- From: Orie Steele <orie@transmute.industries>
- Date: Tue, 2 Aug 2022 08:36:28 -0500
- To: Daniel Buchner <dbuchner@squareup.com>
- Cc: Melvin Carvalho <melvincarvalho@gmail.com>, W3C Credentials CG <public-credentials@w3.org>
- Message-ID: <CAN8C-_+sFu+89srniW2b=JMrtzRYQ_Edi1tZeu9n8_891Zs+jA@mail.gmail.com>
This might be helpful: https://docs.ipfs.tech/how-to/address-ipfs-on-web/ OS On Tue, Aug 2, 2022 at 8:17 AM Daniel Buchner <dbuchner@squareup.com> wrote: > Not that I'm aware; it's based on leading bytes and doesn't have a scheme > registered in IANA (https://multiformats.io/multihash/) > > On Tue, Aug 2, 2022, 7:50 AM Melvin Carvalho <melvincarvalho@gmail.com> > wrote: > >> Quick question: >> >> Does "multhash" have its own URI scheme? >> >> On Mon, Apr 4, 2022 at 4:04 PM CCG Minutes Bot <minutes@w3c-ccg.org> >> wrote: >> >>> Thanks to Our Robot Overlords for scribing this week! >>> >>> The transcript for the call is now available here: >>> >>> https://w3c-ccg.github.io/meetings/2022-03-15/ >>> >>> Full text of the discussion follows for W3C archival purposes. >>> Audio of the meeting is available at the following location: >>> >>> https://w3c-ccg.github.io/meetings/2022-03-15/audio.ogg >>> >>> ---------------------------------------------------------------- >>> W3C CCG Weekly Teleconference Transcript for 2022-03-15 >>> >>> Agenda: >>> >>> https://www.w3.org/Search/Mail/Public/advanced_search?hdr-1-name=subject&hdr-1-query=%5BAGENDA&period_month=Mar&period_year=2022&index-grp=Public__FULL&index-type=t&type-index=public-credentials&resultsperpage=20&sortby=date >>> Topics: >>> 1. Introductions and Reintroductions >>> 2. Announcements and Reminders >>> 3. CCG Work Items for promotion to VC WG >>> Organizer: >>> Heather Vescent, Mike Prorock, Kimberly Linson >>> Scribe: >>> Our Robot Overlords >>> Present: >>> Kimberly Linson, Manu Sporny, Brian, Ryan Grant, Dmitri >>> Zagidulin, Shawn Butterfield, Chris Abernethy (mesur.io), Markus >>> Sabadello, Leo, Kerri Lemoie, Mike Prorock, Andy Miller, Orie >>> Steele, Charles E. Lehner, Kaliya Young, Adrian Gropper, Brent >>> Zundel, David I. Lehn, Kayode Ezike, Jeff Orgel, TallTed // Ted >>> Thibodeau (he/him) (OpenLinkSw.com), Mahmoud Alkhraishi, Juan >>> Caballero, Heather Vescent >>> >>> Our Robot Overlords are scribing. >>> Kimberly Linson: Recording is on. >>> Kimberly Linson: I just. >>> <kerri_lemoie> high five back! >>> Kimberly Linson: High five to the air so we're all good okay so >>> let's kind of walk through just our agenda review we're going to >>> talk about the will go through sort of our housekeeping items and >>> then we're going to do our main topic today which is that man is >>> going to frame the context for us around the new VC working group >>> Charter and some of the work items that we have that are going to >>> move or potentially move to. >>> Kimberly Linson: To to that group. >>> Kimberly Linson: Go ahead and run through our housekeeping >>> stuff. >>> Kimberly Linson: So first off anyone is welcome to participate >>> in these calls however if you are wanting to make substantive >>> contributions we really would invite you to join the ccg you have >>> to do two things in order to to be a full contributor one is join >>> the ccg the link to do that to have an account its free to anyone >>> is in that link is in that. >>> Kimberly Linson: Into that I sent. >>> Kimberly Linson: That's step one step two is to sign the >>> community contributor license agreement and the link to that is >>> also in in the agenda so I would definitely if you have not >>> already done that please do then just a couple of things about >>> how to participate in the call first of all you're in jitsi which >>> means that you've done step one and if you have audio issues or >>> something doesn't seem to be quiet. >>> Kimberly Linson: Right we do know that. >>> Kimberly Linson: They're sort of. >>> Kimberly Linson: Be sometimes be some issues in the system >>> couple workarounds or one too just refresh to is to try a >>> different browser and know that that's worked for me on a couple >>> of different occasions to just switch over to Safari the minutes >>> and audio are of everything that's said on this call are recorded >>> and archived and they are also that link to that archive is also >>> in the agenda and so you can go there to look at those. >>> Kimberly Linson: We use iirc to. >>> Kimberly Linson: Jurors during the call as well as to take >>> minutes we have this awesome CG bought that you can see that is >>> transcribing and recording everything so hopefully we won't need >>> a scribe but just to give your give you a few little tips on how >>> to to use the are see if you aren't familiar with it one is it if >>> you have something you want to say just add yourself to the queue >>> by typing q+ if you change your mind you can pick you -. >>> Kimberly Linson: If you see something in the transcription that >>> the CG Bot got wrong. >>> Kimberly Linson: Our that the CG bought got wrong then you can >>> do s: / whatever was incorrect Bob / what's correct Robert and so >>> you can fix anything and I've actually asked that as an entire >>> Community we do that and thanks man you for putting that in there >>> yes so so I'd asked us all to kind of keep an eye especially on >>> the things that you say and make sure that that. >>> Kimberly Linson: It is represented correctly. >>> Kimberly Linson: And let's see so now I think we're too we'll >>> skip the Scribe selection I don't think we need that because >>> hopefully the CG bot will do that for us and we get to do >>> introductions do we have anybody new to the community or who >>> would like to hasn't been here for a while who'd like to >>> reintroduce themselves. >>> Kimberly Linson: We'd love to welcome you. >>> >>> Topic: Introductions and Reintroductions >>> >>> Kimberly Linson: And is a former educator I know to give that a >>> very long pause but I don't see anybody and I recognize most of >>> the names here so I'll go ahead and move to announcements and >>> reminders. >>> Kimberly Linson: Anybody have an announcement for us. >>> >>> Topic: Announcements and Reminders >>> >>> Manu Sporny: https://w3c.github.io/vc-wg-charter/ >>> Manu Sporny: Yeah just two things the first one is reminder this >>> is the weekly reminder that the verifiable credentials working >>> group Charter is under active development please read it provide >>> some input we're going to be talking about it today but things >>> really do seem to be wrapping up on it so please kind of read it >>> as it stands right now and you know. >>> Manu Sporny: You're running out of time the chart looks is >>> starting to look pretty good right now so I don't think this >>> community would have any objections with it but just a reminder >>> that that's happening the other kind of news is that it looks >>> like the did formal objections or moving forward a bit with the >>> director can't say much more than that but looks like there's >>> some movement there so that's good and that's it. >>> Kimberly Linson: Great thank you any other announcements >>> reminders. >>> Manu Sporny: https://w3c.github.io/vc-wg-charter/ >>> Kimberly Linson: All right I checked and it doesn't seem like we >>> have any action items that we need to talk about but if somebody >>> has somebody thing that they want to bring up there now would be >>> the time to do so. >>> >>> Topic: CCG Work Items for promotion to VC WG >>> >>> Kimberly Linson: Okay great then let's get into to the main >>> topic for for today as I said at the beginning this was a good >>> topic for me to have as my first one because it really gave me >>> the opportunity to dive in and see what it is that we're doing >>> and I have to save it as a community group it is amazing the >>> amount of work and expertise that were contributing and I know >>> you all know that in parallel to our work the the. >>> Kimberly Linson: Is also doing their work and so today's topic >>> is really to as man you said think about those items that we've >>> been working on and do they need to be promoted to to the formal >>> BC working group so I'm going to go ahead and turn it over to >>> Manu to walk us through the context and then we can have a good >>> discussion around that after he's finished. >>> Manu Sporny: Okay thanks Kimberly Bryant I don't know if you >>> would also I'm sorry to put you on the spot print but I don't >>> know if you would like to say some things to kind of start at >>> Brent's Brent's one of the co-chairs of the verifiable >>> credentials working group or if you want me to just dive into >>> things. >>> Brent Zundel: Manu I will certainly leave it to you to dive into >>> things and I'm happy to chime in if folks want me to talk. >>> Manu Sporny: https://w3c.github.io/vc-wg-charter/ >>> Manu Sporny: Okay awesome thanks Brent okay so Brent is our >>> fearless leader in the verifiable credentials working group and >>> has been a chair therefore since the since the dawn of time for a >>> long time and currently as I mentioned we've been working on this >>> verifiable credentials working group Charter I'm going to go >>> ahead and share going to tempt fate and share my screen. >>> Manu Sporny: Sorry to do this to you on your first first time >>> Kimberly butt. >>> Kimberly Linson: That's okay you said if you said if it was if >>> it got broken to just call on you so since you're in charge there >>> you go you can break it and then fix it. >>> Manu Sporny: Exactly okay so here's the charter so the >>> verifiable credentials working group Charter and there's a >>> portion of the charter that talks about the group's deliverables >>> and typically this group The credentials community group has been >>> a feeder of incubated specifications to the verifiable credential >>> working group now this not the only path. >>> Manu Sporny: Earth to the VC. >>> Manu Sporny: G but it is a path and we have a number of >>> community work items that have found themselves in the verifiable >>> credentials working group Charter so there's a part of the >>> process here where this community hands are work items over to >>> the official working group and there is a process there's a >>> community group process for that you publish what I think is >>> called a final community group report. >>> Manu Sporny: People in this community then if you worked on it >>> make concrete IP our commitments basically is asserting that yes >>> I worked on it no I don't know about any patents or if I do know >>> about patents I will bring them to light I will let everyone know >>> about it in in in in most cases contribute the patents for the >>> specific purposes of the specification so that process so if you. >>> Manu Sporny: Dissipated in any of these items there's. >>> Manu Sporny: Asian that you're going to make that patent >>> commitment on the specification so what items are in this group >>> that are moving over currently we have listed the data Integrity >>> specification Jason Webb signature 2020 Edwards curve signature >>> for David data Integrity the same thing for the nist. >>> Manu Sporny: T curve. >>> Manu Sporny: Thing for the Bitcoin also known as the Cobell its >>> curves theory mises that stuff as well and then we have >>> conditional normative specifications that basically say if these >>> things progress in some groups outside of the group we will take >>> the work up as well so there's the pgp crypto Suite which is >>> currently in or he's repo here we've got BBS plus which. >>> Manu Sporny: Which you know work is happening. >>> Manu Sporny: At ietf in diff on that and we've got the jwp stuff >>> where work is happening at diff in ITF on that so the the whole >>> discussion today is really around like this section of the of the >>> specification I'm sorry I forgot to mention the post Quantum >>> crypto stuff as well that mic Pro Rock and in that groups working >>> on so but but. >>> Manu Sporny: Basically we're talking about this section. >>> <mprorock> * i feel slighted ;) >>> Manu Sporny: Write all the all the stuff in here I sent out a >>> kind of every year we present this roadmap about what the group >>> is doing and this I tried to update it I'm sorry if I missed >>> something there's a lot of stuff to keep track of I tried to >>> include all the things this community has been working on since >>> like you know 2010 ish. >>> Manu Sporny: 14 Ish all the way to present. >>> Manu Sporny: A and then try to predict out that like 20:27 based >>> on the stuff that we know this does not include work items that >>> for example diff is working on it doesn't include work items that >>> are happening at ietf unless they originated in the ccg so it's >>> missing some things with the Hope here is that it gives everyone >>> a pretty good idea of like the types of things we've worked on in >>> the past and what we're getting ready to move over so. >>> Manu Sporny: Cific Lee if we if we scroll down here. >>> Manu Sporny: The red line is today so this is this is where we >>> are today and if we scroll down here to the cryptography section >>> right here so the cryptography section this is where we are today >>> in each one of these items is an official work item in a official >>> w3c working group so as you can see we are getting ready to hold >>> like hand over a. >>> Manu Sporny: A huge amount of. >>> Manu Sporny: From this group to official working groups at w3c >>> so that is like a huge success story I think they're not all >>> going to the same working group this one here at the top actually >>> you know what let me let me pause for a second I've kind of fire >>> hose the group with information are there any questions at least >>> at a high level about what we're talking about today or just >>> general questions about the. >>> Manu Sporny: Okay so that's either everyone understand well >>> let's see where's the queue right so either everyone understands >>> or we're all totally lost one of the do I'll keep going feel free >>> to put yourself on the Queue if there's any any questions so >>> they're really two working groups at w3c that ccg work is going. >>> Manu Sporny: To the first world. >>> Manu Sporny: In group is a very specialized working group to >>> standardize this spec up here rdf data set canonicalization this >>> spec has been incubated in this group and other groups for a >>> decade now literally this work has been going on for a decade and >>> it's finally moving over to an official working group with the >>> time span of two years to standardize it the good news here is >>> that this thing has been pretty settled for six years now. >>> Manu Sporny: Now 7 years now but it. >>> Manu Sporny: Goes to show you sometimes how long some of these >>> things can take to actually get it into an official working group >>> so rdf data set canonicalization is going into a working group >>> called rdf data set canonicalization hashing working group at w3c >>> that group will run in parallel with the re-chartered verifiable >>> credentials 2.0 working group The VC 20 working group will build >>> upon this work and and. >>> Manu Sporny: Their work elsewhere. >>> Manu Sporny: Um and it will be taking all of these >>> specifications in right so things like data Integrity multi base >>> multi hash and multi key this one's a little gray area right now >>> but other things like Jason Webb signature the Edwards curve >>> crypto sweet the nist crypto sweet the Cobell it's Bitcoin >>> ethereum crypto sweet. >>> Manu Sporny: All you know fairly well formed and inspects that >>> can be pulled in the BBS Plus work needs more work at ietf but >>> we've been able to basically phrase the charter so I'm going to >>> switch back over to the Charter we've been able to phrase the >>> charter in the in this kind of conditional normative >>> specification term so basically this means that. >>> Manu Sporny: Plan to publish official standards for these >>> Technologies if the base work for these Technologies are >>> completed before the working group ends so there's base >>> technology for BBS plus that has to happen at ITF and there's >>> base technology for J WP s that has to happen at ietf before the >>> verifiable credentials working group can take it over. >>> Manu Sporny: Over so these things are. >>> Manu Sporny: Like optional we may not get to them we really hope >>> we get to them but it's totally dependent on groups that are kind >>> of external to the VC WG to deliver on the things that they said >>> they were going to deliver on okay so going back to kind of this >>> diagram that's why BBS plus doesn't start for maybe another year >>> in the group there's some pre-work there that needs to be done. >>> Manu Sporny: Let me stop there to see if there any questions. >>> Kimberly Linson: Well I was trying to keep question mark But I >>> added myself to the queue so I will ask you so so the official >>> Charter like how long of a period of time does that VC working >>> group Charter span. >>> Manu Sporny: Right great question so the charter span see oh wow >>> they don't have it it's two years basically right in once we know >>> the start date will will lock those time periods in there so at >>> the top it's typically two years and they really don't like w3c >>> members really don't like giving Charters more time than that >>> they don't like work that doesn't complete in something concrete >>> so we basically have. >>> Manu Sporny: Two years. >>> Manu Sporny: Extensions but and they're typically granted if >>> they're reasonable but if you have like failed to produce >>> something implementable at two years that you basically just acts >>> the group they shut you down which is why it's so important that >>> we go in with pre incubated work the other thing that's >>> interesting to look at here from timeline is section 2 6 where it >>> talks about like what happens a month after two months after five >>> months after 6 months. >>> Manu Sporny: After most w3c Charters have. >>> Manu Sporny: Are and and language like f PW d means first public >>> working draft CR means candidate recommendation like for >>> implementation implementer should start implementing at that >>> point and Rec means recommendation also known as kind of like an >>> official global standard so that's the time frame two years and >>> it's kind of broken down a bit in here and it's everyone that's >>> been in a w3c working group can attest to this is largely. >>> Manu Sporny: A work of fiction. >>> Manu Sporny: Things don't always go according to plan but you >>> know should give you a rough idea of what we intend to do. >>> Kimberly Linson: Thanks Charles is on the queue. >>> Charles E. Lehner: Hi can you hear me. >>> Charles E. Lehner: Hi I was wondering about the IP our >>> commitment process you mentioned how it works coming from with >>> documents coming from ccg and I was wondering how it works if >>> it's the same for the other potential documents coming from other >>> organizations. >>> Manu Sporny: That's a great question documents coming from other >>> organizations that have their own IP are mode or tend to be very >>> problematic in that it takes us a while to figure it out now if >>> that organization has a w3c mode like for example diff does >>> moving things overs typically much easier for the lawyers to >>> reason their way through it so Charles was your question mostly >>> about external documents coming in. >>> Charles E. Lehner: Yeah about the conditional normative >>> specification documents but. >>> Manu Sporny: Okay okay that's a great question because these are >>> there are two partners here this there's a two parts to the >>> answer here right so the BBS plus crypto Suite is a ccg work item >>> so at some point not now but maybe in a year maybe in six months >>> this group will have to create a final community group report on >>> the BBS plus specification and then hand it over to the be cwg. >>> Manu Sporny: Ever the base. >>> Manu Sporny: Primitives will be ITF work items so ietf doesn't >>> hand that stuff over to w3c ITF just basically says we've got it >>> we will standardize the base cryptographic Primitives and ITF in >>> you ccwg in your crypto sweet can refer to our specs so in the VC >>> w g what we would do if everything is in order at ITF the V CW G >>> would start pointing normatively. >>> Manu Sporny: Lie to the BBS. >>> Manu Sporny: ITF specifications did that help Charles. >>> Manu Sporny: The other part of that question which is also >>> interesting that I don't think many of us have been through here >>> is this whole concept of a final community group report in so if >>> you'll notice on our community group webpage we have these final >>> reports in like the vc10 use cases was one of those things the >>> data model 10 was one of those things in the did Speck was one of >>> those things there was. >>> Manu Sporny: A point in time where we did. >>> Manu Sporny: Doing today where we said okay we need to hand over >>> a bunch of specs and the editors of those specs publish them as >>> final reports in got licensing commitments on those final reports >>> so if I go and I click on like the did licensing commitments it's >>> takes a while to load because it's got a load all 460 people in >>> the group but you'll see these commitments from the credentials >>> community group on this did spec so you'll see you. >>> Manu Sporny: Like Dan burn. >>> Manu Sporny: Commitment reuven made a commitment Michael Zoo >>> Pele I mean all these people that worked on the did spec made >>> commitments right so all this yes stuff our commitments basically >>> saying we are not withholding any kind of intellectual property >>> or anything on the spec but if you go down far enough like there >>> are a lot of people that that made commitments. >>> Manu Sporny: A lot of people made commitments. >>> Manu Sporny: You'll see that some people did not write and that >>> might be because they didn't contribute anything to it it might >>> be because they don't feel like what they did contribute you know >>> would make a difference some of these people might not have been >>> a part of the group at the time right so really what we're >>> looking for are commitments from people that actually contributed >>> material and specifically things that are substantive to the >>> specification so. >>> Manu Sporny: The editor. >>> Manu Sporny: A document will put it out there and publish it and >>> then we'll publish it as a final report and then we will ask the >>> community hey we need you to you know make a commitment if you >>> contributed anything make a commitment and the editors themselves >>> will know like these five people absolutely definitely me need to >>> make commitments or we need to know now that they're not going to >>> make a commitment because then that that creates an air of you >>> know. >>> Manu Sporny: Auntie around IP are so if somebody. >>> Manu Sporny: Substantive thing like a something fundamental and >>> they're refusing to make and I pee our commitments then that's an >>> immediate red flag that you know it's raised now that has never >>> happened either that as far as I know in this group ever but what >>> we are expecting here is that for this work. >>> Manu Sporny: People we're. >>> Manu Sporny: Publish F CG s is final community group >>> specifications for these items and people are going to make those >>> IP our commitments on these documents hopefully that made >>> hopefully that made sense. >>> Kimberly Linson: Thank you does anybody have any questions for >>> me a new queue is currently empty. >>> Kimberly Linson: All right man who are the things that we want >>> to dive into on specifics or. >>> Mike Prorock: +1 That or dive on VC-API implications >>> Manu Sporny: We might want to ask each of the editors where they >>> think they are on prepping you know each document so we might >>> want to dive into each one individually that's one thing we could >>> do the other thing we could do is look at the rest of the road >>> map I don't know if folks would be interested in doing that and >>> asking questions about why things are staged in the way they are >>> or there's X is missing. >>> Manu Sporny: You know why is that. >>> Manu Sporny: Where does it fit in here. >>> Dmitri Zagidulin: +1 To roadmap >>> Manu Sporny: Either either you know we could we could go either >>> way. >>> Kimberly Linson: Mike just brought up a really good point that >>> maybe we should discuss is the VC API work and maybe we can >>> discuss that and then talk about the roadmap so that makes sense. >>> Manu Sporny: Oh yeah plus one. >>> Kimberly Linson: Mike do you want to jump in and give us kind of >>> an overview of the. >>> Mike Prorock: Yeah well like yeah sure and I guess really the >>> thing that is a little bit concerning to me and I think we're >>> making good progress now especially with some of the PRS that are >>> in queue on VC API but there's kind of two things if that work >>> moves over into the working group I think we should have it at a >>> reasonable does not have to be perfect but a reasonable steady >>> state. >>> Mike Prorock: Which would mean. >>> Mike Prorock: In the VC API work item we would want to kind of >>> formalize and say Yep this is what we're considering in scope and >>> we're just going to kind of lock this in a certain point and then >>> re pick up work inside the working group but since that would be >>> moving to a non-normative item that is the other question I have >>> around kind of what are the implications of that. >>> Mike Prorock: That could be detrimental. >>> Mike Prorock: Normative item it may set up the path to a more >>> normative item once we show people working on it so there's a >>> variety of ways that could go strategically and politically and >>> so that's kind of an open for I'd like man whose thoughts on that >>> and then I think that might spur some interesting conversation >>> there so. >>> Kimberly Linson: Great guy had manna. >>> Manu Sporny: Yeah I think that yeah Mike's totally right the >>> this is like a very this is a super interesting what's the word >>> conundrum that that were in with the VC API so so we've got >>> multiple people implementing the VC API and I know the trace >>> folks are doing it I know digital bazaars committed to it you >>> know number of organizations committed to interrupt through the >>> VC API but. >>> Manu Sporny: There have been some. >>> Manu Sporny: See members that have pushed really hard to keep >>> protocol out of scope for the verifiable credentials working >>> group so you will know that there is. >>> Manu Sporny: Out of scope right normative specification of apis >>> are protocols and we are expecting that if we try to put it in >>> scope it would be challenged heavily if not formal objections so >>> the what we've tried to do here is to basically say the group is >>> going to work on a developer guide the VC to working group is >>> going to work on a developer guide and there's going to be input >>> to that one of them is the VC API. >>> Manu Sporny: II just be Capi. >>> Manu Sporny: Other ones can app like we want to be able to talk >>> about protocols that are carrying verifiable credentials over >>> them but we're not allowed to say anything normatively about >>> those things so how are we you know how is this group going to >>> feed VC API into the VC to working group The verifiable >>> credential 20 working group. >>> Manu Sporny: One option. >>> Manu Sporny: When is we just handed over completely and it stops >>> being a ccg work item and then it's up to the verifiable >>> credentials working group to determine what what should happen to >>> the VC API upside there is like hey it's in the group that's >>> great but the only thing they can do is publish it as a note and >>> one of the implications of that that Kyle did hartog brought up >>> which I thought was a great point. >>> Manu Sporny: Point is that because it's a note it. >>> Manu Sporny: Kind of IPR protection whatsoever 0 IPR protection >>> so people can start injecting all kinds of horrible proprietary >>> patented stuff in there and there is no requirement to say >>> anything about that now we know I think all of us don't think >>> like that's going to happen but that is one of the concerns there >>> so option one is give it completely over to the verifiable >>> credential working group but all they can really do is work on it >>> as kind of like a note a developer guide that kind of thing. >>> Manu Sporny: Option two is that we keep it as a ccg work item >>> and we continue to incubate it here it has IPR protection in this >>> group and will continue to have IPR protection in the group and >>> what we can do is hand over snapshots to the verifiable >>> credentials to working group we can basically tell them hey can >>> you snap shot this in they can publish it as a note and they can >>> snapshot you know couple times throughout the year the benefit >>> there is that it has IPR protection and we can continue to >>> incubate it as kind of. >>> Manu Sporny: A high priority item. >>> Manu Sporny: So it'll get like the air it needs to breathe here >>> and have protection while also signaling to the w3c membership >>> that we do plan on doing protocols at some point like maybe not >>> right now but maybe in the VC 30 working group the recharter we >>> plan to put protocols in scope so that's option two option three >>> is to just keep it in the ccg and keep working on it and it would >>> be good you know I don't know. >>> Manu Sporny: If there are other options too. >>> Manu Sporny: Other options of the things that we could do with >>> it or it would also be good to hear back like what do folks feel >>> we should do with that item. >>> Manu Sporny: Let me ask a more pointed question traceability >>> folks what do you want to do with that item I mean you guys >>> depend on it right. >>> Mike Prorock: Yeah I mean I am honestly fine with it going in as >>> a note on the w3c side one of the kind of bigger picture items >>> that we have to balance as kind of the multiple aspects of >>> traceability because a lot of digital traceability is also coming >>> up and there seems to be a critical mass actually on the ietf >>> side right with some working groups there and that's where. >>> Mike Prorock: We have to still find out. >>> Mike Prorock: Willing to be friendly to use of VCS and Ed's >>> right in especially linked data usage and that's a bit of an >>> unknown right now and that's kind of a high risk I don't know or >>> eicu on the queue as well. >>> Orie Steele: Yeah I agree with the what Mike said you know I >>> think when we consider technologies that are related to >>> verifiable credentials dids and the sort of basic cryptographic >>> envelope formats like Jose Jose come to mind and I would want to >>> make sure that I think you know just speaking frankly the >>> verifiable credentials a. >>> Orie Steele: P I work for her. >>> Orie Steele: That's not the only thing that's important support >>> for traditional Jose and cozy a is also really important >>> especially for kids and and so I think. >>> Orie Steele: My experience with the w3c you know especially >>> after the did working group I'm not sure that the w3c is really >>> the best place to do anything related to protocols I think I >>> agree in large part with some of the positions that other w3c >>> members have held that the w3c is not really great at developing >>> protocols and in particular support for Jose and cozy which are. >>> Orie Steele: Of users are actively contributing to and >>> maintaining them at ietf I think there is a future where the VC >>> apis that exist today might be better served becoming more of a >>> dids plus Jose and cozy at ITF but that is the kind of thing that >>> you know it's about going to where the contributors are and >>> asking them how they want to see these Technologies working >>> together. >>> Orie Steele: And recognizing that. >>> <mprorock> it is really nebulous and makes me highly nervous >>> <mprorock> I don't think CCG helps it long term either >>> Orie Steele: Not everyone wants to use the same tools to build >>> their favorite sandcastles so I think the verifiable credentials >>> API as a non normative item at the w3c obviously doesn't really >>> do anything to secure its future anywhere like it could just >>> become a non-normative item and then never be defined further >>> could become a normatively defined API at W3 for support for the >>> defined verifiable potential formats. >>> Orie Steele: I think that's a best-case scenario but. >>> Orie Steele: My experience over the last few years is that even >>> when you plan for something like that you may not actually be in >>> control of achieving it especially given the you know kinds of >>> contributions we see the w3c standards so if it feels nebulous >>> and scary the yeah that's kind of how I feel about it. >>> Kimberly Linson: Go ahead manu. >>> Manu Sporny: Yeah so I mean this is this is this is new to me >>> and that does seem like a very big change in scope and Direction >>> Ori. >>> <orie> there is OIDF as well, working on protcols related to this >>> Manu Sporny: And so where it's so I haven't seen work like this >>> done at ITF ever there's low-level protocol bits and bytes stuff >>> that does happen at ITF but not application you know layer >>> protocols like sip is an example HTTP an example but those are >>> you know much more lower lower level than the VC API we're in the >>> w3c has. >>> Manu Sporny: Unlike application. >>> Manu Sporny: Linked data platform you know they did you know >>> protocol work there we're at ietf are both of you thinking the >>> work would fit in like it would be a complete rewrite of the >>> specification I think that's what I mean that's what I'm hearing >>> is like hey let's not use verifiable credentials let's use >>> something else and let's not do a w3c spec Let's do an ITF spec >>> so it sounds to me like this is a totally different >>> specification. >>> Manu Sporny: And you guys talk. >>> Manu Sporny: What where where did IETF with the work happen. >>> Orie Steele: So I'm not saying any work what happened ietf I'm >>> saying that ITF works on things that I care about deeply and if >>> you look at you know the work on an app that's happening and ietf >>> you can see that you know clearly ITF has ability to gather folks >>> who are passionate about these issues and work on standards there >>> I'm mostly saying that from a software supply chain or hardware >>> supply chain use cases dids and VCS are. >>> Orie Steele: Obviously an important part of that but I think >>> also. >>> Orie Steele: Port for existing cryptosystems like pgp Jose and >>> cozy is an important part of that and bgp Jose and Jose have been >>> defined at ITF so I'm mostly just saying that work will happen >>> where people are and you know obviously the VC API is currently >>> being incubated here in the w3c ccg and the plan is to work on it >>> as a non normative note in the w3c verifiable credentials working >>> group assuming the charter is approved. >>> Orie Steele: It's all I can say about that as I. >>> Orie Steele: I'm just noting that like there are also other >>> things that are happening out in the ecosystem like now and the >>> open ID connect verifiable presentation Flows at open ID >>> foundation and you know I'm interested in contributing to these >>> items as well so maybe really what I'm saying is that work >>> happens outside of the ccg and w3c as well. >>> Kimberly Linson: Thanks Orie, Mike did you want to add some >>> something to that. >>> Mike Prorock: Yeah I mean I can add some color and then some >>> concern I mean the I think a I think fundamentally having the VC >>> API live as a were even traceability for that matter live as a >>> long-term ccg non-normative items not going to be helpful to >>> adoption right and that's that's concerning to me so we have to >>> start thinking even if it's a way down the line where's this >>> going to work in a graduate to in quotes right. >>> Mike Prorock: >>> >>> https://datatracker.ietf.org/doc/html/draft-birkholz-scitt-architecture-00.html >>> Mike Prorock: The I think you know Trends I am seeing in ietf >>> are for sure more work going on on exactly this kind of thing and >>> a case in point there's I'm going to link an individual draft >>> that's dealing more with supply chain from a software supply >>> chain like s bomb and things like that this this work is going >>> on. >>> Mike Prorock: Whether we like. >>> <bumblefudge> Fraunhofer SIT 🤩 >>> Mike Prorock: And so it's kind of forcing some decisions like >>> can we you know try to engage in a positive way and help move >>> those work items forward while also making sure our needs are met >>> from a like I have no desire to move away from verifiable >>> credentials like none whatsoever so you know it's stuff we just >>> kind of have to be aware of that is happening and unfortunately >>> because the players involved that stuff. >>> Mike Prorock: I'll get critical mass. >>> Mike Prorock: Like there's not only you know major players >>> involved in this kind of stuff and at that actual like protocol >>> API level type definition in architecture level definition but it >>> dition Ali there is regulatory momentum to go ahead and push some >>> of that stuff through I mean we're seeing increasing amounts of >>> executive orders on like how do you respond to zero trust >>> architecture things like that so these are you know items at >>> least from the US perspective. >>> Mike Prorock: Spective as well as also you know increased. >>> Mike Prorock: On the EU perspective that we're going to see some >>> of this stuff either you know get moved out of our hands because >>> we're not getting stuff ready quick enough or you know in a >>> presentable State quick enough or sometimes is as as I've seen >>> happen a couple of times lately take the work too far before >>> getting the conversation going with other players right and then >>> then it does become one of those like worst-case scenarios where >>> you're sitting down and rewriting stuff or readapting. >>> Mike Prorock: Whatever you just. >>> Mike Prorock: Forced into using and we want to avoid that as >>> well so so it's a complex it's a complex issue and it does make >>> me nervous and I think it should ultimately anyone who is working >>> heavily on things like VC API or off shoots of it and profiles >>> should be thinking about this stuff you know broadly and from a >>> big picture with you know who are the players in the ecosystem >>> taking this stuff seriously. >>> Mike Prorock: You know who made. >>> Mike Prorock: Out-compete whether we want them to or not. >>> Manu Sporny: Yeah I guess it's so I what I'm hearing is that >>> there are other groups out there that are working on technologies >>> that either directly compete with verifiable credentials or >>> directly compete with the verifiable credential API and we should >>> be aware of those initiatives I think that's the one of the >>> things I'm hearing the other thing I'm hearing is that. >>> Manu Sporny: Ricci might not be the best place for some of this >>> work and I think there was a finger pointed at the VC API >>> potentially so those are the two things I heard both Orion and >>> Mike you saying please correct me if I didn't hear that correctly >>> the third thing is a bit it's so nebulous it's hard for me to >>> understand what you're asking the community to do. >>> Manu Sporny: Do other than be. >>> <orie> I am not asking for anyone to do anything. >>> <orie> contribute where you think you should. >>> Manu Sporny: In the be aware even that is kind of like it's you >>> know it's not clear to me what the alternate plan wouldn't what >>> an alternate plan would be so I'm not hearing a very okay so are >>> you saying he's not asking anyone to do anything just be aware >>> that other work is happening elsewhere so let me let me stop >>> talking no mics on the Q I'm having a hard time. >>> Mike Prorock: Yeah I can get I can get into some very specifics >>> you know from like my personal and this is not chair hat right >>> this is just like me personal member of the community writing and >>> deploying software that is dependent on these specs right and >>> building a business that touches all this stuff you know you know >>> I think this is one of the reasons I fought very hard to make >>> sure in. >>> Mike Prorock: The working group. >>> Mike Prorock: Order for the next version of the VC API that we >>> can discuss from a practical developer standpoint what are the >>> implications of this and how do you work with these things and I >>> fought very strongly for the inclusion of two key items one was >>> the ability for us to discuss the oid see work going on you know >>> for exchange of credentials right over oid see that is obviously >>> work that is going on outside the w3c that is directly related. >>> Mike Prorock: And impacting on VCs I don't think that's. >>> Mike Prorock: I think that's just a thing right but we when we >>> think about it from a broader verifiable credential standpoint we >>> need to be able to guide and provide advice around how do you >>> actually interact with that stuff are we so you know what is >>> helpful etcetera same thing with the VC API and I don't see a >>> problem and I'm fact I plan to and I've stated multiple times in >>> the working group you know plan to one author you know or make >>> significant contributions. >>> Mike Prorock: Tribution stew that developer guide for both. >>> Mike Prorock: And for the VC API aspect if not fully flushing >>> and helping to fully flush out into find the VC API in a note >>> standpoint so I that is the path that I am proceeding down that >>> does not negate more detailed you know specific work that may >>> have normative requirements either in w3c or elsewhere right and >>> so that's I think the hit man who does that help clarify a bit >>> like you know but I. >>> Mike Prorock: Yeah and in the main reason on like the be. >>> <identitywoman> The Relying party problem (where can VCs be >>> accepted) is a really big one - the OIDC relying party "solution" >>> is reasonable - expecting everyone to rip and replace completely >>> to use VCs. >>> <identitywoman> is not reasonable >>> Mike Prorock: It's like especially from you know and I'm you >>> know being blunt here but like especially when we look at the >>> Microsoft's the IBM's the sap is the world right these are the >>> folks that to date have had a Stranglehold on this kind of >>> information exchange possibly also with GSX if you want to go >>> down the EDI path also you know additionally and so we need to be >>> aware that they will do you know players that have an established >>> foothold will do what they can to prevent losing. >>> Mike Prorock: That established footholds. >>> Mike Prorock: And it's just something we talked around that >>> issue a lot but we should be aware of it concretely and also be >>> very much Mindful and watching carefully what they are doing in a >>> standards basis to that could potentially serve as something that >>> is a competing standard that is a standard possibly even >>> sometimes in name only in order to justify a proprietary solution >>> and those are things we need to avoid from a lock-in standpoint >>> etcetera. >>> Kimberly Linson: Thanks Mike Adrian you're on the Queue next. >>> Adrian Gropper: Yes after working on this issue that we're >>> talking about now for about a year and talking to a lot of people >>> my conclusion has is that the protocol work that's going on here >>> under the very reasonable flag of self Sovereign identity and >>> authentication things does not Translate. >>> Adrian Gropper: Late in. >>> Adrian Gropper: Moving those under that decentralisation self >>> Sovereign flag to protocol work as it's being done in w3c and so >>> I at least you know have am completely moving the protocol >>> attention to ietf basically because you know the things that are >>> very much in the news these days whether you want to call. >>> Adrian Gropper: Them human. >>> Adrian Gropper: You trust or other things like that have to do >>> with the platform issues regulating the platforms and and things >>> like that and we just seeing that every day and to me the >>> protocol work that I've witnessed here is just completely >>> detached from the reality of what the world is worried about in >>> Europe and different cultures. >>> Adrian Gropper: Seeing again from this antitrust and human >>> rights perspective thank you that's it. >>> Kimberly Linson: Man who I have you on the queue. >>> Mike Prorock: +1 Manu >>> Manu Sporny: Yeah just real quick to Adrian Adrian that is just >>> not true we have gotten delegate abby'll authorization >>> capabilities working for the VC API full delegation so it >>> achieves the things you've been asking for for a long time we >>> have yet to put it in scope because the group's not ready to do >>> it yet so I strongly strongly disagree with your notion that >>> we're not paying attention to things like human rights and >>> delegation. >>> Manu Sporny: And specifically. >>> Manu Sporny: Ensuring that providers don't prevent you know >>> those holders from delegation so that's the first point the >>> second Point Orion Mike maybe I read what you two are saying as >>> in as a you're abandoning the be Capi work I don't think that's >>> what you meant to communicate but that's how I read it or even >>> abandon the be Capi work at w3c so. >>> Manu Sporny: +1 To support VC-API, yes, DB is fully committed to >>> that work item. >>> Mike Prorock: Okay quite the yeah and I'm on Q I'm just going to >>> act myself because of time and quite the opposite I mean that's >>> why I stated clearly like I plan on you know if not being a >>> primary author like major contributions on the actual developer >>> guide node or whatever that ends up becoming and that will >>> include how do we do restful exchange and handling of verifiable >>> credentials period end of sentence right but so and I'm assuming >>> that we'll start with the. >>> Mike Prorock: Capi we bring that in and then we evolve it as >>> well. >>> Mike Prorock: Group I'd be that's. >>> Mike Prorock: That is absolutely my attention there so I don't I >>> think that Baseline how do you do this stuff over rest is such a >>> core implied thing that we have to talk about it as working group >>> right and to the point where I am willing to sacrifice a lot of >>> my own time to go make sure that gets done so. >>> Kimberly Linson: Thanks Mike, Orie. >>> Manu Sporny: +1 To what MikeP was saying. >>> Orie Steele: Yeah I'm you know working with folks on the >>> verifiable credentials Charter on in support of the work items >>> that have been added both you know as normative deliverables on >>> non-normative deliverables and in the VC working group is going >>> to be the place where the VC API even gets defined better or it >>> doesn't but good news is that it's a note in either case so I >>> mean I'm contribute to working in that workgroup on the item and >>> yes like at some point this community. >>> Orie Steele: Group should theoretically. >>> Orie Steele: Each day final Community Draft before handing that >>> work to them but if it's going to go into a note it doesn't seem >>> like that really matters and so really what I'm saying is I'll >>> continue to do work on the item wherever it is. >>> Manu Sporny: Yeah okay plus 1 that's so that's that's crystal >>> clear and that's good thank you for making clarification like a >>> Nori the note thing a w3c has traditionally been used to signal >>> that the group would like to pick something up like groups >>> actually right in the top of the document we intend to pick this >>> up as a normative work item at some point in the future and that >>> is usually a very good signal that leads to a smoother each >>> ordering process so that's why. >>> Manu Sporny: Some groups have published notes for things. >>> Mike Prorock: +1 Manu >>> Manu Sporny: To take wreck track in Annex recharter it just >>> makes it all you know it makes all of it much much easier my >>> suggestion is that we can do both we can continue to work on that >>> in this group and refine it and get the test Suites get >>> interoperability working while throwing snapshots over the wall >>> to the verifiable credential working group I think that gets us >>> the best of both worlds. >>> Manu Sporny: And keeps us very nimble. >>> Manu Sporny: In ensures that we keep it at number one priority >>> will not be a number one priority in the verifiable credentials >>> working group but we as the ccg for the VCA be I can keep in a >>> you know very high priority and in finish it up with respect to >>> like work going on elsewhere yes indeed be again to be to be >>> blunt I think that there is damaging work happening in other >>> organizations when it comes to protocols and verifiable >>> credentials. >>> Manu Sporny: And I don't expect that to be. >>> Manu Sporny: Traversal will point fingers at which organizations >>> are doing it but you know I think you're both Orion my core right >>> we need to be on top of that we need to pay attention to the work >>> happening elsewhere in there are very powerful Market forces that >>> could either accidentally re centralize everything or on purpose >>> centralized things for you know the purposes of market dominance >>> and things of that nature that's it. >>> <orie> Many folks feel the same way about the CCG manu... it's >>> the nature of human tribalism. >>> Kimberly Linson: Mike you've got 30 seconds. >>> Mike Prorock: Yeah and in conclusion I would also say that and >>> you know in a little bit of clarification man who around like >>> damaging work I think in some cases like the software supply >>> chain stuff I think it's extremely well intentioned and really >>> important work just that VCS weren't on their radar neither were >>> kids but there was a desire to go after there is a desire to go >>> after decentralisation so they seem willing to learn and engage >>> at least at the you know early stages. >>> <bumblefudge> perhaps they were really wed to COSE? >>> <orie> yes, some folks like COSE over JSON. >>> <manu_sporny> I know folks feel the same way about CCG, Orie :) >>> -- and it is the unfortunate nature of tribalism. People spend >>> time on the things that they want to contribute to, where they >>> want to contribute to them. >>> Mike Prorock: They can write and ultimately could help adoption >>> if you know if we approach the right way if we don't approach it >>> in a you know we can't you know like anything right you can't go >>> in assuming that we have the only right path and everything else >>> right it's yes we have a a path it is right in many many ways but >>> it also can be adopted into other things right or as a piece of >>> other things so. >>> <bumblefudge> patience!? >>> Kimberly Linson: Great thank you this was a really interesting >>> discussion and I'm I learned a lot about sort of how the >>> community group and and the working groups work together and so I >>> really appreciate everybody's input we're just about at time so >>> I'm going to go ahead and wrap us up I'll let you know that next >>> week I'm going to be talking about decentralized storage thank >>> you everybody for your patience with me today and have a great >>> rest of your day thank you. >>> <manu_sporny> You did great, Kimberly! :) >>> <heather_vescent> Great job Kimberly!! >>> <bumblefudge> you're doing great! thanks so much >>> <kerri_lemoie> Thank you! >>> >>> >>> -- *ORIE STEELE* Chief Technical Officer www.transmute.industries <https://www.transmute.industries>
Received on Tuesday, 2 August 2022 13:36:57 UTC