Re: Publication of VC API as VCWG Draft Note from Tobias Looker on 2022-11-20 (public-credentials@w3.org from November 2022)

From: Tobias Looker <tobias.looker@mattr.global>
Date: Sun, 20 Nov 2022 00:37:53 +0000
To: Manu Sporny <msporny@digitalbazaar.com>, W3C Credentials CG <public-credentials@w3.org>
Message-ID: <ME4P282MB1272E1BE4E9BEDB3B1AB998A9D0B9@ME4P282MB1272.AUSP282.PROD.OUTLOOK.COM>
> * The VCWG Charter clearly states this under "Other Deliverables":

The charter is very clear, the purpose of these notes is "A Developer Guide consisting of one or more notes related to general implementation guidance and best practices for working with Verifiable Credentials". VC API is referenced as it is ONE of the possible subjects of a note that a developer guide could be defined for. It does not say that the actual formal definition of the entire API and protocol is the note, otherwise that conflicts entirely with the scope of the charter.

> I'll also note, and this is probably completely unrelated :P, that
both Microsoft and MATTR are working on APIs related to Verifiable
Credential issuance and presentation in the OpenID Foundation and that
might be factoring into these objections:

I'm going to elect to ignore this accusation as it only serves to harm the community when calling into question the integrity of individuals and or participating organizations.

For what it is worth, I participated in the VC API work early days, even built POC implementations. I'm not against its existence nor its desire to become a standard. I just believe it should follow the process of the SDO it's trying to be legitimized under and trying to shoehorn it in as a note to a WG who's charter expressly rules out of scope "API definitions" is not the appropriate path.


Thanks.

[Mattr website]<https://aus01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fscanmail.trustwave.com%2F%3Fc%3D15517%26d%3Dw46s4eMXULV_ns1ZfAKYLbVKcqey_PHiW1WeN4boYw%26u%3Dhttps%253a%252f%252fmattr.global%252f&data=04%7C01%7CSteve.Lowes%40mbie.govt.nz%7C5a65fe33c70b41fd8ba908d976f3a2f1%7C78b2bd11e42b47eab0112e04c3af5ec1%7C0%7C0%7C637671611076709977%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=tKqCMzLUQNCeORd908YqfqZoT7tCy%2FMVwXdjpch1sDY%3D&reserved=0>



Tobias Looker

MATTR
CTO

+64 (0) 27 378 0461
tobias.looker@mattr.global<mailto:tobias.looker@mattr.global>

[Mattr website]<https://aus01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fscanmail.trustwave.com%2F%3Fc%3D15517%26d%3Dw46s4eMXULV_ns1ZfAKYLbVKcqey_PHiW1WeN4boYw%26u%3Dhttps%253a%252f%252fmattr.global%252f&data=04%7C01%7CSteve.Lowes%40mbie.govt.nz%7C5a65fe33c70b41fd8ba908d976f3a2f1%7C78b2bd11e42b47eab0112e04c3af5ec1%7C0%7C0%7C637671611076709977%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=tKqCMzLUQNCeORd908YqfqZoT7tCy%2FMVwXdjpch1sDY%3D&reserved=0>

[Mattr on LinkedIn]<https://aus01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fscanmail.trustwave.com%2F%3Fc%3D15517%26d%3Dw46s4eMXULV_ns1ZfAKYLbVKcqey_PHiW1SbN9fvNg%26u%3Dhttps%253a%252f%252fwww.linkedin.com%252fcompany%252fmattrglobal&data=04%7C01%7CSteve.Lowes%40mbie.govt.nz%7C5a65fe33c70b41fd8ba908d976f3a2f1%7C78b2bd11e42b47eab0112e04c3af5ec1%7C0%7C0%7C637671611076719975%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=t%2BidOI32oaKuTJf1AkcG%2B%2FirIJwbrgzXVZnjOAC52Hs%3D&reserved=0>

[Mattr on Twitter]<https://aus01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fscanmail.trustwave.com%2F%3Fc%3D15517%26d%3Dw46s4eMXULV_ns1ZfAKYLbVKcqey_PHiW1WdMte6ZA%26u%3Dhttps%253a%252f%252ftwitter.com%252fmattrglobal&data=04%7C01%7CSteve.Lowes%40mbie.govt.nz%7C5a65fe33c70b41fd8ba908d976f3a2f1%7C78b2bd11e42b47eab0112e04c3af5ec1%7C0%7C0%7C637671611076729970%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=BD9WWyXEjVGlbpbCja93yW%2FzLJZpe%2Ff8lGooe8V6i7w%3D&reserved=0>

[Mattr on Github]<https://aus01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fscanmail.trustwave.com%2F%3Fc%3D15517%26d%3Dw46s4eMXULV_ns1ZfAKYLbVKcqey_PHiWwGdMoDtMw%26u%3Dhttps%253a%252f%252fgithub.com%252fmattrglobal&data=04%7C01%7CSteve.Lowes%40mbie.govt.nz%7C5a65fe33c70b41fd8ba908d976f3a2f1%7C78b2bd11e42b47eab0112e04c3af5ec1%7C0%7C0%7C637671611076729970%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=4AhRuXZCnU5i3hcngo4H3UiNayYUtXpRcImV4slS1mw%3D&reserved=0>

This communication, including any attachments, is confidential. If you are not the intended recipient, you should not read it - please contact me immediately, destroy it, and do not copy or use any part of this communication or disclose anything about it. Thank you. Please note that this communication does not designate an information system for the purposes of the Electronic Transactions Act 2002.

________________________________
From: Manu Sporny <msporny@digitalbazaar.com>
Sent: 20 November 2022 11:35
To: W3C Credentials CG <public-credentials@w3.org>
Subject: Re: Publication of VC API as VCWG Draft Note

EXTERNAL EMAIL: This email originated outside of our organisation. Do not click links or open attachments unless you recognise the sender and know the content is safe.


On Sat, Nov 19, 2022 at 3:03 PM Mike Jones <Michael.Jones@microsoft.com> wrote:
> I believe it would be improper for us to publish work done by others as our own.  We should not let the working group become a rubber-stamp for third-party work.

Some facts:

* The VC API has been worked on by people and organizations in the CCG
and VCWG, so MikeJ's assertion that it has been worked on by "third
parties" that are seeking a "rubber-stamp" is false. A number of us
are in the VCWG and desire the work to move into the VCWG (in a
non-normative capacity).

* The VCWG Charter clearly states this under "Other Deliverables":

"""
A Developer Guide consisting of one or more notes related to general
implementation guidance and best practices for working with Verifiable
Credentials, including but not limited to:
* One or more HTTP protocol definitions for Verifiable Credential
Exchange (such as the VC-API)
"""

We literally link to the CCG specification in the VCWG Charter when we
talk about non-normative work that's in scope.

> Furthermore, per https://w3c.github.io/vc-wg-charter/#scope, APIs are explicitly out of scope in our charter.  Before we would publish a document with APIs, we would need to recharter to place them in scope.

The text that you paraphrase above is not what the charter states. The
VCWG charter states this, verbatim:

"""
The normative specification of APIs or protocols
"""

We can work on and publish non-normative documents, especially ones
that are called out and linked to specifically in the VCWG charter
such as the VC API.

On Sat, Nov 19, 2022 at 3:24 PM Tobias Looker
<tobias.looker@mattr.global> wrote:
> I don't believe this item is appropriate for publishing as a note, as cited by others on this thread the charter clearly rules out of scope API definitions. VC-API is mentioned under section 2.4 - other deliverables, however as clearly articulated there, the intent is to publish a developer guide for implementation best practices of the VC-API and this document is not such a resource, instead it is the entire definition of the API and protocol.

Inaccurate, see above.

I'll also note, and this is probably completely unrelated :P, that
both Microsoft and MATTR are working on APIs related to Verifiable
Credential issuance and presentation in the OpenID Foundation and that
might be factoring into these objections:

https://openid.net/specs/openid-connect-4-verifiable-credential-issuance-1_0-05.html

Nah, that couldn't be it. :P

-- manu

--
Manu Sporny - https://www.linkedin.com/in/manusporny/
Founder/CEO - Digital Bazaar, Inc.
News: Digital Bazaar Announces New Case Studies (2021)
https://www.digitalbazaar.com/
Received on Sunday, 20 November 2022 00:38:14 UTC