W3C home > Mailing lists > Public > public-credentials@w3.org > October 2021

RE: W3C Credentials CG Call Tues: mobile DL deck

From: Jim St.Clair <jim.stclair@lumedic.io>
Date: Fri, 8 Oct 2021 14:08:57 +0000
To: "steve.e.magennis@gmail.com" <steve.e.magennis@gmail.com>, "'John, Anil'" <anil.john@hq.dhs.gov>, 'W3C Credentials CG' <public-credentials@w3.org>
Message-ID: <PH0PR04MB71602C03DF014D1CE68088329FB29@PH0PR04MB7160.namprd04.prod.outlook.com>
Thanks Steve – I think this is in keeping with the conversation we had last week.
We can reach out to these DMVs and Loffie Jaffer, from AAMVA, who also represented mDL to ANSI and ISO.
I think we also discussed making sure that W3C is taking advantage of their Liaison A status to apply ISO recognition for their published standards to “harmonize” the areas of concern and the our-of-scope sections that Anil described.

Best regards,
Jim St.Clair
Chief Trust Officer
jim.stclair@lumedic.io<mailto:jim.stclair@lumedic.io> | 228-273-4893
Let’s meet to discuss patient identity exchange: https://calendly.com/jim-stclair-1

From: steve.e.magennis@gmail.com <steve.e.magennis@gmail.com>
Sent: Friday, October 8, 2021 8:37 AM
To: 'John, Anil' <anil.john@hq.dhs.gov>; 'W3C Credentials CG' <public-credentials@w3.org>
Subject: RE: W3C Credentials CG Call Tues: mobile DL deck

CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.

Eight states have publicly signed up to implement early pilots starting now-ish using the Apple wallet at least for secure storage of the mDL. There have to be plans to implement some issuer-to-holder protocols and now would be the time to get the conversation going with the actual implementers and project sponsors to try and influence at least the use of an open protocol.

Do we know any of the following folks? I also have to imagine that either AAMVA or Apple (id/payments) is guiding / coordinating the pilot efforts. Does anyone have contacts at either?

Arizona: Eric Jorgensen, dir Dept of transport motor vehicle division
Georgia: Spencer Moore, commissioner of dept of driver services
Iowa: Melissa Gillett, director motor vehicle division
Kentucky: Matt Cole, commissioner, department of vehicle regulation
Oklahoma: Jerry Moore, CIO
Utah: Jess Anderson, commissioner of dept of public safety


From: John, Anil <anil.john@hq.dhs.gov<mailto:anil.john@hq.dhs.gov>>
Sent: Thursday, October 7, 2021 10:04 AM
To: 'W3C Credentials CG' <public-credentials@w3.org<mailto:public-credentials@w3.org>>
Subject: RE: W3C Credentials CG Call Tues: mobile DL deck

Thank you to Heather, Mike and Wayne (W3C Co-Chairs) for arranging this briefing.
Thank you to the UL folks for their briefing and their willingness to answer  the questions from the audience.

This was a very helpful, informative and educational session.

Without getting sidetracked into Standards Politics/Drama, I came away from this session with two specific points as it relates to Interoperability.

  *   The interface between the Issuing Authority (“Issuer”) and the Mobile Device (“Holder”) is deliberately out of scope of the ISO/IEC 18913-5 Standard. The impact of this choice is that it provides technology vendors the ability to lock in DMVs into their proprietary provisioning API while implementing this standard. I can foresee a messaging that will revolve around their future support of a future provisioning standard (ISO/IEC TS 23220-3), which will rapidly fall by the wayside of operational realties and budgets  i.e. If a DMV in the future asks them to support that as-yet-undefined-API/Standard, the vendor will almost certainly ask them for additional funding to implement that – with the DMV being loath to do so given that they already have an provisioning API (albeit proprietary) in place – the classic definition of vendor lock-in.
  *   The ISO standard also deliberately puts out of scope any standardized way to check the revocation / credential status of the mDL. Which means is that each vendor is implementing a proprietary mechanism for doing so that further locks in a DMV to a particular vendor.

At the same time, I saw some potential glimmers of a shared path towards interoperabilty:

  *   The VC API work that is an approach to a standardized API between an Issuing Authority and a Mobile and between the Mobile Device and the Verifier.
  *   If you combine the VC API with the “Model 2 Considerations” which speaks to a shared wallet (I have no idea what a “ISO Compliant App” is – so am not using that terminology) that can store both an mDL and a VC, with the VC also able to “Share QR and/or NFC functions” and “Share user interface, secured data storage”, that feels like a narrow path towards a possible interoperable future…

What did I get wrong above?
What did others in the community take away from the presentation?

Best Regards,


Anil John
Technical Director, Silicon Valley Innovation Program
Science and Technology Directorate
US Department of Homeland Security
Washington, DC, USA

Email Response Time – 24 Hours


From: steve.e.magennis@gmail.com<mailto:steve.e.magennis@gmail.com> <steve.e.magennis@gmail.com<mailto:steve.e.magennis@gmail.com>>
Sent: Wednesday, October 6, 2021 10:42 AM
To: 'W3C Credentials CG' <public-credentials@w3.org<mailto:public-credentials@w3.org>>
Subject: W3C Credentials CG Call Tues: mobile DL deck

CAUTION: This email originated from outside of DHS. DO NOT click links or open attachments unless you recognize and/or trust the sender. Contact your component SOC with questions or concerns.

Thanks to everyone for the engaging call yesterday, attached is the deck Arjan presented. mDL is gaining momentum in the states and while it may take a while to get utility scale coverage for its’ 230M people, it does hold the promise of a being a privacy preserving, portable, cryptographic identity credential that leverages an established and proven identity proofing ecosystem. With aspirations of expanding beyond the core ‘right to drive’ use cases and identity-specific credential issuance I believe ISO’s work could benefit greatly from the advances we are developing that addresses the myriad issues associated with broader use cases and adoption.


From: Mike Prorock <mprorock@mesur.io<mailto:mprorock@mesur.io>>
Sent: October 3, 2021 4:15 PM
To: W3C Credentials CG <public-credentials@w3.org<mailto:public-credentials@w3.org>>
Subject: [Agenda] W3C Credentials CG Call Tues, Oct 5, 9am PT, 12pm ET, 5pm GMT, 6pm CET / 6AM+1 NZDT

TL;DR: An overview of mDL

A few folks from UL have graciously agreed to get the CCG an overview of mDL
Topics Covered and open for discussion:
* the scope of the current ISO standard
* the context for some of the key choices made by the working groups
* the components comprising, and the anticipated challenges of developing, an ecosystem based on the standard
* comments and discussion around potential alignment and/or compatibility with the VC Data Model

Tuesday, October 5, 2021
Time: Tuesdays, at 9am PT, Noon ET, 5pm GMT, 6pm CET / 6AM+1 NZDT
(see: https://www.timeanddate.com/worldclock/converter.html?iso=20211005T160000&p1=tz_pt&p2=tz_et&p3=tz_cest<https://urldefense.us/v3/__https:/www.timeanddate.com/worldclock/converter.html?iso=20211005T160000&p1=tz_pt&p2=tz_et&p3=tz_cest__;!!BClRuOV5cvtbuNI!WXXjyHTVfEsFVYF0LcaoQWaoMErTHPdAPAGIyT1k7p-OWtW_QCCbLWl8C1l2V2jphUeX$>)

If you need this added to your calendar, you may access the CCG Calendar here (which contains times, meeting links, etc):
and in .ics format at the following link:

Text Chat:

Jitsi Teleconf:

     US phone: tel:+1.602.932.2243;1

We are working on SIP dial-in and international phone numbers.

Duration: 60 minutes


MEETING MODERATOR: Michael Prorock <mprorock@mesur.io<mailto:mprorock@mesur.io>>
1. Agenda Review (2 minutes)
2. IP Note: (1 minute)
Anyone can participate in these calls. However, all substantive contributors to any CCG Work Items must be members of the CCG with full IPR agreements signed. https://www.w3.org/community/credentials/join<https://urldefense.us/v3/__https:/www.w3.org/community/credentials/join__;!!BClRuOV5cvtbuNI!WXXjyHTVfEsFVYF0LcaoQWaoMErTHPdAPAGIyT1k7p-OWtW_QCCbLWl8C1l2V7_bWUv2$>
    a. Ensure you have a W3 account: https://www.w3.org/accounts/request<https://urldefense.us/v3/__https:/www.w3.org/accounts/request__;!!BClRuOV5cvtbuNI!WXXjyHTVfEsFVYF0LcaoQWaoMErTHPdAPAGIyT1k7p-OWtW_QCCbLWl8C1l2V03W4sjP$>
    b. W3C COMMUNITY CONTRIBUTOR LICENSE AGREEMENT (CLA): https://www.w3.org/community/about/agreements/cla/<https://urldefense.us/v3/__https:/www.w3.org/community/about/agreements/cla/__;!!BClRuOV5cvtbuNI!WXXjyHTVfEsFVYF0LcaoQWaoMErTHPdAPAGIyT1k7p-OWtW_QCCbLWl8C1l2V12mej_i$>
3. Call Notes (1 minute)
    a. These minutes and an audio recording of everything said on this call are archived at https://w3c-ccg.github.io/meetings/<https://urldefense.us/v3/__https:/w3c-ccg.github.io/meetings/__;!!BClRuOV5cvtbuNI!WXXjyHTVfEsFVYF0LcaoQWaoMErTHPdAPAGIyT1k7p-OWtW_QCCbLWl8C1l2VyI6PTHy$>
    b. We use IRC to queue speakers during the call as well as to take minutes. http://irc.w3.org/?channels=ccg<https://urldefense.us/v3/__http:/irc.w3.org/?channels=ccg__;!!BClRuOV5cvtbuNI!WXXjyHTVfEsFVYF0LcaoQWaoMErTHPdAPAGIyT1k7p-OWtW_QCCbLWl8C1l2VzJCiJzk$> or http://irc.w3.org:6665/#ccg<https://urldefense.us/v3/__http:/irc.w3.org:6665/*ccg__;Iw!!BClRuOV5cvtbuNI!WXXjyHTVfEsFVYF0LcaoQWaoMErTHPdAPAGIyT1k7p-OWtW_QCCbLWl8C1l2V9DCgMBJ$> or the Jitsi text chat.
    c. All attendees should type “present+” to get your name on the attendee list in the transcript.
    d. In IRC type “q+” to add yourself to the queue, with an optional reminder, e.g., “q+ to mention something”. The “to” is required.
    e. If you’re not on IRC, simply ask to be put on the queue.
    f. Please be brief so the rest of the queue get a chance to chime in. You can always q+ again.
    g. NOTE: This meeting is held by voice, not by IRC. Off-topic IRC comments are subject to deletion from the record. We work hard to manage a single thread of conversation so everyone can participate and be heard. Please respect the group process by joining the queue when you have something to contribute.
4. Scribe Selection (2 minutes)
We need a volunteer to scribe. Scribe List: https://docs.google.com/document/d/1LkqZ10z7FeV3EgMIQEJ9achEYMzy1d_2S90Q_lQ0y8M/edit?usp=sharing<https://urldefense.us/v3/__https:/docs.google.com/document/d/1LkqZ10z7FeV3EgMIQEJ9achEYMzy1d_2S90Q_lQ0y8M/edit?usp=sharing__;!!BClRuOV5cvtbuNI!WXXjyHTVfEsFVYF0LcaoQWaoMErTHPdAPAGIyT1k7p-OWtW_QCCbLWl8C1l2V3vFN6b8$>
5. Introductions & Reintroductions (5 minutes --> :11) (see scribe doc for reintroduce column)
6. Announcements & Reminders (2 minutes)
7. Progress on Action Items (5 minutes --> :18)
8. mDL Presentation
9. Community discussion and feedback

(image/png attachment: image002.png)

(image/png attachment: image003.png)

Received on Friday, 8 October 2021 14:09:16 UTC

This archive was generated by hypermail 2.4.0 : Friday, 8 October 2021 14:09:18 UTC