart Sutton, Rob Trainer, Brian Sletten, David I. Lehn
Audio:
  http://opencreds.org/minutes/2015-10-20/audio.ogg

Manu Sporny is scribing.
Manu Sporny:  Any changes to agenda?
Matt Stone is scribing.

Topic: W3C TPAC Credentials Presentation

Manu Sporny: Presentation for Wednesday is here: 
  https://docs.google.com/presentation/d/1644G7jJZbUTpyEGALWj6t4m5kJc-bt90QCfRmW5IRuk/edit?usp=sharing
Manu Sporny:  TPAC is a venue for many W3C working groups.  Many 
  people are interested in learning about new groups
Manu Sporny:  Web payments on mon/tues - presentation on 
  Wednesday will focus on gov't, health care, etc.
Manu Sporny:  44 Companies responding, many large, interested in 
  identity credentials work.  Gathering evidence to convince W3C to 
  promote this effort to a "Working Group"
Manu Sporny:  Trying to get language right.
Manu Sporny:  Break slide 2 into a couple slides - too much text 
  here.
Slide 3: shows substantial progress to date by CG
Slide 4: pivot to industry survey: inventory of 
  business/commercial use cases, also indicating gaps in current 
  capabilities.
Manu Sporny:  Stonematt: maybe define "KYC" for non-financial 
  vendors
Slide 7-9: more detail from survey
John Tibbetts:  Leave order as is on slide 7 - represents a 
  "lifecycle" order rather than order by preference as stonematt 
  suggested
All agreed
Deb Everhart: Why aren't  holders a stakeholder in the ecosystem?
Slide 10: quick inventory of ecosystem
Deb Everhart: Any data about whether methods are meeting holders' 
  needs?
Holder example: medical professional, laywers, licensed 
  professionals,
Matt Stone:  Are the holders the customer or the product?
Deb Everhart: Thanks for including holders- in my arena, 
  students, the holder is the key stakeholder
Matt Stone:  When issuers are operating - holders are the 
  product? [scribe assist by Manu Sporny]
Manu Sporny:  That's one way to look at it - another is that 
  holders get to hold their own product (themselves) in a vault. 
  [scribe assist by Manu Sporny]
Eric Korb: Holders are entities?
Matt Stone:  Holders are customers - but they do get lost in the 
  mix. [scribe assist by Manu Sporny]
Slide 11: shows interest form organizations aren't members yet. - 
  the member pie gets bigger
Slide 12: call to action.
Nate Otto: A very rapid workshop after a meeting would be good, 
  or a face to face early next year. I would commit to attending.
Dave Longley: +1 To fast tracking as much as possible
Dave Longley: +1 To WG asap.
Nate Otto: +1 Would like a Working Group around these problems 
  and solutions
John Tibbetts: +1 To WG
Eric Korb: +1 To WG
Manu Sporny:  Wait, are people pushing for a WG or an IG?
Eric Korb: EK wants to Push!
Manu Sporny:  IG is an "easy sell" - they don't do the technical 
  work.  our CG has been pretty similar to IG, but IG will 
  introduce W3C approval process
Manu Sporny:  IG starts to narrow the scope, WG are very focused 
  on the technical problem/solution

Topic: Introduction to Rebecca Simmons

Manu Sporny is scribing.
Rebecca Simmons:  I work out of NYC - I work in payments, 
  represent banks, financial institutions  (clearing and 
  settlement) as a lawyer at Sullivan and Cromwell.
Rebecca Simmons:  Getting involved in virtual currencies - met 
  Manu at Chicago Payment conference - this is interesting - and 
  where things are moving.
Rebecca Simmons:  I worked on regulatory front for Identrust
Rebecca Simmons:  I have an extensive background in commercial 
  law - working on UCC (Universal Commercial Code)
Rebecca Simmons:  We're trying to figure out how to adjust law to 
  meet new tech needs and vice versa.

Topic: Introduction to Deb Everhart

Deb Everhart:  I'm Deb Everhart (@ariadne4444) - formerly at 
  Blackboard - academic and learning credentials - which is 
  exploding right now - working on several working groups and 
  research projects. I chaired the endorsement working group in 
  badge alliance.

Topic: Linked Data Signatures Update

Dave Longley: 
  https://web-payments.org/specs/source/ld-signatures/
Dave Longley:  This is the most recent update to the Linked Data 
  Signatures spec - this update was primarily about two things - 
  first thing was getting this specification in shape so we can 
  remove things that are unnecessary and move them to other specs.
Dave Longley:  Removing stuff in the spec that didn't have to do 
  with signatures - update spec to use new normalization algorithm 
  - that spec has also been updated.
Dave Longley:  With credentials that we're creating - we need to 
  be able to sign credentials and compose identities - composing 
  identity means being able to select credentials that specify 
  attributes about an identity.
Dave Longley:  It's not a complete view about the identity, just 
  specific attributes - once you have composed identity, you need 
  to be able to sign it before you hand it over to someone.
Dave Longley:  Being able to do that requires new normalization 
  and signature algorithms - this spec was updated reccently to use 
  this new algorithm and remove bits of the spec that don't need to 
  be in there. This is for more technically minded people - if you 
  have questions about signatures for credentials - we need to 
  address issues in the spec.
Dave Longley:  We need to work on algorithm agility, as crypto 
  changes over time we can update easily, etc. we have issues in 
  there noting these items. This spec is much simpler/shorter than 
  it used to be.

Topic: HTTP Signatures Update

Dave Longley is scribing.
Manu Sporny: 
  https://tools.ietf.org/html/draft-cavage-http-signatures-05
Manu Sporny:  The HTTP Signatures spec has been updated as well. 
  These are the nuts and bolts that make the credentials ecosystem 
  work. The Linked Data Signatures spec is fairly high-level and is 
  in the W3C domain, and the HTTP signatures spec is low-level and 
  in the IETF domain. So we use the HTTP Signatures spec to let 
  software running on your behalf do certain things.
Manu Sporny:  For example, searching for jobs, applying for new 
  positions, ordering medication you need, we expect software to be 
  able to do that and we use the HTTP signatures spec for that. 
  It's been in development for ~4 years it's been stabilizing over 
  the last 2 years. Henry Story from the Social Web WG is working 
  on an implementation of the HTTP Signatures spec, Joyent has one 
  in use already.
Manu Sporny:  There aren't any real updates to the spec other 
  than updating the author information and draft expiration date.
Manu Sporny:  Next week is W3C TPAC, we're canceling calls for 
  that. But we'll have calls the following week with a lot to 
  discuss.
Manu Sporny:  So no call next week.
John Tibbetts:  Send out an email with results so we don't have 
  to wait so long? :)
Manu Sporny:  Ok.

Received on Tuesday, 20 October 2015 16:42:48 UTC