- From: <msporny@digitalbazaar.com>
- Date: Tue, 12 Dec 2017 13:43:28 -0500
- To: Credentials CG <public-credentials@w3.org>
Thanks to David Chadwick for scribing this week! The minutes for this week's Credentials CG telecon are now available: https://w3c-ccg.github.io/meetings/2017-12-12/ Full text of the discussion follows for W3C archival purposes. Audio from the meeting is available as well (link provided below). ---------------------------------------------------------------- Credentials CG Telecon Minutes for 2017-12-12 Agenda: https://lists.w3.org/Archives/Public/public-credentials/2017Dec/0019.html Topics: 1. Introductions / Reintroductions 2. Announcements 3. Status of Work Items 4. DID Spec Change Requests 5. Other Topics Action Items: 1. Chairs to suggest adding Object Capabilities, registry, process, etc. as potential work items on main w3c-ccg page 2. Kim provide feedback on VC Browser API and polyfill re BTCR 3. DavidC review spec to see if privacy and security reqs language is in spec and provide changes if not Organizer: Kim Hamilton Duffy and Christopher Allen Scribe: David Chadwick Present: David Chadwick, David I. Lehn, Kim Hamilton Duffy, Christopher Allen, Manu Sporny, Joe Andrieu, Drummond Reed, Dave Longley, Ryan Grant, Ted Thibodeau, Moses Ma, Kyle Hartog, Zachary Larson, Christian Lundkvist, Markus Sabadello Audio: https://w3c-ccg.github.io/meetings/2017-12-12/audio.ogg David Chadwick is scribing. Topic: Introductions / Reintroductions David I. Lehn: Hi, my name is Dave Lehn, I work for Digital Bazaar with Dave and Manu working on technologies related to payments, identity, and blockchain. Topic: Announcements Kim Hamilton Duffy: Next week's agenda will be spent mostly on planning next year's work ... No meeting on Dec 26 or Jan 2 ... First meeting in 2018 will be Jan 9th ... Virtual Hackathon will take place in week January 15th-19th Christopher Allen: +1 Manu Sporny: Are group happy to pull in change request for editorial changes? Manu Sporny: For abstract and overview section Manu Sporny: Process for Registries: https://lists.w3.org/Archives/Public/public-credentials/2017Dec/0020.html https://w3c-ccg.github.io/ld-ocap/ ACTION: Chairs to suggest adding Object Capabilities, registry, process, etc. as potential work items on main w3c-ccg page Manu Sporny: No action on Veres One DID Method spec Joe Andrieu: Sounds great, Manu. any participation will help. Topic: Status of Work Items Kim Hamilton Duffy: No update on W3C-CCG to discuss reconciliation of #RebootingWebOfTrust & Hardening changes Manu Sporny: Joe rewording changes to abstract Manu Sporny: 2 PRs can be accepted Manu Sporny: Next big change is pulling authz stuff out Drummond Reed: OCAP = object capabilities Kim Hamilton Duffy: https://w3c-ccg.github.io/vc-lifecycle/ Manu Sporny: Ocap and hardening changes are next ones for the spec David Chadwick: Want people to read the doc; pass comments. [scribe assist by Kim Hamilton Duffy] Kim Hamilton Duffy: ...Bigger than doc a few months ago. Topics such as holder != subject, objections to VC. Needs people to review and comment Manu Sporny: https://github.com/w3c-ccg/vc-lifecycle David Chadwick: Scope is looking at how people collect attributes, wove in feedback from TPAC [scribe assist by Kim Hamilton Duffy] Kim Hamilton Duffy: ...Would be happy for anyone to join and give feedback Christopher Allen: Some feel like issues and/or pull requests. David Chadwick: Would be happy for document to be reused in other areas [scribe assist by Kim Hamilton Duffy] Manu Sporny: +1 For documents as group work items, shuffling text to where it should go across all work items. Next topic: engagement model Joe Andrieu: Hope to have next draft by January. Next topic: browser api and polyfill ACTION: Kim provide feedback on VC Browser API and polyfill re BTCR Dave Longley: Looking for people to write code to test against our code Dave Longley: Hoping to talk to google next year Kim Hamilton Duffy: "Privacy & Security Requirements for Credentials Ecosystem" Next topic: privacy and security requirements Kim Hamilton Duffy: https://docs.google.com/docum Kim Hamilton Duffy: https://docs.google.com/document/d/1ffVGcXTYaJI21soezu_o6LhjoEPSN6MPqYGFdJEPfgQ/edit#heading=h.tbhfho86u4l8 Kim Hamilton Duffy: Is this a work item or should it be rolled into data model spec David Chadwick: Has been superceded by answers to a set of questions on privacy issues in the context of WG [scribe assist by Kim Hamilton Duffy] Dave Longley: https://www.w3.org/TR/security-privacy-questionnaire/ Dave Longley: W3c has a sort of "standard" questionnaire that i've linked to above^ David Chadwick: Perhaps we can fold text into docs [scribe assist by Kim Hamilton Duffy] Topic: DID Spec Change Requests Joe Andrieu: https://github.com/w3c-ccg/did-spec/pull/36 #36 Change "identity" language to "identifier". Joe Andrieu: Change subject entity to subject Drummond Reed: +1 For just using "subject" ACTION: DavidC review spec to see if privacy and security reqs language is in spec and provide changes if not Manu Sporny: +1 To go to subject. [scribe assist by Manu Sporny] Dave Longley: +1 That's what a DID doc is post RWoT. Joe Andrieu: Thinks his current summary is OK, any one objects? Drummond Reed: Authz are message specific, so need to be more concise in the spec Dave Longley: S/message/DID method/ Drummond Reed: Open issue are the documents for key management or only for specific types of keys Manu Sporny: https://github.com/w3c-ccg/did-spec/pull/36#issue-278710628 Manu Sporny: There is a new tool for repository has a preview link and a diff link Manu Sporny: Diff shows word for word changes Joe Andrieu: We are talking about modification rather than authz Christopher Allen: How about add text "plus method specific information to support proof and key management" Drummond Reed: +1 To "modify" or "update" ("update" being one of the CRUD terms) Kim Hamilton Duffy: Also +1 to "modify" or "update" Christopher Allen: Method needed for updating the document Drummond Reed: Key management isn't always method-specific. Methods MAY have method-specific key management, but there's also key management that's not method-specific. Manu Sporny: DID doc is not only about key management. Dave Longley: +1 DID doc is not just about key management Manu Sporny: Is it about update and modification or general authz Drummond Reed: I would never say it's "just" about key management. But I think key management is a key part (sic) of what DID documents are about. Joe Andrieu: +1 To more than key management Dave Longley: I think a DID doc is about establishing an independent entity and being able to authenticate that certain activities/actions were performed by that entity -- and to interact with that entity via services. Manu Sporny: We cannot control what people will put in DID docs Manu Sporny: But we have to say how keys, authn and authz are dealt with Joe Andrieu: Keys are technology specific. there will be other mechanisms in the future. "Authentication" is an attempt to embrace other potential means for vetting actors Manu Sporny: This discussion will continue in the DID hardening meetings Manu Sporny: Comment thread here - https://github.com/w3c-ccg/did-spec/pull/36 Joe Andrieu: Please put your comments in the PR Kim Hamilton Duffy: https://github.com/w3c-ccg/did-spec/pull/34 Drummond Reed: Agree with Manu about his comments of the focus of the DID spec hardening meetings Kim Hamilton Duffy: +1 #34 Move standard key descriptions to separate specification. Drummond Reed: I agree with Manu that we need to close on the DID spec hardening discussions before we know what the structure of a key description registry will look like. Manu Sporny: We are less certain about this PR than the other ones Kim Hamilton Duffy: https://github.com/w3c-ccg/did-spec/pull/33 #33 Split DID Method Registry out of specification. Ryan Grant: +1 For splitting out registry, and this pull request Drummond Reed: +1 To the overall idea of having a separate key description registry. It's an alternative to the super-structured and heavyweight approach of https://tools.ietf.org/html/rfc7517. Manu Sporny: This is straightforward PR. Should not be any objections to it Drummond Reed: No objection to splitting out the DID method registry. Topic: Other Topics Ryan Grant: Manu can you point us to tools for creating html docs with gif images Manu Sporny: Htmldif is a tool you can run on the command line Ryan Grant: Respec: stuff for our work Manu Sporny: I will find a link for respec Manu Sporny: https://github.com/tobie/pr-preview Christopher Allen: Is there a good doc on creating/modifying respect docs? Manu Sporny: Do we keep on with DID hardening or move onto another topic Drummond Reed: Goal of DID hardening meetings is to close the issues Drummond Reed: Still have 4 or 5 more issues on the list Christopher Allen: Can we get some of the people that are not active in CCG, but coming hardening, at virtual hackathon? Kim Hamilton Duffy: The hackathon would be a good place to work on DID hardening Dave Longley: +1 To take care of easier points first :) Drummond Reed: Ok, what I could volunteer to do is do a refresh on the DID spec hardening Google doc to prioritize issues by (what appear to be) easiest to hardest, and then work from easiest to hardest if that will work best. Christopher Allen: Can we separate issues into easy topics, ones that need more discussion in January etc. Dave Longley: +1 For easiest to hardest Manu Sporny: +1 To Drummond's proposal... feels like that has the best morale outcome :P Christopher Allen: We need to move DID hardening back to CCG calls Dave Longley: That also gives more time for the harder items to stew and be discussed in other channels Drummond Reed: Yes, I'm thinking we may want to start moving some of the DID spec hardening issues over to github so we can have dedicated discussion threads about them. Drummond Reed: I can do PRs on the ones we've resolved, if you'd like... [scribe assist by Manu Sporny] Dave Longley: +1 To using github Christopher Allen: Work items should be chosen by group, and if no discussions within a week, then they should be accepted in the following week Manu Sporny: Drummond, I also setup David Chadwick w/ his Github editor stuff, so we could do the same w/ you when you have the time. Kim Hamilton Duffy: +1 Christopher Allen: We are not approving the content, but that it should become a work item Manu Sporny: +1 To doing PRs on the issues we've resolved [scribe assist by Drummond Reed] Christopher Allen: The work items should then be visible on the group's home page Ryan Grant: +1 To make things actually work items Christopher Allen: The registry doc should be an official work item Manu Sporny: The DID registry and the process document are two further work items Manu Sporny: There are two registries: DID and revocation PROPOSAL: Adopt Credentials CG Registry process and Linked Data Keys Registry and DID Method Registry as Work Items. Christopher Allen: +1 Kim Hamilton Duffy: https://lists.w3.org/Archives/Public/public-credentials/2017Dec/0020.html Manu Sporny: +1 Ted Thibodeau: +1 Dave Longley: +1 Christopher Allen: +1 Kim Hamilton Duffy: +1
Received on Tuesday, 12 December 2017 18:44:02 UTC