[MINUTES] W3C Credentials CG Call - 2018-08-07 12pm ET from kim@learningmachine.com on 2018-08-11 (public-credentials@w3.org from August 2018)

From: <kim@learningmachine.com>
Date: Sat, 11 Aug 2018 11:12:17 -0700
To: Credentials CG <public-credentials@w3.org>
Message-Id: <1534011137161.0.85402@Kims-MacBook-Pro.local>

Thanks to Lionel Wolberger for scribing this week! The minutes
for this week's Credentials CG telecon are now available:

https://w3c-ccg.github.io/meetings/2018-08-07/

Full text of the discussion follows for W3C archival purposes.
Audio from the meeting is available as well (link provided below).

----------------------------------------------------------------
Credentials CG Telecon Minutes for 2018-08-07

Agenda:
undefined
Topics:
1. Introductions
2. Review announcements
3. Action items
4. Work Items
5. proof of personhood
Organizer:
Christopher Allen and Kim Hamilton Duffy and Joe Andrieu
Scribe:
Lionel Wolberger
Present:
Moses Ma, Christopher Allen, Mike Lodder, Andrew Hughes, Heather
Vescent, Manu Sporny, Dave Longley, Linus Gasser, Lionel
Wolberger, Kim Hamilton Duffy, Lucas Parker, Yancy Ribbens, Bryan
Ford, Joe Andrieu, Ted Thibodeau, Robert Mitwicki, Jeff Orgel,
Kayode Ezike, Bohdan Andriyiv, Dan Burnett, Markus Sabadello,
Kulpreet Singh, Benjamin Young, Adrian Gropper, Chris Webber,
David Challener, Drummond Reed, Dmitri Zagidulin, Jarlath
O'Carroll, Anthony Ronning
Audio:
https://w3c-ccg.github.io/meetings/2018-08-07/audio.ogg

Moses Ma: Good morning everyone!
Christopher Allen:
https://lists.w3.org/Archives/Public/public-credentials/2018Aug/0014.html
Lionel Wolberger: ChrisA: Standard IP warnings. Standard IRC
reminder-- use the IRC to queue up (q+).
Linus Gasser: Does sip work? Mine tries to connect but then gives
up...
Linus Gasser: First time I use linphone.
Lionel Wolberger: ... The scribes are Lionel W and ...
Lionel Wolberger is scribing.
Heather Vescent: Heathervescent is co-scribe
Linus Gasser: What works best on mac?
Kim Hamilton Duffy: Type present+ to help associate
Kayode Ezike: I have found Jitsi to work well on Mac
ChrisA: For IRC Chris uses "IRC Cloud", there are many other apps
or use the web link in the invitation
... Today's focus: Proof of Personhood.
... Turning to a re-introduction. Today's victim is.... <scribe
joke>

Topic: Introductions

Udi: Udi Shapiro Weitzmann Institutue currently at W___
Siwtzerland
... was an internet pioneer, for a while did Biology
... now turning to distributed identities
Robert Mitwicki: Introducing himself. Robert, from Poland,
representing ___
... community building self-sovereign identity solution and a
new blockchain that seeks to combine identity issues that this
W3C working group deals with
Markus Sabadello: Robert from Poland, representing Lab10
collective in Austria
BryanFord: Introduction. professor Comp Sci at EPFL,
decentralized and distrib. systems security and privacy focus of
many years
... proposed pseudonym parties a while ago.
... working on makeing this vision real
... very interested in democracy, voting, cdeveloping
technology to support democracy in secure interaction, and
increase the reliability of these technological solutions
ChrisA: Reintroductions
Dan Burnett: Recently joined Consensus, on a standards team
there.
Linus Gasser: Linus Gasser joining via skype to UK...
... this after a focus on Web RTC
... is a co-chair on the verifiable claims working group
... standardizing the data model being discussed here
Christopher Allen: https://w3c-ccg.github.io/announcements/
... Joined originally due to personal interest. The approaches
to identity taken in this group, I feel, will lead to a better
world for individuals and their agendas in the real world.

Topic: Review announcements

ChrisA: Github webpage, review announcements
... MyData conference end of August will have some members
... RWoT is Sept 26, Toronto
Christopher Allen: Rwot7.eventbrite.com
Heather Vescent: RWOT details & tickets:
https://www.eventbrite.com/e/rebooting-the-web-of-trust-vii-fall-2018-toronto-on-ca-tickets-48527570269
... TPAC this October. The DID incubated proposal is reaching a
point where it can become a working group (as we did with
Verifiable Claims)
... DID will need evangelization, this will happen at Lyons
France
... IIW is also that week in October
Kim Hamilton Duffy: Announcing the scribe training
... August 17th noon Pacific
... the scribe training will be scribed
ChrisA: Reminder, all our meetings are public, open, and recorded
by an automated service.
AndrewH: Sovrin Foundation is having a Face to face Aug 27-28
prior to the conference, in Helsinki

Topic: Action items

Christopher Allen:
https://github.com/w3c-ccg/community/issues?q=is%3Aissue+is%3Aopen+label%3A%22action+item
Joe Andrieu: Where are we on the video ??
Heather Vescent: Unedited video link:
https://youtu.be/vcL3ffgGEJM
Answer: The unedited video is on YouTube
... in the process of editing it
Heather Vescent: Andrew, Screenflow is a great video editor.
ChrisA: Reminder, our docs use a github friendly format called,
Respec. This gives us header and other formatting consistent with
W3C
... also makes it easier to use in github, allows for easier
commenting, etc.
Manu Sporny: DID Spec update.
... the editors have been really busy, so we are delayed on the
use cases, delayed on companies wanting to see DIDs become a
working group.
... Good news, the charter seems to be ready (no arguments
against)
... Primer, Seems ready
Christopher Allen:
https://github.com/w3c-ccg/community/blob/master/work_items.md
Andrew Hughes: Yes, the DID-primer is into basic ReSpec format
now
Joe Andrieu: FWIW, I added creating Amira repo as action item
.... would help to prioritize this work

Topic: Work Items

ChrisWebber: There was a period when OCAP had some implementation
work done.
... recently some more spec work
Chris Webber: https://github.com/w3c-ccg/ocap-ld/pull/18
... Reworked things so that the target itself is the capability
Chris Webber: https://github.com/w3c-ccg/ocap-ld/issues/15
... this means that the capability can invoke itself. This is
very amenable to blockchain usage
ChrisA: Real potential in this OCAP work. This is a new
architecture that is potentially powerful.
Manu Sporny: Just shipped OCAP implementations to customers this
past week. Feedback so far is really good
... learning quite a bit about using OCAPs to do authorization
over HTTP
... the signatures, OCAP signatures, DID__ over http, all
coming together nicely
... real code on real customer systems. looking good. not
perfect, but looking good
ChrisA: Internet Archive hosted a well received event, about 120
people mostly developers and engineers
... to try to envision the future of decentralized internet
... followed by an event at the SF Mint, more people (c. 400)
Dan Burnett: Can someone add me to the queue?
... many demos of decentralized web; about 25%-33% were talking
about DIDs, lots of other activity as well
Dan Burnett: Implemented a form of DID Auth
... doesn't have repudiation, but uses DID Auth
... mandate is to square this away with Sovrin stuff
... and plan to open source it after code review
... this should be a standardized way that we will share
Christopher Allen:
https://github.com/WebOfTrustInfo/rebooting-the-web-of-trust-spring2018/blob/master/final-documents/did-auth.md
Heather Vescent: This is a fantastic paper! Thanks all.
ChrisA: DID Auth document from RWoT, which was a survey of AuthZ
and AuthN uses, was released as a final draft, link above
Kim Hamilton Duffy: More comments on decentralized web
... panel by Markus, panel by Kaliya
... Markus's panel covered 6 different DID methods
... Audience ranged from very technical to use-case focused
... a lot of attention to trust. Which DID methods are
reputable?
... Another question, should we be building this? Answer, we
point to security and VC specification
... pointing to best practices really helps answer these
questions
... great sounding board there
Markus Sabadello: Ditto ditto
... Fantastic event. Identity was only part of it, but an
important part.
... More than 4 identity sessions
... DID Auth paper: thanks for publishing it, shout out to
everyone particularly Shannon
Dan Burnett: https://hackmd.io/8onA9y7zSPGF4r5Rg17UAQ?view
... it's NOT A SPEC (reminding everyone again). More a survey
of thoughts on what DID Auths can look like.
Dan Burnett: DWeb more comments
... During browser vendor talk, noticed
... google and firefox see this as low level components
... google particularly seem to be taking a dim view. Their rep
is an outright oponent
... sat with Sir Tim BL
... talked about the data stores and why they matter.
... Microsoft, Sovrin, if they can align further, that is a
worthy goal
... During Markus session: This issue: For W3C we see open
registry a place where anyone can put a DID doc that is
compatible
... we are looking beyond that, if we had subjective industry
quality standards that could help
... e.g. would it be appropriate if a non-W3C group came along
and did things, is that a good idea.
ChrisA: If it can be tested, W3C is a good place. For more
subjective scenarios, other places are better.
... The DWeb did help move DID towards WG status.

Topic: proof of personhood

Christopher Allen:
http://bford.info/tmp/0807-w3c-pseudonym-parties.pdf
Bryan Ford: Proof of personhood was born a few years ago
... a lot of the internet is broken due to Sybil attack
vulnerability
Heather Vescent: Brian Ford/Brynosaurus: POP comes from a few
years ago, problem comes from Sybil attacks.
Heather Vescent: ... The internet doesn't have a way to
distinguish btwn real and fake ppl.
Heather Vescent: Thanks for scribe takeover! :->
Heather Vescent: ... Manifests in many forms: online ballets,
attempts at undermine democracy
Heather Vescent: ... Up/down votes, fake reviews, etc.
Heather Vescent: ... Soft puppetry, re: wikipedia, create fake
personas to support own causes,
Heather Vescent: ... Bots with fake news.
Heather Vescent: ... Nation state funded
Heather Vescent: ... I have been a privacy/anony for a long time.
The right to participate online, vs the vulnerability
(wack-a-mole problems) e.g. service can ban then, but they can
come back under another name.
Heather Vescent: ... This is a fundamental problem. Read the
Sybil attack, paper... (link forthcoming)
Heather Vescent: ... Many solutions have been attempted, multiple
ways (e.g. bitcoin/cryptocurrencies, POW (proof of work) tries to
solve, but fails.)
Heather Vescent: ... Conclusion of the broad spectrum of the
problem
Heather Vescent: ... Solution space: obvious solutions - use real
names... (there are up/downsides)
Heather Vescent: ... But you can use other approaches.
Heather Vescent: ... E.g. biometrics
Heather Vescent: ... Alternately, you can introduce a barrier to
entry
Heather Vescent: ... Graph analysis
Heather Vescent: ... Ppt goes through strengths/weakness for each
potential solution
Heather Vescent: ... Real names - already in use for banks,
Heather Vescent: ... Cons, not really secure (and other in the
ppt)
Heather Vescent: ... Biometrics: rely on devices, pros: efficient
& biometrically secure, & people always have them (good for
undocumented people). Used with Aadhar. Big Downsides: worse
privacy issues, surveillance, delicious centralized attack
surface, to prevent sybil attacks - both false positives &
negatives
Heather Vescent: ... Fake biometrics can be created through one
hacked scanner... and near impossible to detect. Big cost.
Heather Vescent: ... Graph analysis ... two papers - good to read
if you're interested.
Heather Vescent: Promiscuous friending... love that term!
Heather Vescent: ... Propose pseudonym parties. Goal: want sybil
resistance
Heather Vescent: ... A personhood attribute
Heather Vescent: ... Independent of physical person attributes.
Want it to be a secure token attesting that the holder of the
token represents one real person.
Heather Vescent: (Reminds me of what David Birch talks about a
lot.)
Heather Vescent: ... Verify personhood w/out biometrics, ID...
Heather Vescent: ... There are downsides to this idea: it
requires organization in the physical world. It requires people
to show up in person to an event.
Heather Vescent: ... IR world, people show up to events, would
like to piggyback on this kind of event.
Heather Vescent: ... A physical world cost.
Heather Vescent: ... How to do this? Still figuring it out.
Christopher Allen:
https://drive.switch.ch/index.php/s/XrIVRaPbgwnZ677
Bryan Ford: Some references:
Bryan Ford: Original Pseudonym Parties paper (2008):
http://bford.info/pub/net/sybil.pdf
Heather Vescent: Linus Gasser: want one token per person
Bryan Ford: Blog post contrasting to "Real Names" policies:
https://bford.github.io/2015/10/07/names.html
Heather Vescent: ... Identify a person, but not *who* they are
Bryan Ford: Application to "Proof-of-personhood"
cryptocurrencies: http://bford.info/pub/dec/pop-abs
Heather Vescent: ... Example, individual send a request, any
service can ask you to sign.
Heather Vescent: ... With your token
Heather Vescent: ... Q+ (correlation through this token)
Robert Mitwicki: Project which deals with "Real names"
https://www.yoti.com/ - they mange to automate it and make it
really cheap.
Ted Thibodeau: One token per person means supposed "anonymity"
fails, certainly in long term, probably in short term. Think
Star Wars --"anonymous" token is held by human who attends both
Rebel meeting *and* Imperial Guard meeting? MAJOR problem here.
Christopher Allen:
https://github.com/WebOfTrustInfo/rebooting-the-web-of-trust-fall2017/blob/master/final-documents/amira.md
Mike Lodder: Token is similar to one time use DID
Christopher Allen: Thanks, wanted to share these presentations
with the community, because some of us do work in similar space:
e.g. Amira. [scribe assist by Heather Vescent]
Mike Lodder: Interesting concept
Ted Thibodeau: The expected normal mode of operation is that
each attendee generates a new public/private keypair for each
pseudonym party, so pseudonyms are not linkable over time unless
and only to the extent the holder wants to link them explicitly.
[scribe assist by Bryan Ford]
Heather Vescent: ... Would love to plan/implement ideas at RWOT
in Toronto. Maybe we can do some Amira class POP at RWOT, IIW and
Lyon.
Heather Vescent: Drabiv/Bogden: graph analysis: do not agree it
is cheap. it depends on the network. From my
practice/experiments: 200-300 friends, only 5-7 added new fake
identities to their friends. So real people on FB from my
experience do not add unfamiliar people to their friends.
Heather Vescent: ... Another point: current friending, the edges
is not clear. What does it mean to be a friend or connection in
Linked In.
Heather Vescent: ... If you know and vouch for this person IRL,
and it is not true, you will have a reputation cost. And people
will be more strict with creating these edges.
Heather Vescent: There is noise on the line...
Heather Vescent: Brian Ford: those are good points. Don't
discount the possibility of creating an adequate trust network.
Heather Vescent: ... Getting the required security tends to work
against the usability.
Heather Vescent: ... Solving the security with usability is hard.
Kim Hamilton Duffy: I think enough people do that other people
end up getting pulled in
Heather Vescent: ... You are right that not everyone does
promiscuously friend, but many do. There don't need to be that
many people who do it. As long as there are a few, a sybil
attacker can get a lot of edges that way.
Christopher Allen: I presume these Proofs of Personhood are
solely in a context, you'd use a different DID for Empire vs
Rebel
Christopher Allen: I suspest that is no "universal" Proof of
Personhood
Heather Vescent: Brian Ford: This is a periodic process. Each of
the pseudonym tokens has a limited lifetime. Usable for a certain
period.
Heather Vescent: ... Doesn't have any information that could tie
you to past public keys or instances.
Heather Vescent: ... You might choose to correlate them, but the
generation of them, doesn't inherently create linkable
information over time.
Bohdan Andriyiv: Small percentage of people (imo <1%) that would
friend "promiscuously" especially even in prohibitive environment
- will be easylly uncovered/seen
Christopher Allen: Is it unlikely there is a universal proof of
personhood [scribe assist by Heather Vescent]
Heather Vescent: Brian Ford: you always want a context. You want
the use (of the token) to be in a certain context.
Heather Vescent: ... This is a self sovereignty aspect.
Christopher Allen: Closing queue
Heather Vescent: ... Allow you to start over and to link (or not)
to your own history.
Moses Ma: Bye folks
Heather Vescent: Ken: group formation: DID you have a single
group participating at a single time. How to do this for
different groups.
Linus Gasser: Slide 32 [scribe assist by Heather Vescent]
Bryan Ford: Some of our other earlier work related to unlinkable
forums supporting anonymous reputation:
https://www.usenix.org/node/194975
Heather Vescent: Brian Ford: this is one solution we are looking
at.
Ted Thibodeau: "Anonymous" branding is fraught with so much
peril... human error is the only thing guaranteed to come up
over time.
Christopher Allen: Thank you. [scribe assist by Heather Vescent]
Joe Andrieu: Cheers, all.

Received on Saturday, 11 August 2018 18:12:44 UTC