[MINUTES] W3C CCG Credentials CG Call - 2021-11-02

Thanks to Ryan Grant for scribing this week! The minutes
for this week's Credentials CG telecon are now available:

https://w3c-ccg.github.io/meetings/2021-11-02 

Full text of the discussion follows for W3C archival purposes.
Audio from the meeting is available as well (link provided below).

----------------------------------------------------------------
Credentials CG Telecon Minutes for 2021-11-02

Agenda:
  https://lists.w3.org/Archives/Public/public-credentials/2021Oct/0092.html
Topics:
  1. Introductions
  2. Announcments: DID Spec and infrastructure.
  3. Reintroductions
  4. Work Item Discussion
  5. Wyoming's approach to digital identity
Organizer:
  Heather Vescent
Scribe:
  Ryan Grant
Present:
  Heather Vescent, Nick Meyne, Bob Wyman, Brent Zundel, Mahmoud, 
  Manu Sporny, Kerri Lemoie, Angus McLeod, Christopher Allen, Mike 
  Prorock, Clare Sullivan, TallTed // Ted Thibodeau (he/him) 
  (OpenLinkSw.com), Ted Thibodeau, Adrian Gropper, Geun-Hyung Kim, 
  Ryan Grant, Juan Caballero, Dmitri Zagidulin, Wayne Chang, Steve 
  Magennis, Paul Fuxjäger, dazza, Kayode Ezike, Dan, Dan Burnett, 
  David I. Lehn
Audio:
  https://w3c-ccg.github.io/meetings/2021-11-02/audio.ogg

<christophera> Good morning everyone!
<mprorock> hey Chris!
<christophera> 4 years!
Heather Vescent: Minutes: https://w3c-ccg.github.io/meetings/
Ryan Grant is scribing.
Ryan Grant is scribing.

Topic: Introductions

Dazza: Dazza Greenwood. Here for Wyoming personal digital 
  identity act.
Heather Vescent:  Reintroductions
<christophera> I can hear you <sigh>
<christophera> ok
<heather_vescent> Yay Jitsi issues~
<heather_vescent> Chris, I will have you reintro after Manu gives 
  the infrastructure update.

Topic: Announcments: DID Spec and infrastructure.

Christopher Allen: :+1:
  ... minutes publication infrastructure has been broken due to a 
  gmail probem with an old email address.  minutes publication now 
  auto-emailed.
  ... all infrastructure is now operations.
S/operations/operational/
  ... Jitsi mostly working, but bugs with Safari WebRTC and some 
  with other browsers unmuting.
  ... end of December break will see us updating Jitsi software.  
  there may be new bugs.  there may be less bugs.
  ... question to community: what infrastructure do you want to 
  see?
  ... we'll prioritize stuff that helps running meetings.  then 
  broad support.
Christopher Allen: Sidenote: it doesn't appy to this community, 
  but we've been working on security upgrades to Jitsi to support 
  JWT authentication for private meetings.
  ... autoscribe feature, driven by speech recognition, is on the 
  list.
  ... what do you want?
  ... other update is DID-core.  formal objections have received 
  much traffic.
  ... good news: things have calmed down a bit.
<manu_sporny> Summary FAQ of DID Core Formal Objections: 
  https://msporny.github.io/did-core-formal-objections/
  ... FAQ is Manu's writing and personal view
  ... good/bad news is that points have been made and 
  communicated
  ... formal objection council will be created to deal with the 
  formal objection.  this is a very rare case.
  ... advisory committee mailing list access has some (paywalled) 
  stats that Manu computed
Heather Vescent:  There is an issues list
<heather_vescent> CCG issue for jitsi feedback: 
  https://github.com/w3c-ccg/community/issues/217
Kerri Lemoie:  Want to be able to search for our minutes in the 
  scribe tool
Heather Vescent:  We have that request recorded somewhere
  ... will merge issues from main CCG list into infrastructure 
  issues.
Manu Sporny:  Please elaborate feature request
Kerri Lemoie:  There is calendar search, but it only does CCG and 
  not other task forces

Topic: Reintroductions

Heather Vescent:  Hopefully Christopher Allen is back
Christopher: architect and principal director of Blockchain 
  Commons.  invited to VC task force 6 years ago.
  ... joined by Joe Andrieu and Kim Hamilton shortly thereafter, 
  trying to do weekly meetings.
  ... didn't run for co-chair renewal a year ago, to focus on 
  code.  BC has been working on did:onion and other "trustless" 
  methods.  also a lot of work on the wallet side and key 
  management.
  ... how to bring som of the best technology from the trustless 
  side to the DID community, in new ways that are trust preserving.

Topic: Work Item Discussion

Heather Vescent: 
  https://github.com/w3c-ccg/community/issues?q=is%3Aissue+is%3Aopen+label%3A%22action%3A+review+next%22
Heather Vescent: Did:tz: 
  https://github.com/w3c-ccg/community/issues/202
  ... review of Work Item Extravaganza has resulted in review of 
  work items.  did:tz method requires co-lead correction.
Juan Caballero:  Can help on that
Ryan Grant:  [Scribe aside] feature request (please help catalog) 
  need name completion when scribing from IRC
<heather_vescent> Co-operative Credentials: 
  https://github.com/w3c-ccg/community/issues/215
<heather_vescent> Thank you Angus for attending.
Nick: shoutout to Angus from Australia
  ... we're a cooperative
  ... working on VCs for cooperatives
  ... idea is common cooperative membership.  there are 1.2 
  billion members, globally, of cooperatives.  we should share our 
  technical efforts, rather than use the large tech company 
  proprietary products.
  ... come from a [name lost by slow cribe] cooperative in the 
  music industry.
  ... we're trying to grow a respectful privacy-preserving 
  identity
Angus: [name lost] is a cooperative
<christophera> I like that there are multiple platform 
  cooperatives with different models involved in this work item!
<juan_caballero_(spruce)> FairBNB and Resonate
https://github.com/coopcreds/discourse-verifiable-credentials
<juan_caballero_(spruce)> the latter is the music cooperative.  
  Both are ESSIF-LAB grantees!
  ... looking at VCs and have developed an open source plugin for 
  Discourse that uses presentation of a VC to get access to a 
  forum.
  ... will be adding to that with FairBnB (?)
Ryan Grant:  Scribe requests links for all proper nouns 
  introduced.
<angus_mcleod> coopcreds.com
<heather_vescent> Love this work item!
Nick: use case is similar to VC-EDU work
Manu Sporny: +1 To that, super excited about this work item.
  ... bring your cooperative membership from one cooperative to 
  another without requiring too much PII
.. Better than PII capitalists can offer
  ... coop sector can help in ecosystem governance, democratic 
  principles, and the ethics of cooperations
  ... trying to break the mould of dependency on major identity 
  providers
  ... keen to take the guidance of this community to achieve best 
  practices
  ... Internantional Cooperative Alliance (ICA) carries the brand
Manu Sporny:  Thrilled about this work item
  ... VC spec started as a way to help artists publish music 
  online
  ... +1 to the music side of this
  ... great to see coops working together - a very laudible goal
  ... you're among friends
Nick: we're honored
Heather Vescent:  +1 To this work!
Agropper: my project is modelling patient cooperatives and has 
  the same goals in terms of privacy preservation.
  ... do you see coops acting as notaries, as part of a 
  federation?
Nick: yes
Agropper: or is the method verifying signatures by others?
AAngus: we're starting with a centralzied issuer.
Dan Burnett: +1 To this work.  At RWOT 8 in Barcelona in Mar 
  2019, one of the work items concluded that the best way to 
  bootstrap the VC ecosystem was through cooperatives, where the 
  members of coops have an incentive to adopt recommendations by 
  the co-ops.  Can't find the paper on this, but I'm pleased to 
  hear what you're doing.
Agropper: edu-coop working on data model a lot.  a notary need 
  not read the contract or credential
<mprorock> Time check on main agenda - maybe take work item 
  discussion to Github
  ... can serve identity blinding function
Angus: we're new to the concept and interested in learning more 
  about this.  please join us and help us parse this.
Agropper: would be delighted!
<agropper> agropper@healthurl.com for invite to coop work
Nick: also looking at sustainable music tourism so that we can 
  try this and show it in use
  ... we expect many different scenarios
<angus_mcleod> Thanks, will send you an invite later this week
  ... an ecosystem of issuers and verifiers.
  ... we don't want to reinvent the wheel here
Christopher:
  ... trying to make sure that DAO are not solley token based
  ... there's a lot of interest in proof-of-personhood on risks 
  that we've begun to discover - adversaries and how to work around 
  them.  you're invited.
<tallted> s/solley/solely/
Nick: cooperative voting (one member one vote) is one of our key 
  needs
Heather Vescent: https://github.com/w3c-ccg/community/issues/215
Heather Vescent:  Process is to begin 7 day waiting period for 
  comments
<juancaballero> @ChrisA sorry, I didn't follow the reference to a 
  WG or event.  do you have a link for the PoP stuff?
<christophera> I'll start
<angus_mcleod> Definitely interested in that group Christopher, 
  if you could invite angus@thepavilion.io and nick@resonate.is
<angus_mcleod> Thank!
  ... main event is Christopher Allen, Daza Greenwood and [name 
  lost]

Topic: Wyoming's approach to digital identity

<manu> s/[name lost]/Clare Sullivan/
Christopher: we've been tustling around our technology and 
  property law, and intellectual property law.  as a tech community 
  we've avoided terms that would confuse the domain.  we have not 
  had a good answer on the law side
  ... Wyoming task force subcommittee has been trying to figure 
  out how to advance this topic.  people come in and make 
  suggestions that are a couple steps back on progress, but Agency 
  Law and Principle Authority help set the frame
  ... as a person you have the right of authority over certain 
  things
  ... heath care, asset advice: you can delegate these and 
  undelegate them
  ... difference identified are advantageous for us
Christopher Allen: 
  https://www.blockchaincommons.com/articles/Principal-Authority/
  ... we can shift from "theft of" to "abuse of delegated 
  authority" helps keep us out of propert law approaches
  ... see linked article
<christophera> “Personal digital identity” means the intangible 
  digital representation of, by and for a natural person, over 
  which he has principal authority and through which he 
  intentionally communicates or acts.
  ... proposed last year and signed into law, but lacking teeth
  ... coming year's work is to find these abuses of authority.  
  this won't prevent misuse of property law, but it is a new tool.
Clare: this came out of Chris's work on SSI
  ... there's a lof of compromise in legislation
  ... i'm a lawyer with a specialty in digial identity
  ... elsewhere in the world it's based on rights, but rights 
  under US law are a very different things.  bringing in Principle 
  Authority helps, but we're using it just in the definition.
  ... i'm with Georgetown University in DC, and [scribe lsot - 
  request assist]
Dazza: Dazza Greenwood.  i run [names lost as usual]
<manu_sporny> Wow, practicing legal professionals on a CCG call 
  providing input wrt. the technology we're building here -- 
  hooray, and more of this please!
<manu> s/[names lost as usual]/Civics/
  ... headline for this statute, Principle Authority, is to bind 
  a name for further development
  ... it's tech neutral, so there acan be other methods for 
  people to express this dimension of their identity.
  ... there's now something that you can cite to in Wyoming law.
Bob: fascinating subject!
  ... i have 30 year old patents on this issue.  an old issue: 
  when you delegate, what is delegated?  is it the identity or 
  rights associated?
Clare: rights associated
Bob: it's a very important point for people to understand
<manu_sporny> This is a super important point -- and is one of 
  the reasons why ZCAPs (authorization capabilities) are designed 
  the way they are...
Clare: the other element is that we wanted something that could 
  flow through to public sector.  it's a key principle around the 
  world that identity cannot be delegated, so it's important to 
  clarify
Dazza: this is an identity that a natural person acts through
  ... the source of things happening through a digital identity 
  is the natural person
<christophera> We have positioned this work under Agency Law. 
  https://en.wikipedia.org/wiki/Law_of_agency
<christophera> and laws of custom
<christophera> (adjacent)
Mike Prorock: +1 Chris
<manu_sporny> The "reasons" were we had a huge ranked choice vote 
  on it and the term "holder" was what we could agree to at the 
  time. :P
Agropper: your innovation was to switch from property law to 
  agency law.  a question (buried in old CCG/SSI work) regards the 
  label the subject of the identity as the holder instead of 
  controller.  relabel?
<tallted> well... It's often possible to effectively share one's 
  identity ("here, Horace, use my passcard to get the thing from my 
  office"), which is typically done where it's not possible to 
  provide specific delegation (e.g., adjust systems to permit 
  *their* passcard to open your door).  Sharing one's passcard is 
  obviously problematic (e.g., as it makes it appear that *you*, 
  not Horace, went through that door), but very common.
Christopher: never intended the SSI principles to be more than a 
  starting point for a conversation.  changes possible given 
  sufficient consensus.  a recent paper incorporated the principles 
  in a list with more.  it may be time for a new generation of 
  principles.  we jsut didn't want to say, five years ago, "owner".
  ... that would confuse judges
<bobwyman> If anyone wants to talk about did:tag, I would be 
  pleased to do so during this afternoon's CCG Information 
  DIscussion meeting.
Angus: also a laywer and id thesis on philosophy of law.  we're 
  talking here about a relationship of rights.
<kerri_lemoie> I'd be interested in a workshop(s) on the SSI 
  principles and moving them to next generation.
  ... there's a similar concept that ownership is a bundle of 
  rights.
<christophera> agreed.
  ... where is this coming from ?  there's a terminological issue 
  here, but there's also the legal implications.  a judge looking 
  at this may find it similar to the bundle of rights theory
<kerri_lemoie> In education we struggle with "ownership" of ed 
  data. Many have agreed that ownership belongs to the issuer but 
  access/persistence belongs to individual.
Clare: difference is between US and Australian law
  ... statue law impinges upon this and had to be navigated 
  around
<bobwyman> But, are they "natural rights" or rights delegated by 
  states?
<kerri_lemoie> Can we cover this topic more regularly?
Dazza: thing to keep an eye on is [lost details and] that this 
  doesn't foreclose property viewpoints
<tallted> "... unalienable rights, that among these are Life, 
  Liberty, and the Pursuit of Happiness ..." and digital identity
Christopher: request for CCG is to look at privacy violations as 
  a coercion of authority
Heather Vescent:  Thanks
<christophera> open for a short term item!
  ... open to supporting a CCG session on this
  ... concluding and thanks everyone
<kerri_lemoie> Thanks!!

Received on Thursday, 4 November 2021 17:57:18 UTC