- From: <gannan@digitalbazaar.com>
- Date: Tue, 02 Oct 2018 19:32:34 -0400
- To: Credentials CG <public-credentials@w3.org>
Thanks to Samantha Mathews Chase for scribing this week! The minutes for this week's Credentials CG telecon are now available: https://w3c-ccg.github.io/meetings/2018-10-02/ Full text of the discussion follows for W3C archival purposes. Audio from the meeting is available as well (link provided below). ---------------------------------------------------------------- Credentials CG Telecon Minutes for 2018-10-02 Agenda: https://lists.w3.org/Archives/Public/public-credentials/2018Oct/0002.html Topics: 1. Introductions and Reintroductions 2. Announcements 3. Review Action Items 4. Work Items 5. New Business 6. RWoT7 Organizer: Joe Andrieu and Kim Hamilton Duffy and Christopher Allen Scribe: Samantha Mathews Chase Present: Bohdan Andriyiv, Heather Vescent, Samantha Mathews Chase, Ken Ebert, Ganesh Annan, Christopher Allen, Chris Webber, Ted Thibodeau, Dan Burnett, Jeff Orgel, Lionel Wolberger, Nate Otto, Manu Sporny, Adrian Gropper, Joe Andrieu, Ryan Grant, Kaliya Young, Kim Hamilton Duffy, Dave Longley Audio: https://w3c-ccg.github.io/meetings/2018-10-02/audio.ogg Samantha Mathews Chase is scribing. Samantha Mathews Chase: Can someone link me to the scribe notes again Samantha Mathews Chase: I can't find the link Heather Vescent: Yay Sam for scribing! Topic: Introductions and Reintroductions Christopher Allen: Introductions & re-intros ... Bob Dolan? You on? Christian Lundquist? Lionel Wolberger: Walberger involved for a while, under many hats, focused on verifiable claims, platin.io base our insights on university research, excited to bring muscle to the space ...working with standards created here ...looking forward to attending tpac Topic: Announcements Christopher Allen: https://w3c-ccg.github.io/announcements/ Christopher Allen: Agenda item: announcemments Christopher Allen: 2 Big things, tpac in a couple of weeks, a few of us are going to Lyon, big annual meeting of w3c members. ... we are scheduled with our own time and the verifiable claims working group has a couple of days and will be visiting other working group meetings to talk about DIDs Christopher Allen: Ideally by the end of the year we have a vote on a DID charter Manu Sporny: W3C TPAC Schedule: https://www.w3.org/2018/10/TPAC/schedule.html Manu Sporny: On this schedule credentials group is two hours from 1:30-2:30 on Tuesday, need to figure out what we want to say ....Wednesday breakout sessions, this is our big push! we are making buttons and the whole purpose is to try and get as many memberships on board ...ccg is also having a joint meeting with web commerce meeting as well, then verifiable credentials after that ... do not have to be a CCG member to attend. Christopher Allen: http://iiw.idcommons.net Chris Webber: Iiw at the same time, link above Nate Otto: Folks who are in Lyon, you may want to check out ePIC in Paris on the way back Oct 24-26: general topics related to open recognition -- a little less technical and more about developing the metaphors and practices that result in decentralizing credentials. About 125 very interesting people tend to attend. https://epic.openrecognition.org/ Lionel Wolberger: Would be interested in having a call with Digital Bazaar crew, would like to coordinate on TPAC further, how do we do that? How do I get my button? Christopher Allen: Can't speak for schedules on Monday, I plan to be there Monday but will be on weird sleeping hours. Heather Vescent: +1 For Manu's suggestion Manu Sporny: We need to spend time leading up to coordinate and put 20 min per call dedicated to tpac, must have a unified message. Dan Burnett: +1 To coordinating in advance. A number of us are insanely busy during TPAC, and agreeing in advance is critical. Lionel Wolberger: We haven't been doing crypto Tuesdays Christopher Allen: We haven't had the cryptographers for Crypto Tuesday, Samantha Mathews Chase: Wondering for those not going to W3C TPAC - want to help more. Helpful for me to reach out to other companies that will be using DIDs? Interest? [scribe assist by Manu Sporny] Samantha Mathews Chase: Are people going for tpac. wants to help more. Is it helpful to reach out to companies who are using DIDs. And get a list of them going [scribe assist by Heather Vescent] ... we need to coordinate IP legalities so we can get more groups here Samantha Mathews Chase: How can we get more companies on board, is it helpful to collect support Manu Sporny: Yes super helpful, need to be very targeted, need to prove that this work is worth doing ...they find companies that are implementing and deploying products, they weigh big companies vs. tiny companies ... we want companies with a strong commitment to identity ...if sam or anyone else on the call can target the larger companies ... they have to be committed, w3c wants to see that these companies will be joining and membership will go up Lionel Wolberger: Former effort of collecting which companies are engaging with DIDs: https://docs.google.com/spreadsheets/d/1n0fe8g-13ZPfaWPNyL8T2GFE2ktv-TYYXJFr73Gnb3M/edit#gid=1240207141 Manu Sporny: Explainer for support for DIDS: https://lists.w3.org/Archives/Public/public-credentials/2018Sep/0012.html Manu Sporny: Specific google form is here: https://goo.gl/forms/Yg3kPYN5OjlSbowQ2 Lionel Wolberger: Resending this list, to be merged with new survey: https://docs.google.com/spreadsheets/d/1n0fe8g-13ZPfaWPNyL8T2GFE2ktv-TYYXJFr73Gnb3M/edit#gid=1240207141 Manu Sporny: Please distribute among your readership, everything helps Manu Sporny: +1 To what heathervescent just said... that would be the most effective. Heather Vescent: A bunch of people that are friendly in the community, really effective to send a direct email to someone ....are we coordinating with DIF at all? .... already put some stuff on the slack channel, it reminds people they should do it. Manu Sporny: Need to give this more time and underscore what heather said, direct emails to companies that have direct plans to use DIDs ... apologize for the short nature of this, not ideal but we ran out of time and we're at the point if we don't get it out by next week it won't get circulated. I'm hoping to have the first wave of feedback by next Friday, so we have time to get it circulated Christopher Allen: Any questions on how to evangelize? Ryan Grant: Sometimes I get confused about where companies are putting their energy on these things Kaliya Young: They fit together in a round about way. Ryan Grant: Question was regarding DIF Christopher Allen: Dif is it's own organization at this point, there was a particular IP issue that was raised at rebooting Manu Sporny: Did have a series of conversations with them, they fit together sort of, for now all incubation of ideas happen at IIW, RWoT, etc, the output goes to these groups where they are further defined Ryan Grant: It sounds like DIF is a coalition of corporations that would like to bless certain technologies, "when they're ready" Dan Burnett: Industry certification ...dif works across all those channels but the standards we work on are made and then go out in the wild. After the standards space, how are people deploying this in the world? We still need the orgs to clarify Christopher Allen: ... they are more focused on uses not standards Christopher Allen: Trying to get HTC Manu Sporny: Let the large companies know, this is not a commitment, its a notice of interest ... it's not that they aren't committing to the working group, they aren't interested in this group happening Christopher Allen: https://github.com/w3c-ccg/community/issues?q=is%3Aissue+is%3Aopen+label%3A%22action+item Topic: Review Action Items Manu Sporny: https://github.com/w3c-ccg/community/issues?q=is%3Aopen+is%3Aissue+label%3A%22action+item%22 Christopher Allen: At the bottom of the training there was an open item, there's a series of updates, manu any GA on those? Manu Sporny: Not yet unfortunately, just waiting for video to be cleaned up Christopher Allen: There is a security vulnerability we keep getting messages about, I don't have an assignee for crypto suite, do we have anyone from uport or consensys Christopher Allen: Is there someone adept with the crypto suite action item? Samantha Mathews Chase: I didn't catch what burn said Christopher Allen: https://github.com/w3c-ccg/community/blob/master/work_items.md Topic: Work Items Dan Burnett: Best for you to contact Oliver Terbu directly. He has been accepting such requests on behalf of uPort. I cannot volunteer him myself. [scribe assist by Dan Burnett] Lionel Wolberger: We finished the data minimization paper a while back, joe has mentioned making a report ...moving forward Christopher Allen: Will be a doc from RWoT, already on track for community group to accept as a report ... would like more cryptographic people to review, someone from Microsoft would like to give it a quick pass ....hopefully be a report in the next month or so if group approves it ... or can move it as an unpublished draft to RWoT drafts Lionel Wolberger: Sounds good, we want consensus, it all sounds good Manu Sporny: Last RWoT mike lodder and ? get together and talk about VC data model Manu Sporny: Here's the CL Signature issue on VC Data Model -- https://github.com/w3c/vc-data-model/issues/237 ... these are the data structures we are using but means we have to make a new cypto suite to cover those things ... don't know when I'll have the time to do it, would be great if someone else can step in, need a cryptographic suite for signatures make sure its compatible with DID Christopher Allen: Spoke with several people at Microsoft Joe Andrieu: The u-prove license is under the "open specification promise" https://msdn.microsoft.com/en-us/openspecifications/dn646765.aspx ... need someone from Microsoft community that has been working with u-prove this cryptographic sig Topic: New Business Kaliya Young: According to what I know u-prove patents are expired. Kim (At MSFT) bought the company that held them just before they expired. Christopher Allen: https://github.com/WebOfTrustInfo/rwot7/tree/master/topics-and-advance-readings Manu Sporny: That's super helpful to know Kaliya, thank you! Kaliya Young: The other major library for ZKP is IDMixer from IBM Zurich. Christopher Allen: https://github.com/WebOfTrustInfo/rwot7/tree/master/draft-documents Topic: RWoT7 Christopher Allen: RWoT was awesome, great topic papers, and 15 draft documents written collaboratively Christopher Allen: https://github.com/WebOfTrustInfo/rwot7/blob/master/draft-documents/Guidance_and_Standards_for_Interoperability_of_Decentralized_Identity_Systems.md ... those are at draft docs, in particular there was discussion around guidance and standards around interop. of DID systems ... a group of about 15 ppl workng on different approaches of DID Manu Sporny: Guidance and Standards for Interoperability of Decentralized Identity Systems -- https://docs.google.com/document/d/1tDX6LXJn6KITKIvNbbexHfcdWZ9z9TCElC5cZygaacw/edit Manu Sporny: Some of the results, its a massive paper, will require help. WE got to go over a ton of guiding principles, the hope is that it will document the requirements and the standards we need to fill in to achieve the vision we have in rebooting .... we have a good start, general call for help, please make suggestions and notes and edits ... we need all the help we can get ... it's such a long paper I don't want it to die before it's finished Christopher Allen: https://github.com/WebOfTrustInfo/rwot7/blob/master/draft-documents/convincing-dad.md Christopher Allen: Other great papers ...DID's for homeless, convincing DAD about DIDs Christopher Allen: https://github.com/WebOfTrustInfo/rwot7/blob/master/draft-documents/Digital-Identity-for-the-Homeless.md ... in particular use cases for pitching DIDs some of these might be relevant for how we pitch them Samantha Mathews Chase: Our paper was on Verifiable Offline Credentials... [scribe assist by Manu Sporny] Samantha Mathews Chase: We found a massive lack of security in container ships and were able to put together some interesting solutions [scribe assist by Manu Sporny] Samantha Mathews Chase: We've talked about this w/ some of the largest container ship company in the world. [scribe assist by Manu Sporny] Christopher Allen: https://github.com/WebOfTrustInfo/rwot7/blob/master/draft-documents/Use%20Cases%20and%20Proposed%20Solutions%20for%20Verifiable%20Offline%20Credentials.md Samantha Mathews Chase: Ideally, we'd do something specific to ship security/identity at some time in the new year. [scribe assist by Manu Sporny] Christopher Allen: https://github.com/WebOfTrustInfo/rwot7/blob/master/draft-documents/Digital%20Credential%20Wallet.md Samantha Mathews Chase: Seaspan interested in hosting a hackathon or exploring security through DIDs and verifiable credentials Christopher Allen: https://github.com/WebOfTrustInfo/rwot7/blob/master/draft-documents/A_DID_for_everything.md Kim Hamilton Duffy: Did Ganesh talk about RIPs yet? Manu Sporny: Key recovery using navigating a path in a WebVR world Manu Sporny: Describes two cool outcomes from RWOT7: offline use cases, and fun game demo for memorizing a private key by walking through a 3d environment. Dave Longley: That's how "memory palaces" work Manu Sporny: Using memory palaces in immersive space to hide keys, walk through an environment and pick things to remember instead of remembering a long string of characters. Dan Burnett: Yes dlongley you are right. that example came up Samantha Mathews Chase: Yes, shout out for offline cryptography - Mike Lodder covered LC4 crypto method. [scribe assist by Manu Sporny] Samantha Mathews Chase: In that same two days, Wolf made it into an app that teaches you the muscle memory to encrypt messages easily. [scribe assist by Manu Sporny] Samantha Mathews Chase: So you can encrypt using a deck of cards... would be neat to see the first app pushed out at rebooting. I didn't think I'd be doing that in a million years and I loved it. [scribe assist by Manu Sporny] Joe Andrieu: https://github.com/WebOfTrustInfo/rwot7/blob/master/topics-and-advance-readings/five-mental-models-of-identity.md Joe Andrieu: https://github.com/WebOfTrustInfo/rwot7/blob/master/draft-documents/mental-models.md Joe Andrieu: Mental models of identities.. interesting directions, security mental model and continuity mental models .... triggered a conversation with nathan george, topology of identity 1,2,3 actors and more and fit that into an interesting frame work Christopher Allen: https://github.com/WebOfTrustInfo/rwot7/blob/master/draft-documents/resource-integrity-proofs.md Kim Hamilton Duffy: Resource integrity proofs, ganesh's paper, my main interest was verifiable displays, realized the problem could be solved with resource integrity proofs, RIPs not focused on displays but perhaps could be used together, solving for linked data that points to an immutable store, checking for tamper detection. If in your credential it points to a human readable display... paper is mostly done and would like some feedback Heather Vescent: <3 Kim Christopher Allen: If u wont be at tpac, go to IIW Samantha Mathews Chase: Thanks guys, I'll get better thanks for your patience Heather Vescent: Thanks all, bye. Christopher Allen: Thanks~
Received on Tuesday, 2 October 2018 23:33:01 UTC