- From: <kimdhamilton@gmail.com>
- Date: Sun, 18 Aug 2019 16:55:24 -0700
- To: Credentials CG <public-credentials@w3.org>
Thanks to Brent Shambaugh for scribing this week! The minutes for this week's Credentials CG telecon are now available: https://w3c-ccg.github.io/meetings/2019-08-13/ Full text of the discussion follows for W3C archival purposes. Audio from the meeting is available as well (link provided below). ---------------------------------------------------------------- Credentials CG Telecon Minutes for 2019-08-13 Agenda: https://lists.w3.org/Archives/Public/public-credentials/2019Aug/0048.html Topics: 1. Announcements and Reminders 2. DID WG Charter and outreach 3. Agents, Hubs, and More Organizer: Christopher Allen and Joe Andrieu and Kim Hamilton Duffy Scribe: Brent Shambaugh Present: William Claxton, Christopher Allen, Kim Hamilton Duffy, Joe Andrieu, Manu Sporny, Ted Thibodeau, Dmitri Zagidulin, Dave Longley, Adrian Gropper, Markus Sabadello, Sumita Jonak, Ryan Grant, Oliver Terbu, Brent Zundel, Brent Shambaugh, Moses Ma, Dan Burnett, Ganesh Annan, Kayode Ezike, Daniel Hardman, Benjamin Young, Jonathan Holt, Justin Richer, Daniel Buchner, Ken Ebert Audio: https://w3c-ccg.github.io/meetings/2019-08-13/audio.ogg William Claxton: Voip 7dc is wmclaxton Sumita Jonak: Kim sounds garbled Kim Hamilton Duffy: https://www.w3.org/community/credentials/join Kim Hamilton Duffy: https://www.w3.org/accounts/request Kim Hamilton Duffy: https://www.w3.org/community/about/agreements/cla/ Kim Hamilton Duffy: https://w3c-ccg.github.io/meetings/ Kim Hamilton Duffy: https://docs.google.com/document/d/1LkqZ10z7FeV3EgMIQEJ9achEYMzy1d_2S90Q_lQ0y8M/edit?usp=sharing Please be advised, my connection is spotty today, so I likely will be on mute mostly Brent Shambaugh is scribing. Kim Hamilton Duffy: Introductions. any new participants? Kim Hamilton Duffy: Danmcg would you like to introduce yourself? Or Karen ? Kim Hamilton Duffy: Sumita ? Sumita Jonak: This is Sumita from USAA Kim Hamilton Duffy: Reintroductions, Ryan Grant? Ryan Grant: My name is Ryan Grant, I run a company called Digital Contract Design. I am interested in btcr. ... I worked on the bitcoin reference implementation for DIDs Kim Hamilton Duffy: Next week we'll report on the btcr hackathon Topic: Announcements and Reminders Kim Hamilton Duffy: https://w3c-ccg.github.io/announcements/ ... the announcements are at the link. Are we still having decicated DID calls? Kim Hamilton Duffy: https://zoom.us/j/7077077007, 1-2:30PM PT / 20:00-21:30 UTC Markus Sabadello: Yes, we will probably be shifting to DID resolver now that the DID spec has been published. Kim Hamilton Duffy: Thursdays Markus Sabadello: https://docs.google.com/document/d/1qYBaXQMUoB86Alquu7WBtWOxsS8SMhp1fioYKEGCabE/ Kim Hamilton Duffy: https://www.meetup.com/Vienna-Digital-Identity-Meetup/events/262359964/ Kim Hamilton Duffy: September 1st, Vienna meetup right before RWoT in Prague Kim Hamilton Duffy: https://www.weboftrust.info/ ... we can take the train afterwards to prague. Kim Hamilton Duffy: http://rwot9.eventbrite.com ... Sept 3-6 it RWoT 9 in Prague Kim Hamilton Duffy: https://dustycloud.org/blog/activitypub-conf-2019/ ... then september 7-8 is an activity pub conference in prague Kim Hamilton Duffy: https://mydata2019.org/ ... TPAC is sept ??? in Fukuoka Japan Daniel Hardman: I can't get onto SIP. sip:ccg@96.89.14.196 doesn't connect for me in linphone, and US phone: +1.540.274.1034 x6306 (the number given in github page instructions) makes me the only participant in the call. Daniel Hardman: How is everybody else dialing in? ... Then MyData in Helsinki, more info at the link Joe Andrieu: Two things: the deadline for the RWoT discount is this friday. ... please get you paper in to get the discount. Joe Andrieu: https://www.eventbrite.com/e/holochain-hackathon-in-prague-tickets-68086108383 ... the other item is a holochain hackathon in prague following our event at the same venue Topic: DID WG Charter and outreach Manu Sporny: https://lists.w3.org/Archives/Public/public-new-work/2019Aug/0000.html Manu Sporny: The DID WG charter is open for review by the public ... anyone can provide comments ... if you are not a W3C company, but want to support the work, you can send a supportive email. ... companies and universities are the main focus, especially large, multi-billion dollar companies. ... but everyone should respond and say they are supportive. ... please abstain from making "anti" statements ... be positive Manu Sporny: https://www.w3.org/2002/09/wbs/33280/did-wg-2019/ ... please reach out to your networks and have them respond. ... the actual vote (for W3C members) can be made by following the other link ... we are looking for 22 members to vote positively, but hoping to get much more than that. ... don't wait ... we've got two weeks to drum up support Manu Sporny: I am personally going to send out the link to other W3C AC members Kim Hamilton Duffy: A question, I'm no longer a W3C member. What can a multi-university consortium do? does the W3C care about them? Manu Sporny: https://lists.w3.org/Archives/Public/public-new-work/2019Aug/0000.html Manu Sporny: Yes, they would like new members, so they are interested in ensuring the success of the recommendations and technology. Manu Sporny: Mail actions: [ respond to this message ] Kim Hamilton Duffy: Even if it isn't a company Manu Sporny: Yes, follow the link to directly respond to the message. ... at the bottom is the link to respond. Joe Andrieu: What is the next step for the DID spec? ... markus_sabadello did some work to publish Manu Sporny: https://w3c-ccg.github.io/did-spec/CGFR/2019-08-10/ Manu Sporny: Markus_sabadello did a fantastic job getting the spec published. the chairs need to call for approval of the community group to hand over the spec to the working group. ... asking for objections to making this the community group final report. Manu Sporny: Chairs should use the button on this page: https://www.w3.org/community/credentials/ ... after a week or so without objections, that will carry. then the chairs should use the Manu Sporny: Can the chairs check that on the call? ... "publish report" button ... only the chairs have the power to publish the report. Manu Sporny: https://www.w3.org/community/credentials/spec/publish ... at that point it will give you a link ... you put the URL markus_sabadello provided, but only after the 7 day vote. Manu Sporny: To distill: chairs ask for a 7 day review, then publish, then ask everyone to make IPR commitments. ... that enables the DIDWG to pick it up and move forward. Joe Andrieu: Do we need help from staff to publish to a W3C domain name? I can follow up Dan Burnett: If someone made a contribution, but don't agree. It doesn't mean the WG can't use the document, but the group may need to remove the content that hasn't been agreed to ... that's why it is so important to make thies IPR commitment Markus Sabadello: People can continue to raise PRs and Issues, they will be carried over to the WG Dan Burnett: People may find this useful as background: https://www.w3.org/community/about/agreements/summary/ Manu Sporny: https://github.com/w3c-ccg/did-spec/graphs/contributors ... so if you see needed changes, you don't need to object. Manu Sporny: These are the people who need to be chased down: manu, dave, daniel hardman, amy guy, drummond, etc. Kim Hamilton Duffy: To reiterate: Christopher already sent out the DID WG charter for review. ... we have maybe 5 days left. If no objections are filed by the CCG my then , it will be accepted by the group. Topic: Agents, Hubs, and More Kim Hamilton Duffy: https://docs.google.com/presentation/d/1zeoIwdYPItgXjjqeUcqDGUCJ-tfx-k__H3ry5Uu1UK0/edit?usp=sharing Dan Burnett: To clarify on GitHub issues, the WG will make a decision about how it wants to proceed. We will (strongly) encourage the WG to copy all existing issues to the new WG. Kim Hamilton Duffy: No need to scribe, because the presentation has the contents ... this has been discussed many places, but not here yet. So this is an informational session. ... please add yourself to the queue if I mess up :) Kim Hamilton Duffy: Slide 3: we will invite experts to give deep dives on each method Kim Hamilton Duffy: https://medium.com/decentralized-identity/rhythm-and-melody-how-hubs-and-agents-rock-together-ac2dd6bf8cf4 Kim Hamilton Duffy: Slide 6, the medium post is a really good starting point Kim Hamilton Duffy: Slide 7 - sometimes it is unclear what is meant by the terminology e.g., storage, wallets, protocols Kim Hamilton Duffy: Slide 8 has secure data hubs added in ... the callout markers are not intended to have anything to do with positioning in the venn diagram Manu Sporny: I really like this additive approach. I'm wondering if there is a progression where we'll see Solid Pods added in. Kim Hamilton Duffy: I would be interested in that informally. Dmitri Zagidulin: I'd certainly be interested in helping fit Solid Pods into that venn diagram ... Solid profiles have a lot of interesting characteristics. Similar to DIDs ... pods are meant for self sovereign dat storage. picking apart the terminology will be important Christopher Allen: I wanted to add. there are a number of other parties who may want to contribute their stacks. IPFS Agorics, the solid folk. a few others from the DWeb camp ... these three in the slides may be just the beginning. Kim Hamilton Duffy: We have a few folk, they have experience in these various other things. Jonathan Holt: Aries agents - are there other agents? Kim Hamilton Duffy: I've only encountered that in the informal sense Adrian Gropper: Quick comment. it would be nice in this overview to introduce aspects of privacy or privacy engineering across the different aspects Manu Sporny: https://w3c-ccg.github.io/credential-handler-api/ Manu Sporny: Agents is such a broad thing, a lot of things could fall underneath. the credential-handler-api is it an agent? It is dumb, but can be used as a conduit for credential exchange ... I'm also concerned we're going to run out of time Joe Andrieu: +1 For holding the queue Manu Sporny: +1 For holding the queue Kim Hamilton Duffy: What I'm inclined to do is to keep the current queue, and plow through the slides. Justin Richer: Sorry I forgot to open the chat, can someone point me to the slide deck? Justin Richer: @Manu thanks Kim Hamilton Duffy: http://www.cis.syr.edu/~wedu/Teaching/CompSec/LectureNotes_New/Capability.pdf Kim Hamilton Duffy: I encourage you to take a look at that Kim Hamilton Duffy: Slide 11 - ... I need to understand more about Authorization Method agnostic Kim Hamilton Duffy: Query/search of encrypted documents feels maybe out of place for a base-level spec Kim Hamilton Duffy: I feel like I've done the least justice to agents - slide 12 Kim Hamilton Duffy: The interesting thing (referring to slide 7) the data oriented vs the action oriented makes a lot of sense. ... there seems to be a clear set of things that agents are doing that makes sense. Adrian Gropper: This sequence diagram might be helpful: https://www.websequencediagrams.com/#invite=KJKVCyJ03X&from=agropper%40gmail.com&name=Public ... there are clear things happening elsewhere Kim Hamilton Duffy: I want to set up a straw man: identity hubs/secure data hubs are both storage level ... we need to tease apart the goals and responsibilities of both. Daniel Buchner: I was originally on the queue to say at microsoft, we are working on an enterprise agent to hold keys ... on the hubs/agents slide. Hubs does describe actions. ... we recognized that task-based flows follow the same paradigm. It generalizes the process so you don't need a bunch of protocols for different events. Joe Andrieu: I want to throw holochain into the mix, how does it fit in this conversation? ... also, we haven't sent out the email for review of the final did spec. Manu Sporny: One of the things we may be missing is the use cases that led to the current designs. for example, ... secure data hubs is I have a wallet with things I feel are mine. the spec came from the desire to prevent a digital storage provider from being able to snoop ... also portability, I don't want to be locked into my data provider ... the third thing: what is the minimal set of features other communities could use to build on top of ... secure data hubs are agnostic to authorization mechanisms so they can be used by many different organizations. Dave Longley: I think "strawman 2" is probably pretty close ... secure data hubs are more fundamental and only focused on storage that is encrypted/decrypted client-side ... vs. identity hubs seem to do more and have more relaxed characteristics but need a storage backend ... and agents clearly have different responsibilities Kim Hamilton Duffy: I can answer that kezike -- no there is no dedicated presentation for each, but we do give a brief overview in groups ... the secure/encrypted search is important because otherwise the server will be able to peek inside your data. avoiding surveillance capitalism Joe Andrieu: Gotta run. thanks, all. Kim Hamilton Duffy: We are at time Kim Hamilton Duffy: Sorry kezike, did that answer your question? I wanted to give Daniel a chance to respond Daniel Buchner: When we talk about low level things. hubs allow search tags that are not encrypted because when we look at methods for doing this are really expensive. ... is it really possible for this to scale? Manu Sporny: We spent a lot of time making sure the design is compute-efficient. we can go into that in more detail in the future. Daniel Buchner: So you're pushing indexes from the client to the server that are hash keyed? Kim Hamilton Duffy: That can be a follow up session Manu Sporny: Daniel, effectively,yes... with some handwaving :) Kim Hamilton Duffy: I have a lot of questions about how that happens Ryan Grant: I'd like to understand the encryption/search design better as well. Daniel Buchner: Just trying to figure this out, because we looked at multiple ways to do this, and all sort of break when you take it out of cottage industry/hobbyist realm Daniel Buchner: We think we have something that works at the enterprise level :) [scribe assist by Manu Sporny] Manu Sporny: But would love feedback on it, happy to share our solution in this group.
Received on Sunday, 18 August 2019 23:55:52 UTC