[MINUTES] W3C CCG CCG Verifiable Credentials for Education Task Force Call - 2022-10-03

Thanks to Our Robot Overlords and Our Robot Overlords for scribing this week!

The transcript for the call is now available here:

https://w3c-ccg.github.io/meetings/2022-10-03-vc-education/

Full text of the discussion follows for W3C archival purposes.
Audio of the meeting is available at the following location:

https://w3c-ccg.github.io/meetings/2022-10-03-vc-education/audio.ogg

----------------------------------------------------------------
VC for Education Task Force Transcript for 2022-10-03

Agenda:
  https://lists.w3.org/Archives/Public/public-vc-edu/2022Sep/0024.html
Topics:
  1. IP Note & Call Notes
  2. Announcements
  3. Main Topic: Velocity Network
Organizer:
  Kerri Lemoie
Scribe:
  Our Robot Overlords and Our Robot Overlords
Present:
  Kerri Lemoie, Naomi, Andy Griebel, TimG, Steven Eisler, Tim 
  Dutta, Stuart Freeman, Akshar Patel, Sharon Leu, Simone Ravaoli, 
  Charles E. Lehner, xander - ASU/Pocketw, TallTed // Ted Thibodeau 
  (he/him) (OpenLinkSw.com), Geun-Hyung, David Chadwick, David 
  Ward, Dave McCool (Muzzy Lane), James Chartrand, Dmitri 
  Zagidulin, Jim Kelly, Janko, John Kuo, Jeff O Human OS, Moshe 
  Tzvi Wieder, Colin, Learning Economy, Tayken (LEF), Kayode Ezike, 
  Jim Goodell, Phil L (P1), Keith Kowal, Azeem, Allyson Parco, 
  Deepak Kulkarni

<kerri_lemoie> Hello all - we'll start in a couple of minutes
Our Robot Overlords are scribing.
Kerri Lemoie:  Sorry for the delay everybody.

Topic: IP Note & Call Notes

<kerri_lemoie> Meeting archives: 
  https://w3c-ccg.github.io/meetings/

Topic: Announcements

<kerri_lemoie> Plugfest2 : 
  https://w3c-ccg.github.io/vc-ed/plugfest-2-2022/
<kerri_lemoie> To stay in the loop on events at VC-EDU, join the 
  mailing list: send an email with the subject “subscribe” and no 
  message to public-vc-edu-request@w3.org
<kerri_lemoie> Emails are archived here: 
  https://lists.w3.org/Archives/Public/public-vc-edu/
<kerri_lemoie> Upcoming CCG Meetings & Events: 
  https://w3c-ccg.github.io/announcements/
<kerri_lemoie> Registration is still open for the Internet 
  Identity Workshop (IIW) November 15-17: 
  https://internetidentityworkshop.com/
https://drive.google.com/file/d/1k2c_gq1G3nznFJfqLvca1d0vnmQe8tlK/view?usp=sharing
Our Robot Overlords are scribing.

Topic: Main Topic: Velocity Network

Naomi: To the network foundation and this is one of the features 
  that this is an example of our board now and this is an example 
  of the distributed governance that and the role of members of 
  velocity and it's important to clarify that in terms of the 
  exchanges that velocity enables anyone can participate on the 
  network it's open it's free all the documentation is online the 
  difference is that a members are the.
Naomi:  only ones that participate in governance and can.
Naomi: Ode velocity as I did not get to mention it is a 
  blockchain enabled and distributed Ledger where the only 
  information that's stored on chain is for the verification the 
  keys there's no pii stored unchain with that I thought that this 
  might be a meaningful moment and slide to have up when you know 
  most Jet City if you want to dig in and answer some of those 
  questions and points that Kerry raised.
Moshe_Tzvi_Wieder: Sure no problem so I guess in no particular 
  order yeah the the question about how could other wallets 
  interact with with the network so and it really goes back to the 
  defined protocols as we mentioned the foundation is who decides 
  kind of what the protocols are those Protocols are public 
  published on our website even the the exist.
Moshe_Tzvi_Wieder: All that we mentioned as a placeholder it's 
  open source and any organization that would like to implement 
  their own wallet as opposed to starting from scratch is as 
  welcome to become a part of the the network and take that open 
  source code and turn it into whatever they need the the wall it 
  is based on defined protocols for sharing.
Moshe_Tzvi_Wieder: The credentials and receiving them from 
  issuers and sharing them with with inspectors and any wallet that 
  chooses to implement those protocols would inherently be able to 
  therefore receive issued credentials that are issued a part of 
  the the velocity Network and would also be able to inspect or 
  sent that wall would then be able to send those credentials to to 
  inspection by any organization that implements.
Moshe_Tzvi_Wieder:  the inspection protocols on the network and 
  so.
Moshe_Tzvi_Wieder: It's completely open I believe even on our 
  website right now we have a number of examples of different 
  organizations that some of them have already implemented and some 
  of them are the process of implementing their own wallets that 
  comply with those protocols I think there's six or seven that are 
  up on the website at the moment and so the the wallets are really 
  open to whoever is interested in participating in the in the 
  network if there's an existing wallet.
<tim_dutta> What blockchain networks are you connected to?
<phil_l_(p1)> link to the list of support protocols for VC 
  exchange please?
Moshe_Tzvi_Wieder: Her of adding the those protocols to their 
  wallet so that they can then interact with velocity credentials 
  on the velocity Network as well so I think that may have 
  addressed both of your questions both about sort of the wallet 
  openness as well as the general interoperability because it's 
  just publicly defined standards that as long as you're 
  implementing that protocol you can interface regardless of what 
  peace.
Moshe_Tzvi_Wieder:  of the the.
<tim_dutta> Are they tokenized?
Kerri Lemoie:  Thank you I have a few questions in the chat one 
  is from Tim as it will Block Chain networks are you connected to.
Moshe_Tzvi_Wieder: Yeah so it's a good question I want to clarify 
  though because there's something that I think is is sometimes 
  missed it's really important especially in light of what what no 
  me clarified earlier individuals personal information their 
  credential information is not stored on the Chain the individuals 
  information about their credentials is only there's in their 
  mobile wallet there is no Central database with everybody's 
  information.
Moshe_Tzvi_Wieder:  Nation nor is there.
Moshe_Tzvi_Wieder: That noise that information public on the 
  blockchain such that if I were to hack a blockchain node I would 
  be able to get access to people's personal information people's 
  personal information their credentials only exist in their mobile 
  wallet that is the entirety of where it exists what happens to 
  the chain is to solve a particular issue so and I'll just explain 
  the issue just so we're we can understand what is stored on chain 
  which is.
Moshe_Tzvi_Wieder: Storing your personal credential information 
  what's to stop you from going into that credential file that's on 
  your mobile device and changing some of the information there and 
  maybe you want to give yourself a degree from from Harvard 
  instead of jail or whatever and so in order to prevent that when 
  the credential is issued from the issuing institution it is 
  encrypted with public private key encryption and so what you have 
  on your wallet then is an encrypted version of your credential 
  and the.
Moshe_Tzvi_Wieder:  public key.
<dmitri_zagidulin> er.. the issuer's signature is what prevents 
  you from changing it :)
<keith_kowal> It might be good to clarify the Velocity business 
  model? My historical understanding is that verifiers need to pay 
  to verify credentials.
Moshe_Tzvi_Wieder: Locks that goes on to the blockchain and 
  that's what's out there it's just a key the the specific 
  technical blockchain that that we're using were using a therians 
  blockchain implementation to at answer your question and then on 
  the flip side when you share your credential with a relying party 
  for it to be validated they go to the blockchain they get the 
  public key and only if you have it tampered with the credential 
  file that's on your device.
Moshe_Tzvi_Wieder:  well that public key still match your 
  credential file.
<phil_l_(p1)> Have you moved on your ethereum to PoS from PoW?
Moshe_Tzvi_Wieder: And allow it to be unlocked and that's how we 
  know you haven't tampered with it throughout the period of time 
  that you were holding it so the Block Chain is used as part of 
  the solution but really as an ancillary piece to solve a 
  tamper-proof problem and it's not none of the core information is 
  stored on the chain.
<tim_dutta> So it is tokenized?
<tim_dutta> thank you.
Kerri Lemoie:  Yeah I just had a few hours before I get to your 
  question Keith I see you there to Tim at a follow-up about a 
  tokens and if I'm any of the credential or tokenized or if you're 
  using any of that method.
<dmitri_zagidulin> @Phil - you should q+
Moshe_Tzvi_Wieder: The credentials are not tokenizer they are 
  stored on the in the wallet on individuals wallet.
<tim_dutta> thank you
Kerri Lemoie:  Yeah I can we can help.
Naomi: If I'm a real quick carry to support can you still see my 
  screen okay good so one thing is to I was sharing before and I 
  think it drop down is the actual website and for example I was 
  talking about the different schemas for the different types of 
  credentials and all of the documentation is posted on the website 
  and it really gives you no instant access to some of the sdks and 
  instructions for how to get started.
Naomi:  started so that any entity that wants to issue.
<phil_l_(p1)> +Q Have you moved on your ethereum to PoS from PoW?
Naomi: Network or even build a wallet as machete had mentioned 
  the information is all posted on here and it's just navigable by 
  the through the velocity website so if this cooperates here my 
  internet cooperates it doesn't seem to be basically on the 
  developers tab you can click through to this kind of inventory of 
  information.
Kerri Lemoie:  That's great thank you and I'm that page there is 
  there information about Phil ordered it I like the protocols 
  supporting for the VC exchange like be Capi open IDC is Roi DC is 
  that included as part of this list on this document.
Naomi: I don't think that that level of information included only 
  because velocity encourage organizations to to interact with 
  velocity using the SDK however you know for example for the 
  plugfest were making the move to the oid see protocol so that may 
  be something that the team can add for the future.
Kerri Lemoie:  Okay great thanks I'm going to go to Keith's 
  question here he was wondering he's saying I was wondering if you 
  could clarify more about the business model will probably go get 
  back to the text after everybody because his understanding is I 
  verify received to pay to verify credentials.
Naomi: So high so I can absolutely dig into that and that was 
  actually the next slide can you still see my screen and see the 
  PowerPoint now or.
Kerri Lemoie:  Do you know why don't we pause on that then 
  because we had some technical questions still so let's just stay 
  here for a minute we'll get back to you okay Dimitri you're in 
  the queue.
Dmitri Zagidulin:  Hi yeah I just wanted to clarify it sounded 
  some of the some of the things more show is was saying seemed 
  fairly exotic in the in the credential ecosystems I just wanted 
  to clarify understood right so the question was what prevents 
  users from changing the credential and typically in the 
  verifiable credential ecosystem it's the signature.
Dmitri Zagidulin:  Encryption instead did I understand correctly.
Moshe_Tzvi_Wieder: It is it is when you say the signature of the 
  issuer so I we may be talking about the same thing what happens 
  is when the issuer issues that credential they are essentially 
  encrypting that credential with a with all the private key 
  encryption and that public the public key that's used to encrypt 
  that credential is what to put on the on the Chain but it's 
  essentially the signing Act of the issuer which is causing that 
  to happen.
Moshe_Tzvi_Wieder:  but it is.
Moshe_Tzvi_Wieder: That right and so that way while I've got that 
  credential file in my mobile device I can't go in and manipulate 
  it in any way because if the only thing that happened was that I 
  when I received that credential the name of the issuer came along 
  with it or the signature of the you know the the issuer came 
  along with it I could still go in and change it right and so the 
  it's the fusion of those two at the time of verification when I 
  then.
Moshe_Tzvi_Wieder:  take that public verification.
Moshe_Tzvi_Wieder: That matches the encrypted credential file the 
  marriage of those two the fact that they still match is what 
  ensures me that no nothing tampered with it along the way there.
Dmitri Zagidulin:  I see I think I think maybe know I think we 
  may be using the word encrypted differently usually in our 
  community encrypted means ciphered meaning nobody can access it 
  except the person who encrypted it.
Dmitri Zagidulin:  Which I don't think is what you're saying is 
  it.
Dmitri Zagidulin:  The plain text.
Moshe_Tzvi_Wieder: So when you see nobody can access it you mean 
  nobody can see the plaintext yeah so that is that is that is to a 
  certain extent what what we're saying but it's it's not 
  necessarily so the encrypt and maybe so maybe encryption is is a 
  common word and not exactly what's what you're intending but it's 
  a it becomes.
Moshe_Tzvi_Wieder: And there is the public key that matches that 
  that encoded file the the encoded file itself is not in plain 
  text it is it is encoded it's if you're you know it sounds like 
  you're familiar with the technical back side so it's a g it's.
Dmitri Zagidulin:  I think this group in general is fairly 
  technical.
Moshe_Tzvi_Wieder: Okay fine so it's a JWT it's a sort of version 
  of a JWT that if you go to any JWT reader legitimate E I O U be 
  able to drop it in there and be able to see what it contains in 
  clear text but because it is encoded if you change any of the 
  bits the public key that's on the Chain won't match anymore at 
  the time of verification.
Dmitri Zagidulin:  And this is okay I'll let sorry I don't mean 
  to.
<phil_l_(p1)> That's a great idea Naomi
Naomi: Yeah and Dimitri you know we have an outstanding date to 
  put you together with Andres Andres unfortunately is on 
  Australian time so making it 11:00 meeting with near impossible 
  for him he's on Sydney time but we can absolutely if anyone has 
  additional questions schedule another meeting maybe at a five 
  time to even answer the deeper even more technical questions.
Dmitri Zagidulin:  Overdue you fell.
Kerri Lemoie:  I see before me go to hell I'm going to I'm going 
  to cut in line Phil sorry one second because one thing we did 
  really talked about yet is learner identity how is identity 
  defined is there's a come from the wallet but who defines as the 
  identity.
Kerri Lemoie:  And what are you using for identity.
Moshe_Tzvi_Wieder: I guess the question for me now me so.
Naomi: Yeah yeah yeah.
Kerri Lemoie:  Oh yeah sorry I should have been more specific I'm 
  sorry yes please.
<cel> what was discussed sounds like integrity protection 
  (signing/signatures), not encrypting/encryption
Moshe_Tzvi_Wieder: No worries so at the at the moment we're not 
  doing identity binding the and there's not a concept of personal 
  dudes or anything like that essentially the we're using did I on 
  for the issuers and we're using as well as for the inspectors and 
  different actors in The organizational actors in the network are 
  all registered and have a did.
Moshe_Tzvi_Wieder:  did unique ID that's a.
Moshe_Tzvi_Wieder: The individuals and their wallets are 
  identified as they claim their identity credentials in their 
  wallet so as an example right when you download the walls for the 
  first time and you fire it up the first thing it asks you to do 
  or suggest you do is to claim a email account and claim a phone 
  number we also allow you to use a driver's license and claim 
  Social.
Moshe_Tzvi_Wieder:  remember driver's license ID passport you can 
  use to.
Moshe_Tzvi_Wieder: Remember and so you become the holder of those 
  identity credentials and then using those identity credentials 
  you can then go and claim other credentials.
Kerri Lemoie:  Making sure that all right Phil you have the floor 
  now please thanks.
Phil_L_(P1): Can you hear me.
Phil_L_(P1): Okay thank you you made a brief side comment about 
  using ethereum I was just wondering if you're using the etherium 
  before with the same po W consensus or have you burned moved over 
  since they've implemented proof of.
Moshe_Tzvi_Wieder: Yes we're still using the the proof of w yeah.
Phil_L_(P1): Yeah so using magnetic got it okay thank you.
Kerri Lemoie:  Okay great why don't we all move on to that 
  business model discussion we could always Circle back to 
  questions people have.
<tim_dutta> Tim Dutta says:So you are requiring all participients 
  of the network to be registered on ION Blockchain and Etherum 
  Networks?
Naomi: Absolutely I think you're still seeing my screen I'll make 
  it a little bit bigger one of the things that people ask about is 
  not only the business model but also like hey we've heard that 
  you know there's a credit system Etc velocity and absolutely I 
  mentioned that velocity started out originally thinking about the 
  adoption problem that's part of what drove the conversations with 
  the HR is Tech providers and that's also you know what drove.
Naomi:  you know.
Naomi: Some of the.
Naomi: The members of the founding members were organized but the 
  other part of driving adoption is that they realize to get 
  everyone to start to issue credentials there would need to be 
  some incentive to participate in this kind of system and so the 
  way velocity is structured contributors anyone who contributes to 
  the network and this doesn't have to be a member this can be any 
  organization that issues credentials they can issue in their.
Naomi:  own world where they're currently.
Naomi: Two other networks as well and then once they issue to 
  Velocity they get credit and the person accepts the credential I 
  will add that once that credential is accepted they get credit 
  for having issued that credential and then they can hold those 
  and then when a verifier goes to verify a credential not just to 
  view a credential but to verify the credential they have to buy 
  credits and use credits to make that verification happen.
Naomi:  oh and so it creates an opportunity for this Market.
Naomi: So it gives that opportunity for anyone who issues a 
  credential to monetize and get a benefit Financial benefit out of 
  issuing their credentials and that's really important in the 
  sense that we're asking a number of organizations to basically 
  disrupt their current business models and think differently about 
  them and even on the verification side the idea here is that the 
  most static pieces of data about a person like your education 
  employment record like if I went to a certain School I've still.
Naomi:  will I've always gone to that certain school it's not 
  something that changes data.
Naomi: Middle background where I could run out and robbed a bank 
  tomorrow and then my record changes that information for 
  background check providers is often hard to verify and slow and 
  it creates a lot of friction in their process at the same time 
  it's static so it doesn't have to be so slow and it can be 
  absolutely something that's issued as a credential and instantly 
  verified and reduces a lot of the time and effort for getting 
  people into jobs and so that's really this idea.
Naomi:  in here is that we can in sent more issuance of digital.
<keith_kowal> So I think the business model ties back to Dmitri's 
  question. I believe the credential is "encrypted" because the 
  verifier needs to pay to decrypt the credential to view its 
  contents. Correct?
Naomi: Jules and then the background check providers were 
  actually making changes to the way they think about their 
  business models as well to be able to participate and and kind of 
  simplify the parts that they can simplify and use and use their 
  expertise has on some of the harder to solve things that are more 
  transient in a person's record and so just wanted to talk to the 
  business model I know that question came up and did I speak to it 
  sufficiently in terms of hey there's a.
Naomi:  I heard verifiers have to pay that's the way this.
Naomi: System is set up.
<tim_dutta> Are your employer partners willing to pay for 
  verification?
<sharon_leu> What is the incentive for individuals to share their 
  credentials?
Kerri Lemoie:  Fix em I don't see anyone else in the queue right 
  now so you keep going thank you.
Naomi: Okay and and then in terms of the roles in velocity 
  network is there are several known roles I think this is 
  important to clarify so we mentioned members and what members do 
  members are on the board of directors and shape you know the 
  practices of the network they can be networked stewards which is 
  they operate a node or they could be advisory members where the 
  action tends to happen that we think about is you've got your 
  individual.
Naomi:  being a wall.
Naomi: And again that can be any wallet and then you've got 
  people that want to issue credentials and folks that want to 
  verify those credentials and so velocity splits out the role of 
  the issuer for example from the credential agent operator where I 
  might be a school they Naomi University and I want to issue 
  credentials but I'd maybe I'm a small school I don't have a lot 
  of funds I don't have a big it department so I don't want to do 
  that myself I want to have it credential agent operator do that 
  technical Workforce.
Naomi:  for me the issue Mike.
<dmitri_zagidulin> @Keith - great question, you should hop on the 
  queue to ask
Naomi: Goals and so in this model both organizations kind of get 
  credit and split the credit for having issued the credential to 
  Velocity and that's a really important role and then here notary 
  issuers are like your background check providers that may be 
  verified my record and those are right highly regulated players 
  it's a highly regulated industry and only a individual I'm sorry 
  an organization that.
Naomi:  is in that.
Naomi: A group can participate as a notary issuer you know say I 
  Naomi worked for a company 10 years ago that then when a business 
  but it was verified once that I did in fact work there they can 
  issue that credential on behalf of that organization and so 
  that's the role of the notary issuer and then you see your linked 
  open data players here and so forth and so this kind of gives a 
  little bit of the different roles in velocity Network and what 
  they do on the network any kind of questions in that space yeah.
Kerri Lemoie:  Yeah these may have come just before you got there 
  so I assume they're in the church had so once your name Tim and 
  you want to know if your employer partners are willing to pay for 
  verification.
Naomi: Yes they are because it's expected to be a lot cheaper 
  than what they're currently paying.
Kerri Lemoie:  And I share an ass up here I'm what's the 
  incentive for individuals to share their credentials.
<tim_dutta> Thank you!
Naomi: Ah that is whether they want to get opportunities and that 
  is in the space of the wallet itself in terms of when they and I 
  guess I should pull back so one of the things that velocity is 
  doing is we're starting to work on these closed-loop ecosystems 
  with large employers that if their HR is systems and even 
  Partnerships with the institutions that are issuing certain 
  credentials for example one of our.
Naomi:  are clusters is a healthcare cluster where.
Naomi: Hospital system is trying to hire for example nurses and 
  so forth to create these closed-loop ecosystems and the incentive 
  for sharing your credentials is that you can more quickly get 
  processed and hired on to a new organization.
Kerri Lemoie:  Very interesting thanks near me I'm Phil P1 you're 
  in the key of the floor.
Phil_L_(P1): Sure thank you when you're when you're talking about 
  the credential notaries are they what's a little bit unclear to 
  me is are they signing in lieu of the institution themselves do 
  they have in some sense the institutions or an Institutional 
  identifier of the former student for example that they're using 
  or how does that work.
Moshe_Tzvi_Wieder: Yeah let me let me go.
Naomi: Yeah this is limited to background check providers at 
  present it's a very specific role to answer your question in more 
  detail and it's as far as I know it's not necessarily on the 
  institution side it's only on the employment side but Phil I can 
  get back to you with more information on that in the sense that 
  it's not my expertise per se I know they have a very limited 
  slice of a role and actually we've had some requests.
Naomi: 2R even rethink what notary issuer means to expand it but 
  to my knowledge the foundation has not explored any expansion of 
  that role yet yeah.
Moshe_Tzvi_Wieder: And no me just to add to your just just add to 
  your response as well so the when the notary issues or issue or 
  science credentials it's with their own signature it's not with 
  the original issuing institution signature so it's very clear 
  that it's on behalf of and it's not the actual it doesn't have 
  the same weight as the Visa issuing institution itself signing 
  it.
Phil_L_(P1): So it's not a multisig credential in that sense.
Moshe_Tzvi_Wieder: Multisig credential what do you mean.
Phil_L_(P1): Meaning that there's multiple signatures on the 
  credential one from.
Moshe_Tzvi_Wieder: I know it's just you know there's a single 
  there's a single signature on the credential and against the 
  Notre Dame yeah.
Phil_L_(P1): Okay okay got it thank you.
Naomi: And thank you Moshe for contributing that so then you know 
  in terms of like our secret sauce what we what we get to in the 
  end of all these pieces being put together is this public open 
  fully decides Network controlled and governed by participants and 
  right now it's 28 blockchain nodes run by 15 organizations and 
  periodically there's been a call for participation on you know 
  for additional members want to come in and.
Naomi:  run a node so that's a maybe I think it's twice.
Naomi: There's a call for four members to participate in that way 
  but that's the current status of the network and the velocity 
  Tech stack is fully available royalty free open source and as I 
  showed you on line the documentation is you know fully accessible 
  online it's constantly under updating you know under revision and 
  review if you see anything that you think would be helpful to 
  have in the documentation please absolutely.
Naomi:  Italy reach out to me I know that even some of care.
Naomi: Start to probe to opportunities for us to expand the 
  discussion further or if you find anything that is an error you 
  know please do let us know of course there's a lot of 
  documentation to maintain but the idea is to make everything is 
  accurate and open as possible I'll show you real quick a little 
  bit of that we're live we're focused on adoption these are some 
  of our current updates so we've got a cluster strategy and we're 
  starting with regulated credentials first.
Naomi: We're getting some of the largest employers to opt-in and 
  this particularly is focused on a healthcare cluster and there's 
  also a banking cluster in the EU.
Naomi: And using other screening industry to focus as notaries 
  where necessary and that the largest job boards are serving as 
  distribution channels to individuals and so together with the HR 
  Tech Ventures serving as distribution channels to employers so 
  this is kind of like the operational strategy although there are 
  other clusters that are popping up and other types of issuers 
  that are starting to get involved and start publishing tool.
Naomi: And then this slide real quick just covers a website which 
  I showed you in some of the documentation available we do have 
  all of our content from the New York City General Assembly from 
  the summer posted online and you can read and kind of see what 
  different actors in velocity have started doing with with the 
  tildy layer of the lot velocity provides and then Mo she may be 
  able to talk to this further I do get questions about like hey 
  well what happens if you're not using.
Naomi:  using the large systems the HR Tech providers.
Naomi: Box out small businesses from participating and or small 
  institutions from participating and the answer is no because if 
  you're not using one of those platforms you can still you know 
  work with an issue a different kind of issue where we're starting 
  to see more open types of opportunities for issuing credentials 
  and you can work with one of those Partners to issue your 
  credentials to Velocity and from a receiving end this also this 
  web verification service will be live shortly and.
Naomi:  it will enable.
Naomi: Verification of the credentials on velocity without direct 
  verification through your HR Tech provider while those systems 
  and those Integrations are still being developed motions if you 
  do you have anything you kind of want to add here because I know 
  this is more your world.
Moshe_Tzvi_Wieder: Thanks thanks for offering no I think you did 
  a fine job explaining it essentially the way we think about this 
  is allowing individuals offering the individuals a service 
  whereby their credential becomes hosted in this is more of like a 
  SAS centralized model where the if the individual wants their 
  credential hosted.
Moshe_Tzvi_Wieder:  so that.
Moshe_Tzvi_Wieder: Anyone that they give they give the the the 
  generated link to can go in and validate the credential then you 
  know this this makes that available and as no me pointed out that 
  the reason that were you know going down this path and as an 
  additional component to our framework is that it then allows any 
  organization regardless of whether they have any.
Moshe_Tzvi_Wieder:  TS regardless of whether their 80s is.
Moshe_Tzvi_Wieder: Yet integrated with the velocity Network or 
  not to Simply follow a link come to a website and then click to 
  verify the credentials if they want to.
Naomi: Okay any other kind of questions coming up in the chat I 
  see it moving and I it's hard to decipher what is us talking and 
  what is questions.
Kerri Lemoie:  Yes again keeping an eye on it the transcriber 
  really fills up the Chatham's his P1 is a he's in the queue so 
  I'm going to give him the floor.
Phil_L_(P1): Sure what about what about self issued credentials 
  the the verify the VC model certainly supports an individual 
  creating their own credential is that I'm not sure how that fits 
  into the description you described.
Moshe_Tzvi_Wieder: Yeah so that's there certainly is the ability 
  for an individual to go into the wallet and and add credentials 
  that you know that self-reported credentials as we call them 
  verifying self-reported credentials doesn't have a lot of meeting 
  right because that you're never going back to the source 
  institution because it's just something that the individual 
  created themselves but there certainly is it's supported by the 
  network and part of the.
Moshe_Tzvi_Wieder:  wall in framework.
<simone_ravaioli_(vc_edu)> How many credentials have been 
  verified or issued by Velocity so far ?
Moshe_Tzvi_Wieder: You can go ahead and do it and and by the way 
  anyone who wants to is more than welcome to go to the app store 
  or the Google Play Store and download our wallet and play around 
  with its no-cost it's free and you can kind of see the 
  functionality that's there.
Kerri Lemoie:  Thanks I keep you at the floor.
Keith Kowal:  Yeah thank you for the great presentation I think 
  there's a lot of room for this type of product in the market I 
  guess my question is I mean a lot of flies talk about it being 
  kind of decentralized and open but at the same time I mean if one 
  considers the architecture where I go everything needs to go 
  through an SDK you have the web services which I'm just going to 
  assume is all operated by velocity Network that would seem to be 
  like a large centralizing function like everything needs to go 
  through velocity I am maybe I'm missing.
Keith Kowal:   Being here like how do you.
Keith Kowal:  How do you adhere the principles of 
  decentralization yet maybe have so much centralization.
Moshe_Tzvi_Wieder: So things don't need to go through velocity 
  the the wallet and the SDK is there as a basis it's as I 
  mentioned for to open source and and we would love nothing more 
  than for there to be several other wall Riders implementing the 
  the protocols and we can retire our wallet right we don't want to 
  be in a wallet business we just created one now because like just 
  just so there's an example out there for people to have and 
  there's something functional.
Moshe_Tzvi_Wieder: If it's not at all and even then it's not 
  going through our servers or anything like that right the only 
  communication that takes place is peer-to-peer right so when a 
  issuing institution issues credentials they're issuing it 
  directly to the the wallet that an individual's holding and then 
  that individual is sharing it directly with inspecting 
  institution and velocity is not any part of the those those.
Moshe_Tzvi_Wieder:  channel so maybe.
Moshe_Tzvi_Wieder: Mental models little different than what you 
  had in mind but it is you know legitimate he decentralized or not 
  things are not coming through us we don't have access to the 
  credentials that are that are being shared or anything like that.
Naomi: And keep the bat did that help clarify and kind of give 
  you the perspective yeah okay good.
Kerri Lemoie:  Xander you have the floor.
Xander_-_ASU/Pocketw: Thank you so much I just had a couple of 
  quick kind of Rapid Fire questions around the mobile wallet in 
  particular I had pulled up the example while it's on GitHub and 
  it read the documentation you'll quick it doesn't really clean 
  clear how exactly are you doing the wallet implementation like 
  are you using Ursa or did you do your own like what's underneath 
  for storage there.
Xander_-_ASU/Pocketw: All right so then maybe I can bounce up one 
  level higher.
Naomi: I'll put yeah.
Moshe_Tzvi_Wieder: That's deeper than me I apologize that I'm 
  happy to I'm happy to get you on a call with with with architect 
  our mobile team lead but I honestly don't know what what there is 
  what the wall is internally using as its storage model I don't 
  know.
<naomi> naomi.szekeres@velocitycareerlabs.com
Xander_-_ASU/Pocketw: Yeah I know where is I checked the 
  dependencies I thought I might find it there but it I can refine 
  so the next question is can you I don't think this has been 
  mentioned I apologize if I missed it but look what protocol is 
  being used specifically to communicate between issuers and 
  wallets and verifies that all in HTTP API or are using some kind 
  of other medium for transmitting these communications.
Xander_-_ASU/Pocketw: Yeah that's what it looked like to me I 
  just kind of wanted your clarification are so then my final 
  question.
Xander_-_ASU/Pocketw: It might be.
Moshe_Tzvi_Wieder: I believe it I believe it is HTTP I believe it 
  is but again we can yeah yeah it should be a specialist say it's 
  HTTP but yeah I am pretty sure it is but again if it's important 
  I'm happy to we can get back to you with yeah no problem.
Naomi: Yeah and I just put my I just put my email in the chat so 
  if you have any questions that we can answer on this call like I 
  said Andres really knows all the weeds and he's not available 
  today at this time so you know we'd be happy to set up a call to 
  really dig deeper with anyone on this group who has the deeper 
  questions on how things work and are built.
<kerri_lemoie> Last question @xander please
Xander_-_ASU/Pocketw: Well I hope my hope thank you I hope my 
  last question is not too technical but I mean we'll see so if 
  you're using HTTP a IPS which it looks like you are how are you 
  handling authentication between parties and I'm kind of 
  interested in this in two ways you know like if I'm going to 
  issue a credential to a wallet how do I verify that the wallet 
  holder is who I think they are and vice versa you know is it how 
  is the identity of the.
Xander_-_ASU/Pocketw:  who or the verifier like.
<kerri_lemoie> We have one more after this one.
Xander_-_ASU/Pocketw: Of all again all these communications are 
  HTP is it just like various flavors of Olaf.
Moshe_Tzvi_Wieder: So it's a good question so actually it's a 
  layer above that right you're thinking sort of on the on the 
  technical protocol side but actually the answer to your question 
  as far as how do I know that the person is who they say they are 
  is because is because of the identity credentials that they own 
  in their wallet right and.
Xander_-_ASU/Pocketw: Oh no so like what I mean more specifically 
  is like let's say you wanted to issue something to me or you 
  issuing it by like my email like I know that you know they're you 
  know that I'm your employee I have this particular email identity 
  already like how do I reach out to this particular wallet to 
  offer them credential is it like you see them saying like how is 
  that wallet addressed.
Moshe_Tzvi_Wieder: So there's so there's I think there's two 
  layers your question I'll try to address both of them and if I 
  still missed it and then let me know and we'll will recalibrate 
  so the first is how how am I as an employer or an issue or how do 
  I determine you know that this person actually is who they say 
  they are and therefore they're the right person for me to be 
  giving the credential to and so that's what I was.
Moshe_Tzvi_Wieder:  is what I was.
Keith Kowal: 
  https://www.velocitynetwork.foundation/main/developers-guide-authentication
Moshe_Tzvi_Wieder: Which is and this was designed to map current 
  business processes right so imagine right now if a graduate of 
  University calls up the registrar's office and says they need a 
  copy of their transcript so what is that registrar's office 
  currently requiring in order to you know validate that that 
  person is who they say they are and therefore provide them that 
  information and it's different right depends on each institution 
  decides for itself right what information it's going to require 
  in order to make that happen.
Moshe_Tzvi_Wieder:  and so too the same thing as here right when 
  you are an issuer you decide.
Moshe_Tzvi_Wieder: What disclosures you require in order to issue 
  it could be that if it's the credential that reissuing is simply 
  a participation you know that badge that hey we were all in this 
  one hour session together then you know maybe it's good enough 
  that I just you know that we match on the email address but if 
  I'm giving somebody there their medical license right II you know 
  probably want you know four different pieces of information and 
  your copy their drivers license and who knows why.
Moshe_Tzvi_Wieder:  I don't sew.
Moshe_Tzvi_Wieder: Define when you're an issuer in you define the 
  protocols the the credit the disclosures excuse me that you're 
  going to require in order to determine that this is a person it's 
  in your hands to make that decision and you know again it's 
  usually just going to map whatever your current business 
  processes for non digital credential that you're issuing you 
  would just translate that over to digital side.
Moshe_Tzvi_Wieder:  I'd the.
Moshe_Tzvi_Wieder: Piece of your question is okay that's great 
  but how do I you know how do I make that connection right how do 
  I let you individual know that I may have a credential for them 
  and so to facilitate that we've got we generate either a link or 
  a QR code that you can send via email whatever method you know 
  whatever methodology you want to to to the individuals emails as 
  what we most commonly see where people just.
Moshe_Tzvi_Wieder:  I'll drop those q r.
Moshe_Tzvi_Wieder: Um in a mail merge to email them and then 
  someone will receive an email saying hey you know you've got 
  credential that digital credential you can claim you can claim 
  your diploma now and then when they scan that QR code it will 
  open up in our app the ability to then create the peer-to-peer 
  connection with the issuing institution provide you information 
  that's required and get the credential.
Xander_-_ASU/Pocketw: Gotcha thank you so much.
Kerri Lemoie:  I think you I'm sorry we are gone over time here 
  so we have to call this a.
Naomi: Thank you and we are we yes I actually carry I was right 
  with you I know we're out of time so I this is our final slide 
  and I can I mean I've shared the deck in the chat I've also given 
  my email the chat if anyone has any questions that we were not 
  able to answer today carry is there anything else you want us to 
  do before we wrap up.
<cel> thanks!
Kerri Lemoie:  Nope no that is great we will publish these 
  minutes and have folks these will show up for the mailing list 
  feel free to reach out to Naomi if she said thank you very much 
  for coming here today telling us about the lastly we appreciate 
  it.
Naomi: Thank you for having us ivory.
<sharon_leu> thanks!
Kerri Lemoie:  Thank you have a good week everybody thank you.

Received on Friday, 14 October 2022 18:37:12 UTC