[MINUTES] W3C Credentials CG Call - 2020-06-09 12pm ET

Thanks to  for scribing this week! The minutes
for this week's Credentials CG telecon are now available:

https://w3c-ccg.github.io/meetings/2020-06-09/

Full text of the discussion follows for W3C archival purposes.
Audio from the meeting is available as well (link provided below).

----------------------------------------------------------------
Credentials CG Telecon Minutes for 2020-06-09

Agenda:
  undefined
Topics:
  1. co-chair election
Organizer:
  Kim Hamilton Duffy and Joe Andrieu and Christopher Allen
Scribe:
  
Present:
  Jonathan Holt, Orie Steele, Dan Burnett, Wayne Vaughn, Joe 
  Andrieu, Amy Guy, Christopher Allen, Kaliya Young, Erica Connell, 
  Ryan Grant, Chris Winczewski, Adam Lemmon, Heather Vescent, 
  Kayode Ezike, Margo Johnson, Kim Hamilton Duffy, Juan Caballero, 
  Brent Zundel
Audio:
  https://w3c-ccg.github.io/meetings/2020-06-09/audio.ogg

Wayne Vaughn: Hear you great
Chris Winczewski: Scribe+
Joe Andrieu:  Introductions [scribe assist by Chris Winczewski]
Chris Winczewski: Jeff Stone and Nathan representing from 
  Learning Economy
Chris Winczewski: ... Reintroductions
Chris Winczewski: ... Adam Lemmon from Emergence Tech
Joe Andrieu: https://w3c-ccg.github.io/announcements/
Chris Winczewski: ... Announcements
Chris Winczewski: ... Identiverse is now virtual over several 
  weeks
Hel^
Kaliya Young:  DIF is hosting an intro next week [scribe assist 
  by Chris Winczewski]
Chris Winczewski: ... Link will be posted to IRC
Juan Caballero: 
  https://www.eventbrite.com/e/dif-face-to-face-virtual-tickets-106632396368
Chris Winczewski: Lucy_Yang: Representing CCI. Supporting privacy 
  preserving covid credentials
https://www.covidcreds.com/
Haven't updated everything, but more info will come soon.
Joe Andrieu:  Action items [scribe assist by Chris Winczewski]
Joe Andrieu: 
  https://github.com/w3c-ccg/community/issues?q=is%3Aopen+is%3Aissue+label%3A%22action%3A+review+next%22

Topic: co-chair election

Christopher Allen:  Voting system details are being finalized. 
  Hope email will be sent out today. [scribe assist by Chris 
  Winczewski]
Chris Winczewski: ... Votes will be tallied by volunteers and 
  results published the next week
Joe Andrieu: 
  https://transmute-industries.github.io/universal-wallet/
Joe Andrieu:  Universal Wallets presentation from Orie @ 
  Transmute [scribe assist by Chris Winczewski]
Orie Steele: 
  https://transmute-industries.github.io/universal-wallet/
Orie Steele: 
  https://nfc.did.ai/nxp?seed=7052adea8f9823817065456ecad5bf24dcd31a698f7bc9a0b5fc170849af4226
Orie Steele:  Spec and demo links above [scribe assist by Chris 
  Winczewski]
Chris Winczewski: ... Would like to speak for a bit and then open 
  up for questions
Chris Winczewski: ... A number of demos are used and all of them 
  use various services (e.g. key storage)
Chris Winczewski: ... Interoperable wallets inevitably come up
Chris Winczewski: ... The goal is to create a data model and 
  abstract interface for wallets
Chris Winczewski: ... Trying to create a data model that accounts 
  for how these identifiers, currencies, etc are all related
Chris Winczewski: ... And how to abstract for interop
Chris Winczewski: ... Data cannot be moved from one system to 
  another is we don't have a common data model
Chris Winczewski: ... Reference implementation for one use case 
  to show how this would work
Chris Winczewski: ... Trying to build a vocabulary vs creating 
  new and potentially duplicate data models
Joe Andrieu: 
  https://transmute-industries.github.io/universal-wallet/
Joe Andrieu: 
  https://github.com/transmute-industries/universal-wallet/
Christopher Allen: https://github.com/BlockchainCommons/Research
Christopher Allen:  Some Bitcoin and Ethereum wallet providers 
  trying at the base level (e.g. what is a seed) to come to 
  agreement [scribe assist by Chris Winczewski]
Christopher Allen: 
  https://github.com/WebOfTrustInfo/rwot9-prague/blob/master/topics-and-advance-readings/whats-wallet.md
Chris Winczewski: ... Could the community, or DIF tackle some of 
  the naming issues? RWOT link above for What is a Wallet?
Orie Steele: DIF did tackle glossary terminology a little while 
  ago... not sure if there is a link that can be entered for future 
  readers.
Chris Winczewski: ... Arrows within these models also need to be 
  named
Chris Winczewski: ... Starting small with vocabulary. Tech 
  interop (e.g. CBOR) will come later
Joe Andrieu:  Where to you see this going from here Orie? [scribe 
  assist by Chris Winczewski]
Orie Steele:  Trying to gather interest from CCG and DIF to 
  support this initiative [scribe assist by Chris Winczewski]
Margo Johnson: Re: Orie's comment about DIF glossary work, here 
  is that presentation from recent work include wallet, credential, 
  agent ecosystem analysis 
  https://docs.google.com/presentation/d/1gIEPmbtLNVuaHxdawGBe6ZwFqP43m7iqmIEeUUm3sjI/edit#slide=id.g752184a474_0_4
Christopher Allen: I'd like to see this diagram updated: 
  https://github.com/WebOfTrustInfo/rwot9-prague/blob/master/topics-and-advance-readings/media/ExpandedDecentralizedIdentityNetworkComponents.png
Chris Winczewski: ... If there is support then let's come 
  together. Supporting a work item is preferred.
Wayne Vaughn:  This is a wallet interoperability initiative? 
  [scribe assist by Chris Winczewski]
Orie Steele:  Yes, import/export representations for wallets to 
  be used together [scribe assist by Chris Winczewski]
Wayne Vaughn:  Naming topic, could we modify the name "Universal 
  Wallet?" [scribe assist by Chris Winczewski]
Chris Winczewski: ... What about porting key pairs from one 
  wallet to another
Brent Zundel: This may be valuable information for a way that 
  part of the community thinks about wallets: 
  https://github.com/hyperledger/aries-rfcs/tree/master/concepts/0050-wallets
Orie Steele:  Moving keys is a risk but it is a thing that the 
  community does now. Vocabulary can help clarify what moving keys 
  means and what the risks are. [scribe assist by Chris Winczewski]
Christopher Allen:  When developing the BTCR wallet and the 
  underlying BTC wallet, we learned a number of things (e.g. Air 
  Gap) [scribe assist by Chris Winczewski]
Chris Winczewski: ... The diagram is missing a number of pieces 
  such as Shamir and revocation
Brent Zundel: Also related: 
  https://github.com/hyperledger/aries-rfcs/tree/master/concepts/0051-dkms
Orie Steele: Its definitely a hard problem... thats why we are 
  tackling it :)
Chris Winczewski: ... It turns out this is a difficult problem 
  across all of the crypto wallet families. We don't have 
  representation from these groups here as well.
Orie Steele: I have opened this issue targeting hyperledger 
  interoperability: 
  https://github.com/transmute-industries/universal-wallet/issues/9
Chris Winczewski: ... Need group to agree so we don't do the work 
  but then everyone just continues with their own wallet
Kim Hamilton Duffy:  Support from the educational credential side 
  as there are currently a lot of wallets in the wild [scribe 
  assist by Chris Winczewski]
Orie Steele: An we get a link to ILR wrapper?
Chris Winczewski: ... ILR, which is a type of VC, is focused on 
  discoverability
Joe Andrieu: I don't know if the ILR paper is published yet
Chris Winczewski: ... There will be interest to integrate with a 
  number of identity providers
Chris Winczewski: ... Possibly take this on in the VC EDU 
  Taskforce
Chris Winczewski: ... Usability for the learner is also critical, 
  since the wallet is usually the entry point into this tech
Orie Steele: Here is another UI demo which attempts to expose 
  some usable UX for this: 
  https://material-did.com/?path=/story/components-universal-wallet-wallet--unlocked
Margo Johnson: Re: Orie's comment about DIF glossary work, here 
  is that presentation from recent work include wallet, credential, 
  agent ecosystem analysis 
  https://docs.google.com/presentation/d/1gIEPmbtLNVuaHxdawGBe6ZwFqP43m7iqmIEeUUm3sjI/edit#slide=id.g752184a474_0_4
Brent Zundel: This may be valuable information for a way that 
  part of the community thinks about wallets: 
  https://github.com/hyperledger/aries-rfcs/tree/master/concepts/0050-wallets
Brent Zundel: Also related: 
  https://github.com/hyperledger/aries-rfcs/tree/master/concepts/0051-dkms
Joe Andrieu:  Margo and Brent added links for parts of the 
  conversation above [scribe assist by Chris Winczewski]
Chris Winczewski: ... ILR was light on wallet. This Transmute 
  spec is very helpful to go deeper
Chris Winczewski: ... About webkms; the spec mentions this. Can 
  you speak to how webkms fits in?
Orie Steele:  Bottom line, don't move private keys if you do not 
  need to. Generate keys on the device and authorize them [scribe 
  assist by Chris Winczewski]
Chris Winczewski: ... Webkms is meant to hold keys behind a web 
  interface
Chris Winczewski: ... Keys mentioned in a wallet could be present 
  in a secure enclave or other method such as webkms.
Joe Andrieu:  Similarity to Bitcoin. Wallets do not hold your 
  Bitcoins [scribe assist by Chris Winczewski]
Christopher Allen: 
  https://github.com/blockchainCommons/bc-lethekit
Christopher Allen:  We are increasingly finding that we want to 
  use device differences to separate private keys. For example, 
  link provided. [scribe assist by Chris Winczewski]
Have to hop off but +1 to supporting edu spec and/or wg. 
  Interested in delineating crypto and edu wallet, which is perhaps 
  counter to “universal”
+Present
Chris Winczewski: ... The master key is never on the device which 
  is on the network
Christopher Allen: 
  Ur:crypto-hdkey/5vql2q6cyyqw3uewwg77eaq9rth6er3vj0yutvs5xyup0ndsrg2ffwgheppkkdgytqsgw00ls8qz75jky073legk06kr54dqf80r6v2tkshwyflla5ma2zqwu4mr8
Chris Winczewski: ... Network device is separate from the storage 
  device. This doesn't work for all use cases but should be 
  considered
Chris Winczewski: ... CBOR example which is optimized for QR 
  codes
Chris Winczewski: ... Wyoming laws with regards to private keys - 
  Stockholders can now be represented by keys. Corporate records 
  can now be stored on chain.
Chris Winczewski: ... May also add capability for the Secretary 
  of State to issue civic records
Chris Winczewski: ... A bill which protects private keys from 
  compelled disclosure also introduced. Should be taken up in next 
  legislative session.
Joe Andrieu:  For keys to perform their magic, they need to be 
  kept private [scribe assist by Chris Winczewski]
Christopher Allen: This is the private key bill in Wyoming: 
  https://wyoleg.gov/Legislation/2020/HB0041
Orie Steele:  A note about the bar we are trying to meet. Indy 
  credentials format for example needs to be included [scribe 
  assist by Chris Winczewski]
Chris Winczewski: ... Software implementers and standards groups 
  need strong collaboration from the separate groups
Chris Winczewski: ... If you represent a community that you feel 
  is not well represented, please reach out
Christopher Allen:  There are a lot of assumptions in crypto 
  currency wallets that make some assumptions that can cause 
  problems [scribe assist by Chris Winczewski]
Chris Winczewski: ... For example, automated account creation vs 
  answering a request from the netwok
Chris Winczewski: S/netwok/network
Orie Steele: +1 To the value of reference implementations
Orie Steele: Especially multiple ones in different languages
Chris Winczewski: ... Some things are only discovered when 
  implementing
Jonathan Holt:  Caution to separate key management from wallet 
  management [scribe assist by Chris Winczewski]
Christopher Allen: +1 I think there is a lot of collisions here
Christopher Allen: I also want to separate keys from accounts 
  from wallets
Kim Hamilton Duffy: I'd be interested in helping untangle 
  key/credential management. The EDU use cases will force that 
  along
Chris Winczewski: ... Could be problematic for example, 
  associating keys to the correct accounts within the wallet
Christopher Allen: Keys, accounts, credentials, wallet
Orie Steele:  Great point, it is easy to destroy privacy 
  unintentionally [scribe assist by Chris Winczewski]
Chris Winczewski: ... Future state could be that the wallet warns 
  you of these scenarios with key association and disclosure risks
Chris Winczewski: ... Adversary builds off what they can see so 
  the motivation behind the metadata is to balance this
Wayne Vaughn:  Has there been investigation into DPKI and KERI? 
  [scribe assist by Chris Winczewski]
Orie Steele:  If you have a kms now, you would represent that in 
  a JSON data model. Not intended to commingle separate kms tools 
  [scribe assist by Chris Winczewski]
Orie Steele: We support HD Keys
Joe Andrieu: Please type +1 HD key if you do, or plan to, support 
  HD keys in your wallet
Christopher Allen:  Do your tools plan to support HD Keys? Type 
  +1 in chat if you are. [scribe assist by Chris Winczewski]
Chris Winczewski: +1
Orie Steele: But for secp256k1 only
Jonathan Holt: Is HD in 25519 a thing yet?
Orie Steele: Is it secure? ... jury is out...
Chris Winczewski: ... Yes in 25519 but it is a challenge

Received on Saturday, 13 June 2020 04:37:33 UTC