- From: CCG Minutes Bot <minutes@w3c-ccg.org>
- Date: Tue, 28 Jun 2022 21:28:43 +0000
Thanks to Our Robot Overlords for scribing this week!
The transcript for the call is now available here:
https://w3c-ccg.github.io/meetings/2022-06-28-vcapi/
Full text of the discussion follows for W3C archival purposes.
Audio of the meeting is available at the following location:
https://w3c-ccg.github.io/meetings/2022-06-28-vcapi/audio.ogg
----------------------------------------------------------------
VC API Task Force Transcript for 2022-06-28
Agenda:
https://lists.w3.org/Archives/Public/public-credentials/2022Jun/0051.html
Topics:
1. Introductions and Relevant Community Updates
2. Use Cases Update
3. chapi.io and VC Issuer API
4. Options for /presentations/verify
5. Implementations for /credentials/derive and
/presentations/prove?
Organizer:
Manu Sporny, Mike Varley
Scribe:
Our Robot Overlords
Present:
Manu Sporny, TallTed // Ted Thibodeau (he/him) (OpenLinkSw.com),
Dmitri Zagidulin, Gregory Natran, Mike Varley, Andy Miller,
Justin Richer, Eric Schuh, Joe Andrieu, Charlie Fontana, Rolson
Quadras, Kayode Ezike, Marty Reed, Ted Thibodeau
Our Robot Overlords are scribing.
Manu Sporny: Right welcome everyone to the June 28th 2022
verifiable credentials API call our agenda for the call is here.
Manu Sporny: On the agenda today is just this agenda review
introductions relevant Community updates and then we're going to
keep going through the options questions we had from last week so
what kind of options do we want to be able to pass presentations
verify who is implementing credentials derive and presentations
proved and.
Manu Sporny: Then options for.
Manu Sporny: Credentials derive in presentations prove any other
updates or changes the agenda today anything else we should
cover.
Gregory_Natran: My name is Gregory I'm just checking to make sure
my mic is working.
Manu Sporny: It is wonderful to hear your voice welcome to the
call.
Gregory_Natran: Sounds like it is thank you.
Topic: Introductions and Relevant Community Updates
Manu Sporny: Okay if there are no additions to the agenda we
will jump into Productions and relevant Community updates anyone
new to the call or would like to reintroduce yourself to the call
today.
Gregory_Natran: Well it's Gregory that would probably be me since
I first time I started on this group although I've been
participating on the verifiable credentials working group for
about the last two years.
Gregory_Natran: I work for a company named Natasha cybertech and
we do a fair bit of work on identity Based Services particularly
in the public sector in Canada that's probably all you need to
know.
Manu Sporny: Well when wonderful welcome to the call Gregory
wonderful to have you here.
Manu Sporny: Anyone else knew or want to reintroduce yourself.
Manu Sporny: Okay onto relevant Community updates I've got to to
kick us off and then yeah if anybody else has Community updates
would love to hear them the first one of course is that the
verifiable credentials working group The the 20 working group is
starting up.
Manu Sporny: At 11 a.m. eastern time so if you are a w3c member
please join the group if you are not in don't have the funding to
do that you can do there's an option to join as an invited expert
all of our work happens largely in GitHub so you don't need to be
a w3c member or even a part of the community group or anything
to.
Manu Sporny: I paint you can literally just.
Manu Sporny: Walking off of the internet and start commenting on
issues and as long as you're making Salient points you know the
the group will will discuss those so plenty of opportunity to
engage if you'd like to do that.
Manu Sporny: Announcement one the second announcement is around
chappie IO there was get the link here.
<manu_sporny> chapi.io announcement:
https://lists.w3.org/Archives/Public/public-credentials/2022Jun/0055.html
Manu Sporny: There's an announcement about chap EIEIO here eat
IO announcements and I was going to take a quick run through that
on the call just with some screen sharing for any kind of
questions and answers the relevance did this group specifically
is that we have plans to try and integrate the verifiable
credential API into the.
Manu Sporny: The chap e-verify.
Manu Sporny: Potential playground so that you can select an
issuer so when you have an example on the screen you can then
take that and package it up and send it to anyone that implements
the VC it's your API and have that issued so we'll go through a
quick demo on that as long as there are no objections to do that
right after this set of community.
Manu Sporny: Any other community updates anything else that we
should know about.
Manu Sporny: Okay our folks okay with taking a look at chappie I
owed you'll want to just jump into options any strong feelings
one way or the other.
Manu Sporny: Joe's saying comes up.
Manu Sporny: Go ahead.
Topic: Use Cases Update
Eric Schuh: Oh yeah just wanted to give a quick use cases update
unfortunately don't have too much this week just so everyone
knows what's going on Joe and I use this program called visual
Paradigm to generate sequence diagrams and I've been struggling
to get our xmi to mermaid converter functioning in a way that
makes it easy for me to update the use cases so I think.
Eric Schuh: In the last.
<andy_miller> Will vc 2.0 use the same repo as 1.x?
(https://github.com/w3c/vc-data-model)
Eric Schuh: Our Joe and I identified what we need to do to get
that into something that means I don't have to manually delete a
bunch of new lines and add new line characters in a bunch of
places so next week we should have the PRS for all of our six
focal use cases we did get in a little bit of a reorganization PR
to the use cases repo moved R6 use cases to focal use cases and
removed some old diagrams.
Eric Schuh: Just mostly minor formatting.
Eric Schuh: So hopefully next week we'll have some more to talk
about in regards to use cases.
Manu Sporny: Awesome great thank you for the update Eric the
struggle is real data data format conversion struggle is real but
thank you for continuing to work on that stuff and make it so
that those things can be converted easily in round-trip and
updated easily.
Manu Sporny: Hindi you asked a question in the chat channel will
the verifiable credentials 20 spec use the same repo as the 1X
spec yes it will so we just need to track that one repo and we
will have a 1x in a 1:1 and a in a in the 2-0 branch will become
the main branch as long as that's what the group decides that
they want to do but highly likely that that is the path for
there.
Manu Sporny: Any questions.
Manu Sporny: It's about use cases for Eric or Joe before we move
on.
Topic: chapi.io and VC Issuer API
Manu Sporny:
https://lists.w3.org/Archives/Public/public-credentials/2022Jun/0055.html
Manu Sporny: Thank you for that update Eric much appreciated
okay next up happy IO and BC is sure sure API as some of you saw
there was a an announcement about chappie I owe this is the
credential Handler API it's a work item of the credentials
community group and is one mechanism that can be used to move
verifiable.
Manu Sporny: Initials from.
Manu Sporny: An issuer to a holder or from a holder to a
verifier another protocol that can be used is the VC API certain
aspects of the VC API can be used to do the same thing chappie is
typically used when you are in a browser setting and you need to
move data to a native app or to a web based app back in.
Manu Sporny: Fourth there.
Manu Sporny: And so this technology has existed since 2013
really 2015 is where it started to stabilize and we have been you
know maintaining the infrastructure ever since to make sure that
there are ways of moving credentials around when you're in the in
the browser okay so let me try and screen share here.
Manu Sporny: Kinfolk see this this is just a standard Google
Chrome screen.
Manu Sporny: Okay awesome thank you so happy I oh there's going
to be more documentation here and if you go to the polyfill
there's all the documentation about integrating this with digital
wallets and issuers and verifiers but really the big thing that
has happened is this chappie playground thing the playground is
basically a way to create a verifiable credential and put it at
any URL any json-based json-ld based.
Manu Sporny: Um you can then pull that data into the issuer and
then issue it to a wallet so one of the first things that you
need is a wallet right now we have the various wallet is kind of
a demo so I'm just going to slide it up real quick.
Manu Sporny: Can you can add like any number here.
Manu Sporny: If you want a new account and then that basically
ends up creating a digital wallet for you so you've got a digital
wallet now and then to effectively use the chappie playground you
load this up by this I mean like you go to the playground site
that's linked off of the main page so if I go to chappie.
Manu Sporny: P Dot.
Manu Sporny: Takes me to the main playground site if I click
that link and then you can basically put in any URL here right as
long as you've got a well-formed verifiable credential here you
can use any URL but we have this default example which is the
alumni use case example when you click resolve it basically pulls
the credential into the.
Manu Sporny: Round and so.
Manu Sporny: Clay you know that's those of you that have been
that know about the the example in the VC data model we've got
the basic example out of the out of the BC data model and then
when you click store in wallet it will use chappy to invoke the
wallet that was just installed you can actually select from a
variety.
Manu Sporny: Piety of different wallets hear anything.
Manu Sporny: Any wallet that is registered and supports chappie
will work here so if I go back here this is kind of the wallet
selection screen if I had multiple wallets installed it would
show multiple wallets here this little checkbox is automatically
checked usually which basically you select a wall and you can
continue to use the wallet for that side so I select my wallet
the wallet pops up here and asked if I'd like to store these
credentials.
Manu Sporny: All's I click.
Manu Sporny: And that's it right that just that is basically
moved the credential from the playground into the wallet and if I
go to the wallet and I refresh the screen here you'll see the new
alumni credential in the digital wallet here I can click on that
take a look at the credential itself so the important part here
around the BC API is not really the wallet or any of that stuff
it's.
Manu Sporny: Hope part what we really want to be able to do here
is to 1 be able to list multiple digital wallets here that
support chappie so if you've got a digital wallet and you want it
listed on this page we're going to have like kind of a listing of
wallets that people can sign up and use and then the other
important part here is we want to wire this verifiable credential
issuer up to different issue or back.
Manu Sporny: Ends and that's where the VC API comes.
Manu Sporny: We'd like the call to be made so you'll basically
have a raw credential here without a proof on it and then you can
call different issue or back ends to issue the credential and
then you can click store in wallet and store it in in multiple
different wallets here okay so let me stop there to see if there
are any questions around the demo or how we intend to try to hook
this up to be Capi.
Manu Sporny: Go ahead.
Manu Sporny: Eric I think that's an old Q is that right.
Eric Schuh: Yeah that's old for me.
Manu Sporny: Go ahead to me tree.
Dmitri Zagidulin: First of all this question is a design one
what was the.
Dmitri Zagidulin: Pulling me in the credential Bo you're
well-versed a pep talk.
Manu Sporny: That is just I think so let's let me let me try and
yeah good question so your audio is a little muffled Dimitri so I
think the question was why did you make this a URL and why didn't
you just put it in the site itself I think what we're trying to
do here is just provide the minimum tooling so that people can
kind of pull in the things that they would like to test with.
Manu Sporny: Too opinionated about what goes in here so I think
what we're thinking here is that we may end up loading this list
or the set of credentials from the VC examples in the credentials
community group and so if people want to they can go to the VC
examples and then just add whatever examples they want in and
we'll be able to surface all of those examples in the credential
issuer but people don't want to use any of those and they want to
use their.
Manu Sporny: Our own URL like.
Manu Sporny: Kind of like testing stuff and they don't really
want to make it you know public to the community they can put it
out at a URL that they trust or I think in the future we'll have
just text input box to let you just copy and paste directly into
the end of the playground did that answer your question to me.
Dmitri Zagidulin: Yeah yeah what was just curious if you had a
particular reservations about the text input box sounds like
roadmap items Punk right.
Manu Sporny: No yeah it's a roadmap item in on and really if
there's like a strong feeling from any of you or anyone in the
community like please raise an issue or let us know on the
mailing list so that we can like hot put a higher priority on the
features people want to see versus like you know so if like
loading from URL you're like a that's not really useful to me
like give me a text input box then we can put a higher priority
on the text input box for example.
Manu Sporny: Go ahead.
Gregory_Natran: Sorry this is probably a bit of a catch up
question but this is primarily focused on just getting a
credential into the wall and we don't care too much or at least
this doesn't seem to care too much about where credential
definitions and did documents reside or anything like that it's
just it just spits it out and gets it to the wallet.
Manu Sporny: Yes that is that is correct in fact right now with
the URL base thing it doesn't even check for the validity of the
credential so you could just Jam anything you wanted to in here
and it would deliver that to the wallet and the wall it might
blow up the wallet might basically be like I don't know what that
is but again we were trying to not be opinionated here in so if
people wanted to you know put we put basically put anything in
here they can do that whether.
Manu Sporny: Her or not the wallets will accept it or not is a
different question.
Gregory_Natran: Fair enough thanks.
Manu Sporny: Right there's also so there's a question on like
you know do people want that restricted or do you want it to be
kind of left it open-ended like like for example I don't know if
VC jots I don't think these he jots are supported right now but
there's nothing that would prevent that from being submitted now
right like if you put a VC jot in here as in a URL it'll load it
and it will shove it across chappie.
Manu Sporny: And then the.
Manu Sporny: It's got to decide what to do with that so I think
we want to keep that in here right the same thing with like a z
cap but again like we didn't want to mention that on the site
because I think that kind of confuses would be more confusing to
people than than helpful.
Manu Sporny: But yeah this is supposed to be really about just
how Jack chap he's a dumb pipe that will move data from one
location to another Without Really caring about what the data is.
Manu Sporny: Yeah any other questions before we move on to our
main agenda.
<kayode_ezike> Neat tool 👌🏾
Topic: Options for /presentations/verify
Manu Sporny: Alright then I will stop sharing and then let's
move on to the next item which is options for presentation verify
so.
Manu Sporny: https://github.com/w3c-ccg/vc-api/issues/292
Manu Sporny: Then we are in shoe to 92.
Manu Sporny: And let me go ahead and share my screen here.
Manu Sporny: You see if.
Manu Sporny: This helps okay so last week we had a lot of
discussion around various options that we were sending two
endpoints like credentials verify in credentials issue we came to
a number of conclusions last week like Joe mentioned that we
really.
Manu Sporny: Need a disguise.
Manu Sporny: For each endpoint that lists which components it's
expected to be attached to so for example for the credentials
issue in point is that something that's supposed to be exposed on
the issue or a poor the issue or service or both and so on and so
forth so for example the correct credentials issue is something
that's Exposed on the shore service will stop right so we need to
go and Mark all of the endpoints with that information we also
decided to remove change.
Manu Sporny: Challenge domain and.
Manu Sporny: Potential status from the list of settable options
for the credential issue and point it didn't seem like anybody
was well Challenge and domain don't make sense and then
credential status is typically configured on an endpoint by
endpoint basis we also wanted to clarify that that options are
not mandatory like you don't have to set any options options are
truly optional.
Manu Sporny: So you can completely omit the options object when
you call these endpoints and everything should continue to
function we also had a discussion on something that Dimitri
raised which was a good point here noting that one we needed
steps for verification using normative language we needed to
change.
Manu Sporny: Check to make sure.
Manu Sporny: Verification specifically so we made a we had a
conversation about verification versus validation verification
specifically means that you check the structure of the verifiable
credential to see that it's valid so it's like a syntactically
well-formed thing you if the credential scheme has defined you
check that because that will give you a very clear yes it passes
the Json schema or no it does not pass the Json schema.
Manu Sporny: You check to make sure that the verification method
has not been revoked.
Manu Sporny: You check the credential status to make sure that
the credential has not been revoked.
Manu Sporny: And I thought we decided not to do the current time
is between issue and state and expiration.
Manu Sporny: Date because that's a validation rule am I miss
remembering that Joe I remember you having a.
Manu Sporny: Ocean about this.
Joe Andrieu: Yeah I think that particular boundary felt like
sometimes it's a business rule but I think it's a it's a fair
debate as to whether or not that should be part of every occasion
or should be treated as a part of validation because sometimes
the fact that it's expired does not mean that it is unusable for
your use case.
Gregory_Natran: It's great remember having these discussions on
the vert the working group as well.
Gregory_Natran: Of whether a time-stamped one is still valid for
use cases.
<kayode_ezike> Sounds like something to take up in VCWG
Manu Sporny: Yep yeah okay so how about this will create an
issue marker to note that checking current time checking whether
current time is between nations and expiration date is still up
for debate with respect to whether that is a check that's done
during verification ordering.
Joe Andrieu: +1 @Kayoda for raising this in VCWG
<joe_andrieu> @kayode
Manu Sporny: Okay all right and then finally Dimitri that all
that was all discussions that we had while debating the concept
that Dimitri raised but Dimitri also said hey it would be good to
have an events log which is an optional value it's not mandatory
that provides the checks that the verifier performed by default
it is turned off so you will not get an.
Manu Sporny: Log on things.
Manu Sporny: At work checked the presumption there is that we
may need some identifiers for things that were checked like
syntax credential schema verification method revocation
credential status things like that right but I think in general
everyone believed that that was a good feature to have okay.
Manu Sporny: Okay that's.
Joe Andrieu: Hold on man I had one comment on that I think it
was the event log in the case of a successful verification is
optional but in the case of a failed verification then the entire
event log by default should be shared.
Joe Andrieu: So if it succeeds you get a short quick answer if
it fails you get the details as to what actually failed.
Manu Sporny: Got it yep I remember that vaguely as well it does
anyone object to that recollection of last week's discussion.
Manu Sporny: Okay by default that's turned off and successful
verification.
Manu Sporny: However the event log is provided on failed
verification.
Manu Sporny: Is that it doesn't capture everything you said Joe.
<kayode_ezike> Even that event log is optional though, correct?
Manu Sporny: I think it does.
<kayode_ezike> I remember David Chadwick expressed a desire for
that
Manu Sporny: Okay so we've got multiple PR's that need to go in
for that one.
Manu Sporny: Okay so today we are picking up let's see
presentations verify for the patient and verify options in let me
bring up this look like me see.
Manu Sporny: Okay so verifying a presentation.
Manu Sporny: Provides you basically provide a challenge in a
domain in the options object.
Manu Sporny: And that is because typically when there's a
presentation there is a challenge at domain that's supplied.
Manu Sporny: So that seems right to me any thoughts or concerns
about this.
Manu Sporny: About where where the spec is today I think it's
right.
Manu Sporny: These are optional right you don't have to specify
them.
Manu Sporny: See David it's David Chadwick on the call today.
Joe Andrieu: Are we suggesting that if challenge our domain is
stripped by the verifier it just won't do that check.
Manu Sporny: I think so here's my concern so so let's say that
you know this is a VC jot that's coming in or some other type of
you know thing that's got a wrapper around it I don't know what
some of the vcg people are doing when it comes to challenge you
know challenging domain.
Manu Sporny: Because I mean like you audiences used sometimes
you know in those sorts of protocols so the question is are the
VC job folks handling this in different ways anyone is anyone
implementing VC jots on the call.
Manu Sporny: And you.
Manu Sporny: The VC API to do it.
<mike_varley> Avast plans to but has not started...
Manu Sporny: So maybe what we should do is we should check okay
so Mike you're saying of as plans to but has not started.
Manu Sporny: Do you have any inkling on what you would do with
Challenge and dumaine Mike.
Mike Varley: It's a good question so no we haven't looked that
closely at it although I think we're all seams on the call to so
maybe you can correct me but I think the point is we will be
trying to implement that so we should be able to provide Insight
when we get there we're not there yet.
Manu Sporny: Okay so we know that they plan on implementing but
have no.
Mike Varley: Current Insight yes or migrant suggestions.
Manu Sporny: Kurt Kurt Kurt suggestion.
Joe Andrieu: So so right this is for.
Manu Sporny: Yep that's right it's for the presentation.
Joe Andrieu: So our presumption here did we have other language
that establishes that verifying a presentation includes checking
domain and challenge.
Manu Sporny: No we I don't think we had there's any normative
anything yet because that's protocol land and I think people have
been doing it but we don't have concrete spec text about I don't
think I don't think the PC data model specifies well you know I
say that.
Joe Andrieu: It feels like validation to me but if there's
already been consensus established that verifying the
presentation includes that.
Manu Sporny: Checking Challenge and domain.
Joe Andrieu: Right as part of verification as opposed to
validation.
Manu Sporny: I don't think there's consensus.
Joe Andrieu: In other words is this the right party seems like
what you're checking at least with the domain.
Joe Andrieu: The challenges for the person in the middle defense
but.
Manu Sporny: Yeah I'm wondering if it's in the data Integrity
spec I'm trying to figure out I'm trying to remember where this
is I know it's in the security vocabulary oh and uh.
Manu Sporny: Yeah it's nice I don't think it's anywhere it's
just it's a tribal knowledge at this point so I would imagine we
should bring this up in the VC to you know working group but yeah
the whole reason challenging domain is there is the domain is
effectively audience and challenges to prevent replay when you're
doing presentations.
Manu Sporny: Noted that both challenge in.
Manu Sporny: Challenge and Main are not specified or not
normatively specified anywhere in these.
Manu Sporny: Birdies are cry all knowledge point.
Manu Sporny: And is the assertion here that this is a part of
verification the challenge in domain is part of I mean it's
really really supportive validations.
Joe Andrieu: I actually think it's better line with validation.
Manu Sporny: Yeah I think you're right.
Joe Andrieu: Because the question of who is this is to me the
same as you know is this a good issuer.
Joe Andrieu: So the sweet like business rules rather than
cryptographically or procedurally verifiable facts.
Manu Sporny: Nothing man create an issue marker noting that
challenge and domain.
Manu Sporny: And are not normatively defined that presents
should be unknown which spec they should go into VC data model.
Manu Sporny: Yeah the VC dated well let's but should be
discussed in the VC data model at the.
Manu Sporny: At the very least the protocol specification
normatively.
Manu Sporny: Okay okay I think that's it for options for
presentations verify anything else on presentations verify before
we move on to the next item.
Topic: Implementations for /credentials/derive and /presentations/prove?
Manu Sporny: All right so the next item is is basically asking
the question has anybody implemented credentials derive or
presentations.
Manu Sporny: So well let's let's take credentials to arrive
first I think credentials derive was put in there to do BBS style
derivation go ahead and like.
Mike Varley: I'm just jumping on the cue to say that we've
implemented the derive and point exactly for BBS Plus.
Manu Sporny: In implementing it did you was there a question
around whether or not that was the right endpoint or if it was a
presentations derivation or a credentials derivation.
Mike Varley: Um so no we just kind of followed the follow the
Herd on that on that decision so it may not be the right place
for that but we did implement it as it's currently defined and I
apologize I have to drop and I gotta run but I think role since
on the call so if there's other questions maybe he could take
over.
Mike Varley: Sorry there thanks.
Manu Sporny: Okay thanks Mike no problem no problem thanks Mike
Okay so.
Manu Sporny: Asked if anyone had implemented last implemented
but noted that the endpoint might not be in the right place any
other thoughts on credentials derive or presentations derive it
has anyone else implemented it.
Manu Sporny: I think this came from I think Cory put this in
here initially and I'm wondering who else has implemented
derivation but primarily because the BBS plus 2020 stuff was
found to have a security vulnerability in it in that has been
kind of moved away from in the new stuff I don't think is out
there quite yet roll.
Manu Sporny: Listen any any.
Manu Sporny: Like what the timeline is for implementing
derivation in the VC API for Avast.
Rolson_Quadras: Hey man so currently the implemented this class
to ICT Comics me of 2021 right when it was initially defined and
what was tearing the spec we implemented and after that to be
honest right we have haven't cooked attic.
Manu Sporny: And we had residue meaning vegetables are had
reservations about the endpoint in the options and that kind of
thing so we do agree that we probably do need an endpoint for
this but it's not clear if what's being done here is.
Manu Sporny: Doing a.
Manu Sporny: Angel derivation or doing a presentation of a set
of credentials or what in I think to really understand what that
looks like we would need.
Manu Sporny: To look at how signature derivation looks like for
multiple different types of.
Manu Sporny: Credentials sorry multiple different types of
digital proofing mechanisms all right so what options do you send
them what do you send up what do you get back that kind of thing
any other input on this this endpoint.
Manu Sporny: I guess what I'm what I'm wondering is should we
even discuss this right now until you know we'd sorry should we.
Manu Sporny: We mark this as an issue noting that we don't have
an active implementation that's happening right now around
selective disclosure or BBS plus you know pairing base crypto
derivation and just leave it there and not talk about this until
we get to the point of implementing this stuff again should we
take it out of the spec thoughts.
Rolson_Quadras: I think I can talk about the why we implemented
so we had we reason with the API and we had issuer and the
verified we didn't have any holder apis that time right and it
was bit hard to test like without using choppy or browser so I
think that chemicals question was around how to define hold a
repair right two things one is the sign presentation API and the
derive and it was mainly that motivation right to test.
Rolson_Quadras: just like end-to-end using Epi see implemented
these things.
Rolson_Quadras: On that question maybe my opinion probably I'll
defer that to Mike he would have a better idea I've got your
roadmap.
Manu Sporny: Okay that that's helpful and I think that's the
same reason I believe or he said that that was the same reason
they implemented it is because they wanted to demonstrate and
then flows and they had no holder API to derive a credential in
so they created this to meet that use case.
Manu Sporny: I feel like we should warn people that it's a more
than likely will have something like this but it's not being
actively developed at this point right in maybe in the time that
it starts becoming active to actively developed is when we have
you know some BBS plus spec pairing base crypto spec to work
against is that the right timing well so does anyone object to
putting that kind of issue mark.
Manu Sporny: You're in the spec right now.
Manu Sporny: Is not under active development and it will become
under active development once we have an updated BBS plus
specification and then we can basically ask matter on what their
expected timeline there is.
<kayode_ezike> Looks like Manu was booted
Manu Sporny: Start that back up alright and screen share.
Manu Sporny: Okay so we will need an issue marker for the
credentials derive and note that it's not being actively
developed and provide a timeline where.
Manu Sporny: Online when we feel real.
Manu Sporny: Drew development again.
Manu Sporny: Okay so there's that.
Manu Sporny: Okay well that's for credentials derive round
presentations prove although did we take that out.
Manu Sporny: And apologies I'm looking at this kind of.
Manu Sporny: Presentations prove and the exchanges stuff.
Manu Sporny: Is effectively the same thing so / presentation /
prove in the posting to initiate an exchange is effectively the
exact same it's the exact same thing here right any thoughts on
this about this duplication should we remove it we keep it.
Joe Andrieu: Sure I don't understand what proving is so when you
say it's the same as initiate exchange find that very confusing.
Manu Sporny: Yeah I agree this was I think presentation proved
was presentations proved was put in here by or E2 again for the
same kind of thing they needed kind of a bunch of holder apis and
how do you check to see.
Joe Andrieu: So we lost Humanity or I did.
<kayode_ezike> Yeah, he disconnected again
<kayode_ezike> Hahaha
<marty_reed> yup, lost Manu
Joe Andrieu: We lost Humanity that we just lost Manu.
Manu Sporny: Am I am I going again.
Joe Andrieu: Yes you are.
<marty_reed> he's back!
Manu Sporny: Wait wait but you can hear me.
Eric Schuh: Are you just came back you were gone.
Manu Sporny: Okay yeah sorry I guess my.
Manu Sporny: Internet stuff is going in and out what what do we
what language do we use for creating a presentation it's create
isn't it.
Manu Sporny: Does anyone remember.
Joe Andrieu: Yeah that's a good question.
Manu Sporny: Generate verifiable presentations share well what
now but present is it's the step before you present you've got to
create it in the first place right this is literally signing the
the the object I think that's what presentations prove was
supposed to be.
Joe Andrieu: Prove prove is supposed to be the act of creating
the VP.
Manu Sporny: Yes correct I believe that's the case.
Manu Sporny: You issue a credential what do you do to a
presentation.
Manu Sporny: Rate a verifiable presentation.
Joe Andrieu: Yeah I think we only specify that you present it
not what you do to create it before you present it.
Manu Sporny: Yep so that word whatever that word is is probably
what should go in this API endpoint.
Joe Andrieu: Seems like it should be issue.
Manu Sporny: Yep so we.
<andy_miller> Or "present"
Gregory_Natran: But but would you sorry man you would you not be
issuing before you got to the presentation stage.
Manu Sporny: You would issue a go ahead Joe sorry.
Joe Andrieu: I think we're going to say the same thing a
credential is definitely issued by the issuer of that credential.
Joe Andrieu: But then I believe when the holder is preparing to
present it.
Joe Andrieu: You in the presentation seems to be most symmetric
with regarding API.
Gregory_Natran: You should get but that makes sense.
Manu Sporny: Okay well one thing's for sure we need to get
buy-in from the be cwg on what this word is I can't believe we
got through an entire spec without having to define this word.
Manu Sporny: Well maybe.
Manu Sporny: I do believe it because we weren't focused on
protocols and presentation.
Manu Sporny: Okay so how about this PC data model.
Manu Sporny: Issues new issue what is the word what is the
action associated associated with.
Manu Sporny: She doing creating a viable correctly.
Manu Sporny: When creating to create a verifiable credential
press keys.
Manu Sporny: And chill you issue the.
Manu Sporny: To create a verifiable presentation View.
Manu Sporny: What is the word that be like to use for the.
Gregory_Natran: Just just a suggestion man who and what is the
verb that the working group would want.
Manu Sporny: Thank you what is the verb we would like to use for
the creation of the presentation that is unblinking the malignant
one or more PCS to a presentation and then generating a proof on
that presentation is.
Manu Sporny: Hold ER hold ER Bud like one of my reasons rather
than generating proof that presentation okay so that is and I can
take that action to do that okay so going back there was concern
over the word prove not being the right verb to use in this
situation.
Manu Sporny: This were create issue proof options discussed
included great issue in prove any other verbs people want to
throw in here while we're here.
Manu Sporny: The one repair.
Manu Sporny: You say sign.
Manu Sporny: Okay this was raised as.
Manu Sporny: Yep yep alright that down as well.
Gregory_Natran: Ramona I'm just going to put out a suggestion
since I know that proved prepare and all that has been used what
about assemble since you're taking multi you could be taking
multiple credentials could things you're just assembling it up
into a package and shoving it out based on Tuesdays and I and I
don't think assemble will be conflicting with anything else we've
used.
Manu Sporny: Yep agreed okay all right I put the all those and
there's options I'm sure the V CW G will discuss it and pick
something and then that will influence probably what we end up
calling this thing here okay we are at the top of the hour thank
you everyone very much for the engagement on these issues we are
still going through the options but this is important because
like they were.
Manu Sporny: Are actually covering options for the entire.
Manu Sporny: API surface so it will take a bit to get through it
okay so we will cover credentials derive in presentations prove
options well we we will skip credentials derive because we've got
no input right now on it no one's actively developing there and
we'll talk about presentations prove and a variety of other
things that.
Manu Sporny: We need to.
Manu Sporny: Easy API anything else before we go.
Manu Sporny: Okay with that thank you everyone for the call
today have a great week in we will see you next week thanks all.
Received on Tuesday, 28 June 2022 21:28:43 UTC