- From: W3C CCG Chairs <w3c.ccg@gmail.com>
- Date: Fri, 12 Jun 2020 21:37:19 -0700 (PDT)
Thanks to for scribing this week! The minutes for this week's Credentials CG telecon are now available: https://w3c-ccg.github.io/meetings/2020-06-09/ Full text of the discussion follows for W3C archival purposes. Audio from the meeting is available as well (link provided below). ---------------------------------------------------------------- Credentials CG Telecon Minutes for 2020-06-09 Agenda: undefined Topics: 1. co-chair election Organizer: Kim Hamilton Duffy and Joe Andrieu and Christopher Allen Scribe: Present: Jonathan Holt, Orie Steele, Dan Burnett, Wayne Vaughn, Joe Andrieu, Amy Guy, Christopher Allen, Kaliya Young, Erica Connell, Ryan Grant, Chris Winczewski, Adam Lemmon, Heather Vescent, Kayode Ezike, Margo Johnson, Kim Hamilton Duffy, Juan Caballero, Brent Zundel Audio: https://w3c-ccg.github.io/meetings/2020-06-09/audio.ogg Wayne Vaughn: Hear you great Chris Winczewski: Scribe+ Joe Andrieu: Introductions [scribe assist by Chris Winczewski] Chris Winczewski: Jeff Stone and Nathan representing from Learning Economy Chris Winczewski: ... Reintroductions Chris Winczewski: ... Adam Lemmon from Emergence Tech Joe Andrieu: https://w3c-ccg.github.io/announcements/ Chris Winczewski: ... Announcements Chris Winczewski: ... Identiverse is now virtual over several weeks Hel^ Kaliya Young: DIF is hosting an intro next week [scribe assist by Chris Winczewski] Chris Winczewski: ... Link will be posted to IRC Juan Caballero: https://www.eventbrite.com/e/dif-face-to-face-virtual-tickets-106632396368 Chris Winczewski: Lucy_Yang: Representing CCI. Supporting privacy preserving covid credentials https://www.covidcreds.com/ Haven't updated everything, but more info will come soon. Joe Andrieu: Action items [scribe assist by Chris Winczewski] Joe Andrieu: https://github.com/w3c-ccg/community/issues?q=is%3Aopen+is%3Aissue+label%3A%22action%3A+review+next%22 Topic: co-chair election Christopher Allen: Voting system details are being finalized. Hope email will be sent out today. [scribe assist by Chris Winczewski] Chris Winczewski: ... Votes will be tallied by volunteers and results published the next week Joe Andrieu: https://transmute-industries.github.io/universal-wallet/ Joe Andrieu: Universal Wallets presentation from Orie @ Transmute [scribe assist by Chris Winczewski] Orie Steele: https://transmute-industries.github.io/universal-wallet/ Orie Steele: https://nfc.did.ai/nxp?seed=7052adea8f9823817065456ecad5bf24dcd31a698f7bc9a0b5fc170849af4226 Orie Steele: Spec and demo links above [scribe assist by Chris Winczewski] Chris Winczewski: ... Would like to speak for a bit and then open up for questions Chris Winczewski: ... A number of demos are used and all of them use various services (e.g. key storage) Chris Winczewski: ... Interoperable wallets inevitably come up Chris Winczewski: ... The goal is to create a data model and abstract interface for wallets Chris Winczewski: ... Trying to create a data model that accounts for how these identifiers, currencies, etc are all related Chris Winczewski: ... And how to abstract for interop Chris Winczewski: ... Data cannot be moved from one system to another is we don't have a common data model Chris Winczewski: ... Reference implementation for one use case to show how this would work Chris Winczewski: ... Trying to build a vocabulary vs creating new and potentially duplicate data models Joe Andrieu: https://transmute-industries.github.io/universal-wallet/ Joe Andrieu: https://github.com/transmute-industries/universal-wallet/ Christopher Allen: https://github.com/BlockchainCommons/Research Christopher Allen: Some Bitcoin and Ethereum wallet providers trying at the base level (e.g. what is a seed) to come to agreement [scribe assist by Chris Winczewski] Christopher Allen: https://github.com/WebOfTrustInfo/rwot9-prague/blob/master/topics-and-advance-readings/whats-wallet.md Chris Winczewski: ... Could the community, or DIF tackle some of the naming issues? RWOT link above for What is a Wallet? Orie Steele: DIF did tackle glossary terminology a little while ago... not sure if there is a link that can be entered for future readers. Chris Winczewski: ... Arrows within these models also need to be named Chris Winczewski: ... Starting small with vocabulary. Tech interop (e.g. CBOR) will come later Joe Andrieu: Where to you see this going from here Orie? [scribe assist by Chris Winczewski] Orie Steele: Trying to gather interest from CCG and DIF to support this initiative [scribe assist by Chris Winczewski] Margo Johnson: Re: Orie's comment about DIF glossary work, here is that presentation from recent work include wallet, credential, agent ecosystem analysis https://docs.google.com/presentation/d/1gIEPmbtLNVuaHxdawGBe6ZwFqP43m7iqmIEeUUm3sjI/edit#slide=id.g752184a474_0_4 Christopher Allen: I'd like to see this diagram updated: https://github.com/WebOfTrustInfo/rwot9-prague/blob/master/topics-and-advance-readings/media/ExpandedDecentralizedIdentityNetworkComponents.png Chris Winczewski: ... If there is support then let's come together. Supporting a work item is preferred. Wayne Vaughn: This is a wallet interoperability initiative? [scribe assist by Chris Winczewski] Orie Steele: Yes, import/export representations for wallets to be used together [scribe assist by Chris Winczewski] Wayne Vaughn: Naming topic, could we modify the name "Universal Wallet?" [scribe assist by Chris Winczewski] Chris Winczewski: ... What about porting key pairs from one wallet to another Brent Zundel: This may be valuable information for a way that part of the community thinks about wallets: https://github.com/hyperledger/aries-rfcs/tree/master/concepts/0050-wallets Orie Steele: Moving keys is a risk but it is a thing that the community does now. Vocabulary can help clarify what moving keys means and what the risks are. [scribe assist by Chris Winczewski] Christopher Allen: When developing the BTCR wallet and the underlying BTC wallet, we learned a number of things (e.g. Air Gap) [scribe assist by Chris Winczewski] Chris Winczewski: ... The diagram is missing a number of pieces such as Shamir and revocation Brent Zundel: Also related: https://github.com/hyperledger/aries-rfcs/tree/master/concepts/0051-dkms Orie Steele: Its definitely a hard problem... thats why we are tackling it :) Chris Winczewski: ... It turns out this is a difficult problem across all of the crypto wallet families. We don't have representation from these groups here as well. Orie Steele: I have opened this issue targeting hyperledger interoperability: https://github.com/transmute-industries/universal-wallet/issues/9 Chris Winczewski: ... Need group to agree so we don't do the work but then everyone just continues with their own wallet Kim Hamilton Duffy: Support from the educational credential side as there are currently a lot of wallets in the wild [scribe assist by Chris Winczewski] Orie Steele: An we get a link to ILR wrapper? Chris Winczewski: ... ILR, which is a type of VC, is focused on discoverability Joe Andrieu: I don't know if the ILR paper is published yet Chris Winczewski: ... There will be interest to integrate with a number of identity providers Chris Winczewski: ... Possibly take this on in the VC EDU Taskforce Chris Winczewski: ... Usability for the learner is also critical, since the wallet is usually the entry point into this tech Orie Steele: Here is another UI demo which attempts to expose some usable UX for this: https://material-did.com/?path=/story/components-universal-wallet-wallet--unlocked Margo Johnson: Re: Orie's comment about DIF glossary work, here is that presentation from recent work include wallet, credential, agent ecosystem analysis https://docs.google.com/presentation/d/1gIEPmbtLNVuaHxdawGBe6ZwFqP43m7iqmIEeUUm3sjI/edit#slide=id.g752184a474_0_4 Brent Zundel: This may be valuable information for a way that part of the community thinks about wallets: https://github.com/hyperledger/aries-rfcs/tree/master/concepts/0050-wallets Brent Zundel: Also related: https://github.com/hyperledger/aries-rfcs/tree/master/concepts/0051-dkms Joe Andrieu: Margo and Brent added links for parts of the conversation above [scribe assist by Chris Winczewski] Chris Winczewski: ... ILR was light on wallet. This Transmute spec is very helpful to go deeper Chris Winczewski: ... About webkms; the spec mentions this. Can you speak to how webkms fits in? Orie Steele: Bottom line, don't move private keys if you do not need to. Generate keys on the device and authorize them [scribe assist by Chris Winczewski] Chris Winczewski: ... Webkms is meant to hold keys behind a web interface Chris Winczewski: ... Keys mentioned in a wallet could be present in a secure enclave or other method such as webkms. Joe Andrieu: Similarity to Bitcoin. Wallets do not hold your Bitcoins [scribe assist by Chris Winczewski] Christopher Allen: https://github.com/blockchainCommons/bc-lethekit Christopher Allen: We are increasingly finding that we want to use device differences to separate private keys. For example, link provided. [scribe assist by Chris Winczewski] Have to hop off but +1 to supporting edu spec and/or wg. Interested in delineating crypto and edu wallet, which is perhaps counter to “universal” +Present Chris Winczewski: ... The master key is never on the device which is on the network Christopher Allen: Ur:crypto-hdkey/5vql2q6cyyqw3uewwg77eaq9rth6er3vj0yutvs5xyup0ndsrg2ffwgheppkkdgytqsgw00ls8qz75jky073legk06kr54dqf80r6v2tkshwyflla5ma2zqwu4mr8 Chris Winczewski: ... Network device is separate from the storage device. This doesn't work for all use cases but should be considered Chris Winczewski: ... CBOR example which is optimized for QR codes Chris Winczewski: ... Wyoming laws with regards to private keys - Stockholders can now be represented by keys. Corporate records can now be stored on chain. Chris Winczewski: ... May also add capability for the Secretary of State to issue civic records Chris Winczewski: ... A bill which protects private keys from compelled disclosure also introduced. Should be taken up in next legislative session. Joe Andrieu: For keys to perform their magic, they need to be kept private [scribe assist by Chris Winczewski] Christopher Allen: This is the private key bill in Wyoming: https://wyoleg.gov/Legislation/2020/HB0041 Orie Steele: A note about the bar we are trying to meet. Indy credentials format for example needs to be included [scribe assist by Chris Winczewski] Chris Winczewski: ... Software implementers and standards groups need strong collaboration from the separate groups Chris Winczewski: ... If you represent a community that you feel is not well represented, please reach out Christopher Allen: There are a lot of assumptions in crypto currency wallets that make some assumptions that can cause problems [scribe assist by Chris Winczewski] Chris Winczewski: ... For example, automated account creation vs answering a request from the netwok Chris Winczewski: S/netwok/network Orie Steele: +1 To the value of reference implementations Orie Steele: Especially multiple ones in different languages Chris Winczewski: ... Some things are only discovered when implementing Jonathan Holt: Caution to separate key management from wallet management [scribe assist by Chris Winczewski] Christopher Allen: +1 I think there is a lot of collisions here Christopher Allen: I also want to separate keys from accounts from wallets Kim Hamilton Duffy: I'd be interested in helping untangle key/credential management. The EDU use cases will force that along Chris Winczewski: ... Could be problematic for example, associating keys to the correct accounts within the wallet Christopher Allen: Keys, accounts, credentials, wallet Orie Steele: Great point, it is easy to destroy privacy unintentionally [scribe assist by Chris Winczewski] Chris Winczewski: ... Future state could be that the wallet warns you of these scenarios with key association and disclosure risks Chris Winczewski: ... Adversary builds off what they can see so the motivation behind the metadata is to balance this Wayne Vaughn: Has there been investigation into DPKI and KERI? [scribe assist by Chris Winczewski] Orie Steele: If you have a kms now, you would represent that in a JSON data model. Not intended to commingle separate kms tools [scribe assist by Chris Winczewski] Orie Steele: We support HD Keys Joe Andrieu: Please type +1 HD key if you do, or plan to, support HD keys in your wallet Christopher Allen: Do your tools plan to support HD Keys? Type +1 in chat if you are. [scribe assist by Chris Winczewski] Chris Winczewski: +1 Orie Steele: But for secp256k1 only Jonathan Holt: Is HD in 25519 a thing yet? Orie Steele: Is it secure? ... jury is out... Chris Winczewski: ... Yes in 25519 but it is a challenge
Received on Saturday, 13 June 2020 04:37:33 UTC