Re: [MINUTES] W3C CCG Credentials CG Call - 2022-03-15

This might be helpful:


On Tue, Aug 2, 2022 at 8:17 AM Daniel Buchner <> wrote:

> Not that I'm aware; it's based on leading bytes and doesn't have a scheme
> registered in IANA (
> On Tue, Aug 2, 2022, 7:50 AM Melvin Carvalho <>
> wrote:
>> Quick question:
>> Does "multhash" have its own URI scheme?
>> On Mon, Apr 4, 2022 at 4:04 PM CCG Minutes Bot <>
>> wrote:
>>> Thanks to Our Robot Overlords for scribing this week!
>>> The transcript for the call is now available here:
>>> Full text of the discussion follows for W3C archival purposes.
>>> Audio of the meeting is available at the following location:
>>> ----------------------------------------------------------------
>>> W3C CCG Weekly Teleconference Transcript for 2022-03-15
>>> Agenda:
>>> Topics:
>>>   1. Introductions and Reintroductions
>>>   2. Announcements and Reminders
>>>   3. CCG Work Items for promotion to VC WG
>>> Organizer:
>>>   Heather Vescent, Mike Prorock, Kimberly Linson
>>> Scribe:
>>>   Our Robot Overlords
>>> Present:
>>>   Kimberly Linson, Manu Sporny, Brian, Ryan Grant, Dmitri
>>>   Zagidulin, Shawn Butterfield, Chris Abernethy (, Markus
>>>   Sabadello, Leo, Kerri Lemoie, Mike Prorock, Andy Miller, Orie
>>>   Steele, Charles E. Lehner, Kaliya Young, Adrian Gropper, Brent
>>>   Zundel, David I. Lehn, Kayode Ezike, Jeff Orgel, TallTed // Ted
>>>   Thibodeau (he/him) (, Mahmoud Alkhraishi, Juan
>>>   Caballero, Heather Vescent
>>> Our Robot Overlords are scribing.
>>> Kimberly Linson:  Recording is on.
>>> Kimberly Linson:   I just.
>>> <kerri_lemoie> high five back!
>>> Kimberly Linson:  High five to the air so we're all good okay so
>>>   let's kind of walk through just our agenda review we're going to
>>>   talk about the will go through sort of our housekeeping items and
>>>   then we're going to do our main topic today which is that man is
>>>   going to frame the context for us around the new VC working group
>>>   Charter and some of the work items that we have that are going to
>>>   move or potentially move to.
>>> Kimberly Linson:   To to that group.
>>> Kimberly Linson:  Go ahead and run through our housekeeping
>>>   stuff.
>>> Kimberly Linson:  So first off anyone is welcome to participate
>>>   in these calls however if you are wanting to make substantive
>>>   contributions we really would invite you to join the ccg you have
>>>   to do two things in order to to be a full contributor one is join
>>>   the ccg the link to do that to have an account its free to anyone
>>>   is in that link is in that.
>>> Kimberly Linson:  Into that I sent.
>>> Kimberly Linson:  That's step one step two is to sign the
>>>   community contributor license agreement and the link to that is
>>>   also in in the agenda so I would definitely if you have not
>>>   already done that please do then just a couple of things about
>>>   how to participate in the call first of all you're in jitsi which
>>>   means that you've done step one and if you have audio issues or
>>>   something doesn't seem to be quiet.
>>> Kimberly Linson:  Right we do know that.
>>> Kimberly Linson:  They're sort of.
>>> Kimberly Linson:  Be sometimes be some issues in the system
>>>   couple workarounds or one too just refresh to is to try a
>>>   different browser and know that that's worked for me on a couple
>>>   of different occasions to just switch over to Safari the minutes
>>>   and audio are of everything that's said on this call are recorded
>>>   and archived and they are also that link to that archive is also
>>>   in the agenda and so you can go there to look at those.
>>> Kimberly Linson:   We use iirc to.
>>> Kimberly Linson:  Jurors during the call as well as to take
>>>   minutes we have this awesome CG bought that you can see that is
>>>   transcribing and recording everything so hopefully we won't need
>>>   a scribe but just to give your give you a few little tips on how
>>>   to to use the are see if you aren't familiar with it one is it if
>>>   you have something you want to say just add yourself to the queue
>>>   by typing q+ if you change your mind you can pick you -.
>>> Kimberly Linson:   If you see something in the transcription that
>>>   the CG Bot got wrong.
>>> Kimberly Linson:  Our that the CG bought got wrong then you can
>>>   do s: / whatever was incorrect Bob / what's correct Robert and so
>>>   you can fix anything and I've actually asked that as an entire
>>>   Community we do that and thanks man you for putting that in there
>>>   yes so so I'd asked us all to kind of keep an eye especially on
>>>   the things that you say and make sure that that.
>>> Kimberly Linson:   It is represented correctly.
>>> Kimberly Linson:  And let's see so now I think we're too we'll
>>>   skip the Scribe selection I don't think we need that because
>>>   hopefully the CG bot will do that for us and we get to do
>>>   introductions do we have anybody new to the community or who
>>>   would like to hasn't been here for a while who'd like to
>>>   reintroduce themselves.
>>> Kimberly Linson:   We'd love to welcome you.
>>> Topic: Introductions and Reintroductions
>>> Kimberly Linson:  And is a former educator I know to give that a
>>>   very long pause but I don't see anybody and I recognize most of
>>>   the names here so I'll go ahead and move to announcements and
>>>   reminders.
>>> Kimberly Linson:  Anybody have an announcement for us.
>>> Topic: Announcements and Reminders
>>> Manu Sporny:
>>> Manu Sporny:  Yeah just two things the first one is reminder this
>>>   is the weekly reminder that the verifiable credentials working
>>>   group Charter is under active development please read it provide
>>>   some input we're going to be talking about it today but things
>>>   really do seem to be wrapping up on it so please kind of read it
>>>   as it stands right now and you know.
>>> Manu Sporny:  You're running out of time the chart looks is
>>>   starting to look pretty good right now so I don't think this
>>>   community would have any objections with it but just a reminder
>>>   that that's happening the other kind of news is that it looks
>>>   like the did formal objections or moving forward a bit with the
>>>   director can't say much more than that but looks like there's
>>>   some movement there so that's good and that's it.
>>> Kimberly Linson:  Great thank you any other announcements
>>>   reminders.
>>> Manu Sporny:
>>> Kimberly Linson:  All right I checked and it doesn't seem like we
>>>   have any action items that we need to talk about but if somebody
>>>   has somebody thing that they want to bring up there now would be
>>>   the time to do so.
>>> Topic: CCG Work Items for promotion to VC WG
>>> Kimberly Linson:  Okay great then let's get into to the main
>>>   topic for for today as I said at the beginning this was a good
>>>   topic for me to have as my first one because it really gave me
>>>   the opportunity to dive in and see what it is that we're doing
>>>   and I have to save it as a community group it is amazing the
>>>   amount of work and expertise that were contributing and I know
>>>   you all know that in parallel to our work the the.
>>> Kimberly Linson:  Is also doing their work and so today's topic
>>>   is really to as man you said think about those items that we've
>>>   been working on and do they need to be promoted to to the formal
>>>   BC working group so I'm going to go ahead and turn it over to
>>>   Manu to walk us through the context and then we can have a good
>>>   discussion around that after he's finished.
>>> Manu Sporny:  Okay thanks Kimberly Bryant I don't know if you
>>>   would also I'm sorry to put you on the spot print but I don't
>>>   know if you would like to say some things to kind of start at
>>>   Brent's Brent's one of the co-chairs of the verifiable
>>>   credentials working group or if you want me to just dive into
>>>   things.
>>> Brent Zundel:  Manu I will certainly leave it to you to dive into
>>>   things and I'm happy to chime in if folks want me to talk.
>>> Manu Sporny:
>>> Manu Sporny:  Okay awesome thanks Brent okay so Brent is our
>>>   fearless leader in the verifiable credentials working group and
>>>   has been a chair therefore since the since the dawn of time for a
>>>   long time and currently as I mentioned we've been working on this
>>>   verifiable credentials working group Charter I'm going to go
>>>   ahead and share going to tempt fate and share my screen.
>>> Manu Sporny:  Sorry to do this to you on your first first time
>>>   Kimberly butt.
>>> Kimberly Linson:  That's okay you said if you said if it was if
>>>   it got broken to just call on you so since you're in charge there
>>>   you go you can break it and then fix it.
>>> Manu Sporny:  Exactly okay so here's the charter so the
>>>   verifiable credentials working group Charter and there's a
>>>   portion of the charter that talks about the group's deliverables
>>>   and typically this group The credentials community group has been
>>>   a feeder of incubated specifications to the verifiable credential
>>>   working group now this not the only path.
>>> Manu Sporny:   Earth to the VC.
>>> Manu Sporny:  G but it is a path and we have a number of
>>>   community work items that have found themselves in the verifiable
>>>   credentials working group Charter so there's a part of the
>>>   process here where this community hands are work items over to
>>>   the official working group and there is a process there's a
>>>   community group process for that you publish what I think is
>>>   called a final community group report.
>>> Manu Sporny:  People in this community then if you worked on it
>>>   make concrete IP our commitments basically is asserting that yes
>>>   I worked on it no I don't know about any patents or if I do know
>>>   about patents I will bring them to light I will let everyone know
>>>   about it in in in in most cases contribute the patents for the
>>>   specific purposes of the specification so that process so if you.
>>> Manu Sporny:   Dissipated in any of these items there's.
>>> Manu Sporny:  Asian that you're going to make that patent
>>>   commitment on the specification so what items are in this group
>>>   that are moving over currently we have listed the data Integrity
>>>   specification Jason Webb signature 2020 Edwards curve signature
>>>   for David data Integrity the same thing for the nist.
>>> Manu Sporny:   T curve.
>>> Manu Sporny:  Thing for the Bitcoin also known as the Cobell its
>>>   curves theory mises that stuff as well and then we have
>>>   conditional normative specifications that basically say if these
>>>   things progress in some groups outside of the group we will take
>>>   the work up as well so there's the pgp crypto Suite which is
>>>   currently in or he's repo here we've got BBS plus which.
>>> Manu Sporny:   Which you know work is happening.
>>> Manu Sporny:  At ietf in diff on that and we've got the jwp stuff
>>>   where work is happening at diff in ITF on that so the the whole
>>>   discussion today is really around like this section of the of the
>>>   specification I'm sorry I forgot to mention the post Quantum
>>>   crypto stuff as well that mic Pro Rock and in that groups working
>>>   on so but but.
>>> Manu Sporny:  Basically we're talking about this section.
>>> <mprorock> * i feel slighted ;)
>>> Manu Sporny:  Write all the all the stuff in here I sent out a
>>>   kind of every year we present this roadmap about what the group
>>>   is doing and this I tried to update it I'm sorry if I missed
>>>   something there's a lot of stuff to keep track of I tried to
>>>   include all the things this community has been working on since
>>>   like you know 2010 ish.
>>> Manu Sporny:   14 Ish all the way to present.
>>> Manu Sporny:  A and then try to predict out that like 20:27 based
>>>   on the stuff that we know this does not include work items that
>>>   for example diff is working on it doesn't include work items that
>>>   are happening at ietf unless they originated in the ccg so it's
>>>   missing some things with the Hope here is that it gives everyone
>>>   a pretty good idea of like the types of things we've worked on in
>>>   the past and what we're getting ready to move over so.
>>> Manu Sporny:   Cific Lee if we if we scroll down here.
>>> Manu Sporny:  The red line is today so this is this is where we
>>>   are today and if we scroll down here to the cryptography section
>>>   right here so the cryptography section this is where we are today
>>>   in each one of these items is an official work item in a official
>>>   w3c working group so as you can see we are getting ready to hold
>>>   like hand over a.
>>> Manu Sporny:   A huge amount of.
>>> Manu Sporny:  From this group to official working groups at w3c
>>>   so that is like a huge success story I think they're not all
>>>   going to the same working group this one here at the top actually
>>>   you know what let me let me pause for a second I've kind of fire
>>>   hose the group with information are there any questions at least
>>>   at a high level about what we're talking about today or just
>>>   general questions about the.
>>> Manu Sporny:  Okay so that's either everyone understand well
>>>   let's see where's the queue right so either everyone understands
>>>   or we're all totally lost one of the do I'll keep going feel free
>>>   to put yourself on the Queue if there's any any questions so
>>>   they're really two working groups at w3c that ccg work is going.
>>> Manu Sporny:   To the first world.
>>> Manu Sporny:  In group is a very specialized working group to
>>>   standardize this spec up here rdf data set canonicalization this
>>>   spec has been incubated in this group and other groups for a
>>>   decade now literally this work has been going on for a decade and
>>>   it's finally moving over to an official working group with the
>>>   time span of two years to standardize it the good news here is
>>>   that this thing has been pretty settled for six years now.
>>> Manu Sporny:   Now 7 years now but it.
>>> Manu Sporny:  Goes to show you sometimes how long some of these
>>>   things can take to actually get it into an official working group
>>>   so rdf data set canonicalization is going into a working group
>>>   called rdf data set canonicalization hashing working group at w3c
>>>   that group will run in parallel with the re-chartered verifiable
>>>   credentials 2.0 working group The VC 20 working group will build
>>>   upon this work and and.
>>> Manu Sporny:   Their work elsewhere.
>>> Manu Sporny:  Um and it will be taking all of these
>>>   specifications in right so things like data Integrity multi base
>>>   multi hash and multi key this one's a little gray area right now
>>>   but other things like Jason Webb signature the Edwards curve
>>>   crypto sweet the nist crypto sweet the Cobell it's Bitcoin
>>>   ethereum crypto sweet.
>>> Manu Sporny:  All you know fairly well formed and inspects that
>>>   can be pulled in the BBS Plus work needs more work at ietf but
>>>   we've been able to basically phrase the charter so I'm going to
>>>   switch back over to the Charter we've been able to phrase the
>>>   charter in the in this kind of conditional normative
>>>   specification term so basically this means that.
>>> Manu Sporny:  Plan to publish official standards for these
>>>   Technologies if the base work for these Technologies are
>>>   completed before the working group ends so there's base
>>>   technology for BBS plus that has to happen at ITF and there's
>>>   base technology for J WP s that has to happen at ietf before the
>>>   verifiable credentials working group can take it over.
>>> Manu Sporny:   Over so these things are.
>>> Manu Sporny:  Like optional we may not get to them we really hope
>>>   we get to them but it's totally dependent on groups that are kind
>>>   of external to the VC WG to deliver on the things that they said
>>>   they were going to deliver on okay so going back to kind of this
>>>   diagram that's why BBS plus doesn't start for maybe another year
>>>   in the group there's some pre-work there that needs to be done.
>>> Manu Sporny:  Let me stop there to see if there any questions.
>>> Kimberly Linson:  Well I was trying to keep question mark But I
>>>   added myself to the queue so I will ask you so so the official
>>>   Charter like how long of a period of time does that VC working
>>>   group Charter span.
>>> Manu Sporny:  Right great question so the charter span see oh wow
>>>   they don't have it it's two years basically right in once we know
>>>   the start date will will lock those time periods in there so at
>>>   the top it's typically two years and they really don't like w3c
>>>   members really don't like giving Charters more time than that
>>>   they don't like work that doesn't complete in something concrete
>>>   so we basically have.
>>> Manu Sporny:   Two years.
>>> Manu Sporny:  Extensions but and they're typically granted if
>>>   they're reasonable but if you have like failed to produce
>>>   something implementable at two years that you basically just acts
>>>   the group they shut you down which is why it's so important that
>>>   we go in with pre incubated work the other thing that's
>>>   interesting to look at here from timeline is section 2 6 where it
>>>   talks about like what happens a month after two months after five
>>>   months after 6 months.
>>> Manu Sporny:   After most w3c Charters have.
>>> Manu Sporny:  Are and and language like f PW d means first public
>>>   working draft CR means candidate recommendation like for
>>>   implementation implementer should start implementing at that
>>>   point and Rec means recommendation also known as kind of like an
>>>   official global standard so that's the time frame two years and
>>>   it's kind of broken down a bit in here and it's everyone that's
>>>   been in a w3c working group can attest to this is largely.
>>> Manu Sporny:   A work of fiction.
>>> Manu Sporny:  Things don't always go according to plan but you
>>>   know should give you a rough idea of what we intend to do.
>>> Kimberly Linson:  Thanks Charles is on the queue.
>>> Charles E. Lehner:  Hi can you hear me.
>>> Charles E. Lehner:  Hi I was wondering about the IP our
>>>   commitment process you mentioned how it works coming from with
>>>   documents coming from ccg and I was wondering how it works if
>>>   it's the same for the other potential documents coming from other
>>>   organizations.
>>> Manu Sporny:  That's a great question documents coming from other
>>>   organizations that have their own IP are mode or tend to be very
>>>   problematic in that it takes us a while to figure it out now if
>>>   that organization has a w3c mode like for example diff does
>>>   moving things overs typically much easier for the lawyers to
>>>   reason their way through it so Charles was your question mostly
>>>   about external documents coming in.
>>> Charles E. Lehner:  Yeah about the conditional normative
>>>   specification documents but.
>>> Manu Sporny:  Okay okay that's a great question because these are
>>>   there are two partners here this there's a two parts to the
>>>   answer here right so the BBS plus crypto Suite is a ccg work item
>>>   so at some point not now but maybe in a year maybe in six months
>>>   this group will have to create a final community group report on
>>>   the BBS plus specification and then hand it over to the be cwg.
>>> Manu Sporny:   Ever the base.
>>> Manu Sporny:  Primitives will be ITF work items so ietf doesn't
>>>   hand that stuff over to w3c ITF just basically says we've got it
>>>   we will standardize the base cryptographic Primitives and ITF in
>>>   you ccwg in your crypto sweet can refer to our specs so in the VC
>>>   w g what we would do if everything is in order at ITF the V CW G
>>>   would start pointing normatively.
>>> Manu Sporny:   Lie to the BBS.
>>> Manu Sporny:  ITF specifications did that help Charles.
>>> Manu Sporny:  The other part of that question which is also
>>>   interesting that I don't think many of us have been through here
>>>   is this whole concept of a final community group report in so if
>>>   you'll notice on our community group webpage we have these final
>>>   reports in like the vc10 use cases was one of those things the
>>>   data model 10 was one of those things in the did Speck was one of
>>>   those things there was.
>>> Manu Sporny:   A point in time where we did.
>>> Manu Sporny:  Doing today where we said okay we need to hand over
>>>   a bunch of specs and the editors of those specs publish them as
>>>   final reports in got licensing commitments on those final reports
>>>   so if I go and I click on like the did licensing commitments it's
>>>   takes a while to load because it's got a load all 460 people in
>>>   the group but you'll see these commitments from the credentials
>>>   community group on this did spec so you'll see you.
>>> Manu Sporny:   Like Dan burn.
>>> Manu Sporny:  Commitment reuven made a commitment Michael Zoo
>>>   Pele I mean all these people that worked on the did spec made
>>>   commitments right so all this yes stuff our commitments basically
>>>   saying we are not withholding any kind of intellectual property
>>>   or anything on the spec but if you go down far enough like there
>>>   are a lot of people that that made commitments.
>>> Manu Sporny:   A lot of people made commitments.
>>> Manu Sporny:  You'll see that some people did not write and that
>>>   might be because they didn't contribute anything to it it might
>>>   be because they don't feel like what they did contribute you know
>>>   would make a difference some of these people might not have been
>>>   a part of the group at the time right so really what we're
>>>   looking for are commitments from people that actually contributed
>>>   material and specifically things that are substantive to the
>>>   specification so.
>>> Manu Sporny:   The editor.
>>> Manu Sporny:  A document will put it out there and publish it and
>>>   then we'll publish it as a final report and then we will ask the
>>>   community hey we need you to you know make a commitment if you
>>>   contributed anything make a commitment and the editors themselves
>>>   will know like these five people absolutely definitely me need to
>>>   make commitments or we need to know now that they're not going to
>>>   make a commitment because then that that creates an air of you
>>>   know.
>>> Manu Sporny:   Auntie around IP are so if somebody.
>>> Manu Sporny:  Substantive thing like a something fundamental and
>>>   they're refusing to make and I pee our commitments then that's an
>>>   immediate red flag that you know it's raised now that has never
>>>   happened either that as far as I know in this group ever but what
>>>   we are expecting here is that for this work.
>>> Manu Sporny:   People we're.
>>> Manu Sporny:  Publish F CG s is final community group
>>>   specifications for these items and people are going to make those
>>>   IP our commitments on these documents hopefully that made
>>>   hopefully that made sense.
>>> Kimberly Linson:  Thank you does anybody have any questions for
>>>   me a new queue is currently empty.
>>> Kimberly Linson:  All right man who are the things that we want
>>>   to dive into on specifics or.
>>> Mike Prorock: +1 That or dive on VC-API implications
>>> Manu Sporny:  We might want to ask each of the editors where they
>>>   think they are on prepping you know each document so we might
>>>   want to dive into each one individually that's one thing we could
>>>   do the other thing we could do is look at the rest of the road
>>>   map I don't know if folks would be interested in doing that and
>>>   asking questions about why things are staged in the way they are
>>>   or there's X is missing.
>>> Manu Sporny:   You know why is that.
>>> Manu Sporny:  Where does it fit in here.
>>> Dmitri Zagidulin: +1 To roadmap
>>> Manu Sporny:  Either either you know we could we could go either
>>>   way.
>>> Kimberly Linson:  Mike just brought up a really good point that
>>>   maybe we should discuss is the VC API work and maybe we can
>>>   discuss that and then talk about the roadmap so that makes sense.
>>> Manu Sporny:  Oh yeah plus one.
>>> Kimberly Linson:  Mike do you want to jump in and give us kind of
>>>   an overview of the.
>>> Mike Prorock:  Yeah well like yeah sure and I guess really the
>>>   thing that is a little bit concerning to me and I think we're
>>>   making good progress now especially with some of the PRS that are
>>>   in queue on VC API but there's kind of two things if that work
>>>   moves over into the working group I think we should have it at a
>>>   reasonable does not have to be perfect but a reasonable steady
>>>   state.
>>> Mike Prorock:  Which would mean.
>>> Mike Prorock:  In the VC API work item we would want to kind of
>>>   formalize and say Yep this is what we're considering in scope and
>>>   we're just going to kind of lock this in a certain point and then
>>>   re pick up work inside the working group but since that would be
>>>   moving to a non-normative item that is the other question I have
>>>   around kind of what are the implications of that.
>>> Mike Prorock:   That could be detrimental.
>>> Mike Prorock:  Normative item it may set up the path to a more
>>>   normative item once we show people working on it so there's a
>>>   variety of ways that could go strategically and politically and
>>>   so that's kind of an open for I'd like man whose thoughts on that
>>>   and then I think that might spur some interesting conversation
>>>   there so.
>>> Kimberly Linson:  Great guy had manna.
>>> Manu Sporny:  Yeah I think that yeah Mike's totally right the
>>>   this is like a very this is a super interesting what's the word
>>>   conundrum that that were in with the VC API so so we've got
>>>   multiple people implementing the VC API and I know the trace
>>>   folks are doing it I know digital bazaars committed to it you
>>>   know number of organizations committed to interrupt through the
>>>   VC API but.
>>> Manu Sporny:   There have been some.
>>> Manu Sporny:  See members that have pushed really hard to keep
>>>   protocol out of scope for the verifiable credentials working
>>>   group so you will know that there is.
>>> Manu Sporny:  Out of scope right normative specification of apis
>>>   are protocols and we are expecting that if we try to put it in
>>>   scope it would be challenged heavily if not formal objections so
>>>   the what we've tried to do here is to basically say the group is
>>>   going to work on a developer guide the VC to working group is
>>>   going to work on a developer guide and there's going to be input
>>>   to that one of them is the VC API.
>>> Manu Sporny:   II just be Capi.
>>> Manu Sporny:  Other ones can app like we want to be able to talk
>>>   about protocols that are carrying verifiable credentials over
>>>   them but we're not allowed to say anything normatively about
>>>   those things so how are we you know how is this group going to
>>>   feed VC API into the VC to working group The verifiable
>>>   credential 20 working group.
>>> Manu Sporny:   One option.
>>> Manu Sporny:  When is we just handed over completely and it stops
>>>   being a ccg work item and then it's up to the verifiable
>>>   credentials working group to determine what what should happen to
>>>   the VC API upside there is like hey it's in the group that's
>>>   great but the only thing they can do is publish it as a note and
>>>   one of the implications of that that Kyle did hartog brought up
>>>   which I thought was a great point.
>>> Manu Sporny:   Point is that because it's a note it.
>>> Manu Sporny:  Kind of IPR protection whatsoever 0 IPR protection
>>>   so people can start injecting all kinds of horrible proprietary
>>>   patented stuff in there and there is no requirement to say
>>>   anything about that now we know I think all of us don't think
>>>   like that's going to happen but that is one of the concerns there
>>>   so option one is give it completely over to the verifiable
>>>   credential working group but all they can really do is work on it
>>>   as kind of like a note a developer guide that kind of thing.
>>> Manu Sporny:  Option two is that we keep it as a ccg work item
>>>   and we continue to incubate it here it has IPR protection in this
>>>   group and will continue to have IPR protection in the group and
>>>   what we can do is hand over snapshots to the verifiable
>>>   credentials to working group we can basically tell them hey can
>>>   you snap shot this in they can publish it as a note and they can
>>>   snapshot you know couple times throughout the year the benefit
>>>   there is that it has IPR protection and we can continue to
>>>   incubate it as kind of.
>>> Manu Sporny:   A high priority item.
>>> Manu Sporny:  So it'll get like the air it needs to breathe here
>>>   and have protection while also signaling to the w3c membership
>>>   that we do plan on doing protocols at some point like maybe not
>>>   right now but maybe in the VC 30 working group the recharter we
>>>   plan to put protocols in scope so that's option two option three
>>>   is to just keep it in the ccg and keep working on it and it would
>>>   be good you know I don't know.
>>> Manu Sporny:   If there are other options too.
>>> Manu Sporny:  Other options of the things that we could do with
>>>   it or it would also be good to hear back like what do folks feel
>>>   we should do with that item.
>>> Manu Sporny:  Let me ask a more pointed question traceability
>>>   folks what do you want to do with that item I mean you guys
>>>   depend on it right.
>>> Mike Prorock:  Yeah I mean I am honestly fine with it going in as
>>>   a note on the w3c side one of the kind of bigger picture items
>>>   that we have to balance as kind of the multiple aspects of
>>>   traceability because a lot of digital traceability is also coming
>>>   up and there seems to be a critical mass actually on the ietf
>>>   side right with some working groups there and that's where.
>>> Mike Prorock:   We have to still find out.
>>> Mike Prorock:  Willing to be friendly to use of VCS and Ed's
>>>   right in especially linked data usage and that's a bit of an
>>>   unknown right now and that's kind of a high risk I don't know or
>>>   eicu on the queue as well.
>>> Orie Steele:  Yeah I agree with the what Mike said you know I
>>>   think when we consider technologies that are related to
>>>   verifiable credentials dids and the sort of basic cryptographic
>>>   envelope formats like Jose Jose come to mind and I would want to
>>>   make sure that I think you know just speaking frankly the
>>>   verifiable credentials a.
>>> Orie Steele:  P I work for her.
>>> Orie Steele:  That's not the only thing that's important support
>>>   for traditional Jose and cozy a is also really important
>>>   especially for kids and and so I think.
>>> Orie Steele:  My experience with the w3c you know especially
>>>   after the did working group I'm not sure that the w3c is really
>>>   the best place to do anything related to protocols I think I
>>>   agree in large part with some of the positions that other w3c
>>>   members have held that the w3c is not really great at developing
>>>   protocols and in particular support for Jose and cozy which are.
>>> Orie Steele:  Of users are actively contributing to and
>>>   maintaining them at ietf I think there is a future where the VC
>>>   apis that exist today might be better served becoming more of a
>>>   dids plus Jose and cozy at ITF but that is the kind of thing that
>>>   you know it's about going to where the contributors are and
>>>   asking them how they want to see these Technologies working
>>>   together.
>>> Orie Steele:   And recognizing that.
>>> <mprorock> it is really nebulous and makes me highly nervous
>>> <mprorock> I don't think CCG helps it long term either
>>> Orie Steele:  Not everyone wants to use the same tools to build
>>>   their favorite sandcastles so I think the verifiable credentials
>>>   API as a non normative item at the w3c obviously doesn't really
>>>   do anything to secure its future anywhere like it could just
>>>   become a non-normative item and then never be defined further
>>>   could become a normatively defined API at W3 for support for the
>>>   defined verifiable potential formats.
>>> Orie Steele:   I think that's a best-case scenario but.
>>> Orie Steele:  My experience over the last few years is that even
>>>   when you plan for something like that you may not actually be in
>>>   control of achieving it especially given the you know kinds of
>>>   contributions we see the w3c standards so if it feels nebulous
>>>   and scary the yeah that's kind of how I feel about it.
>>> Kimberly Linson:  Go ahead manu.
>>> Manu Sporny:  Yeah so I mean this is this is this is new to me
>>>   and that does seem like a very big change in scope and Direction
>>>   Ori.
>>> <orie> there is OIDF as well, working on protcols related to this
>>> Manu Sporny:  And so where it's so I haven't seen work like this
>>>   done at ITF ever there's low-level protocol bits and bytes stuff
>>>   that does happen at ITF but not application you know layer
>>>   protocols like sip is an example HTTP an example but those are
>>>   you know much more lower lower level than the VC API we're in the
>>>   w3c has.
>>> Manu Sporny:   Unlike application.
>>> Manu Sporny:  Linked data platform you know they did you know
>>>   protocol work there we're at ietf are both of you thinking the
>>>   work would fit in like it would be a complete rewrite of the
>>>   specification I think that's what I mean that's what I'm hearing
>>>   is like hey let's not use verifiable credentials let's use
>>>   something else and let's not do a w3c spec Let's do an ITF spec
>>>   so it sounds to me like this is a totally different
>>>   specification.
>>> Manu Sporny:   And you guys talk.
>>> Manu Sporny:  What where where did IETF with the work happen.
>>> Orie Steele:  So I'm not saying any work what happened ietf I'm
>>>   saying that ITF works on things that I care about deeply and if
>>>   you look at you know the work on an app that's happening and ietf
>>>   you can see that you know clearly ITF has ability to gather folks
>>>   who are passionate about these issues and work on standards there
>>>   I'm mostly saying that from a software supply chain or hardware
>>>   supply chain use cases dids and VCS are.
>>> Orie Steele:   Obviously an important part of that but I think
>>>   also.
>>> Orie Steele:  Port for existing cryptosystems like pgp Jose and
>>>   cozy is an important part of that and bgp Jose and Jose have been
>>>   defined at ITF so I'm mostly just saying that work will happen
>>>   where people are and you know obviously the VC API is currently
>>>   being incubated here in the w3c ccg and the plan is to work on it
>>>   as a non normative note in the w3c verifiable credentials working
>>>   group assuming the charter is approved.
>>> Orie Steele:   It's all I can say about that as I.
>>> Orie Steele:  I'm just noting that like there are also other
>>>   things that are happening out in the ecosystem like now and the
>>>   open ID connect verifiable presentation Flows at open ID
>>>   foundation and you know I'm interested in contributing to these
>>>   items as well so maybe really what I'm saying is that work
>>>   happens outside of the ccg and w3c as well.
>>> Kimberly Linson:  Thanks Orie,  Mike did you want to add some
>>>   something to that.
>>> Mike Prorock:  Yeah I mean I can add some color and then some
>>>   concern I mean the I think a I think fundamentally having the VC
>>>   API live as a were even traceability for that matter live as a
>>>   long-term ccg non-normative items not going to be helpful to
>>>   adoption right and that's that's concerning to me so we have to
>>>   start thinking even if it's a way down the line where's this
>>>   going to work in a graduate to in quotes right.
>>> Mike Prorock:
>>> Mike Prorock:  The I think you know Trends I am seeing in ietf
>>>   are for sure more work going on on exactly this kind of thing and
>>>   a case in point there's I'm going to link an individual draft
>>>   that's dealing more with supply chain from a software supply
>>>   chain like s bomb and things like that this this work is going
>>>   on.
>>> Mike Prorock:   Whether we like.
>>> <bumblefudge> Fraunhofer SIT 🤩
>>> Mike Prorock:  And so it's kind of forcing some decisions like
>>>   can we you know try to engage in a positive way and help move
>>>   those work items forward while also making sure our needs are met
>>>   from a like I have no desire to move away from verifiable
>>>   credentials like none whatsoever so you know it's stuff we just
>>>   kind of have to be aware of that is happening and unfortunately
>>>   because the players involved that stuff.
>>> Mike Prorock:   I'll get critical mass.
>>> Mike Prorock:  Like there's not only you know major players
>>>   involved in this kind of stuff and at that actual like protocol
>>>   API level type definition in architecture level definition but it
>>>   dition Ali there is regulatory momentum to go ahead and push some
>>>   of that stuff through I mean we're seeing increasing amounts of
>>>   executive orders on like how do you respond to zero trust
>>>   architecture things like that so these are you know items at
>>>   least from the US perspective.
>>> Mike Prorock:   Spective as well as also you know increased.
>>> Mike Prorock:  On the EU perspective that we're going to see some
>>>   of this stuff either you know get moved out of our hands because
>>>   we're not getting stuff ready quick enough or you know in a
>>>   presentable State quick enough or sometimes is as as I've seen
>>>   happen a couple of times lately take the work too far before
>>>   getting the conversation going with other players right and then
>>>   then it does become one of those like worst-case scenarios where
>>>   you're sitting down and rewriting stuff or readapting.
>>> Mike Prorock:   Whatever you just.
>>> Mike Prorock:  Forced into using and we want to avoid that as
>>>   well so so it's a complex it's a complex issue and it does make
>>>   me nervous and I think it should ultimately anyone who is working
>>>   heavily on things like VC API or off shoots of it and profiles
>>>   should be thinking about this stuff you know broadly and from a
>>>   big picture with you know who are the players in the ecosystem
>>>   taking this stuff seriously.
>>> Mike Prorock:   You know who made.
>>> Mike Prorock:  Out-compete whether we want them to or not.
>>> Manu Sporny:  Yeah I guess it's so I what I'm hearing is that
>>>   there are other groups out there that are working on technologies
>>>   that either directly compete with verifiable credentials or
>>>   directly compete with the verifiable credential API and we should
>>>   be aware of those initiatives I think that's the one of the
>>>   things I'm hearing the other thing I'm hearing is that.
>>> Manu Sporny:  Ricci might not be the best place for some of this
>>>   work and I think there was a finger pointed at the VC API
>>>   potentially so those are the two things I heard both Orion and
>>>   Mike you saying please correct me if I didn't hear that correctly
>>>   the third thing is a bit it's so nebulous it's hard for me to
>>>   understand what you're asking the community to do.
>>> Manu Sporny:   Do other than be.
>>> <orie> I am not asking for anyone to do anything.
>>> <orie> contribute where you think you should.
>>> Manu Sporny:  In the be aware even that is kind of like it's you
>>>   know it's not clear to me what the alternate plan wouldn't what
>>>   an alternate plan would be so I'm not hearing a very okay so are
>>>   you saying he's not asking anyone to do anything just be aware
>>>   that other work is happening elsewhere so let me let me stop
>>>   talking no mics on the Q I'm having a hard time.
>>> Mike Prorock:  Yeah I can get I can get into some very specifics
>>>   you know from like my personal and this is not chair hat right
>>>   this is just like me personal member of the community writing and
>>>   deploying software that is dependent on these specs right and
>>>   building a business that touches all this stuff you know you know
>>>   I think this is one of the reasons I fought very hard to make
>>>   sure in.
>>> Mike Prorock:   The working group.
>>> Mike Prorock:  Order for the next version of the VC API that we
>>>   can discuss from a practical developer standpoint what are the
>>>   implications of this and how do you work with these things and I
>>>   fought very strongly for the inclusion of two key items one was
>>>   the ability for us to discuss the oid see work going on you know
>>>   for exchange of credentials right over oid see that is obviously
>>>   work that is going on outside the w3c that is directly related.
>>> Mike Prorock:   And impacting on VCs I don't think that's.
>>> Mike Prorock:  I think that's just a thing right but we when we
>>>   think about it from a broader verifiable credential standpoint we
>>>   need to be able to guide and provide advice around how do you
>>>   actually interact with that stuff are we so you know what is
>>>   helpful etcetera same thing with the VC API and I don't see a
>>>   problem and I'm fact I plan to and I've stated multiple times in
>>>   the working group you know plan to one author you know or make
>>>   significant contributions.
>>> Mike Prorock:   Tribution stew that developer guide for both.
>>> Mike Prorock:  And for the VC API aspect if not fully flushing
>>>   and helping to fully flush out into find the VC API in a note
>>>   standpoint so I that is the path that I am proceeding down that
>>>   does not negate more detailed you know specific work that may
>>>   have normative requirements either in w3c or elsewhere right and
>>>   so that's I think the hit man who does that help clarify a bit
>>>   like you know but I.
>>> Mike Prorock:   Yeah and in the main reason on like the be.
>>> <identitywoman> The Relying party problem  (where can  VCs be
>>>   accepted) is a really big one - the OIDC relying party "solution"
>>>   is reasonable - expecting everyone to rip and replace completely
>>>   to use VCs.
>>> <identitywoman> is not reasonable
>>> Mike Prorock:  It's like especially from you know and I'm you
>>>   know being blunt here but like especially when we look at the
>>>   Microsoft's the IBM's the sap is the world right these are the
>>>   folks that to date have had a Stranglehold on this kind of
>>>   information exchange possibly also with GSX if you want to go
>>>   down the EDI path also you know additionally and so we need to be
>>>   aware that they will do you know players that have an established
>>>   foothold will do what they can to prevent losing.
>>> Mike Prorock:   That established footholds.
>>> Mike Prorock:  And it's just something we talked around that
>>>   issue a lot but we should be aware of it concretely and also be
>>>   very much Mindful and watching carefully what they are doing in a
>>>   standards basis to that could potentially serve as something that
>>>   is a competing standard that is a standard possibly even
>>>   sometimes in name only in order to justify a proprietary solution
>>>   and those are things we need to avoid from a lock-in standpoint
>>>   etcetera.
>>> Kimberly Linson:  Thanks Mike Adrian you're on the Queue next.
>>> Adrian Gropper:  Yes after working on this issue that we're
>>>   talking about now for about a year and talking to a lot of people
>>>   my conclusion has is that the protocol work that's going on here
>>>   under the very reasonable flag of self Sovereign identity and
>>>   authentication things does not Translate.
>>> Adrian Gropper:   Late in.
>>> Adrian Gropper:  Moving those under that decentralisation self
>>>   Sovereign flag to protocol work as it's being done in w3c and so
>>>   I at least you know have am completely moving the protocol
>>>   attention to ietf basically because you know the things that are
>>>   very much in the news these days whether you want to call.
>>> Adrian Gropper:   Them human.
>>> Adrian Gropper:  You trust or other things like that have to do
>>>   with the platform issues regulating the platforms and and things
>>>   like that and we just seeing that every day and to me the
>>>   protocol work that I've witnessed here is just completely
>>>   detached from the reality of what the world is worried about in
>>>   Europe and different cultures.
>>> Adrian Gropper:  Seeing again from this antitrust and human
>>>   rights perspective thank you that's it.
>>> Kimberly Linson:  Man who I have you on the queue.
>>> Mike Prorock: +1 Manu
>>> Manu Sporny:  Yeah just real quick to Adrian Adrian that is just
>>>   not true we have gotten delegate abby'll authorization
>>>   capabilities working for the VC API full delegation so it
>>>   achieves the things you've been asking for for a long time we
>>>   have yet to put it in scope because the group's not ready to do
>>>   it yet so I strongly strongly disagree with your notion that
>>>   we're not paying attention to things like human rights and
>>>   delegation.
>>> Manu Sporny:   And specifically.
>>> Manu Sporny:  Ensuring that providers don't prevent you know
>>>   those holders from delegation so that's the first point the
>>>   second Point Orion Mike maybe I read what you two are saying as
>>>   in as a you're abandoning the be Capi work I don't think that's
>>>   what you meant to communicate but that's how I read it or even
>>>   abandon the be Capi work at w3c so.
>>> Manu Sporny: +1 To support VC-API, yes, DB is fully committed to
>>>   that work item.
>>> Mike Prorock:  Okay quite the yeah and I'm on Q I'm just going to
>>>   act myself because of time and quite the opposite I mean that's
>>>   why I stated clearly like I plan on you know if not being a
>>>   primary author like major contributions on the actual developer
>>>   guide node or whatever that ends up becoming and that will
>>>   include how do we do restful exchange and handling of verifiable
>>>   credentials period end of sentence right but so and I'm assuming
>>>   that we'll start with the.
>>> Mike Prorock:  Capi we bring that in and then we evolve it as
>>>   well.
>>> Mike Prorock:  Group I'd be that's.
>>> Mike Prorock:  That is absolutely my attention there so I don't I
>>>   think that Baseline how do you do this stuff over rest is such a
>>>   core implied thing that we have to talk about it as working group
>>>   right and to the point where I am willing to sacrifice a lot of
>>>   my own time to go make sure that gets done so.
>>> Kimberly Linson:  Thanks  Mike, Orie.
>>> Manu Sporny: +1 To what MikeP was saying.
>>> Orie Steele:  Yeah I'm you know working with folks on the
>>>   verifiable credentials Charter on in support of the work items
>>>   that have been added both you know as normative deliverables on
>>>   non-normative deliverables and in the VC working group is going
>>>   to be the place where the VC API even gets defined better or it
>>>   doesn't but good news is that it's a note in either case so I
>>>   mean I'm contribute to working in that workgroup on the item and
>>>   yes like at some point this community.
>>> Orie Steele:   Group should theoretically.
>>> Orie Steele:  Each day final Community Draft before handing that
>>>   work to them but if it's going to go into a note it doesn't seem
>>>   like that really matters and so really what I'm saying is I'll
>>>   continue to do work on the item wherever it is.
>>> Manu Sporny:  Yeah okay plus 1 that's so that's that's crystal
>>>   clear and that's good thank you for making clarification like a
>>>   Nori the note thing a w3c has traditionally been used to signal
>>>   that the group would like to pick something up like groups
>>>   actually right in the top of the document we intend to pick this
>>>   up as a normative work item at some point in the future and that
>>>   is usually a very good signal that leads to a smoother each
>>>   ordering process so that's why.
>>> Manu Sporny:  Some groups have published notes for things.
>>> Mike Prorock: +1 Manu
>>> Manu Sporny:  To take wreck track in Annex recharter it just
>>>   makes it all you know it makes all of it much much easier my
>>>   suggestion is that we can do both we can continue to work on that
>>>   in this group and refine it and get the test Suites get
>>>   interoperability working while throwing snapshots over the wall
>>>   to the verifiable credential working group I think that gets us
>>>   the best of both worlds.
>>> Manu Sporny:   And keeps us very nimble.
>>> Manu Sporny:  In ensures that we keep it at number one priority
>>>   will not be a number one priority in the verifiable credentials
>>>   working group but we as the ccg for the VCA be I can keep in a
>>>   you know very high priority and in finish it up with respect to
>>>   like work going on elsewhere yes indeed be again to be to be
>>>   blunt I think that there is damaging work happening in other
>>>   organizations when it comes to protocols and verifiable
>>>   credentials.
>>> Manu Sporny:   And I don't expect that to be.
>>> Manu Sporny:  Traversal will point fingers at which organizations
>>>   are doing it but you know I think you're both Orion my core right
>>>   we need to be on top of that we need to pay attention to the work
>>>   happening elsewhere in there are very powerful Market forces that
>>>   could either accidentally re centralize everything or on purpose
>>>   centralized things for you know the purposes of market dominance
>>>   and things of that nature that's it.
>>> <orie> Many folks feel the same way about the CCG manu... it's
>>>   the nature of human tribalism.
>>> Kimberly Linson:  Mike you've got 30 seconds.
>>> Mike Prorock:  Yeah and in conclusion I would also say that and
>>>   you know in a little bit of clarification man who around like
>>>   damaging work I think in some cases like the software supply
>>>   chain stuff I think it's extremely well intentioned and really
>>>   important work just that VCS weren't on their radar neither were
>>>   kids but there was a desire to go after there is a desire to go
>>>   after decentralisation so they seem willing to learn and engage
>>>   at least at the you know early stages.
>>> <bumblefudge> perhaps they were really wed to COSE?
>>> <orie> yes, some folks like COSE over JSON.
>>> <manu_sporny> I know folks feel the same way about CCG, Orie :)
>>>   -- and it is the unfortunate nature of tribalism. People spend
>>>   time on the things that they want to contribute to, where they
>>>   want to contribute to them.
>>> Mike Prorock:  They can write and ultimately could help adoption
>>>   if you know if we approach the right way if we don't approach it
>>>   in a you know we can't you know like anything right you can't go
>>>   in assuming that we have the only right path and everything else
>>>   right it's yes we have a a path it is right in many many ways but
>>>   it also can be adopted into other things right or as a piece of
>>>   other things so.
>>> <bumblefudge> patience!?
>>> Kimberly Linson:  Great thank you this was a really interesting
>>>   discussion and I'm I learned a lot about sort of how the
>>>   community group and and the working groups work together and so I
>>>   really appreciate everybody's input we're just about at time so
>>>   I'm going to go ahead and wrap us up I'll let you know that next
>>>   week I'm going to be talking about decentralized storage thank
>>>   you everybody for your patience with me today and have a great
>>>   rest of your day thank you.
>>> <manu_sporny> You did great, Kimberly! :)
>>> <heather_vescent> Great job Kimberly!!
>>> <bumblefudge> you're doing great! thanks so much
>>> <kerri_lemoie> Thank you!

Chief Technical Officer


Received on Tuesday, 2 August 2022 13:36:57 UTC