[MINUTES] W3C Credentials CG Call - 2017-09-26 12pm ET

Thanks to Lionel Wolberger for scribing this week! The minutes
for this week's Credentials CG telecon are now available:

https://w3c-ccg.github.io/meetings/2017-09-26/

Full text of the discussion follows for W3C archival purposes.
Audio from the meeting is available as well (link provided below).

----------------------------------------------------------------
Credentials CG Telecon Minutes for 2017-09-26

Agenda:
  https://lists.w3.org/Archives/Public/public-credentials/2017Sep/0098.html
Topics:
  1. Introductions
  2. Action Items
  3. Credential Handler Polyfill Video
  4. Data Minimization & Selective Disclosure 
  5. DID Specification
  6. Next week
Organizer:
  Kim Hamilton Duffy and Christopher Allen
Scribe:
  Lionel Wolberger
Present:
  Lionel Wolberger, Christopher Allen, Tzviya Siegman, Susan 
  Bradford, Adrian Gropper, Manu Sporny, Moses Ma, Drummond Reed, 
  Dave Longley, Mike Lodder, Dan Burnett, Kim Hamilton Duffy, Ryan 
  Grant, Adam Lake, Paul Simmonds, Andrew Hughes, David I. Lehn, 
  Adam Sobieski
Audio:
  https://w3c-ccg.github.io/meetings/2017-09-26/audio.ogg

Lionel Wolberger is scribing.
Christopher Allen: https://w3c-ccg.github.io/meetings/2017-09-12/

Topic: Introductions

Christopher Allen:  Introductions, is anybody new?
Susan Bradford:  Hi, Susan Bradford with Evernym, I'm doing 
  project management stuff for the DID Specification.
Tzviya Siegman:  Hi, my name is Tzviya Siegman, I do a lot of 
  Digital Publishing work at W3C and work for Wiley Publishing. 
  Here to learn and apply the work being done here at RA21 and 
  Wiley. Our current focus is on solving the NASCAR problem for 
  institutions and libraries
Adrian Gropper:  Hi Adrian Gropper, I'm a CTO; working for years 
  on these issues in the healthcare space.
Adrian Gropper:  Implemented an identity container concept which 
  has a self-sovereign authorization server
Adrian Gropper:  See advanced reading materials
Christopher Allen: 
  https://github.com/WebOfTrustInfo/rebooting-the-web-of-trust-fall2017/blob/master/topics-and-advance-readings/Loop-white-paper.pdf
Christopher Allen:  A lot of topics in the advanced readings 
  repo, about 20 now
Christopher Allen: 
  https://github.com/WebOfTrustInfo/rebooting-the-web-of-trust-fall2017/blob/master/topics-and-advance-readings/Data-minimization-and-selective-disclosure.md

Topic: Action Items

Christopher Allen:  Data minimization has some progress, posted 
  in the advanced readings
  ... David Longley to give update on polyfill
  ... Verifiable news, any lead?
  ... Adam and Moses are leading on that. There is a call later 
  today with Ed Bice.
  ... Still a bit premature, but we will be ready to update.
  ... Manu, can you update on evidence schema?
Manu Sporny:  Verifiable claims meeting an hour ago discussed how 
  to express how a verifable claim comes to be
  ... what documentary evidence did you collect or check?
  ... There is a field to capture this, such as a proof of age.
  ... e.g. I interviewed 20 people at an event before I made the 
  following journalistic statement.
Christopher Allen:  Please share the URL with Moses.
Manu Sporny: Here's the URL for evidence in the current spec: 
  https://w3c.github.io/vc-data-model/#evidence
Christopher Allen:  Mission Statement, status?
Manu Sporny:  Kim has given fair notice and so we may be done.
  ... web applications interest group, security group, etc; may 
  want to ping them and let them know we haven't heard back
  ... since our scope is fairly broad including drivers licenses 
  and more, we should ping them one more time
Adrian Gropper:  Q regarding verifiable claims, can wait for the 
  right part of the agenda
Manu Sporny:  Though TPAC is run as an unconference, we need to 
  be fairly refined in our message and prepared
  ... Message, something like: the future of the web will include 
  decentralized identifiers and verifiable claims, we are 
  incubating stuff and will suggest charters in 9 to 12 months.
  ... need a curated, fine-tuned message . Let's refine it at 
  RWoT
Christopher Allen:  Are they planning to have a verifiable claims 
  session at TPAC?
Manu Sporny:  Given that this is a movement with many different 
  parts, I do not expect them to say things that are not in 
  coordination with us.
  .... The CCG has a broader scope than the VC

Topic: Credential Handler Polyfill Video

Manu Sporny: 
  https://lists.w3.org/Archives/Public/public-credentials/2017Sep/0099.html
  ... Longley working on credential handler API
  ... Big update pushed out full blown credential handler API 
  working on all browsers
  ... Important in order to make this work for 3.6B people
  ... (the number of people on the web)
  ... This makes the verifiable claims infrastructure deployable 
  TODAY
  ... we no longer need to wait for browser manufacturers to 
  build this into browsers
  ... Digital Bazaar plans to make this industrial with proper 
  uptime
  ... see the video to understand the ecosystem, see the polyfill 
  working across all these different browsers
  ... it follows the design pattern and implementation of the web 
  payments API
  ... which is being implemented in every single major browser
  ... by following this patter, we mitigate risk and increase 
  takeup
Dave Longley: 
  https://credential-repository.demo.digitalbazaar.com/
  ... Longley providing a link to try the demo yourself.
Moses Ma: The video is great! Excellent work Team DigitalBazaar!
Christopher Allen:  What is the standards strategy for polyfill?
Adrian Gropper:  Details please?
Manu Sporny:  Polyfill is a piece of code that adds functionality 
  to a web browser that the browser does not already have natively
  .... good standards pollyfill first, to encourage developers to 
  adopt technology
  ... think of it as an automatic upgrade enabling new 
  functionality as needed
Moses Ma: "A polyfill is a shim for a browser API and a shim is a 
  library that brings a new API to an older environment, using only 
  the means of that environment..."
  ... in this case, our polyfill enables storing a VC, requesting 
  a VC from a holder
  ... It is pure javascript
Adrian Gropper:  So 'polyfill' is a sophisticated word for some 
  JS
Christopher Allen:  Standards perspective? Polyfill limitations?
Drummond Reed: Note that use of a polyfill assumes that all key 
  management on the identity owner's/holder's side is taking place 
  server-side, not at the edge.
Manu Sporny:  Browser manufacturers like features based on 
  working code and strong uptake before they consider implementing 
  anything natively
  ... They still have scars from inserting stuff in the 90's that 
  still sit in their browser engines today
  ... A polyfill enables assertion of real need, deployment and 
  takeup/adoption/traction
  ... Also, the polyfill ensures a fallback position- if browser 
  manufacturers decline implementing our proposed changes, we still 
  have working code
  ... regarding standards, to standardize you need buyin from the 
  browser manufacturers
  ... Q what are downsides?
  ... A- additional security concerns, attack surfaces on MIM 
  (wont happen in a native browser implementation)
  ... security mitigations are available including checksums but 
  it is never as secure as a browser native implementation
Dave Longley:  Key management discussion
Mike Lodder: Lionel for future reference its MITM
  ... design considerations. should keys be stored in the 
  browsers via native code? This is a change of mindset for the 
  browser manufacturers
  ... the cryptoAPI in browsers is actually moving away from key 
  storage
  ... in this polyfill the key mgt is up to the site
Dave Longley: 
  https://github.com/w3c-ccg/credential-handler-api/issues/1
Adrian Gropper:  Key management relates to the advanced reading I 
  submitted.
Dave Longley: ^That issue has to do with where the keys are.
Drummond Reed: At RWOT, we need to talk about how DKMS key 
  management—where the keys are on the edge under the user's 
  control—can still be interoperable with the polyfill approach.
  ... in working with Andrieu we discussed a use case...
Dave Longley:  The relying party or verifying website requests 
  the credential
  ... the polyfill forwards the query and returns data that is 
  opaque to the polyfill
  ... pushing the vocabulary out to the edges and avoiding 
  touching native code in the browser
Adrian Gropper:  In this use case a patient is running their own 
  credential handler, this model supports prescriptions etc?
Dave Longley:  We are trying to make the attack surface as small 
  as possible
Dan Burnett:  Web RTC AdaptorJS -- polyfill for the API -- has 
  been maintained for 6 years (!)
  ... but for the adapter industry this polyfill has become a 
  critical infrastructure
  ... leading to sobering questions about the lifecycle of the 
  polyfill currently being deployed here
Dave Longley:  Major risk mitigation, piggy backing onto the 
  payments API design patterns
Manu Sporny:  We do commit to the long lifecycle. 6 year horizon.

Topic: Data Minimization & Selective Disclosure 

Christopher Allen: 
  https://github.com/WebOfTrustInfo/rebooting-the-web-of-trust-fall2017/blob/master/topics-and-advance-readings/Data-minimization-and-selective-disclosure.md
Manu Sporny:  We are accepting volunteers to help us shoulder 
  this burden!
Lionel Wolberger:  The document is simple at this point, I do 
  think we should bring this forward some - modest paper, just a 
  survey - from our perspective, decentralized credentials and 
  DIDs, survey of selective disclosure crypto... RWoT is a good 
  place to broadcast and gather, then spend a few weeks to wrap up 
  and publish. [scribe assist by Manu Sporny]
Lionel Wolberger:  We could have other folks cite that document 
  [scribe assist by Manu Sporny]
Lionel Wolberger:  That paper could be the reference for where 
  the crypto is coming from - that's what I'm thinking, would love 
  feedback. [scribe assist by Manu Sporny]
Mike Lodder: ChristopherA can you add me to the Data minimization 
  and Selective disclosure group
Christopher Allen:  When I think about these things, I've been 
  separating data minimization from selective disclosure, we may 
  need better language for this. There are two categories - 1) by 
  policy (data minimization) - here are strategies where you ask 
  for and offer less information. [scribe assist by Manu Sporny]
Christopher Allen:  Differentiate by policy: you offer less info, 
  ask for less info, re-use less info
  ... somewhat insecure but can be very powerful
  ... this has been called data minimization
  ... and blurs with selective discolusre
  ... I think of cryptograhpic binding and anti-correlation 
  available with Schnoor, ZK, etc.,
Kim Hamilton Duffy: Mike-lodder we don't really have much group 
  activity yet...but I can add you to the github repo. will you be 
  at RWoT?
  .... in other words, SD is implemnetation whil DM is 
  policy-centered
  .... "I dont need to prove I'm 25 I just have to prove I am 
  >21"
Mike Lodder: Kimhd yes
  ... THis can be met with either DM or SD as per these 
  definitions
  ... both policy and crypto achieve this
Lionel Wolberger:  Happy to adopt this as the scope of this 
  effort. That was helpful - data minimization is back in privacy 
  act of 1970s, well understood by policy folks. [scribe assist by 
  Manu Sporny]
Kim Hamilton Duffy: Mike-lodder excellent, we should be 
  discussing this heavily then. I sent the github invite to 
  mikelodder7. It's awaiting your acceptance. There's not much 
  there yet
Lionel Wolberger:  Selective disclosure or progressive disclosure 
  seems to be more recent - applies to cryptographic stuff. [scribe 
  assist by Manu Sporny]
Christopher Allen: +1 To talk also about progressive disclosure
Lionel Wolberger:  I'm not certain, but it may be a good time to 
  bring this perspective... decentralization/blockchain has brought 
  some of this stuff to light. This could help a lot of people. 
  [scribe assist by Manu Sporny]
Mike Lodder: Kimhd great
Ryan Grant: "My passport name is not on the OFAC list" <-- 
  cryptographic selective disclosure VS "here are claims about my 
  passport, but I'm only going to answer what my name is" <-- 
  policy
Lionel Wolberger:  If this topic is just Lionel and Chris just 
  talking to each other, we do want to hear from a few more voices. 
  [scribe assist by Manu Sporny]
Kim Hamilton Duffy:  Just a quick note, this came up from Moses - 
  interested in context of what we're covering there. We may want 
  to follow up at RWoT. [scribe assist by Manu Sporny]
Manu Sporny:  There is interest in this topic, we're more 
  interested in minimum disclosure. [scribe assist by Manu Sporny]
Mike Lodder:  I'd like to see this stuff move along - people will 
  see its benefits. [scribe assist by Manu Sporny]

Topic: DID Specification

Drummond Reed: +1 To the benefits of crypto that supports 
  selective disclosure. The way to harden it is to implement it.
Kim Hamilton Duffy:  I have a topic paper that you may want to 
  read... not final [scribe assist by Manu Sporny]
Kim Hamilton Duffy:  Topic paper, preliminary
  ... sites where you can look up a DID description from a DID
  ... using the address of the continuation of the DID 
  description that's pointed to in the transaction.
Dave Longley: Note... we've renamed DID Description to DID 
  Document (those two things mean the same thing)
  ... BTCR message spec perspective, looks OK
Christopher Allen: Paper 
  https://github.com/WebOfTrustInfo/rebooting-the-web-of-trust-fall2017/blob/master/topics-and-advance-readings/btcr-dids-ddos.md
Christopher Allen: Display 
  https://weboftrustinfo.github.io/btcr-tx-playground.github.io/
  .... some problems to resolve in our method spec itself, 
  merging with a partial DID description
Christopher Allen: Create a BTCR DID 
  https://weboftrustinfo.github.io/btcr-tx-playground.github.io/create.html
  ... need to articulate a thorough security model around this.
Christopher Allen:  Hackathon site updated.
  ... you can create your own testnet DID using testnet coins
  ... I have put my DID document into my git, signed it there, 
  and then used it for other purposes.
  ... IPFS could work as well
Manu Sporny:  Did this DID Spec update work for you, Kim?
Kim Hamilton Duffy:  It was easier in this respect
  ... the previous version conflated things like combining VCs
  .... that chould be reflected as more of an entity profile and 
  not all mixed up in a DID method spec
  ... That improved the focus
  ... the clarity of what each entity was doing
  ... we had made a lot of assumptions around owners, keys, etc
Manu Sporny: https://msporny.github.io/did-spec/
Manu Sporny:  Discussion with Evernym team re: new spec, how it 
  worked for them
  ... sounds good that this is working out
  ... For example, discussion of guardian vs delegate
  ... self-managed documents vs delegate-managed documents
  ... these wording changes in the spec
Drummond Reed: I support that wording change - guardian as a 
  subset of delegate
  ... please read the advanced readings before coming to RWoT 
  that should help!
Manu Sporny:  The burndown rate of changes looks good, less and 
  less changes as we go forward
  .... Some general uneasiness as this is quite new
  ... no strong objections
Christopher Allen: 
  https://github.com/WebOfTrustInfo/rebooting-the-web-of-trust-fall2017/blob/master/topics-and-advance-readings/RWOT-User-Story.md
Christopher Allen:  Thinking about replicating what PGP did
  ... when we implement we can try signing one another's claims, 
  then go to various DIDs
  ... secure recursive
  ... double links
  ... cross-claim from one DID to another would be great
  ... Cant the user story get updated and moved away from its 
  owner/control language?
Drummond Reed:  Encouraging everyone to review the proposed draft
  ... You are welcome to engage even if you are not attending 
  RWoT, just post your responses
  ... Evernym is bringing team just to work through these issues.
Christopher Allen: There may also some issues relevant to Susan 
  in the RWOT Fall 2016 repo.
  ... we will then lmove at a fast cadence, between RWoT and IIW 
  we plan good fast progress
  ... the DID methods, the BTCR, Sovryn, Uport method, the Veris1 
  method
  ... the further along these method specs are, the more the DID 
  spec can be vetted as to whether it is meeting these needs 
  properly
  ... Goal: stable spec end of October
Christopher Allen:  We do expect 3 or 4 UPort people.
  ... UPort is further along with deploying to users
  ... done less about conforming with the latest DID and VC specs
  ... so let's speak and engage with them
  ... SA's consent are doing an Ethereum-based DID, they could 
  align as well

Topic: Next week

Christopher Allen:  No meeting next week
Drummond Reed: I'm not sure if Consent Global is still doing a 
  separate DID method for Ethereum. I think they are planning on 
  using the Sovrin DID method.
  ... following week will meet,
Christopher Allen:  If you have any topics that you want to 
  cover, please let us know before the next Agenda goes out. 
  [scribe assist by Manu Sporny]
Christopher Allen:  See everyone at Rebooting! [scribe assist by 
  Manu Sporny]
Christopher Allen: Ciao!!

Received on Tuesday, 26 September 2017 20:26:31 UTC