RE: Publication of VC API as VCWG Draft Note from Mike Jones on 2022-11-20 (public-credentials@w3.org from November 2022)

From: Mike Jones <Michael.Jones@microsoft.com>
Date: Sun, 20 Nov 2022 00:03:29 +0000
To: Brent Zundel <Brent.Zundel@gendigital.com>, Adrian Gropper <agropper@healthurl.com>, Daniel Hardman <daniel.hardman@gmail.com>
CC: Manu Sporny <msporny@digitalbazaar.com>, W3C Credentials CG <public-credentials@w3.org>
Message-ID: <SA1PR00MB1310122DCDCA3445B3AFD448F50B9@SA1PR00MB1310.namprd00.prod.outlook.com>

Manu wrote:

* The VC API has been worked on by people and organizations in the CCG and VCWG, so MikeJ's assertion that it has been worked on by "third parties" that are seeking a "rubber-stamp" is false. A number of us are in the VCWG and desire the work to move into the VCWG (in a non-normative capacity).



The fact that there are some members in common between the CCG and the VCWG is a red herring.  There are lots of members in common between the CCG and the IETF OAuth working group too.  It wouldn't be any more appropriate to ask the OAuth WG to publish the work as an informational RFC than to ask the VCWG to publish it as a note, unless either working group affirmatively decided to take up the work itself.



Manu also wrote:

* The VCWG Charter clearly states this under "Other Deliverables":

"""A Developer Guide consisting of one or more notes related to general implementation guidance and best practices for working with Verifiable Credentials, including but not limited to:

* One or more HTTP protocol definitions for Verifiable Credential Exchange (such as the VC-API) """


Yes, there's a provision in the charter for publishing notes.  It's still a working group decision whether to do so.  I'm of the opinion that, unless the working group chooses to adopt the work as a normative deliverable, that rubber-stamping the work of a different group would be inappropriate and would harm the reputation of the working group.

As Tobias pointed out - what's being proposed for publication isn't a developer guide.  It's a normative API specification, which is explicitly out of scope for this working group.  Saying "but it's non-normative" is disingenuous and doesn't make it true.

                                                       -- Mike

From: Brent Zundel <Brent.Zundel@gendigital.com>
Sent: Saturday, November 19, 2022 3:48 PM
To: Adrian Gropper <agropper@healthurl.com>; Daniel Hardman <daniel.hardman@gmail.com>
Cc: Manu Sporny <msporny@digitalbazaar.com>; W3C Credentials CG <public-credentials@w3.org>
Subject: Re: Publication of VC API as VCWG Draft Note

You don't often get email from brent.zundel@gendigital.com<mailto:brent.zundel@gendigital.com>. Learn why this is important<https://aka.ms/LearnAboutSenderIdentification>
The chairs are conferring with our staff contact and W3M to determine what the options are for bringing the VC-API into the VCWG according to W3C Process and our charter.
Once those options have been clarified they will be presented, then the working group will decide what to do.

________________________________
From: Adrian Gropper <agropper@healthurl.com<mailto:agropper@healthurl.com>>
Sent: Saturday, November 19, 2022 4:37:29 PM
To: Daniel Hardman <daniel.hardman@gmail.com<mailto:daniel.hardman@gmail.com>>
Cc: Manu Sporny <msporny@digitalbazaar.com<mailto:msporny@digitalbazaar.com>>; W3C Credentials CG <public-credentials@w3.org<mailto:public-credentials@w3.org>>
Subject: Re: Publication of VC API as VCWG Draft Note

I objected to the VC-API early and often. I thought I was alone.

Adrian

On Sat, Nov 19, 2022 at 6:19 PM Daniel Hardman <daniel.hardman@gmail.com<mailto:daniel.hardman@gmail.com>> wrote:
I'll also note, and this is probably completely unrelated :P, that
both Microsoft and MATTR are working on APIs related to Verifiable
Credential issuance and presentation in the OpenID Foundation and that
might be factoring into these objections:

https://openid.net/specs/openid-connect-4-verifiable-credential-issuance-1_0-05.html<https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fopenid.net%2Fspecs%2Fopenid-connect-4-verifiable-credential-issuance-1_0-05.html&data=05%7C01%7Cbrent.zundel%40gendigital.com%7Cc287c270703c47e2c9e508daca87798a%7C94986b1d466f4fc0ab4b5c725603deab%7C0%7C0%7C638044980877698183%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000%7C%7C%7C&sdata=UayBm2H3K%2FkzDVJuQOMSoJ9hlvqGGUDpzJxALr0Mm00%3D&reserved=0>

Nah, that couldn't be it. :P

For the record, I object as well, and I am NOT working on APIs related to VC issuance. However, my objections to this API work were raised a couple years ago, two employers aago, so they're not news, and I don't expect them to make any difference now. I'm just bringing them up so that the record doesn't show objections only from MATTR and Microsoft.

The fact is that, although such a document is non-normative, it gets bundled with normative items in the minds of many, and the normative distinction is unlikely to be emphasized by VC-API proponents in their narratives. Publishing such a note is thus a political move by its proponents. The fact that opponents react politically is not surprising and doesn't mean their motives are any less noble than its proponents. Proponents are working on APIs related to VC issuance -- these -- and very much want their APIs to be painted with an official W3C brush.

--Daniel

Received on Sunday, 20 November 2022 00:03:45 UTC