Re: VC HTTP API specification structure from Manu Sporny on 2021-05-02 (public-credentials@w3.org from May 2021)

From: Manu Sporny <msporny@digitalbazaar.com>
Date: Sun, 2 May 2021 16:49:02 -0400
To: W3C Credentials Community Group <public-credentials@w3.org>
Message-ID: <ecdc6d80-608e-63f2-d872-5fa553801e7b@digitalbazaar.com>

On 5/2/21 4:19 PM, Adrian Gropper wrote:
> This thread is primarily to 
> support my suggestion that we work on three separate documents.

We polled the three separate documents proposal again during the last call and
it had a large number of "-1"s. It is extremely unlikely that the group will
agree to that course of action. I expect any proposal to be put forward
suggesting that course of action to fail:

https://meet.w3c-ccg.org/archives/w3c-ccg-vchttpapi-2021-04-29-irc.log

[2021-04-29T19:56:16.930Z] <manu> POLL: Create 3 VC HTTP API ReSpec
specifications (e.g., Issuing, Verification, Presentation) in addition to the
existing OAS file.
[2021-04-29T19:56:21.593Z] <Orie> -1
[2021-04-29T19:56:25.542Z] <Juan_Caballero> -1
[2021-04-29T19:56:26.015Z] <manu> -1
[2021-04-29T19:56:32.159Z] <TallTed> -0.9
[2021-04-29T19:56:33.494Z] <jtwalker2000> -1
[2021-04-29T19:56:36.679Z] <dlongley> -1
[2021-04-29T19:56:39.718Z] <dmitriz> -1
[2021-04-29T19:56:45.906Z] <markus_sabadello> -1
[2021-04-29T19:56:46.917Z] <mprorock> -1
[2021-04-29T19:56:54.938Z] <Mahmoud_Alkhraishi> -1
[2021-04-29T19:56:59.305Z] <Phil.L> -1
[2021-04-29T19:57:01.266Z] <DavidC> +1
[2021-04-29T19:57:08.508Z] <HeatherVescent> -1

> I tried to say in our initial call, it will be easier to do a privacy 
> analysis if we deal with Issuer, Verifier, and Holder APIs separately,
> with or without authorization.

While I agree that doing "privacy analysis" on separate, smaller documents is
easier (as a general rule), it is not the case that it's impossible (or
difficult) to do so on larger documents.

It's also fairly simple to split large documents once it becomes clear that
the document size has become a problem.

I'll note that we don't have finalized use cases, finalized scope, or a
specification upon which to base privacy discussions yet.

Can you propose a concrete proposal on specification structure that is likely
to gain more consensus than the one we put forward two calls ago (with you as
the only detractor)?

Again, the proposal with the most support so far is this one:

PROPOSAL: Create 1 ReSpec specification in addition to separating the existing
OAS files into modular components.

-- manu

-- 
Manu Sporny - https://www.linkedin.com/in/manusporny/
Founder/CEO - Digital Bazaar, Inc.
blog: Veres One Decentralized Identifier Blockchain Launches
https://tinyurl.com/veres-one-launches

Received on Sunday, 2 May 2021 20:49:19 UTC