W3C home > Mailing lists > Public > public-credentials@w3.org > December 2017

[MINUTES] W3C Credentials CG Call - 2017-12-12 12pm ET

From: <msporny@digitalbazaar.com>
Date: Tue, 12 Dec 2017 13:43:28 -0500
Message-Id: <1513104208331.0.30816@zoe>
To: Credentials CG <public-credentials@w3.org>
Thanks to David Chadwick for scribing this week! The minutes
for this week's Credentials CG telecon are now available:

https://w3c-ccg.github.io/meetings/2017-12-12/

Full text of the discussion follows for W3C archival purposes.
Audio from the meeting is available as well (link provided below).

----------------------------------------------------------------
Credentials CG Telecon Minutes for 2017-12-12

Agenda:
  https://lists.w3.org/Archives/Public/public-credentials/2017Dec/0019.html
Topics:
  1. Introductions / Reintroductions
  2. Announcements
  3. Status of Work Items
  4. DID Spec Change Requests
  5. Other Topics
Action Items:
  1. Chairs to suggest adding Object Capabilities, registry, 
    process, etc. as potential work items on main w3c-ccg page
  2. Kim provide feedback on VC Browser API and polyfill re BTCR
  3. DavidC review spec to see if privacy and security reqs 
    language is in spec and provide changes if not
Organizer:
  Kim Hamilton Duffy and Christopher Allen
Scribe:
  David Chadwick
Present:
  David Chadwick, David I. Lehn, Kim Hamilton Duffy, Christopher 
  Allen, Manu Sporny, Joe Andrieu, Drummond Reed, Dave Longley, 
  Ryan Grant, Ted Thibodeau, Moses Ma, Kyle Hartog, Zachary Larson, 
  Christian Lundkvist, Markus Sabadello
Audio:
  https://w3c-ccg.github.io/meetings/2017-12-12/audio.ogg

David Chadwick is scribing.

Topic: Introductions / Reintroductions

David I. Lehn:  Hi, my name is Dave Lehn, I work for Digital 
  Bazaar with Dave and Manu working on technologies related to 
  payments, identity, and blockchain.

Topic: Announcements

Kim Hamilton Duffy:  Next week's agenda will be spent mostly on 
  planning next year's work
  ... No meeting on Dec 26 or Jan 2
  ... First meeting in 2018 will be Jan 9th
  ... Virtual Hackathon will take place in week January 15th-19th
Christopher Allen: +1
Manu Sporny:  Are group happy to pull in change request for 
  editorial changes?
Manu Sporny:  For abstract and overview section
Manu Sporny: Process for Registries: 
  https://lists.w3.org/Archives/Public/public-credentials/2017Dec/0020.html
https://w3c-ccg.github.io/ld-ocap/

ACTION: Chairs to suggest adding Object Capabilities, registry, 
  process, etc. as potential work items on main w3c-ccg page

Manu Sporny:  No action on Veres One DID Method spec
Joe Andrieu: Sounds great, Manu. any participation will help.

Topic: Status of Work Items

Kim Hamilton Duffy:  No update on W3C-CCG to discuss 
  reconciliation of #RebootingWebOfTrust & Hardening changes
Manu Sporny:  Joe rewording changes to abstract
Manu Sporny:  2 PRs can be accepted
Manu Sporny:  Next big change is pulling authz stuff out
Drummond Reed: OCAP = object capabilities
Kim Hamilton Duffy: https://w3c-ccg.github.io/vc-lifecycle/
Manu Sporny:  Ocap and hardening changes are next ones for the 
  spec
David Chadwick:  Want people to read the doc; pass comments. 
  [scribe assist by Kim Hamilton Duffy]
Kim Hamilton Duffy: ...Bigger than doc a few months ago. Topics 
  such as holder != subject, objections to VC. Needs people to 
  review and comment
Manu Sporny: https://github.com/w3c-ccg/vc-lifecycle
David Chadwick:  Scope is looking at how people collect 
  attributes, wove in feedback from TPAC [scribe assist by Kim 
  Hamilton Duffy]
Kim Hamilton Duffy: ...Would be happy for anyone to join and give 
  feedback
Christopher Allen: Some feel like issues and/or pull requests.
David Chadwick:  Would be happy for document to be reused in 
  other areas [scribe assist by Kim Hamilton Duffy]
Manu Sporny: +1 For documents as group work items, shuffling text 
  to where it should go across all work items.
Next topic: engagement model
Joe Andrieu:  Hope to have next draft by January.
Next topic: browser api and polyfill

ACTION: Kim provide feedback on VC Browser API and polyfill re 
  BTCR

Dave Longley:  Looking for people to write code to test against 
  our code
Dave Longley:  Hoping to talk to google next year
Kim Hamilton Duffy: "Privacy & Security Requirements for 
  Credentials Ecosystem"
Next topic: privacy and security requirements
Kim Hamilton Duffy: https://docs.google.com/docum
Kim Hamilton Duffy: 
  https://docs.google.com/document/d/1ffVGcXTYaJI21soezu_o6LhjoEPSN6MPqYGFdJEPfgQ/edit#heading=h.tbhfho86u4l8
Kim Hamilton Duffy:  Is this a work item or should it be rolled 
  into data model spec
David Chadwick:  Has been superceded by answers to a set of 
  questions on privacy issues in the context of WG [scribe assist 
  by Kim Hamilton Duffy]
Dave Longley: 
  https://www.w3.org/TR/security-privacy-questionnaire/
Dave Longley: W3c has a sort of "standard" questionnaire that 
  i've linked to above^
David Chadwick:  Perhaps we can fold text into docs [scribe 
  assist by Kim Hamilton Duffy]

Topic: DID Spec Change Requests

Joe Andrieu: https://github.com/w3c-ccg/did-spec/pull/36
#36 Change "identity" language to "identifier".
Joe Andrieu:  Change subject entity to subject
Drummond Reed: +1 For just using "subject"

ACTION: DavidC review spec to see if privacy and security reqs 
  language is in spec and provide changes if not

Manu Sporny:  +1 To go to subject. [scribe assist by Manu Sporny]
Dave Longley: +1 That's what a DID doc is post RWoT.
Joe Andrieu:  Thinks his current summary is OK, any one objects?
Drummond Reed:  Authz are message specific, so need to be more 
  concise in the spec
Dave Longley: S/message/DID method/
Drummond Reed:  Open issue are the documents for key management 
  or only for specific types of keys
Manu Sporny: 
  https://github.com/w3c-ccg/did-spec/pull/36#issue-278710628
Manu Sporny:  There is a new tool for repository has a preview 
  link and a diff link
Manu Sporny:  Diff shows word for word changes
Joe Andrieu:  We are talking about modification rather than authz
Christopher Allen: How about add text "plus method specific 
  information to support proof and key management"
Drummond Reed: +1 To "modify" or "update" ("update" being one of 
  the CRUD terms)
Kim Hamilton Duffy: Also +1 to "modify" or "update"
Christopher Allen:  Method needed for updating the document
Drummond Reed: Key management isn't always method-specific. 
  Methods MAY have method-specific key management, but there's also 
  key management that's not method-specific.
Manu Sporny:  DID doc is not only about key management.
Dave Longley: +1 DID doc is not just about key management
Manu Sporny:  Is it about update and modification or general 
  authz
Drummond Reed: I would never say it's "just" about key 
  management. But I think key management is a key part (sic) of 
  what DID documents are about.
Joe Andrieu: +1 To more than key management
Dave Longley: I think a DID doc is about establishing an 
  independent entity and being able to authenticate that certain 
  activities/actions were performed by that entity -- and to 
  interact with that entity via services.
Manu Sporny:  We cannot control what people will put in DID docs
Manu Sporny:  But we have to say how keys, authn and authz are 
  dealt with
Joe Andrieu: Keys are technology specific. there will be other 
  mechanisms in the future. "Authentication" is an attempt to 
  embrace other potential means for vetting actors
Manu Sporny:  This discussion will continue in the DID hardening 
  meetings
Manu Sporny: Comment thread here - 
  https://github.com/w3c-ccg/did-spec/pull/36
Joe Andrieu:  Please put your comments in the PR
Kim Hamilton Duffy: https://github.com/w3c-ccg/did-spec/pull/34
Drummond Reed: Agree with Manu about his comments of the focus of 
  the DID spec hardening meetings
Kim Hamilton Duffy: +1
#34 Move standard key descriptions to separate specification.
Drummond Reed: I agree with Manu that we need to close on the DID 
  spec hardening discussions before we know what the structure of a 
  key description registry will look like.
Manu Sporny:  We are less certain about this PR than the other 
  ones
Kim Hamilton Duffy: https://github.com/w3c-ccg/did-spec/pull/33
#33 Split DID Method Registry out of specification.
Ryan Grant: +1 For splitting out registry, and this pull request
Drummond Reed: +1 To the overall idea of having a separate key 
  description registry. It's an alternative to the super-structured 
  and heavyweight approach of https://tools.ietf.org/html/rfc7517.
Manu Sporny:  This is straightforward PR. Should not be any 
  objections to it
Drummond Reed: No objection to splitting out the DID method 
  registry.

Topic: Other Topics

Ryan Grant:  Manu can you point us to tools for creating html 
  docs with gif images
Manu Sporny:  Htmldif is a tool you can run on the command line
Ryan Grant: Respec: stuff for our work
Manu Sporny:  I will find a link for respec
Manu Sporny: https://github.com/tobie/pr-preview
Christopher Allen: Is there a good doc on creating/modifying 
  respect  docs?
Manu Sporny:  Do we keep on with DID hardening or move onto 
  another topic
Drummond Reed:  Goal of DID hardening meetings is to close the 
  issues
Drummond Reed:  Still have 4 or 5 more issues on the list
Christopher Allen: Can we get some of the people that are not 
  active in CCG, but coming hardening, at virtual hackathon?
Kim Hamilton Duffy:  The hackathon would be a good place to work 
  on DID hardening
Dave Longley: +1 To take care of easier points first :)
Drummond Reed: Ok, what I could volunteer to do is do a refresh 
  on the DID spec hardening Google doc to prioritize issues by 
  (what appear to be) easiest to hardest, and then work from 
  easiest to hardest if that will work best.
Christopher Allen:  Can we separate issues into easy topics, ones 
  that need more discussion in January etc.
Dave Longley: +1 For easiest to hardest
Manu Sporny: +1 To Drummond's proposal... feels like that has the 
  best morale outcome :P
Christopher Allen:  We need to move DID hardening back to CCG 
  calls
Dave Longley: That also gives more time for the harder items to 
  stew and be discussed in other channels
Drummond Reed: Yes, I'm thinking we may want to start moving some 
  of the DID spec hardening issues over to github so we can have 
  dedicated discussion threads about them.
Drummond Reed:  I can do PRs on the ones we've resolved, if you'd 
  like... [scribe assist by Manu Sporny]
Dave Longley: +1 To using github
Christopher Allen:  Work items should be chosen by group, and if 
  no discussions within a week, then they should be accepted in the 
  following week
Manu Sporny: Drummond, I also setup David Chadwick w/ his Github 
  editor stuff, so we could do the same w/ you when you have the 
  time.
Kim Hamilton Duffy: +1
Christopher Allen:  We are not approving the content, but that it 
  should become a work item
Manu Sporny:  +1 To doing PRs on the issues we've resolved 
  [scribe assist by Drummond Reed]
Christopher Allen:  The work items should then be visible on the 
  group's home page
Ryan Grant: +1 To make things actually work items
Christopher Allen:  The registry doc should be an official work 
  item
Manu Sporny:  The DID registry and the process document are two 
  further work items
Manu Sporny:  There are two registries: DID and revocation

PROPOSAL:  Adopt Credentials CG Registry process and Linked Data 
  Keys Registry and DID Method Registry as Work Items.

Christopher Allen: +1
Kim Hamilton Duffy: 
  https://lists.w3.org/Archives/Public/public-credentials/2017Dec/0020.html
Manu Sporny: +1
Ted Thibodeau: +1
Dave Longley: +1
Christopher Allen: +1
Kim Hamilton Duffy: +1
Received on Tuesday, 12 December 2017 18:44:02 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:18:17 UTC