- From: Kaliya IDwoman <kaliya-id@identitywoman.net>
- Date: Tue, 29 Mar 2016 16:40:53 -0700
- To: msporny@digitalbazaar.com
- Cc: Web Payments IG <public-webpayments-ig@w3.org>, Credentials CG <public-credentials@w3.org>
- Message-ID: <CA+z9oKCFy7aCOryM8NsiWh7pWuzLjQUV4KOXpJ3aqSWYZgPwhA@mail.gmail.com>
Hi folks, You don't know me...but you might have heard of me..I'm Identity Woman. I have watched many many identity efforts arise and fall in the last 12 years I am a bit surprised to hear OpenID Connect and SAML as failures in the space - they actually work and are widely adopted. They provide ways to exchange various types of information about people between different business entities. The problem you are seeking to solve is not an easy one to solve and there have been many, many different attempts. There are some interesting ongoing efforts that are different but related such as the Trust Elevation TC at OASIS. I think it would be VERY VERY VERY advisable to have a few of the most active and most keen members of this committee come out to the Internet Identity Workshop April 26-28 in Mountain View to float what you are thinking about doing and get substantive meaningful input from the community of people who have worked in this problem space...some of them for 20+ years and within the IIW for 11 years. So there is a huge brain trust to draw on. If the ticket to get into to IIW is to expensive ... I will be happy to work with those who want to come on getting discount codes to make it doable...for who ever wants to attend. http://www.internetidentityworkshop.com I strongly suggest that believing you can solve "it" whatever you define as that without tapping the community knowledge pool at IIW is a fools errand. Regards, - Kaliya On Tue, Mar 29, 2016 at 11:32 AM, <msporny@digitalbazaar.com> wrote: > Thanks to Gregg Kellogg for scribing this week! The minutes > for this week's Verifiable Claims telecon are now available: > > http://w3c.github.io/vctf/meetings/2016-03-29/ > > Full text of the discussion follows for W3C archival purposes. > Audio from the meeting is available as well (link provided below). > > ---------------------------------------------------------------- > Verifiable Claims Telecon Minutes for 2016-03-29 > > Agenda: > > https://lists.w3.org/Archives/Public/public-webpayments-ig/2016Mar/0059.html > Topics: > 1. Introduction to Todd Albers > 2. W3C Advisory Committee Summary > 3. Next Steps (in the next 4-6 weeks) > 4. Spec Ops > Action Items: > 1. Manu to contact interviewees and survey respondents with > charter and use cases and questionnaire. > 2. Shane to update use cases to make them broader than payments > (based on feedback at W3C AC Meeting) > 3. Matt Stone to review use cases. > 4. Richard Varn to review use cases. > 5. Eric Korb to review use cases. > 6. Carla Casilli to review use cases. > 7. Todd Albers to review use cases. > Organizer: > Manu Sporny > Scribe: > Gregg Kellogg > Present: > Gregg Kellogg, Manu Sporny, Todd Albers, Shane McCarron, Carla > Casilli, Richard Varn, Dave Longley, Matt Stone, David I. Lehn, > Daniel C. Burnett, Rob Trainer, Andy Dale, Colleen Kennedy > Audio: > http://w3c.github.io/vctf/meetings/2016-03-29/audio.ogg > > Gregg Kellogg is scribing. > Manu Sporny: Talking about W3C meeting and SpecOps. > > Topic: Introduction to Todd Albers > > Todd Albers: I’m Todd Albers, work for US Federal Reserve Bank. > I’m interested in the different use cases as it relates to > credentials. > … My background is in web apps and have worked in SaaS with > credit cards. > > Topic: W3C Advisory Committee Summary > > Manu Sporny: We started circulating a draft charter for VCWG. We > tried to paint a picture of what the WG would look like based on > 42 respnoses to survey, and the 12+ people we interviewed around > the charter. > Manu Sporny: > http://w3c.github.io/webpayments-ig/VCTF/charter/vcwg-draft.html > … We also showed use cases. > Manu Sporny: http://w3c.github.io/webpayments-ig/VCTF/use-cases/ > … We focused primarily around credentials uses for payments. > Initial feedback is that they would like to see it broader (e.g., > Healthcare and Education). The discussions last week at the > Advisory Committee reinforced that. > … We did a number of interviews to see what they thought about > the work. A number of respondents were very cautious, due to > previous failures in the space (OpenID Connect, SAML, …). > … There was some pushback questioning why this work was > different. We were able to sit down with them (Dan Applequist). > He’d like to see more general language at the beginning of the > doc to make it clear what problem we’re trying to solve. > … We spoke with the AC Rep from Apple (David Singer) who was > also cautious. > … We also spoke with Harry Halpin, who has been most strongly > opposed to the work. We indicated that the charter was modified > due to his input. He thought this was a positive step, but had > not reviewed the charter. He raised an issue on our claim of > consensus to create a charter. I went through the list of people, > and he had no response to that. (He’d like to see the list). > … We brought up VC, and I didn’t hear any strong objection to > the work. There are upwards of 400 members, and we would need to > respond if we get any formal objections. > Shane McCarron: I didn’t hear anything negative. I did hear was > intereset from quarters I hadn’t expected, where there are uses > we hadn’t expected. > Manu Sporny: Web Annotations would like something like this to > not who author is, also RIAA and MPAA for noting artists and > royalties. > … All in all, it was really good; it didn’t seem like anyone > was surprized or came out of left field. We talked with W3CM > (Jeff Jaffe) who wanted to see how it was going, and to see who > would be Staff contact for this work. > … I mentioned that gkellogg is a front-runner as far as being a > staff contact, but we need to find funding, but others may come > up too. > Carla Casilli: Feels like a good time to say Yay! > > Topic: Next Steps (in the next 4-6 weeks) > > Manu Sporny: It’s up to us now, and there doesn’t seem to be > anyone standing in the way. We could bring it in front of the W3C > Membership for a formal vote sooner or later. We need to be sure > it’s structured to have a very good chance of success. What comes > next is getting people who are going to show up every week, > engage, and get the hard work done over the next 2 years. > Shane McCarron: We did say we would circle back with the > interviewees. Has that been done? > … We’re going to ask people for committments, show up, join > W3C, etc. If we don’t get at least 20 W3C members voting for it, > and at least 15 people who show up regularly. Good news is that > we’ve had that engagement so far, but people need to commit to > join the W3C. > … We need to hire a W3C Fellow, make test suites, and so forth, > and that takes money. We’re at the point where it needs funding > for us to start. If we start without that in place, the work > could falter. > … We haven’t yet circled back with interviewees, and survey > respondents this week. There’s a question of if we should create > a committment questionaire. > Richard Varn: Can you summarize the to dos? > Shane McCarron: We said we would formally circle back. > Carla Casilli: What's the minimum number of required > participants? > Manu Sporny: You missed that, we haven’t yet done that and need > to do it this week. I’m wondering if we should have a > questionaire to see if people would participate, object or > something else. > Manu Sporny: Richard asked about ToDo’s. The first thing is to > notify interviewees that we have a charter and want to forge > ahead. Do they see any issues. Then we need to get back with > Survey respondents (23 or so). > Richard Varn: Don't forget Lumina > Manu Sporny: Then we need to push key organizations for informal > reviews of the charter (Bloomberg, Fed Reserve, B&M Gates > Foundations, EMS, Pearson, …) need to get them on the record. > … The faster we get to 20 commitments, the better, but we > should shoot for 50 organizations supporting the work. > … It takes 20-25 yes votes to start. There must be at least 10 > participants on each call. > Carla Casilli: Great, thanks. > Manu Sporny: Those are low bars. The Web Payments IG has 47 > organizations and 112 participants; I’d like to do at least as > well. > … Once we get to that point, the charter will go up for formal > review. There’s 1-2 months for review and voting. W3C will review > votes and handle objections, and hopefully, we’ll have a WG after > that. Timeline is still end of July to start the WG. > Richard Varn: Are we reasonably sure the vested interests and > browser makers will not object? > Manu Sporny: We don’t see any objections on the horizon. > Richard Varn: Cool > Manu Sporny: We’re predicting 18-24 months to do the work. We > could do in 12 months if everything goes according to plan (but > it never does). > … We’re releasing a blog post about our experiences with the > Web Payments group so far: things have not gone well, at least > when it came to our group creating a bunch of specs and putting > it into a WG. We tried to get browser vendors on board, but bad > things happened. > Richard Varn: Understood > Dave Longley: But hopefully a lot will be mitigated by starting > small > … Even though we’ve asked and giving notification, and we’re > not doing protocol, which they care about, there are no > guarantees. The WPIG is an example of how things can fall apart. > That’s one of the biggest concerns we have, how to mitigate risks > of powerful groups coming in and disrupting the process. > Dave Longley: Some of that vision will have started to actualize, > so it can be seen/understood by new players more easily. > Dave Longley: If we have implementations out there. > … As dlongley says, starting small and getting deployments is > key. Having deployments in an industry before it comes into W3C > is a good thing, as it validates the vision, and shows that it > can’t be easily moved. Its a risk we need to understand > > ACTION: Manu to contact interviewees and survey respondents with > charter and use cases and questionnaire. > > > ACTION: Shane to update use cases to make them broader than > payments (based on feedback at W3C AC Meeting) > > Manu Sporny: I’ll also create the survey and put it out to the > group. > Shane McCarron: +1 To reviewing the use case document > … We need to take a closer look at the use cases document to > make sure everyone understands it. Particularly as people think > it’s too focused on payments. > Shane McCarron: I would also like to start (again) working on the > extended use cases > > ACTION: Matt Stone to review use cases. > > > ACTION: Richard Varn to review use cases. > > > ACTION: Eric Korb to review use cases. > > Shane McCarron: We talked about an extended use-case document > (the “vision” thing). Where should it live, in CG or as adjunct > document within VCTF?) > Manu Sporny: I’d suggest in CG for now. I’m concerned about > handing a document over to a group that won’t tend to it long > term. > Matt Stone: I was going to ask where we are going to manage > other workspaces and have a sand-box to flesh it out. Do we have > a vision for how to bring in other industries? We could add > example uses cases for each flow in each industry. > Manu Sporny: We don’t have anything solid in mind right now. > Just repeating the use case for each industry isn’t useful, but > spreading around the use case descriptions among 5-6 industries > would be useful. > Matt Stone: Would it make sense to have a meta-use case to show > creating, issuing, verifying across different use cases? > Carla Casilli: What's the timeframe for review and editing? > Manu Sporny: I think the editors have worked on some of these > already. You might point out flows which are missing. Adding 2-3 > more flows would be useful. > Carla Casilli: Okay, just wanted to know if it was by 12pm ET. ;) > > ACTION: Carla Casilli to review use cases. > > … Realistically, we need another month to do this work. But, > really ASAP. Reviews should be in by the end of this week so we > can review it. > Todd Albers: I can help with the review as well > > ACTION: Todd Albers to review use cases. > > Manu Sporny: Shanem and other editors are in charge of getting > use cases cross-industrty. > … Next week, we’ll try and see how we’re doing with > commitments; we’re going to need everyone’s help to get > commitments for this work. > … Then we need to be sure the work is well-funded, so we don’t > languish. > > Topic: Spec Ops > > Matt Stone: This is the first W3C I’ve participated in so > actively. You’ve mentioned funding; can you briefly tell us how > that works? > Manu Sporny: We’re doing something a bit different than the way > W3C groups typically run. VC and Credentials is a “charged” > topic; there have been failures in the past and people are > nervous about it. We’ve done a good job in making something > achievable. > … Typically, you create a charter, and companies join. But, > when the work starts, they typically send people to do the work > that are stretched too thin. A number of WG’s I’ve participating > in, the vast amount of work is done by Volunteers (Invited > Experts). This is a skill that people acquire over years, which > can slow down the work. > … The question is, do we depend on companies to do the work, or > do we hire people to support us through the process, that’s what > Spec Ops is about (Specification Operations). It was set up to > accellerate the process of doing standards work, so we don’t hit > the typical snags. > … We need folks like ShaneM, he’s the projects manager at > SpecOps; same with Gregg and Dan. It’s highly unlikelly that W3C > will staff the work. > … We don’t have a good response, as no current W3C staff member > has jumped at it; a failed effort reflects badly on the staff, > and noone has an appitite for the work, and they’re swamped. > We’re going to have to bring in someone from the outside. > … A company can fund a “W3C Fellow” to do such work. A number > of us have been through this process before, which helps us out. > Shane McCarron: It’s also not clear to me who at W3C would staff > this; picking a Fellow to staff is probably the best way to make > it happen. I don’t want anyone to think that SpecOps is > strong-arming the group to go in a particular direction. > … We’re not saying you need to buy a standard, but work like > this needs dedicated people doing the work. There’s a lot of > cross-group coordination needed, which is something the staff > contact makes happen. SpecOps is about finding such experts and > getting them into the work. > Shane McCarron: https://spec-ops.io > Matt Stone: Is it fair to thing about SpecOps as staff > augmentation for W3C? > Manu Sporny: Yes. To be clear, this is not about paying SpecOps > to get the standard through the door, but there is stuff that > needs to be done that large organizations don’t know how to do. > This causes the standard to slow or stop. > … If a number of organizations join and staff with good > technologists, that’s great! (This rarely happens). Because of > the high risk of people pointing to this and saying “I told you > so”, I’m particularly concerned. > … If it starts out and it turns out there’s a large number of > qualified people, then we won’t need SpecOps, but I’ve rarely > seen that happen (maybe once). > Shane McCarron: Its my job as Projects Manager for SpecOps to > answer such questions, so please contact me. > Manu Sporny: Spec editing is hard to staff, as is test-suite > generation. There are a number of technologies we depend on that > need to be created, WebDHT, RDF Normalization, … A new group > needs to be started to make this stuff work. > Matt Stone: +1 (Empathy) to ShaneM > … when we start a WG we need an idea about how this work is > going to happen. Right now, we don’t have a solid plan for RDF > Normalization, LD Signatures, WebDHT or decentralized identifier > work. Without those technologies, we don’t have portable > credentials. > Shane McCarron: For example, the Web Annotation WG asked me to > attend last week. They’ve done a lot of work on a JSON-LD-based > mechnisms for annotation, but got to the end without realizing > they had no testing infrastructure. > Manu Sporny: As dlongley says, SpecOps creates technology that > is broadly available. > Manu Sporny: We’ll focus on use cases, responses and survey for > the rest of the week. > Carla Casilli: Thanks, all! bye > > > > >
Received on Wednesday, 30 March 2016 09:58:58 UTC