- From: <msporny@digitalbazaar.com>
- Date: Tue, 27 Jun 2017 16:59:06 -0400
- To: Credentials CG <public-credentials@w3.org>
Thanks to Ryan Grant for scribing this week! The minutes for this week's Credentials CG telecon are now available: http://w3c.github.io/vctf/meetings/2017-06-27/ Full text of the discussion follows for W3C archival purposes. Audio from the meeting is available as well (link provided below). ---------------------------------------------------------------- Credentials CG Telecon Minutes for 2017-06-27 Agenda: https://lists.w3.org/Archives/Public/public-credentials/2017Jun/0098.html Topics: 1. Introductions 2. Selective Disclosure and CL Signatures Organizer: Kim Hamilton Duffy and Christopher Allen Scribe: Ryan Grant Present: Ryan Grant, Christopher Allen, Moses Ma, Glen Braun, Rutu Mulkar-Mehta, Drummond Reed, Kim Hamilton Duffy, Jan Camenisch, Dave Longley, Manu Sporny, Dan Burnett, Adam Lake, David I. Lehn, Joe Andrieu, Nathan George, Adam Migus, Frederico Sportini Audio: http://w3c.github.io/vctf/meetings/2017-06-27/audio.ogg Ryan Grant is scribing. Christopher Allen: Welcome to the joint Credentials CG and Data Verification CG — Today's agenda: https://lists.w3.org/Archives/Public/public-credentials/2017Jun/0098.html Christopher Allen: Main topic will be selective disclosure Topic: Introductions Moses Ma: What is the connection between protocol cookies and learning using ML techniques? Glen Braun: Introduction: based in Seattle with a blockchain company. identity, verification. using Solidity. looking for directions for spec. Rutu Mulkar-Mehta: My name is Dr. Rutu Mulkar-Mehta a professor at Northeastern University, Seattle Branch interested in Artificial Intelligence and Blockchain. I also have a company Ticary Solutions interested in this space. Moses invited me to participate in this group. Christopher Allen: We have an active naming poll going on here: https://goo.gl/6jpvoy Christopher Allen: Reminder of work prioritization poll, please fill that out: https://goo.gl/sNs2vl Christopher Allen: Other action items: naming and mission statement Christopher Allen: No meeting next week. next is July 11th Christopher Allen: Next meeting on 11 July - Attempt to close on a formal proposal name & mission. Drummond Reed: I won't be able to attend the July 11 meeting -- must be at DHS Cybersecurity Showcase event in DC to report on our DKMS (Decentralized Key Management System) work Christopher Allen: Hackathon for did:btcr! (contact ChrisopherA or kimhd) Kim Hamilton Duffy: Jan's slides: https://goo.gl/E7anK6 Christopher Allen: Data Minimization and Selective Disclosure Report Christopher Allen: Intent is to define, distinguish between these Christopher Allen: https://w3c-dvcg.github.io/lds-redaction2016/ Christopher Allen: There are two proposals... Christopher Allen: https://w3c-dvcg.github.io/lds-pseudonymous2016/ Jan Camenisch: Related link: https://abc4trust.eu where we have done a lot of the work to be discussed today Moses Ma: To: rgrant - about the connection between protocol cookies and learning using ML techniques - not sure yet, I just know there's a pony in here somewhere... haha Rutu Mulkar-Mehta: Ny Name and Affiliation: Dr. Rutu Mulkar-Mehta, linkedin - https://www.linkedin.com/in/rutumulkar/ Drummond Reed: Great work - ABC4Trust Dave Longley: "Liz-ann-skee-uh" Christopher Allen: https://goo.gl/E7anK6 Topic: Selective Disclosure and CL Signatures Jan Camenisch: 19 Years at IBM, crypto for longer. EU-funded large collaborative projects. Jan Camenisch: Building a full middleware stack, running technology pilots at e.g. a Greek school Jan Camenisch: Students able to critique course using proven identity with security from reprisal Jan Camenisch: TPM work Moses Ma: Selective disclosure search Christopher Allen: Slides: https://goo.gl/E7anK6 Jan Camenisch: Not sure about audience, but here goes - high level first, not crypto level. Christopher Allen: ABC for Trust: https://abc4trust.eu/ Jan Camenisch: Focusing today on authentication ...discussing scenario on slide 7 ...a major split in techniques is whether the issuer must be online at the time of VC use ...review of scenario Moses Ma: Yes, we've been calling it "partial transparency search" or "transactionalized search" - a simple example is a movie screenwriter provides and selective disclosure about their new screenplay about a certain subject, but only producers who have actually made a movie can see the abstract, and if it's Spielberg searching, more info. Those willing to sign an NDA smart contract can get more info automatically. Essentially, we'd be disintermediating talent agencies. Jan Camenisch: Moving to slide 9, we see offline scenario ...we only need to disclose the information for the question at hand Jan Camenisch: Discussion of blockchain and crypto options Christopher Allen: Value here is description of working systems. Manu Sporny: There is overlap in formalizing this work in the W3C setting. we don't have capability for VC and psudonymous-sigs outside of test settings. are there any patent blockers? Jan Camenisch: Unclear what steps are Christopher Allen: Mentions potential for real-world deployments Jan Camenisch: IBM has no patents on the basic algorithms, but other parties do have some patents. IANAL. Jan Camenisch: What is identity? we all have many. ...identity is the attributes I'm using now ...identities can be conflicting views Jan Camenisch: What does identity need? attributes. authentication method. transport. presentation policy (slide 14) Jan Camenisch: Some credentials are bound to a key, and require proof of control ...anything not key-bound is shareable, but you can't be sure that the person presenting that attribute is not spoofing ...the handles are pseudonyms ...(slide 17) there are domain specific pseudonyms ...(slide 19) "Credential Specification" is the set of known schemas Drummond Reed: This is so good that I'd be happy to do Part 2 on the next call if Jan is able. Jan Camenisch: Describing presentation Christopher Allen: Offering background of similar directions from VC community Christopher Allen: Describes legal authority of working group ...this community has authority fro reports and recommendations ...describing crypto options that sometimes involve a blockchain ...we'd love to have more advice from your team, especially in nomenclature Jan Camenisch: Possible directions include revocation Manu Sporny: Evernym and Digital Bazaar have strong interest in this space, and Jan_Camenisch + team could add to strength of specification with advice and multiple implementations ...clarification around crypto usage and data structures would be a great area of involvement Jan Camenisch: Asks what status of VCs is Dan Burnett: Sounds like a good discussion topic for next meeting Dave Longley: +1 Next meeting Christopher Allen: Next meeting is July 11th, but we need to finalize on final name and mission statement. Christopher Allen: So maybe later in July. Dan Burnett: Next meeting == future meeting Manu Sporny: Describes "several months" of refinement Christopher Allen: Possible further work in revocation. example: issuer of a verified claim is no longer live to clarify Christopher Allen: Are we using the right elliptic curves? how to steer around patents? Dan Burnett: FYI for our visitors, the official term we use is "verifiable claims", not "verified claims" Dan Burnett: We don't assume that claims are already verified :) Christopher Allen: Navigates possible further topics with Jan_Camenisch Christopher Allen: Thanks everyone! thanks Jan_Camenisch! next meeting July 11th. adjourned.
Received on Tuesday, 27 June 2017 21:04:21 UTC