- From: W3C CCG Chairs <w3c.ccg@gmail.com>
- Date: Tue, 04 Aug 2020 10:32:08 -0700 (PDT)
Thanks to for scribing this week! The minutes for this week's Credentials CG telecon are now available: https://w3c-ccg.github.io/meetings/2020-07-28 Full text of the discussion follows for W3C archival purposes. Audio from the meeting is available as well (link provided below). ---------------------------------------------------------------- Credentials CG Telecon Minutes for 2020-07-28 Agenda: undefined Topics: 1. Introductions 2. Reintroductions 3. announcements and reminders 4. GLEIF Organizer: Kim Hamilton Duffy and Wayne Chang and Heather Vescent Scribe: Present: Wayne Chang, Heather Vescent, Christoph Schneider, Markus Sabadello, Orie Steele, Brent Zundel, Kaliya Young, Jonathan Holt, Manu Sporny, Margo Johnson, Chris Winczewski, Juan Caballero, Adrian Gropper, Moses Ma, Jeff Orgel, Carla Casilli, Dan Burnett Audio: https://w3c-ccg.github.io/meetings/2020-07-28/audio.ogg Christoph Schneider: Hello? Wayne Chang: Hi there Christoph Schneider: Hi :-) I am a little bit lost - how does this conference work? Christoph Schneider: We will get going momentarily [scribe assist by Wayne Chang] Christoph Schneider: OK Wayne Chang: I think there is an ongoing IETF event, which may make some people late +Present Orie Steele: I cna scribe Wayne Chang: Scribe+ Orie Orie Steele: Scribe+ Topic: Introductions Wayne Chang: Anyone new want to introduce themselves? [scribe assist by Orie Steele] Topic: Reintroductions Wayne Chang: Dlongley, brent? [scribe assist by Orie Steele] Brent Zundel: I am brent zundel, I am software architecture, crypto / standards guy at everynym.... been in the community for years now... chair of the did spec... [scribe assist by Orie Steele] Margo Johnson: I work with transmute, head of product, work with orie, karyl and guillaume... focused on global supply chain [scribe assist by Orie Steele] Topic: announcements and reminders Wayne Chang: Product, work with orie, karyl and Wayne Chang: https://w3c-ccg.github.io/announcements/ Wayne Chang: Identiverse is still happening [scribe assist by Orie Steele] Wayne Chang: https://github.com/w3c-ccg/community/issues/145 Orie Steele: ... Recently we started work on a response to NIST digital identity standards document... we are constructing a response as a work item, thanks to nadar from mattr for raising thing Orie Steele: ... They are discussing US federal and global standards... Wayne Chang: https://github.com/w3c-ccg/community/issues/94 Wayne Chang: We are reviewing IPR process for ^ [scribe assist by Orie Steele] Orie Steele: ... Manu can you give an update? Manu Sporny: This item, is about the process we will use in this group to update the VC Spec. [scribe assist by Orie Steele] Kaliya Young: I was just going to say that this week there is a conference on that folks might be interested in RightsCon.org Orie Steele: ... The spec, became a global standard a while ago, this group is responsible for maintence... fixing bugs, updating prose, publishing pre-standards... we can signal to the world what other things we want to do... Kaliya Young: Sorry about that, i wasn't eyeing the queue as closely as i would've liked [scribe assist by Wayne Chang] Manu Sporny: https://docs.google.com/document/d/1zpmxkY0mefzZf47GXNM0qC83lBEhyaRSBmf4NJpaa6M/edit Orie Steele: ... Dan burnett and i put together a process for this.... we have revised it. Orie Steele: See link. Orie Steele: ... The group needs to comment on the document.... it feels complete, last call for objections Wayne Chang: https://github.com/w3c-ccg/community/issues/134 Wayne Chang: Thanks for the update, next another work item update... [scribe assist by Orie Steele] Markus Sabadello: Did resolution one of the oldest work items, originally we were developing a seperate spec for did resolution to be paired with did core data model and syntax... [scribe assist by Orie Steele] Orie Steele: ... We wanted a spec that defined resolution... resolution and dereferencing... scope has changed a bit since the last DID WG F2F.... DID Core now covers parts of resolution. Orie Steele: ... Did wg has added some parts of resolution to did core... there is a section that defines inputs and outputs.... Orie Steele: ... We are also discussing representation of meta data... the scope has shifted a bit... Orie Steele: ... Did resolution spec work has slowed, but we have updated to sync with developments in did wg Orie Steele: ... For example how metadata is represented. Orie Steele: ... Now we distinguish between resolution meta data, and did document meta data... Orie Steele: ... Matrix params have been removed, did params use query strings... Orie Steele: ... Did resolution spec will still be useful, but some of it is now present in did core. Orie Steele: ... Did resolution also covers resolver architectures, hosted service vs local.... how is fragment handled... can a resolver act a proxy for other resolvers.... how is that reflected in meta data Orie Steele: ... Trust in the resolver, architecture questsions, how are did parameters being processed, etc.... did resolution spec will continue to address these concerns Orie Steele: ... Did core wg only covers the abstract interface. Orie Steele: ... We have regular calls, switched to bi-weekly Orie Steele: .... Link to the meeting page will be in IRC, happy to answer questions Markus Sabadello: https://docs.google.com/document/d/1qYBaXQMUoB86Alquu7WBtWOxsS8SMhp1fioYKEGCabE/ Wayne Chang: Thanks for updates, identity_woman announcements? [scribe assist by Orie Steele] Markus Sabadello: https://w3c-ccg.github.io/did-resolution/ Kaliya Young: There is a conference this week, speaking about id for development, and a conversation at rights con, virtual conference... its free. [scribe assist by Orie Steele] Wayne Chang: Update on ccg diversity, heather> [scribe assist by Orie Steele] Juan Caballero: https://rightscon.course.tc/2020/events/agenda/ for the late-joiners :D Heather Vescent: Since i ran on diversity platform, I am providing an update... looking for participation moving forward. [scribe assist by Orie Steele] Orie Steele: ... Looking for successfuly characterstics, in the form or role models... Heather Vescent: https://w3c.github.io/PWETF/ Orie Steele: ... What the landscape, how does W3C Diversity & Inclusion group relate... Orie Steele: ... See link in chat... this is just happening this month, getting shared with the rest of W3C. Orie Steele: ... Another thing the group is doing, is a statement for black lives matter Orie Steele: ... I am looking to connect with diversity leaders in companies, to gather info Orie Steele: ... Looking for a co-lead, for leadership... i plan to run this project as a benevolent dictator... roles will be research, writing, design... goal is to develop a stragy for this community Orie Steele: ... That we can implement with out resources. Orie Steele: ... I am collecting stats, on presence and speaker time Orie Steele: ... If you are interested, contact me... i will call for volunteers again later Manu Sporny: +1 To the work -- +1 to diversity initiative. Wayne Chang: Awesome work, we need to be inclusive to make standards for everybody [scribe assist by Orie Steele] Orie Steele: ... Next topic Manu Sporny: Appreciate Heather taking that up Topic: GLEIF Wayne Chang: https://lists.w3.org/Archives/Public/public-credentials/2020Jul/att-0100/2020-07-28_Accelerating-Digital-Identity-with-the_LEI-W3C-CCG_v1.0_draft.pdf Wayne Chang: Speakers are carla and chistof, GLEIF standards for global legal identifier foundaton... eager to hear their use case, [scribe assist by Orie Steele] Carla Casilli: Thanks for the opportunity, we are relatively new. we manage the LEI, and we are looking at how this is related to VC issuance and verifiacation. [scribe assist by Orie Steele] Orie Steele: ... Will be providing some background, why LEI was created, what it addresses, then cover the opportunity Orie Steele: ... Christoff will cover the mechanics Orie Steele: ... Then we will look at specific use cases. Orie Steele: ... What is an LEI? Orie Steele: ... Originated in the last financial crisis 2008... global regulaters sought an indentifier for legal entities as we saw finance firms failing Orie Steele: ... The industry has some standards, but identifying who was legally responsible... everyone had different systems... made regulators job hard, for example when lehman went down... Orie Steele: ... Also they missed the dependecy lehman had on AIG... and the gauruntees / exposure for lehman. Orie Steele: ... The industry was asked to engauge with regulators, and LEI was born as an ISO standards Carla Casilli: You will see on slide 4, ISO17442 [scribe assist by Orie Steele] Carla Casilli: The code is stood up by reference data, legal form, address... as well as relationships [scribe assist by Orie Steele] Orie Steele: ... All capped in the global system, which GLEIF manages Orie Steele: Gleif.org Orie Steele: ... Free access for all users Carla Casilli: An LEI is assigned once, it stays with it for life [scribe assist by Orie Steele] Orie Steele: ... Historical data persists... historical data is retained. Orie Steele: ... Uniquely tied to financial services... but its also used to identify firms, trusts, foundations, or individuals activing in a business capacity Orie Steele: ... We looked at how LEI can be useful in a digital world for proving identity and digital transactions Orie Steele: ... We looked at embeding the LEI to identify a person at an org in a role, in standard X509 Orie Steele: ... Intially sovrin, evernym helped look at how LEI could be leveraged in VCs Orie Steele: ... We took the same use case, for regulatory filing with a legal entity Orie Steele: ... Like a financial report... tested with PoCs on ethereum and hyperledger indy Orie Steele: ... People act on behalf of an organization... although these credentials are designed with schemas... we designed these for public discoversability of employee credentials Orie Steele: ... For example, who is the CEO of org... Orie Steele: ... We are doing more standards work with ISO to cover langauges and roles ... Orie Steele: ... GLEF stephan wolf, CEO of GLEIF, for example Orie Steele: ... We put this credential in a wallet, and anchor it to a blockchain Orie Steele: ... We have the credentials in organization wallets, person can engage in regulatory filings. Orie Steele: ... We could expand these assignments for VCs in day to day business as well. Orie Steele: ... Slide 11, digitial identity chain of trust... we take an identifer from a trusted network like sovrin, we take that number, evaluate an certify LEIs, and VCs containing LEIs Orie Steele: ... Also interested in extending to 3rd parties Orie Steele: ... The digitial LEI will then issue another ... (sorry) Orie Steele: ... The org, person, the role... is the focus of the credential Orie Steele: ... We have an issuance chain, but also a verification chain of trust all the way back to GLEIF Orie Steele: Christoff: can everyon here me? Orie Steele: ... Staring on slide 12... lets look at person representing entity can benefit form VCs Orie Steele: ... GLEF manages root of chain of trust, the LEI issuers... next to that Digital LEI issuer, which fills out the issuance to legal entities Orie Steele: ... There are 2 roles, but they can be held by the same organization Orie Steele: ... 2 Roles can be combined but don't have to Orie Steele: ... LEI user consumes LEIs and VC content Orie Steele: ... Moving to slide 14 Orie Steele: ... Our PoC on sovrin... gleif receives s vc which enables issuance, a digital lei issurer credential. Orie Steele: ... Gives them certifiaction that they are part of the system... Orie Steele: ... The LEI issuer to an entity... paving the way for a VC... Orie Steele: ... Legal entity that has an LEI, cna request from the digital lei issue a VC Moses Ma: Carla and Christof, this is great work, do you have contact information you can share? I'd like to ask a few specific questions offline? Orie Steele: ... Slide 18.... part fo this request is the digital lei issuer requesting information for GLEIF system Orie Steele: ... Verification and validation, 3rd party checks, all important Orie Steele: ... Moving on slide 19... Digital LEI issuer, can issue to the legal entity... equiped with this, the legal entity can now issue credentials to employees Orie Steele: ... For internal or external use Orie Steele: ... What are the benefits? Orie Steele: ... If a person acting in a role of an entity, as a credential which is linked to the entity, lots of powerful stuff can be simplified. Orie Steele: ... Purchasing related to businesses can be supported by these VCs, onboarding, KYC.... Orie Steele: ... When you do business, you need to know and trust your counter party Orie Steele: ... Slie 21... specific public roles, like director or officer of legal entity Orie Steele: ... Usually these persons are already publically discoveralbe Orie Steele: .... A legal entity can report back the public discoverable roles Orie Steele: ... Digital lei issuer, can put this into global public central registries Orie Steele: ... Public information does not contain PII, or company... Orie Steele: ... You would see there is a CEO, not the name Orie Steele: ... Data subjects must agree to disclosure Orie Steele: ... Slide 24, global register Orie Steele: ... Slide 25 covers use cases, business transactions and regulatory reporting. Orie Steele: ... In our PoC we covered real companies and regulators Orie Steele: ... Slide 26: on the GLEIF website, the complete LEI data pool, we can add reported publically discoverable roles Orie Steele: ... For example, CEO and financial analyst Orie Steele: ... Allows a user to request more into, which allows for additional discolsure... whihc leads back to the chain of trust. Orie Steele: ... We can heck the user, entity, issuer chain is verified Orie Steele: ... Slide 27 covers technical architecture, it was easy... we created fully functional PoC. Orie Steele: ... See issuance, request for verification, leveraged exisitng building blocks, sovrin, hyperledger indy, we leveraged VON network and BC GOV hyperledger indy based system for state certificated Orie Steele: ... We had help from everynm to put the bits together Orie Steele: ... Small integration layer, and application layer. Orie Steele: ... We don't focus much on mobile apps, we focused on desktop applications for the corportate use case. Carla Casilli: Thanks christoff.... so for use cases.. [scribe assist by Orie Steele] Orie Steele: ... We summarized the ones we are seeingg, and future PoCs Orie Steele: ... 1. Focused on filers / reporter to regulators... feedback from regulators was the use case could be expanded to 3rd party filers Orie Steele: ... And auditors.. the flow would be extended. Orie Steele: ... We see big potential into client onboarding and kyc Orie Steele: ... Trusted proof of who can sign / commit an organization, as a client for onboarding... Orie Steele: ... Further on, bring additional trust to KYC Orie Steele: ... We also see huge applications for import / export customs process for supply chain Orie Steele: ... Both international and domestic supply chain transactions with embedded LEIs Orie Steele: ... Especially useful for working with VCs, connected to the financial services... very helpfulf or supply chain related payments. Orie Steele: ... Also appliation for trusted supplier /provider and member networks. Orie Steele: ... Also payment providers where regulators are part of the ecosystem... Orie Steele: ... Sanction screening, anti-laundering and counter-terrorism managment... all possible places where LEI might help Orie Steele: ... Business licenses... linking with international identifiers.. Orie Steele: ... In order to share info and protect data... especially in relation to things like GDPR Orie Steele: ... Share relevant facts, support ZKPs... Orie Steele: ... At the discresssion of the holder. Orie Steele: ... Last oint...credential with LEI can be very powerful. Orie Steele: ... They can survive even changes to the reference data that supports the LEI Orie Steele: ... Very helpful for organization identity Orie Steele: ... Credential does not need to be revoked, because of changes to reference data. Carla Casilli: Questions? [scribe assist by Orie Steele] Wayne Chang: Lets go the q [scribe assist by Orie Steele] Manu Sporny: Hey carla an christoff... great background... curious about timeline. [scribe assist by Orie Steele] Orie Steele: ... Seems like VCs are valuable to LEI... any indiation of number of PoC / Pilots / Production systems? Orie Steele: ... If its still years out, we would love to know whats holding it up, challenges / features... Carla Casilli: We are in the middle of evaluating next steps for GLEIF... [scribe assist by Orie Steele] Orie Steele: ... What role we should play moving forward... Orie Steele: ... Closest to production is.... use case number 5, payment remittance system. Orie Steele: ... Its an existing ecosystem thats out there... our PoC just adding an LEI to an existing production system Orie Steele: ... Of course we are waiting for confirmation from operators. Orie Steele: ... Can't give you estimates... we keep finding more interest. Orie Steele: ... We joined Trust over IP as a contributor member... evaluating the LEI as an ecosystem governance framework Orie Steele: ... LEI as a solution to organizational identity in digital transactions. Orie Steele: Christoff: tech is not the gating factor, its interoperability, many options in practice... Orie Steele: ... We don't want to make choices, we don't want to exclude... so we go with several, or go with one and making it a leading one Orie Steele: ... This is why governance is important. Heather Vescent: Fascinatting space... can you talk about trusted supplier use case, curious about supply chain, auditing... re patagonia, certified fair trade... vs pharma supply chain [scribe assist by Orie Steele] Carla Casilli: We think it applies to both... [scribe assist by Orie Steele] Orie Steele: ... It applies to procurement processes generally Orie Steele: ... Also useful in supplychain. Juan Caballero: https://medium.com/spherity/third-party-risk-management-a87a6dcdaf67 Orie Steele: ... We see both
Received on Tuesday, 4 August 2020 17:32:25 UTC