W3C home > Mailing lists > Public > public-credentials@w3.org > November 2022

Re: Publication of VC API as VCWG Draft Note

From: Manu Sporny <msporny@digitalbazaar.com>
Date: Sat, 19 Nov 2022 17:35:35 -0500
Message-ID: <CAMBN2CSgrX1PrNWVTgcqLT5NZrU8v0d_Ps5nN0ZmnRh2MM7EqQ@mail.gmail.com>
To: W3C Credentials CG <public-credentials@w3.org>
On Sat, Nov 19, 2022 at 3:03 PM Mike Jones <Michael.Jones@microsoft.com> wrote:
> I believe it would be improper for us to publish work done by others as our own.  We should not let the working group become a rubber-stamp for third-party work.

Some facts:

* The VC API has been worked on by people and organizations in the CCG
and VCWG, so MikeJ's assertion that it has been worked on by "third
parties" that are seeking a "rubber-stamp" is false. A number of us
are in the VCWG and desire the work to move into the VCWG (in a
non-normative capacity).

* The VCWG Charter clearly states this under "Other Deliverables":

"""
A Developer Guide consisting of one or more notes related to general
implementation guidance and best practices for working with Verifiable
Credentials, including but not limited to:
* One or more HTTP protocol definitions for Verifiable Credential
Exchange (such as the VC-API)
"""

We literally link to the CCG specification in the VCWG Charter when we
talk about non-normative work that's in scope.

> Furthermore, per https://w3c.github.io/vc-wg-charter/#scope, APIs are explicitly out of scope in our charter.  Before we would publish a document with APIs, we would need to recharter to place them in scope.

The text that you paraphrase above is not what the charter states. The
VCWG charter states this, verbatim:

"""
The normative specification of APIs or protocols
"""

We can work on and publish non-normative documents, especially ones
that are called out and linked to specifically in the VCWG charter
such as the VC API.

On Sat, Nov 19, 2022 at 3:24 PM Tobias Looker
<tobias.looker@mattr.global> wrote:
> I don't believe this item is appropriate for publishing as a note, as cited by others on this thread the charter clearly rules out of scope API definitions. VC-API is mentioned under section 2.4 - other deliverables, however as clearly articulated there, the intent is to publish a developer guide for implementation best practices of the VC-API and this document is not such a resource, instead it is the entire definition of the API and protocol.

Inaccurate, see above.

I'll also note, and this is probably completely unrelated :P, that
both Microsoft and MATTR are working on APIs related to Verifiable
Credential issuance and presentation in the OpenID Foundation and that
might be factoring into these objections:

https://openid.net/specs/openid-connect-4-verifiable-credential-issuance-1_0-05.html

Nah, that couldn't be it. :P

-- manu

-- 
Manu Sporny - https://www.linkedin.com/in/manusporny/
Founder/CEO - Digital Bazaar, Inc.
News: Digital Bazaar Announces New Case Studies (2021)
https://www.digitalbazaar.com/
Received on Saturday, 19 November 2022 22:36:23 UTC

This archive was generated by hypermail 2.4.0 : Saturday, 19 November 2022 22:36:24 UTC