[MINUTES] W3C Credentials CG Call - 2018-08-21 12pm ET

Thanks to Drummond Reed for scribing this week! The minutes
for this week's Credentials CG telecon are now available:


Full text of the discussion follows for W3C archival purposes.
Audio from the meeting is available as well (link provided below).

Credentials CG Telecon Minutes for 2018-08-21

Action Items:
  1. Manu to draft survey in support of DIDs.
  Christopher Allen and Joe Andrieu and Kim Hamilton Duffy
  Drummond Reed
  Christopher Allen, Dave Longley, Joe Andrieu, Dan Burnett, Markus 
  Sabadello, Heather Vescent, Mike Lodder, Manu Sporny, Ganesh 
  Annan, Nathan George, Jeff Orgel, Ted Thibodeau, Ryan Grant, 
  Bohdan Andriyiv, Kayode Ezike, Chris Webber, Drummond Reed, 
  Kaliya Young, Lionel Wolberger

Dave Longley: Regrets+ Dave_Longley
Joe Andrieu: Howdy.
Dan Burnett: Regrets+
Joe Andrieu: I'm having troubles dialing in.
Manu Sporny: Preesnt+
Nathan George: Regrets+
Drummond Reed is scribing.
Joe Andrieu:  We have four focus use cases to go over today.
Heather Vescent: Yes, that is correct, and I can be pithy.
  ...time may be tight, so we'll carry on other use cases with 
  future calls.
Heather Vescent:  Has been in the identity community for a long 
  time. Is a translator person—thinks about identity from a human 
  ...was in silicon valley for 10 years, then got her masters and 
  became a trained futurist.
  ...has done many projects in the identity space. About 5 years 
  ago, did a major project on the Digital Asset Grid with SWIFT.
  ...is passionate about helping translate the "deep dark hole of 
  identity" to the real world.
  ...has been spending the summer working with identitywoman and 
  others in the space (including Markus - big help) and others on 
  the CCG to write a report explaining SSI.
  ...it explains why SSI can solve many of the longstanding 
  problems in the area of identity. It goes into 10 areas of 
  analyzing the space.
Heather Vescent: https://ssiscoop.com/
  ...The report was written for a C-level audience to help them 
  understand the space and also educate regulators and other 
  ...It is a 132 page report. Heather will provide a URL. If you 
  are interested in buying a copy, contact heathervescent or 
  ...They hope it will advance the work we are all doing.
  ...The price point actively funds the work that heathervescent 
  and identitywoman are doing for the community.
Manu Sporny: +1 Awesome work!
Joe Andrieu:  Announcements. MyData2018 is coming up Aug 29-31 in 
Heather Vescent: Here's also my book, Cyber Attack Survival 
  Manual, if you are interested: 
  ...Aug 24 is the deadline for early bird pricing for Rebooting 
  the Web of Trust.
  ...the topic paper deadline is Sept 8th
  ...please submit your topic papers prior to that date - that 
  enables other people to read them.
  ...please do submit a short brief paper - 1-2 pages is 
  ...W3C TPAC is Oct 23-26
  ...Internet Identity Workshop is October 23-25 in Mountain 
  ...unfortunately there is a conflict this year but nothing we 
  can do about that.
Markus Sabadello:  There is one slot open next week at MyData2018 
  for a speaker to replace Dimitri. If you are interested, get in 
  touch with Markus.
  ...that comes with a free ticket, so let Markus know.
Markus Sabadello: Contact me at markus@danubetech.com if you're 
  interested to do a 10 min talk next Friday at MyData on a topic 
  related to decentralization, interoperability, identity, 
  protocols, standards.
Manu Sporny:  About W3C TPAC: two notes. There will likely be a 
  workshop on Decentralized Identifiers in December (date TBD).
  ...at TPAC, Manu also anticipates a lot of meetings and 
  socialization on DIDs.
  ...We have an early spec and a primer, but we still need use 
  ...We need to start to gather statements of support, ideally 
  from very large organizations, for the new WG.
  ...The deadline for all this is two weeks before TPAC.

ACTION: Manu to draft survey in support of DIDs.

Drummond Reed:  Service addressing/naming changes to spec... 
  issues to spec. [scribe assist by Manu Sporny]
Drummond Reed:  Several new PRs have been submitted on the DID 
  spec, including service selection. He suggested that we will 
  likely need a few special calls in September.
Manu Sporny: 
Mike Lodder: Is this IPFS?
Benjamin Young: http://ipfs.io/
Manu Sporny:  He has been working with the Protocol Labs team on 
  the multihash IRC. They use cryptographic identifiers that are 
  similar to those used by Sovrin and by Veres One.
Benjamin Young: https://protocol.ai/
Ryan Grant: Those are not persistent identifiers...
  ...Protocol Labs raised $230M for FileCoin to build a 
  decentralized storage system "for the galaxy".
  ...They use some of the same building blocks as other SSI 
Manu Sporny: 
  ...They use Ed25519 keys and other primitives, so if we can 
  align this across the community and can work with Bitcoin and 
  Ethereum in addition to Sovrin and Veres One and IPFS.
Bohdan Andriyiv: @Manu What is the difference between crypto 
  identifiers and DIDs? Any source to read about it?
Joe Andrieu:  Four use cases that need to reported out today. 
  cwebber2 will report on one of them. Anil John has one but is 
  still going through IPR checks.
Mike Lodder: @Drabiv DID's are a crypto identifier
  ...All of the ones submitted are candidates that are in the 
  needs map for what can be done with DIDs.
  ...This needs to be boiled down to three.
Bohdan Andriyiv:  My take is that the crypto identifiers are 
  hashes of documents that can be linked to, but they are not 
  usable if a document changes. [scribe assist by Ryan Grant]
Drummond Reed:  This means DIDs have a different place for 
  persistent identifiers. [scribe assist by Ryan Grant]
Heather Vescent: I can bring my editing knives to the table! 
  Count me in!
  ...Asks if heathervescent will have time for helping with the 
  use cases.
Ryan Grant:  Drabiv sorry meant to tag you not drummond [scribe 
  assist by Ryan Grant]
  ...We will probably have some separate calls to push through 
  the first draft at least.
  ...He would like to have a third volunteer on that work as 
Joe Andrieu: 
  ...We will now dive into the use cases, starting with #16.
Heather Vescent:  The use case is "Collective Identity".
  ...This is different that many others, as is doesn't involve 
  individuals directly, but as a group working together on a 
  ...These individuals are acting collaboratively, for example as 
  organizers of an event like Barcamp or RWOT.
  ...the individuals may be acting in different roles, managing 
  finances, producing documents, organizing events.
  ...different people have different capabilities to do things on 
  behalf of the collective.
Joe Andrieu:  As soon as a group enters into a partnership 
  (formal or informal), they have collective liability. In terms of 
  this use case, was Heather thinking about this?
Kaliya Young: One of the people in my network David (last name 
  escaping me) is working on minimal viable governance to support 
  this type of use case.
Heather Vescent:  Yes, the legal organization and structure of 
  the group entity is a great question.
Kaliya Young: HE is actually working on spinning up a journal 
  about Governance and another one about trust.
  ...she is looking at this is to NOT address those specific 
  legal structures, but a new lightweight legal entity that would 
  be similar to an autonomous organization.
  ...it is new, much like a B corp was new to corporate 
Kaliya Young: Yes Drummond AND you need to anchor it and he is 
  specifically looking at how things come into being rapidly doing 
  things and disband.
Christopher Allen:  Is an advisor to new blockchain law creation.
  ...Due to the nature of LLCs, the ownership can be quite 
  complex. There is no reason that a cryptographic identifier 
  cannot mirror that complexity, such as a multi-sig scheme.
  ...LLCs were actually invented in Wyoming, with one goal of 
  preserving the privacy of investors.
  ...so this work is compatible and in the same spirit. So 
  Wyoming is looking at how to adapt LLC law to blockchains.
Lionel Wolberger:  Finds this approach exciting and wants to ask 
  if this form of collective identity could be applied to 
  ...as it is a hot subject.
Heather Vescent:  One of the major issues with blockchain tech 
  early on was that it did not mesh well with the real world of 
  people, so she's very interested in that.
Bohdan Andriyiv:  See https://ipld.io/ for more on ipfs CID idea. 
  [scribe assist by Ryan Grant]
Joe Andrieu:  The next use case is #17: Transaction 
Christopher Allen: Wyoming law: 
Heather Vescent:  Inspired by a trip to Alaska.
  ...Every night had to stay in a new hotel; every night having 
  to give her identity info; had it stored all over in many 
Christopher Allen: (Xlviii) "Network signature" means a string of 
  alphanumeric characters that when broadcasted by a shareholder to 
  the network address's corresponding distributed or other 
  electronic network or database provides reasonable assurances to 
  a corporation that the shareholder has knowledge or possession of 
  the private key uniquely associated with the network address;
Ryan Grant:  Thanks! [scribe assist by Bohdan Andriyiv]
  ...Wouldn't it be great if she did not have to give her PII at 
  every location.
  ...AirBNB host she knows asks every guess to send a photo of 
  their driver's license—very dangerous.
Mike Lodder: NSA Michael Hayden infamously stated, “We kill 
  people based on meta- data”
  ...Is there a way that we can make it so that guest can have 
  their data secured.
Christopher Allen:  There seems to be a "weird alignment" with 
  KYC here.
  ...The requirements are protecting the company offering the 
  service vs. the individual.
  ...the idea of protecting the commercial interest of the 
  corporation is more valid.
Heather Vescent:  For a period, AirBNB offered Amex card holders 
  a special deal, thus piggybacking off of the KYC that Amex had 
  ...this was a creative triangulation of KYC (Know Your 
Joe Andrieu:  He's curious how much this data is used for law 
Heather Vescent:  Having talked to a law enforcement official, 
  she believes it would not interfere with that work.
Joe Andrieu:  Is curious what the regulatory frameworks are in 
  this area.
Christopher Allen:  Has done a little analysis on the KYC area, 
  and in general the laws are not explicit about the data. They are 
  interpreted by lawyers very conservatively.
  ...There are very few explicit requirements.
Joe Andrieu:  Next use case is #18
Heather Vescent:  2012 She worked for SWIFT and did several 
  future scenarios on the future of transactions. The work was 
  centered around a platform for the banks that was essentially a 
  digital safe deposit box.
  ...she revisited the use cases there since the are closely 
  aligned to those of the CCG.
  ...the motorcycle sale example from SWIFT could be adapted to a 
  gun purchase or anything bought/sold with a lot of regulatory 
  ...It was not meant to take a position on regulation, just to 
  address how regulations could be met with the technology.
  ...the use case covered both buying from a dealer and from a 
  private party.
  ...she thinks this is one of the "juiciest" use cases.
Ryan Grant: Agree that it's juicy!
  ...it could solve the problem of "the wrong people getting guns 
  in their hands".
Joe Andrieu:  Wants to see Heather supported in terms of this 
  process with a team helping on these.
  ...to put these use cases through W3C to publish a note from 
  the CCG.
  ...He invites Heather to bounce off ideas about what such a 
  note would look like.
Heather Vescent:  Wants to serve the community and help build the 
  standards and what can be built on top.
  ...One next step is prioritizing these use cases. She also has 
  ideas on how to collaborate on these, including what is needed to 
  support the DID WG formation process.
Joe Andrieu:  Hopes to get all 20 use cases in the overall 
  ...3 of those would be chosen as "DID focal use cases".
  ...it will be sad that we can't go deep on all of them.
  ...if someone wants to go much deeper on these, that's still 
  work Joe would like to support.
Heather Vescent:  Needs at least 2 other people who would be 
  equal partners to move it forward.
Christopher Allen: I'm interested in the collective use case, not 
  only from a DID perspective, but also the cryptographic 
Bohdan Andriyiv:  Wanted to add his two cents to the group 
  identity use case. He believes it's quite important.
Christopher Allen: …Maybe RWOT?
  ...He was thinking about this use case as he was designing 
  ...Multiple people working together can have individual 
  accounts compromised, so this should be addressed.
Joe Andrieu:  Likes group identity as potentially a focus use 
  case, and this may be a good candidate.
Heather Vescent: Are we meeting next week/
Joe Andrieu:  Thanks to Heather for leading us through these use 
Heather Vescent: ?
  ...We are meeting next week, but we are NOT meeting the day 
  after Labor Day.
Heather Vescent: Thanks everyone for your comments.

Received on Saturday, 15 September 2018 03:13:47 UTC