- From: <kim@learningmachine.com>
- Date: Sat, 10 Nov 2018 12:48:09 -0800
- To: Credentials CG <public-credentials@w3.org>
Thanks to Manu Sporny and Heather Vescent for scribing this week! The minutes for this week's Credentials CG telecon are now available: https://w3c-ccg.github.io/meetings/2018-11-06/ Full text of the discussion follows for W3C archival purposes. Audio from the meeting is available as well (link provided below). ---------------------------------------------------------------- Credentials CG Telecon Minutes for 2018-11-06 Agenda: https://lists.w3.org/Archives/Public/public-credentials/2018Nov/0070.html Topics: 1. Introductions 2. Update on Action Items 3. Work Items 4. W3C TPAC 2018 5. IIW Organizer: Kim Hamilton Duffy and Joe Andrieu and Christopher Allen Scribe: Manu Sporny and Heather Vescent Present: Kim Hamilton Duffy, Dave Longley, Heather Vescent, Manu Sporny, Joe Andrieu, Andrew Hughes, Ted Thibodeau, Kulpreet Singh, Jeff Orgel, Ken Ebert, Brent Shambaugh, Dmitri Zagidulin, Matt Stone, Brent Zundel, Michaela Casaldi, Ganesh Annan, Christopher Allen, Lionel Wolberger, Samantha Mathews Chase, Daniel Buchner, Drummond Reed, Ryan Grant Audio: https://w3c-ccg.github.io/meetings/2018-11-06/audio.ogg Manu Sporny is scribing. Joe Andrieu: Welcome to the call... Joe covers standard boilerplate meeting stuff. Heather Vescent is scribing. Brent Shambaugh: I cannot seem to get it to work on Linux. Joe Andrieu: Agenda and plan for meeting. Report out from TPAC & IIW Joe Andrieu: Communications about DIDs don't nail what we see as important about these technologies. Want to discuss developing value props. Joe Andrieu: Introductions?? Topic: Introductions Michaela Casaldi: Just joined. Work for Onfido, an identity provider. Looking into distributed id. On the product side. Exploring what we can do. Manu Sporny: CEO of Digital Bazaar. Have spent lot of time ~15 years, pushing VCs, DIDs and stuff like that. One of the companies implementing a lot of the technology we talk about here. Joe Andrieu: https://www.w3.org/Security/strong-authentication-and-identity-workshop/ Joe Andrieu: W3C workshop. Dec 10-11 in Redmond at Microsoft. Manu Sporny: If you are going, get your position statement in this week. Manu Sporny: https://www.w3.org/Security/strong-authentication-and-identity-workshop/ Christopher Allen: The only added the email address a week or so ago. ?? Are there examples of position statements? Manu Sporny: https://www.w3.org/Security/strong-authentication-and-identity-workshop/cfp.html#position-statements Manu Sporny: Please send position statements (HTML, text, or PDF preferred) to group-identity-ws-pc@w3.org. Manu Sporny: No. Link to position statement at this email address (manu's link) Christopher Allen: Apparently you need a position statement. Christopher Allen: Form wasn't enough Andrew Hughes: Is a position statement mandatory? Manu Sporny: We might be overattended, and those without a position statement will be dropped. Manu Sporny: https://www.w3.org/Security/strong-authentication-and-identity-workshop/cfp.html#position-statements Christopher Allen: The email wasn't available until Friday of TPAC Manu Sporny: Re: position statement, if you really really want to attend, submit a position statement. It's a ranking criteria if we have too many people who want to attend. Joe Andrieu: Save the Date - next RWOT - Feb 27-March 1, 2019, Location TBD (could be Europe) Kim Hamilton Duffy: I think that's all Joe Lionel Wolberger: +Present Christopher Allen: I put it in my presentation that I made yesterday Heather Vescent: IIW is April 30-May 2: https://www.internetidentityworkshop.com/ Kim Hamilton Duffy: Thanks Heather; updating the announcements now Topic: Update on Action Items Joe Andrieu: Update on Action Items: https://github.com/w3c-ccg/community/issues?q=is%3Aissue+is%3Aopen+label%3A%22action+item%22 Kim Hamilton Duffy: Spec-Text Training is closed. Manu Sporny: +1, Thank you Bohdan! :) Andrew Hughes: Thanks to Bodin (sp?) who did the editing. Samantha Mathews Chase: Is there a link to this vidoe? Topic: Work Items Joe Andrieu: Work items: https://github.com/w3c-ccg/community/blob/master/work_items.md Joe Andrieu: DID Use case update: Graphical representation of the DID Use cases here. We need to take this to another level of sophistication, and incorporate TPAC feedback. Also want to see specific situation based use cases to explain ...xyz... Lionel_Wolberger_: Data minimization, what are the next actions needed on this. Joe Andrieu: Take RWOT published doc and move to SpecText. ReSpec converter that Sandro did... ... check out the video to do this. Link: https://www.youtube.com/watch?v=0Sn7co2eSCo Dmitri Zagidulin: Super buggy or not, that tool is /amazing/ Manu Sporny: Sandro Hawke has a tool to convert gdocs to SpectText ... suggest that Lionel_Wolberger_ use this tool. Dmitri Zagidulin: *Kimhd: he was showing it during tpac, I was super impressed.* ... Sandro is working with credible web re: Fake News. Looking at potentially using VC and other stuff we are working to make progress on their work. Propose to invite Sandro into here and hear what he's been doing. Re: reputation stuff. Samantha Mathews Chase: Very cool thanks Manu Sporny: +1 On dog fooding our own work. Samantha Mathews Chase: My RWOT paper was on tracking attribution. Have talked with Manu to use this for our call. This is an important subject. Have talked with other groups with varied success. Joe Andrieu: +1 For chocolate puddinging our work Samantha Mathews Chase: Lol Samantha Mathews Chase: I get it tho Joe Andrieu: TPAC report out. Topic: W3C TPAC 2018 Manu Sporny: It went really great. We had 50-55 at the DID breakout session. Kim did the DID working group proposal/intro. It was awesome and perfect. There were 200+ in that room (of the 480 companies) and it was well received. We had buttons. (As me about Decentralized identifiers.) We specifically asked for objections, and got only 1. And the objection was that I want you to do more than DIDs. Haven't seen other objections behind the scenes. ... there is still more work to do. But I would be surprised if the DID working group didn't happen. Please show up in Redmond if you want this to happen. Joe Andrieu: Could you comment on the support and the breakthrough re: WebAuthN? Manu Sporny: Before TPAC, we did an experiment with authenticator devices (e.g. yubico, cryptographic keys in hardware) we extended them to support VCs and DIDs and we dropped into that working group. We needed them to enable one feature to make them work. Submitted the proposal for them to do it. Group decided to support that use case. Daniel Buchner: I can provide some details on this, if you'd like ... WebAuthN also interested in web authentication, and they might do it in their next charter. This all demonstrates traction. Daniel Buchner: Sure Kim Hamilton Duffy: In the meeting after TPAC - wants to know specific use cases to move that forward. Daniel Buchner: Group is working in ... we need to make sure it can be used in these areas, FIDO, WebAuthN. This might be why there was a change/acceptance from some folks. Joe Andrieu: Someone gave a shout out to Kim Cameron that the next step is for FIDO to support DIDs. Drummond Reed: That was the most unexpected news, re WebAuthN. I was stunned. Congrats! Shout out to Daniel. Joe Andrieu: People like it because it solves a problem. Drummond Reed: When we got the news at IIW, people were thrilled. Ted Thibodeau: https://twitter.com/csuwildcat/status/1047608587944484864 Ryan Grant: Re: FIDO, my understanding is token signs a secret a website can understand. How can this be changed to help interop DIDs? Ted Thibodeau: "It definitely needs to work with existing systems, so companies can interop with the code/implementations they have in-market, and that's something we're going to work a lot on in 2019, including extension of things like WebAuthn and FIDO to support DIDs." Dave Longley: We did a demo at TPAC, WebAuthN with DID Auth (credential handler). ... describing how it works Kim Hamilton Duffy: One of the big things we talked about - relationship btwn JWTS & JSON LD. ... one category is around usability and lack of tooling support. Topic: IIW Joe Andrieu: [Please jump on the queue if you went to IIW] ... get this on everyone radar to discuss. Daniel Buchner: Daniel Buchner: Good stuff at IIW, DID ref skilling, went into the authentication pieces. Context mapping documents. Heather Vescent: I went to IIW as well... [scribe assist by Manu Sporny] Heather Vescent: Lots of new people, huge event, almost sold out. [scribe assist by Manu Sporny] Heather Vescent: Lot of new people, Kaliya and I did the intro to SSI -- mostly new people there. Lots of sessions on DIDs/SSI - Sam Chase brought a really cool person that talked about VR and identity [scribe assist by Manu Sporny] Heather Vescent: That's something that's interesting, overlap w/ other communities and what we're doing here... communication of what we're doing is really important. [scribe assist by Manu Sporny] Heather Vescent: I did talk on SSI on Money 20/20 the weekend before... we are doing a lot of really interesting stuff here and we don't control the narrative. It's important for us to support clear communication of what we're doing. [scribe assist by Manu Sporny] Heather Vescent: Not just inside our community -- but banking/fintech space think they're going to solve this problem as well because they "own" identity/KYC - we need to get organized about taking this knowledge and expanding it beyond our internal space. [scribe assist by Manu Sporny] Heather Vescent: Kaliya and I have tried doing that - business model is problematic, we need to figure out a way to support communication. [scribe assist by Manu Sporny] Heather Vescent: Last day, really interesting session -- trying to find session. [scribe assist by Manu Sporny] SSI stack: https://drive.google.com/file/d/1YGdxdVB7tS9MI9-QIIDZsvT2eZgnAXDj/view?usp=sharing Heather Vescent: Session on "SSI Stack" [scribe assist by Manu Sporny] Drummond Reed: I have joined the call but there is a ton of noise right now in the SLC airport so it's going to be hard to talk. Heather Vescent: I found this interesting... [scribe assist by Manu Sporny] Heather Vescent: Anyone here in this session? [scribe assist by Manu Sporny] Drummond Reed: Daniel was in that session Heather Vescent: Another session on "Myths of SSI" - run by Timothy Ruff and Rouven... [scribe assist by Manu Sporny] Heather Vescent: That was an interesting conversation... it was a great IIW. [scribe assist by Manu Sporny] Jeff Orgel: Had a great time, really rich IIW - a few things to touch on - Sam showed up with Liam - great edge thinking. [scribe assist by Manu Sporny] Jeff Orgel: Phils' daughter did an "Ask the Millenial" session... value space there, how they perceive their identity. [scribe assist by Manu Sporny] Jeff Orgel: Drummond announced STFv2... Markus announced something as well - logging in / recovering DID. [scribe assist by Manu Sporny] Drummond Reed: The "edge thinking" that Samantha and Liam brought was all about where self-sovereign identity could fit with VR and AR and digital twins or avatars. It was mind-blowing. Drummond Reed: Liam showed live demos using various cutting-edge VR headsets including Magic Leap. Jeff Orgel: Futurist talking about cyborg future - really interesting, what we want when cybernetics become more of a thing... let's talk about path to get there. [scribe assist by Manu Sporny] Jeff Orgel: Really rich IIW. Sam and Liam brought great energy. Phi's daughter did a session, Ask a millenial about identity. Drummond announced TPAC update. Markus accomplished something... it was first time. And there was a lady, futurist, talking about cyborg futures, what would we all want when the cybernetic space becomes real. Let's talk about the path to get there Daniel Buchner: Markus showed a prototype of a Universal DID Registrar Joe Andrieu: Use last minutes to introduce ... Daniel Buchner: Which our team was hoping to work with him on Daniel Buchner: We want to ensure that reg API surfaces and experiences are formulated in accordance with a common spec Joe Andrieu: Re: shaping the narrative and well meant questions from allies, trying to help us distill the message. B/c our examples don't show why this is so important. ... what is the canonical use case? ... why does decentralized help? ... are there folks at TPAC to help set this up. Andrew Hughes: My question about DIDs is why do we need a new universal namespace? Why don’t the existing ‘universal’ name spaces suffice? [scribe assist by Andrew Hughes] Christopher Allen: https://docs.google.com/presentation/d/15M0tdSS1dRMVdJdVgBlFap8JwiuFdvocZ0AAu7c1eBk Christopher Allen: Asked after TPAC to present to companies and a Zurich meetup. And tried to address the different things people have raised. ... it's a better story, but it's not there. ... Get push back, corporations don't care, governments don't care. So I separated these in the preso. Daniel Buchner: Clearly they aren't aware of some intentions of some companies that I would bet are far larger than theirs - and some governments... ... how do we convince governments and corporations. Christopher Allen: (Also, I welcome comments and criticisms on that presentation) Christopher Allen: (And people can reuse it as needed) Heather Vescent: I had an idea in this space - based on some of the feedback from Money 20/20 - most of the people there come from banking/fintech - I know a lot of the people in that space - they don't get DIDs/SSI any of that stuff. [scribe assist by Manu Sporny] Jeff Orgel: ? What was Marcus' 1st time effort if we have a moment? Samantha Mathews Chase: For companies, the argument I lean into is offloading liability and enabling a 'perfect information' system. That they can achieve the same value from data without seeing it through this new 'airlocked' layer by requesting credentials.People can be responsible for sharing these credentials and then it is complicit information not consent engineering. This saves the company money and eliminates the guesswork and social engineering aspect of marketing Heather Vescent: The feedback I got was - "oh, this is an interesting way to do corporate identity". When we think about it for individual identity, value for individuals, privacy, etc... for cybersecurity space... increasing corporate security, whole idea of corporate identity is really interesting. [scribe assist by Manu Sporny] Heather Vescent: Not limiting, or expanding use cases beyond individuals to multiple entities that need identity... that might be a good focus. [scribe assist by Manu Sporny] Samantha Mathews Chase: I like that heather,thanks Christopher Allen: Slides 22 also resonated Joe Andrieu: Yes, think there is really interesting stuff in that space that's not solely about SSI. [scribe assist by Manu Sporny] Christopher Allen: One of the things I discovered by accident, about borders, resonanted well in Switzerland. It was almost like it was in the wrong part of the presentation. [scribe assist by Manu Sporny] Christopher Allen: One of the things I discovered by accident - my slide 22, about borders, resonated well (due to Switzerland?) it was like it was in the wrong part of the preso (it was in the SSI section). But this is something that keeps coming back in the decentralized thing. What are the borders and edges. ... they are all under renegociation. Joe Andrieu: Let's talk about this more in future weeks.
Received on Saturday, 10 November 2018 20:48:35 UTC