- From: <msporny@digitalbazaar.com>
- Date: Tue, 12 Dec 2017 13:43:28 -0500
- To: Credentials CG <public-credentials@w3.org>
Thanks to David Chadwick for scribing this week! The minutes
for this week's Credentials CG telecon are now available:
https://w3c-ccg.github.io/meetings/2017-12-12/
Full text of the discussion follows for W3C archival purposes.
Audio from the meeting is available as well (link provided below).
----------------------------------------------------------------
Credentials CG Telecon Minutes for 2017-12-12
Agenda:
https://lists.w3.org/Archives/Public/public-credentials/2017Dec/0019.html
Topics:
1. Introductions / Reintroductions
2. Announcements
3. Status of Work Items
4. DID Spec Change Requests
5. Other Topics
Action Items:
1. Chairs to suggest adding Object Capabilities, registry,
process, etc. as potential work items on main w3c-ccg page
2. Kim provide feedback on VC Browser API and polyfill re BTCR
3. DavidC review spec to see if privacy and security reqs
language is in spec and provide changes if not
Organizer:
Kim Hamilton Duffy and Christopher Allen
Scribe:
David Chadwick
Present:
David Chadwick, David I. Lehn, Kim Hamilton Duffy, Christopher
Allen, Manu Sporny, Joe Andrieu, Drummond Reed, Dave Longley,
Ryan Grant, Ted Thibodeau, Moses Ma, Kyle Hartog, Zachary Larson,
Christian Lundkvist, Markus Sabadello
Audio:
https://w3c-ccg.github.io/meetings/2017-12-12/audio.ogg
David Chadwick is scribing.
Topic: Introductions / Reintroductions
David I. Lehn: Hi, my name is Dave Lehn, I work for Digital
Bazaar with Dave and Manu working on technologies related to
payments, identity, and blockchain.
Topic: Announcements
Kim Hamilton Duffy: Next week's agenda will be spent mostly on
planning next year's work
... No meeting on Dec 26 or Jan 2
... First meeting in 2018 will be Jan 9th
... Virtual Hackathon will take place in week January 15th-19th
Christopher Allen: +1
Manu Sporny: Are group happy to pull in change request for
editorial changes?
Manu Sporny: For abstract and overview section
Manu Sporny: Process for Registries:
https://lists.w3.org/Archives/Public/public-credentials/2017Dec/0020.html
https://w3c-ccg.github.io/ld-ocap/
ACTION: Chairs to suggest adding Object Capabilities, registry,
process, etc. as potential work items on main w3c-ccg page
Manu Sporny: No action on Veres One DID Method spec
Joe Andrieu: Sounds great, Manu. any participation will help.
Topic: Status of Work Items
Kim Hamilton Duffy: No update on W3C-CCG to discuss
reconciliation of #RebootingWebOfTrust & Hardening changes
Manu Sporny: Joe rewording changes to abstract
Manu Sporny: 2 PRs can be accepted
Manu Sporny: Next big change is pulling authz stuff out
Drummond Reed: OCAP = object capabilities
Kim Hamilton Duffy: https://w3c-ccg.github.io/vc-lifecycle/
Manu Sporny: Ocap and hardening changes are next ones for the
spec
David Chadwick: Want people to read the doc; pass comments.
[scribe assist by Kim Hamilton Duffy]
Kim Hamilton Duffy: ...Bigger than doc a few months ago. Topics
such as holder != subject, objections to VC. Needs people to
review and comment
Manu Sporny: https://github.com/w3c-ccg/vc-lifecycle
David Chadwick: Scope is looking at how people collect
attributes, wove in feedback from TPAC [scribe assist by Kim
Hamilton Duffy]
Kim Hamilton Duffy: ...Would be happy for anyone to join and give
feedback
Christopher Allen: Some feel like issues and/or pull requests.
David Chadwick: Would be happy for document to be reused in
other areas [scribe assist by Kim Hamilton Duffy]
Manu Sporny: +1 For documents as group work items, shuffling text
to where it should go across all work items.
Next topic: engagement model
Joe Andrieu: Hope to have next draft by January.
Next topic: browser api and polyfill
ACTION: Kim provide feedback on VC Browser API and polyfill re
BTCR
Dave Longley: Looking for people to write code to test against
our code
Dave Longley: Hoping to talk to google next year
Kim Hamilton Duffy: "Privacy & Security Requirements for
Credentials Ecosystem"
Next topic: privacy and security requirements
Kim Hamilton Duffy: https://docs.google.com/docum
Kim Hamilton Duffy:
https://docs.google.com/document/d/1ffVGcXTYaJI21soezu_o6LhjoEPSN6MPqYGFdJEPfgQ/edit#heading=h.tbhfho86u4l8
Kim Hamilton Duffy: Is this a work item or should it be rolled
into data model spec
David Chadwick: Has been superceded by answers to a set of
questions on privacy issues in the context of WG [scribe assist
by Kim Hamilton Duffy]
Dave Longley:
https://www.w3.org/TR/security-privacy-questionnaire/
Dave Longley: W3c has a sort of "standard" questionnaire that
i've linked to above^
David Chadwick: Perhaps we can fold text into docs [scribe
assist by Kim Hamilton Duffy]
Topic: DID Spec Change Requests
Joe Andrieu: https://github.com/w3c-ccg/did-spec/pull/36
#36 Change "identity" language to "identifier".
Joe Andrieu: Change subject entity to subject
Drummond Reed: +1 For just using "subject"
ACTION: DavidC review spec to see if privacy and security reqs
language is in spec and provide changes if not
Manu Sporny: +1 To go to subject. [scribe assist by Manu Sporny]
Dave Longley: +1 That's what a DID doc is post RWoT.
Joe Andrieu: Thinks his current summary is OK, any one objects?
Drummond Reed: Authz are message specific, so need to be more
concise in the spec
Dave Longley: S/message/DID method/
Drummond Reed: Open issue are the documents for key management
or only for specific types of keys
Manu Sporny:
https://github.com/w3c-ccg/did-spec/pull/36#issue-278710628
Manu Sporny: There is a new tool for repository has a preview
link and a diff link
Manu Sporny: Diff shows word for word changes
Joe Andrieu: We are talking about modification rather than authz
Christopher Allen: How about add text "plus method specific
information to support proof and key management"
Drummond Reed: +1 To "modify" or "update" ("update" being one of
the CRUD terms)
Kim Hamilton Duffy: Also +1 to "modify" or "update"
Christopher Allen: Method needed for updating the document
Drummond Reed: Key management isn't always method-specific.
Methods MAY have method-specific key management, but there's also
key management that's not method-specific.
Manu Sporny: DID doc is not only about key management.
Dave Longley: +1 DID doc is not just about key management
Manu Sporny: Is it about update and modification or general
authz
Drummond Reed: I would never say it's "just" about key
management. But I think key management is a key part (sic) of
what DID documents are about.
Joe Andrieu: +1 To more than key management
Dave Longley: I think a DID doc is about establishing an
independent entity and being able to authenticate that certain
activities/actions were performed by that entity -- and to
interact with that entity via services.
Manu Sporny: We cannot control what people will put in DID docs
Manu Sporny: But we have to say how keys, authn and authz are
dealt with
Joe Andrieu: Keys are technology specific. there will be other
mechanisms in the future. "Authentication" is an attempt to
embrace other potential means for vetting actors
Manu Sporny: This discussion will continue in the DID hardening
meetings
Manu Sporny: Comment thread here -
https://github.com/w3c-ccg/did-spec/pull/36
Joe Andrieu: Please put your comments in the PR
Kim Hamilton Duffy: https://github.com/w3c-ccg/did-spec/pull/34
Drummond Reed: Agree with Manu about his comments of the focus of
the DID spec hardening meetings
Kim Hamilton Duffy: +1
#34 Move standard key descriptions to separate specification.
Drummond Reed: I agree with Manu that we need to close on the DID
spec hardening discussions before we know what the structure of a
key description registry will look like.
Manu Sporny: We are less certain about this PR than the other
ones
Kim Hamilton Duffy: https://github.com/w3c-ccg/did-spec/pull/33
#33 Split DID Method Registry out of specification.
Ryan Grant: +1 For splitting out registry, and this pull request
Drummond Reed: +1 To the overall idea of having a separate key
description registry. It's an alternative to the super-structured
and heavyweight approach of https://tools.ietf.org/html/rfc7517.
Manu Sporny: This is straightforward PR. Should not be any
objections to it
Drummond Reed: No objection to splitting out the DID method
registry.
Topic: Other Topics
Ryan Grant: Manu can you point us to tools for creating html
docs with gif images
Manu Sporny: Htmldif is a tool you can run on the command line
Ryan Grant: Respec: stuff for our work
Manu Sporny: I will find a link for respec
Manu Sporny: https://github.com/tobie/pr-preview
Christopher Allen: Is there a good doc on creating/modifying
respect docs?
Manu Sporny: Do we keep on with DID hardening or move onto
another topic
Drummond Reed: Goal of DID hardening meetings is to close the
issues
Drummond Reed: Still have 4 or 5 more issues on the list
Christopher Allen: Can we get some of the people that are not
active in CCG, but coming hardening, at virtual hackathon?
Kim Hamilton Duffy: The hackathon would be a good place to work
on DID hardening
Dave Longley: +1 To take care of easier points first :)
Drummond Reed: Ok, what I could volunteer to do is do a refresh
on the DID spec hardening Google doc to prioritize issues by
(what appear to be) easiest to hardest, and then work from
easiest to hardest if that will work best.
Christopher Allen: Can we separate issues into easy topics, ones
that need more discussion in January etc.
Dave Longley: +1 For easiest to hardest
Manu Sporny: +1 To Drummond's proposal... feels like that has the
best morale outcome :P
Christopher Allen: We need to move DID hardening back to CCG
calls
Dave Longley: That also gives more time for the harder items to
stew and be discussed in other channels
Drummond Reed: Yes, I'm thinking we may want to start moving some
of the DID spec hardening issues over to github so we can have
dedicated discussion threads about them.
Drummond Reed: I can do PRs on the ones we've resolved, if you'd
like... [scribe assist by Manu Sporny]
Dave Longley: +1 To using github
Christopher Allen: Work items should be chosen by group, and if
no discussions within a week, then they should be accepted in the
following week
Manu Sporny: Drummond, I also setup David Chadwick w/ his Github
editor stuff, so we could do the same w/ you when you have the
time.
Kim Hamilton Duffy: +1
Christopher Allen: We are not approving the content, but that it
should become a work item
Manu Sporny: +1 To doing PRs on the issues we've resolved
[scribe assist by Drummond Reed]
Christopher Allen: The work items should then be visible on the
group's home page
Ryan Grant: +1 To make things actually work items
Christopher Allen: The registry doc should be an official work
item
Manu Sporny: The DID registry and the process document are two
further work items
Manu Sporny: There are two registries: DID and revocation
PROPOSAL: Adopt Credentials CG Registry process and Linked Data
Keys Registry and DID Method Registry as Work Items.
Christopher Allen: +1
Kim Hamilton Duffy:
https://lists.w3.org/Archives/Public/public-credentials/2017Dec/0020.html
Manu Sporny: +1
Ted Thibodeau: +1
Dave Longley: +1
Christopher Allen: +1
Kim Hamilton Duffy: +1
Received on Tuesday, 12 December 2017 18:44:02 UTC