- From: <msporny@digitalbazaar.com>
- Date: Tue, 26 Sep 2017 16:26:07 -0400
- To: Credentials CG <public-credentials@w3.org>
Thanks to Lionel Wolberger for scribing this week! The minutes for this week's Credentials CG telecon are now available: https://w3c-ccg.github.io/meetings/2017-09-26/ Full text of the discussion follows for W3C archival purposes. Audio from the meeting is available as well (link provided below). ---------------------------------------------------------------- Credentials CG Telecon Minutes for 2017-09-26 Agenda: https://lists.w3.org/Archives/Public/public-credentials/2017Sep/0098.html Topics: 1. Introductions 2. Action Items 3. Credential Handler Polyfill Video 4. Data Minimization & Selective Disclosure 5. DID Specification 6. Next week Organizer: Kim Hamilton Duffy and Christopher Allen Scribe: Lionel Wolberger Present: Lionel Wolberger, Christopher Allen, Tzviya Siegman, Susan Bradford, Adrian Gropper, Manu Sporny, Moses Ma, Drummond Reed, Dave Longley, Mike Lodder, Dan Burnett, Kim Hamilton Duffy, Ryan Grant, Adam Lake, Paul Simmonds, Andrew Hughes, David I. Lehn, Adam Sobieski Audio: https://w3c-ccg.github.io/meetings/2017-09-26/audio.ogg Lionel Wolberger is scribing. Christopher Allen: https://w3c-ccg.github.io/meetings/2017-09-12/ Topic: Introductions Christopher Allen: Introductions, is anybody new? Susan Bradford: Hi, Susan Bradford with Evernym, I'm doing project management stuff for the DID Specification. Tzviya Siegman: Hi, my name is Tzviya Siegman, I do a lot of Digital Publishing work at W3C and work for Wiley Publishing. Here to learn and apply the work being done here at RA21 and Wiley. Our current focus is on solving the NASCAR problem for institutions and libraries Adrian Gropper: Hi Adrian Gropper, I'm a CTO; working for years on these issues in the healthcare space. Adrian Gropper: Implemented an identity container concept which has a self-sovereign authorization server Adrian Gropper: See advanced reading materials Christopher Allen: https://github.com/WebOfTrustInfo/rebooting-the-web-of-trust-fall2017/blob/master/topics-and-advance-readings/Loop-white-paper.pdf Christopher Allen: A lot of topics in the advanced readings repo, about 20 now Christopher Allen: https://github.com/WebOfTrustInfo/rebooting-the-web-of-trust-fall2017/blob/master/topics-and-advance-readings/Data-minimization-and-selective-disclosure.md Topic: Action Items Christopher Allen: Data minimization has some progress, posted in the advanced readings ... David Longley to give update on polyfill ... Verifiable news, any lead? ... Adam and Moses are leading on that. There is a call later today with Ed Bice. ... Still a bit premature, but we will be ready to update. ... Manu, can you update on evidence schema? Manu Sporny: Verifiable claims meeting an hour ago discussed how to express how a verifable claim comes to be ... what documentary evidence did you collect or check? ... There is a field to capture this, such as a proof of age. ... e.g. I interviewed 20 people at an event before I made the following journalistic statement. Christopher Allen: Please share the URL with Moses. Manu Sporny: Here's the URL for evidence in the current spec: https://w3c.github.io/vc-data-model/#evidence Christopher Allen: Mission Statement, status? Manu Sporny: Kim has given fair notice and so we may be done. ... web applications interest group, security group, etc; may want to ping them and let them know we haven't heard back ... since our scope is fairly broad including drivers licenses and more, we should ping them one more time Adrian Gropper: Q regarding verifiable claims, can wait for the right part of the agenda Manu Sporny: Though TPAC is run as an unconference, we need to be fairly refined in our message and prepared ... Message, something like: the future of the web will include decentralized identifiers and verifiable claims, we are incubating stuff and will suggest charters in 9 to 12 months. ... need a curated, fine-tuned message . Let's refine it at RWoT Christopher Allen: Are they planning to have a verifiable claims session at TPAC? Manu Sporny: Given that this is a movement with many different parts, I do not expect them to say things that are not in coordination with us. .... The CCG has a broader scope than the VC Topic: Credential Handler Polyfill Video Manu Sporny: https://lists.w3.org/Archives/Public/public-credentials/2017Sep/0099.html ... Longley working on credential handler API ... Big update pushed out full blown credential handler API working on all browsers ... Important in order to make this work for 3.6B people ... (the number of people on the web) ... This makes the verifiable claims infrastructure deployable TODAY ... we no longer need to wait for browser manufacturers to build this into browsers ... Digital Bazaar plans to make this industrial with proper uptime ... see the video to understand the ecosystem, see the polyfill working across all these different browsers ... it follows the design pattern and implementation of the web payments API ... which is being implemented in every single major browser ... by following this patter, we mitigate risk and increase takeup Dave Longley: https://credential-repository.demo.digitalbazaar.com/ ... Longley providing a link to try the demo yourself. Moses Ma: The video is great! Excellent work Team DigitalBazaar! Christopher Allen: What is the standards strategy for polyfill? Adrian Gropper: Details please? Manu Sporny: Polyfill is a piece of code that adds functionality to a web browser that the browser does not already have natively .... good standards pollyfill first, to encourage developers to adopt technology ... think of it as an automatic upgrade enabling new functionality as needed Moses Ma: "A polyfill is a shim for a browser API and a shim is a library that brings a new API to an older environment, using only the means of that environment..." ... in this case, our polyfill enables storing a VC, requesting a VC from a holder ... It is pure javascript Adrian Gropper: So 'polyfill' is a sophisticated word for some JS Christopher Allen: Standards perspective? Polyfill limitations? Drummond Reed: Note that use of a polyfill assumes that all key management on the identity owner's/holder's side is taking place server-side, not at the edge. Manu Sporny: Browser manufacturers like features based on working code and strong uptake before they consider implementing anything natively ... They still have scars from inserting stuff in the 90's that still sit in their browser engines today ... A polyfill enables assertion of real need, deployment and takeup/adoption/traction ... Also, the polyfill ensures a fallback position- if browser manufacturers decline implementing our proposed changes, we still have working code ... regarding standards, to standardize you need buyin from the browser manufacturers ... Q what are downsides? ... A- additional security concerns, attack surfaces on MIM (wont happen in a native browser implementation) ... security mitigations are available including checksums but it is never as secure as a browser native implementation Dave Longley: Key management discussion Mike Lodder: Lionel for future reference its MITM ... design considerations. should keys be stored in the browsers via native code? This is a change of mindset for the browser manufacturers ... the cryptoAPI in browsers is actually moving away from key storage ... in this polyfill the key mgt is up to the site Dave Longley: https://github.com/w3c-ccg/credential-handler-api/issues/1 Adrian Gropper: Key management relates to the advanced reading I submitted. Dave Longley: ^That issue has to do with where the keys are. Drummond Reed: At RWOT, we need to talk about how DKMS key management—where the keys are on the edge under the user's control—can still be interoperable with the polyfill approach. ... in working with Andrieu we discussed a use case... Dave Longley: The relying party or verifying website requests the credential ... the polyfill forwards the query and returns data that is opaque to the polyfill ... pushing the vocabulary out to the edges and avoiding touching native code in the browser Adrian Gropper: In this use case a patient is running their own credential handler, this model supports prescriptions etc? Dave Longley: We are trying to make the attack surface as small as possible Dan Burnett: Web RTC AdaptorJS -- polyfill for the API -- has been maintained for 6 years (!) ... but for the adapter industry this polyfill has become a critical infrastructure ... leading to sobering questions about the lifecycle of the polyfill currently being deployed here Dave Longley: Major risk mitigation, piggy backing onto the payments API design patterns Manu Sporny: We do commit to the long lifecycle. 6 year horizon. Topic: Data Minimization & Selective Disclosure Christopher Allen: https://github.com/WebOfTrustInfo/rebooting-the-web-of-trust-fall2017/blob/master/topics-and-advance-readings/Data-minimization-and-selective-disclosure.md Manu Sporny: We are accepting volunteers to help us shoulder this burden! Lionel Wolberger: The document is simple at this point, I do think we should bring this forward some - modest paper, just a survey - from our perspective, decentralized credentials and DIDs, survey of selective disclosure crypto... RWoT is a good place to broadcast and gather, then spend a few weeks to wrap up and publish. [scribe assist by Manu Sporny] Lionel Wolberger: We could have other folks cite that document [scribe assist by Manu Sporny] Lionel Wolberger: That paper could be the reference for where the crypto is coming from - that's what I'm thinking, would love feedback. [scribe assist by Manu Sporny] Mike Lodder: ChristopherA can you add me to the Data minimization and Selective disclosure group Christopher Allen: When I think about these things, I've been separating data minimization from selective disclosure, we may need better language for this. There are two categories - 1) by policy (data minimization) - here are strategies where you ask for and offer less information. [scribe assist by Manu Sporny] Christopher Allen: Differentiate by policy: you offer less info, ask for less info, re-use less info ... somewhat insecure but can be very powerful ... this has been called data minimization ... and blurs with selective discolusre ... I think of cryptograhpic binding and anti-correlation available with Schnoor, ZK, etc., Kim Hamilton Duffy: Mike-lodder we don't really have much group activity yet...but I can add you to the github repo. will you be at RWoT? .... in other words, SD is implemnetation whil DM is policy-centered .... "I dont need to prove I'm 25 I just have to prove I am >21" Mike Lodder: Kimhd yes ... THis can be met with either DM or SD as per these definitions ... both policy and crypto achieve this Lionel Wolberger: Happy to adopt this as the scope of this effort. That was helpful - data minimization is back in privacy act of 1970s, well understood by policy folks. [scribe assist by Manu Sporny] Kim Hamilton Duffy: Mike-lodder excellent, we should be discussing this heavily then. I sent the github invite to mikelodder7. It's awaiting your acceptance. There's not much there yet Lionel Wolberger: Selective disclosure or progressive disclosure seems to be more recent - applies to cryptographic stuff. [scribe assist by Manu Sporny] Christopher Allen: +1 To talk also about progressive disclosure Lionel Wolberger: I'm not certain, but it may be a good time to bring this perspective... decentralization/blockchain has brought some of this stuff to light. This could help a lot of people. [scribe assist by Manu Sporny] Mike Lodder: Kimhd great Ryan Grant: "My passport name is not on the OFAC list" <-- cryptographic selective disclosure VS "here are claims about my passport, but I'm only going to answer what my name is" <-- policy Lionel Wolberger: If this topic is just Lionel and Chris just talking to each other, we do want to hear from a few more voices. [scribe assist by Manu Sporny] Kim Hamilton Duffy: Just a quick note, this came up from Moses - interested in context of what we're covering there. We may want to follow up at RWoT. [scribe assist by Manu Sporny] Manu Sporny: There is interest in this topic, we're more interested in minimum disclosure. [scribe assist by Manu Sporny] Mike Lodder: I'd like to see this stuff move along - people will see its benefits. [scribe assist by Manu Sporny] Topic: DID Specification Drummond Reed: +1 To the benefits of crypto that supports selective disclosure. The way to harden it is to implement it. Kim Hamilton Duffy: I have a topic paper that you may want to read... not final [scribe assist by Manu Sporny] Kim Hamilton Duffy: Topic paper, preliminary ... sites where you can look up a DID description from a DID ... using the address of the continuation of the DID description that's pointed to in the transaction. Dave Longley: Note... we've renamed DID Description to DID Document (those two things mean the same thing) ... BTCR message spec perspective, looks OK Christopher Allen: Paper https://github.com/WebOfTrustInfo/rebooting-the-web-of-trust-fall2017/blob/master/topics-and-advance-readings/btcr-dids-ddos.md Christopher Allen: Display https://weboftrustinfo.github.io/btcr-tx-playground.github.io/ .... some problems to resolve in our method spec itself, merging with a partial DID description Christopher Allen: Create a BTCR DID https://weboftrustinfo.github.io/btcr-tx-playground.github.io/create.html ... need to articulate a thorough security model around this. Christopher Allen: Hackathon site updated. ... you can create your own testnet DID using testnet coins ... I have put my DID document into my git, signed it there, and then used it for other purposes. ... IPFS could work as well Manu Sporny: Did this DID Spec update work for you, Kim? Kim Hamilton Duffy: It was easier in this respect ... the previous version conflated things like combining VCs .... that chould be reflected as more of an entity profile and not all mixed up in a DID method spec ... That improved the focus ... the clarity of what each entity was doing ... we had made a lot of assumptions around owners, keys, etc Manu Sporny: https://msporny.github.io/did-spec/ Manu Sporny: Discussion with Evernym team re: new spec, how it worked for them ... sounds good that this is working out ... For example, discussion of guardian vs delegate ... self-managed documents vs delegate-managed documents ... these wording changes in the spec Drummond Reed: I support that wording change - guardian as a subset of delegate ... please read the advanced readings before coming to RWoT that should help! Manu Sporny: The burndown rate of changes looks good, less and less changes as we go forward .... Some general uneasiness as this is quite new ... no strong objections Christopher Allen: https://github.com/WebOfTrustInfo/rebooting-the-web-of-trust-fall2017/blob/master/topics-and-advance-readings/RWOT-User-Story.md Christopher Allen: Thinking about replicating what PGP did ... when we implement we can try signing one another's claims, then go to various DIDs ... secure recursive ... double links ... cross-claim from one DID to another would be great ... Cant the user story get updated and moved away from its owner/control language? Drummond Reed: Encouraging everyone to review the proposed draft ... You are welcome to engage even if you are not attending RWoT, just post your responses ... Evernym is bringing team just to work through these issues. Christopher Allen: There may also some issues relevant to Susan in the RWOT Fall 2016 repo. ... we will then lmove at a fast cadence, between RWoT and IIW we plan good fast progress ... the DID methods, the BTCR, Sovryn, Uport method, the Veris1 method ... the further along these method specs are, the more the DID spec can be vetted as to whether it is meeting these needs properly ... Goal: stable spec end of October Christopher Allen: We do expect 3 or 4 UPort people. ... UPort is further along with deploying to users ... done less about conforming with the latest DID and VC specs ... so let's speak and engage with them ... SA's consent are doing an Ethereum-based DID, they could align as well Topic: Next week Christopher Allen: No meeting next week Drummond Reed: I'm not sure if Consent Global is still doing a separate DID method for Ethereum. I think they are planning on using the Sovrin DID method. ... following week will meet, Christopher Allen: If you have any topics that you want to cover, please let us know before the next Agenda goes out. [scribe assist by Manu Sporny] Christopher Allen: See everyone at Rebooting! [scribe assist by Manu Sporny] Christopher Allen: Ciao!!
Received on Tuesday, 26 September 2017 20:26:31 UTC