- From: CCG Minutes Bot <minutes@w3c-ccg.org>
- Date: Tue, 27 Sep 2022 21:44:25 +0000
Thanks to Our Robot Overlords and Our Robot Overlords for scribing this week! The transcript for the call is now available here: https://w3c-ccg.github.io/meetings/2022-08-22-vc-education/ Full text of the discussion follows for W3C archival purposes. Audio of the meeting is available at the following location: https://w3c-ccg.github.io/meetings/2022-08-22-vc-education/audio.ogg ---------------------------------------------------------------- education\ Transcript for 2022-08-22 Agenda: https://lists.w3.org/Archives/Public/public-vc-edu/2022Aug/0007.html\ Topics: 1. IP Note\ 2. Call Notes\ 3. Introductions and Reintroductions\ 4. Announcements and Reminders\ 5. DID:EBSI v2\ Organizer: Scribe: Our Robot Overlords and Our Robot Overlords Present: Simone Ravaoli, Deb Everhart, Dmitri Zagidulin, John Kuo, Andy Griebel, Irene Hernandez, Fiona, Razvan Braghesiu (Lightpass), xander - ASU/Pocket, Rebecca Busacca, Territorium, Jacob W, JennGreene, TimG, Marty Reed, Jeff O - HumanOS, JoAdel, Jim Kelly, Kayode Ezike, Eric Shepherd, Akshar Patel, Stuart Freeman, Janko, Markus Sabadello, Keith Hackett, Tim Bouma, Phil L (P1), James Chartrand, Nate Otto, Azeem., David Ward, Ryan Grant, Tayken (LEF), Mahesh Balan - pocketcred.com, Chandi Cumaranatunge, TallTed // Ted Thibodeau (he/him) (OpenLinkSw.com), Jonathan Bethune, Sandro Cacciamani, Jim Goodell, Kaliya Young, Timothy Summers <deb_everhart_(credential_engine)> hi Simone!\ <deb_everhart_(credential_engine)> Hi Dmitri!\ <simone_ravaioli_(vc_edu)> Hello Deb ! Hello everyone... let's wait a few mins for people to join\ Our Robot Overlords are scribing. Eric_Shepherd: So I just went off mute Simone.\ Eric_Shepherd: Can you hear me okay.\ <phil_l_(p1)> We hear you\ Topic: IP Note\ <simone_ravaioli_(vc_edu)> Anyone can participate in these calls. However, all substantive contributors to any CCG Work Items must be members of the CCG with full IPR agreements signed. https://www.w3.org/community/credentials/join . Ensure you have a W3 account: https://www.w3.org/accounts/request -- b. W3C COMMUNITY CONTRIBUTOR LICENSE AGREEMENT (CLA): https://www.w3.org/community/about/agreements/cla/ \ Topic: Call Notes\ <simone_ravaioli_(vc_edu)> a. These minutes and an audio recording of everything said on this call are archived at https://w3c-ccg.github.io/meetings/ -- b. We use chat/IRC to queue speakers during the call as well as to take minutes. http://irc.w3.org/?channels=ccg or http://irc.w3.org:6665/#ccg or the Jitsi text chat. -- c. In chat/IRC type \'93q+\'94 to add yourself to the queue, with an optional reminder, e.g., \'93q+ to mention something\'94. The \'93to\'94 is required. More IRC commands here: https://w3c-ccg.github.io/irc_ref.html -- d. If you\'92re not on chat/IRC, simply ask to be put on the queue. -- e. Please be brief so the rest of the queue get a chance to chime in. You can always q+ again.\ Topic: Introductions and Reintroductions\ Topic: Announcements and Reminders\ Eric_Shepherd: Okay thanks Phil I wasn't sure the first time on this platform we're about spoken I did attend last week as far as announcements go I thought it might be useful to know that we're setting up something we call the C3 initiative which is a site is aligned with the T3 initiative but it's focused on bringing together communities of confidence so those interested in comparing two definitions and competency Frameworks this will be a monthly call starting in.\ <phil_l_(p1)> Ok to cross post that info Eric\ <eric_shepherd> C3 - Connecting Competence Communities https://www.linkedin.com/groups/13926066/\ Topic: DID:EBSI v2\ <simone_ravaioli_(vc_edu)> About VUI - https://gataca.io/blog/the-verifier-universal-interface-vui-releases-its-first-official-draft-to-achieve-interoperability-between-id-wallets-and-verifier-components\ <simone_ravaioli_(vc_edu)> This post - https://gataca.io/blog/ebsi-did-v2-a-test-to-ssi-usability-and-its-use-of-blockchain-technology\ <manu> Simone -- select "Start Closed Captions" to get the Transcriber back into the meeting.\ Our Robot Overlords are scribing. <manu> or "Start CC" in your admin menu. Transcriber left the meeting because you left the meeting. You have to invite it back in if you want it to continue transcribing.\ <manu> There we go.\ <simone_ravaioli_(vc_edu)> thx Manu !\ Irene_Hernandez_(GATACA): The EPS later and these the ID registry would contain the IDS for both natural persons and legal persons but has been for a car last couple of years ongoing discussions within the European commission and with experts from DPR from within and outside the European commission meaning also from member states on whether daes where personal information or not for the sake of GDP are.\ Irene_Hernandez_(GATACA): compliance and there were.\ Irene_Hernandez_(GATACA): Very hot discussions and the last conclusion was yes the ID is a personal data because it is a seldom name of that person's identity and it can be related back to that specific natural person and that conclusion was very important because that meant that we could not store the IDS on the absolute nature why because you PR makes it very clear.\ Irene_Hernandez_(GATACA): clear there are very specific rules.\ Irene_Hernandez_(GATACA): The most familiar one is the right to be forgotten that obviously a blockchain that your dad's not allowed to and therefore if you cannot erase information from a blockchain you cannot publish things that you cannot erase personal data among that and if the ID is considered a personal data it cannot be stored on a black teenager that was the main conclusion so FC started working.\ Irene_Hernandez_(GATACA): Spot on a new version of the IDS for for natural persons which resulted in this V2 method and so they preserve the 144 legal persons it is okay and there are going to steal record dids at the ID documents for legal persons in the app select your as you can see here in this table and V2 is mainly intended for.\ Irene_Hernandez_(GATACA): all persons so.\ Irene_Hernandez_(GATACA): He's and AE documents will be from now on generated and stored solely in the world not on not recorded on the absolute edger the way it works is basically let me switch to this Slide the way it works is that in b 1 you have the the daad scheme obviously the ID method is AB c-- and then you had a random identifier here in V2 which is the blow the the second.\ Irene_Hernandez_(GATACA): line here that that third.\ Irene_Hernandez_(GATACA): Part it is where they encode the public key Associated to that specific d i d so it basically in in the same D ID you can encode the the IDS public key so you only need to share that Eid for a verifier to then extract what the associated public key is and this is how they overcame the problem that okay and how do we distribute public Keys Associated to the.\ Irene_Hernandez_(GATACA): IDS if they're not stored on the blockchain that.\ Irene_Hernandez_(GATACA): And so if you look now I okay what's the process now in V1 and for legal persons it's still the same and Israel would record it's the idea on the app selector and a verifier would go to the absolute liar to obtain the associated the ID document to get the public key and then verify the signature on that specific verifiable credential whereas.\ Irene_Hernandez_(GATACA): Specific credential let me go back here now specifically then should you have the idea of the issuer but you also have the idea of the holder so for the issuer that verifier would go to the absolute error but not for the holder for the holder it would gasp the do use the public key out of the same the ID so if we go to how this would work for natural persons that Israel would issue the very first production to the whole layer and then the Hogan would say.\ Irene_Hernandez_(GATACA): share that same very fiber presentation that includes.\ Irene_Hernandez_(GATACA): Each of the holder and the verifier simply extracts the the DAV key the public key out of the deity to verify the hollers signature.\ Irene_Hernandez_(GATACA): Okay so that's the how it works so to speak let me now move to what does this really mean for everyone it's just an important change a minor change what what should we do for companies for instance at Gattaca we are blocked in agnostic we integrate with any trust framework so that means that any change in those trust Frameworks imply a change in our technology same goes for.\ Irene_Hernandez_(GATACA): Or any other technology.\ <markus_sabadello> Example resolution of EBSI v1 DID: https://dev.uniresolver.io/#did:ebsi:zk4bhCepWSYp9RhZkRPiwUL\ Irene_Hernandez_(GATACA): At once to integrate with the apps you later and what are the main the Imp really the impact on changing to a method that does not store they disowned the block to measure well to start the let me start with the arguments that were in favor of proposing these beat you obviously if according to the epr the IDS are considered personal information there is.\ Irene_Hernandez_(GATACA): is no other way to go.\ Irene_Hernandez_(GATACA): We cannot store that on the Block to nature but also there were all their arguments along V 2 is better than be one for natural persons and these that in the end you know the majority of deities are public including AB c-- that can be read publicly and somehow storing anything really anything related or tied to a holders identity somehow risks such as.\ Irene_Hernandez_(GATACA): visee more than security but definitely.\ Irene_Hernandez_(GATACA): I see because in the end you never know what will happen in the future what that the ID will mean and having that stored forever in the blockchain public Ledger Daphne risks of future use cases were that Prime that privacy can be compromised and the last argument was okay a person lives sorry the IDS or any records on a Blog team that you're is.\ Irene_Hernandez_(GATACA): supposed to last forever.\ Irene_Hernandez_(GATACA): Because it's immutable indestructible Etc but a person that's not and a person person is not Eternal but even if the person is not Eternal and identity can even have a shorter life span than the person itself so why storing things on the letter that could be used at a later stage by a malicious hacker to obtain access to that lost or inaccessible.\ Irene_Hernandez_(GATACA): double identity.\ Irene_Hernandez_(GATACA): Jessica Mead identity fraud it's like okay has a red cord or the identity of a person that passed away and now as a hacker I can take advantage of that identity that somehow still lives to then commit identity fraud so those all of those were high level arguments in favor of me too but there are some inconvenient truths as a someone always says.\ Irene_Hernandez_(GATACA): in which you to me the.\ Irene_Hernandez_(GATACA): First one is that having one single key Associated to the the ID has two major limitations one is key rotation what if my didd my private key is compromised for whatever reason my private the ID is compromised now the only thing I can do if my public key is embedded in my vad is to change DID/\ if I change my D ID.\ Irene_Hernandez_(GATACA): that implies that all the.\ Irene_Hernandez_(GATACA): Issued to the original the ID are no longer valid so I need to reissue all the credentials that were associated to that compromised the ID and that's really one of the major disadvantages of having the public key and bapt or encoded in the daad itself now the second limitation and it's not small in my opinion is that now we only have one public key or one key pair better set as you see D to that day.\ Irene_Hernandez_(GATACA): Eid but there are multiple views.\ Irene_Hernandez_(GATACA): Where well the ID documents are prepared to associate multiple key pairs to a specific D ID so I would have in my id id document 34 different public peace and I would store obviously in my wallet Associated private keys but I could have one different public key Associated or keep are associated to a specific use case 1,000 dictation or even different.\ Irene_Hernandez_(GATACA): current key pairs the.\ Irene_Hernandez_(GATACA): Ending on the technology that crop that cryptographic protocols that are allowed by a verifier so there are multiple use cases and interest in having multiple Keepers Associated to at the ID that is really not easy to implement in V2 where the public is encoded in the in the same the ID so that will limit a lot of different use cases in the future and that seems far.\ Irene_Hernandez_(GATACA): In current SSI Market maturity I think that will be very detrimental in the future and of course many people argue that these are not really personal information the random identifiers and like any random identifiers like what makes really and identities not that the idea itself but verify your credentials that associate the the idea with the natural person but that's that discussion is is out of scope.\ Irene_Hernandez_(GATACA): and that the ultimate decision is by there.\ Irene_Hernandez_(GATACA): And I'm whether the IDS are are considered so then I mean your personal information or not so that's the current situation I wanted yes to provide an overview if you want we have a brief blog post where we try to express all of these arguments in favor and against the ADV to but most importantly explaining what we do is and how to implement that.\ Irene_Hernandez_(GATACA): so now I will be.\ Irene_Hernandez_(GATACA): I'm going to.\ Irene_Hernandez_(GATACA): Since I was not looking at the chat happy to initiate the discussion.\ <phil_l_(p1)> Q\ Dmitri Zagidulin: Thanks yep thank you thank you Danny for for presenting this is really interesting my name question is so when introducing.\ Dmitri Zagidulin: V-22 developers what are some what are some reasons that a developer should use EDTV to as opposed to did:key\ since they played such similar roles.\ Irene_Hernandez_(GATACA): Well that all depends on how you want to use the app framework and integration you have with AB c-- so for specific use cases the ab c-- method specifically when willing to store or to deal with the the whole as AB c-- trust framework the ab c-- D ID is required but if you go out of school for FC you definitely can use the ID key.\ Irene_Hernandez_(GATACA): Weeds yes it's very.\ Irene_Hernandez_(GATACA): Or let's say that the ID f-- C V2 was built based on the adk they're very similar but it all it all depends on the developers willingness to integrate into the FC Network.\ Dmitri Zagidulin: Thank you and if I may oh no Marcus next you go ahead.\ Markus Sabadello: Thank you my question is almost the same as Dimitri's when I looked at type c V2 I also thought isn't that similar to something like ti-tiki my understanding is that one difference is that the fcv to Deeds are not just the public Keys as it is indeed key but it's actually a hashed public key so my question is is that is that correct and and does if it's correct I think it.\ Markus Sabadello: You can only resolve.\ Markus Sabadello: Did if you already know additional information which is the the public key so the question is just is that correct and until you have some additional thoughts on why they chose to design it that way.\ Irene_Hernandez_(GATACA): So what map to my knowledge let me present this again for send this.\ <phil_l_(p1)> No slide visible here.\ Irene_Hernandez_(GATACA): Okay this is how they defined video and yes just speak your question to my knowledge and I might be wrong or definitely the European commission support team will be best to answer some of the questions but to my knowledge they definitely based V2 on the ID key spec so it's an evolution.\ Irene_Hernandez_(GATACA): If you want from.\ <markus_sabadello> Right, it's a public key HASH rather than simply a public key.\ Irene_Hernandez_(GATACA): E and what they do is to encode the public key like you're seeing here like a jwk some point which is how they encode the public key into the this identifier the method specific identifiers but it also has some some bites and let me actually share this with some might even more interesting to you.\ Irene_Hernandez_(GATACA): Okay sure here there you go here so the definitely the size of these random identify or the identifier that follows the daily method is different for legal persons or V1 than for natural persons with u and v 2 what they do is to put that yeah as I was saying the jwk some print from the public key into that identifier so you have a few examples here on how idid would look like.\ Irene_Hernandez_(GATACA): like for a natural person.\ Irene_Hernandez_(GATACA): Which is the yellow jwk thumbprint as you can see here and this is what is encoded in the in the vad itself.\ Irene_Hernandez_(GATACA): Um so that's one on how the IDS are made that wasn't the main decision from the European Commission on how to implement this but these only as I was saying this only enables one single key to be encoded into the d i d natural Marcos if I'm and I'm answering while your question or if you have a follow-up question.\ Irene_Hernandez_(GATACA): Not that's that's right that's right yes.\ Markus Sabadello: No I'm sorry I know I think you'll confirmed it right so it's it's a thumbprint of a public key and not just the public itself that that's the difference where to something like that key thank you.\ Phil_L_(P1): Yes can you hear me.\ Phil_L_(P1): Very good I just wanted to confirm you mentioned the problem of key rotation and the consequence thereof is there can you it sounds like this is something that is just has remained on addressed in a practical way and I'm wondering if there's any further discussion about the requirements that would need to be done to make key rotation functionally work for them.\ Irene_Hernandez_(GATACA): Okay not on the public side those conversations have happened the the main gas to again describe what the problem here is with key rotation so when when we have the D ID document stored on the app select your there are many ways to implement key rotation mechanisms that means to update that the ID document on the blockchain.\ <dmitri_zagidulin> does anybody have a link to the ebsi v2 spec handy?\ Irene_Hernandez_(GATACA): Have a time-stamped record of past the ID documents so that even if say a private Keys compromise you can steal for auditing purposes proof that a specific credential was issue there was valid at a specific point in time because there is a historical record of the public Keys Associated to your Dae and that's very easy to implement when you have the block to you later and it's the.\ Irene_Hernandez_(GATACA): Your rotation mechanisms can be implemented in a super user-friendly way in a way that even the user does not even realize because you can automate that in the wallet like every and every day please rotate my keys and that can happen without holders Intervention which is very important for user experience to add this layer of security Without Really impacting negatively on user.\ Irene_Hernandez_(GATACA): Zur on disability.\ Irene_Hernandez_(GATACA): If we move to reach you version where the data is encoded in the the and yet the idea itself another sir problem because okay my kids are compromised and I've already shared my or I already have my wallet say one academic diploma Associated to my vad but hopes the private key Associated to that the ID is compromised I should change it what I should really change is the keep are associated to that the ID but.\ Irene_Hernandez_(GATACA): but because the the key pair is.\ Irene_Hernandez_(GATACA): I've door encoded in the DNA itself if I change the public key that will change my D ID and if I change my ID I need to ask again the issuer to reissue my credential to that new the ID and that is really not useful from the users perspective if my keys are compromised I definitely need to go all over again to all these words and start downloading again all of these credentials and repopulate my.\ Irene_Hernandez_(GATACA): wallet that is not user friendly.\ Irene_Hernandez_(GATACA): That is really not and how do you provide with these kid rotation mechanisms really if those dids embed the the public itself so it's kind of losing some extra security that really doesn't make sense I've not heard about discussions in these line like what do we do with pure rotation I've not heard them yet but I'm sure that's something that is in mind that your.\ Irene_Hernandez_(GATACA): young commission and how to solve that.\ Irene_Hernandez_(GATACA): Probably they're thinking about making compromises the reality is that if you want to implement a society in a specific jurisdiction like Europe you need to abide to the regulation in that jurisdiction if you want to have legal validity to those credentials you need to comply and and there are some compromises that we need to make not just sure if we choose.\ Irene_Hernandez_(GATACA): Tradition or the right compromise to make.\ <phil_l_(p1)> That's what I thought you had mentioned - and you've confirmed it's an unresolved problem if you want to comply with the EBSI rules.\ https://ec.europa.eu/digital-building-blocks/wikis/display/EBSIDOC/EBSI+DID+Method\ Dmitri Zagidulin: I got so two questions does anybody have a link to the V-22 specification handy you could paste it in the chat and my main question is I think innate is.\ Dmitri Zagidulin: Do you have an example of what the did document looks like that the V2 would resolve.\ Dmitri Zagidulin: And is the dino if the intention is to make use of the service endpoint feature the documents or is this just for the public key.\ Irene_Hernandez_(GATACA): Sorry I missed the last question I definitely have an Excel in the same link that Nate added you can have examples of how that the ID document looks like for natural persons yes remember that the European commission always use the acronym and P4 natural person so look yeah look for that in the document.\ Dmitri Zagidulin: So my question is about service endpoints right so the ended its back what did the two things public keys and service endpoints and so my question is is there an intention to use.\ Dmitri Zagidulin: He did V2 to specify service endpoints or is it just for public key.\ Irene_Hernandez_(GATACA): To my knowledge cities just for public use.\ Markus Sabadello: Just one more question it feels like this new V2 did method doesn't have much to do with that Epsilon lighter and could also be useful outside of the FC ecosystem would you agree with that pigment perhaps do you think it could have made sense to give that V2 did method a new name so maybe call the V1 method heh.\ Markus Sabadello: You can call the veto.\ Markus Sabadello: I'm watching Eric Maybe.\ Irene_Hernandez_(GATACA): I would definitely agree that because the this method will not be stored on the absolute jury can be used outside of the FC scope or the I don't think the apps you want to have a global AB c-- or to maintain and non-arab see method I think they're their scope is very specific and it is to implement the IDS for natural persons in Europe.\ Irene_Hernandez_(GATACA): And therefore the.\ Irene_Hernandez_(GATACA): Methyl still be named the ADF see but that's not mean that kind of be used outside of Europe like any other the ID method the it the the ID methods back can be published also even in the w3c registration of the ad methods and can be used externally like why not there's nothing technically at least speaking that can avoid that question.\ Irene_Hernandez_(GATACA): is do we want.\ Irene_Hernandez_(GATACA): The div FC or let's say let's rephrase it the will want to use the IDS issued according to the idea of TV to Method outside of Europe or do we want to take advantage of these new div method definition to define a generic the ID method definition that could be implemented somewhere else it's different for the first the first approach is the way we want to.\ Irene_Hernandez_(GATACA): to leverage I.\ Irene_Hernandez_(GATACA): And identities to be used outside of European Scopes and the answer is yes of course now that we want to take advantage of all the work that I've seen is doing to implement blockchain agnostic or not non-block to relate edid methods that's also something that can be discussed with the European commission information is public I don't see any limitation in in building a generate the ID based on what I've seen is doing.\ Irene_Hernandez_(GATACA): Nightmare um now that doesn't that's a good point C mon so we've been working with a couple of use cases in Europe one is the issuance of student IDs and to verify the student IDs to for authentication purposes to provide the student with some University resource access to the student portal whatsoever and that was you know a normal experience the student.\ Irene_Hernandez_(GATACA): These Kima was sort that.\ Irene_Hernandez_(GATACA): Easy to implement in wallets but then we came across these other use case that I was talking about earlier on with Paulo band and Luna Rabe and with what they wanted to do is to have an exchange student so one student from one University moving out temporarily for one semester to another University in another country in Europe and being able to continue their studies in that destination University.\ Irene_Hernandez_(GATACA): for at least six months and then come back.\ Irene_Hernandez_(GATACA): Adversity with a few more subjects approved by the destination University and that implied in real life that's possible but it's an administrative nightmare in the sense that in the home University you need to get your transcript of Records present them to the destination University to demonstrate to prove what signatures you've already done and then too.\ Irene_Hernandez_(GATACA): to tell them with signature you want.\ Irene_Hernandez_(GATACA): All you you have those courses in the destination country and then when you go back you need to get the same transcript of records for those new classes from the destination University and present them into the home University so that your end-to-end transcript of Records is complete and because you know it's University manages their own data model.\ Irene_Hernandez_(GATACA): as for transcript of Records.\ Irene_Hernandez_(GATACA): Is very difficult in real life so they thought okay this is a super nice use case because with very fertile credentials is yes the mayor of downloading these transcript of Records nicely and in one click into my wallet and presenting that verifier credential to these verifier which is the destination University and likewise in the destination University they will be able to give me these transcript of record one of these new signatures and present them very easily to my home.\ Irene_Hernandez_(GATACA): University Now problem was okay.\ Irene_Hernandez_(GATACA): How does a transcript of record look like and it ended up to be a very complex Json file that was almost impossible to represent in a wallet in a nicely way so we executed the whole pilot by introducing what we call complex credentials in the wallet and at the beginning complex credentials where shown literally by showing the Json file which is definitely not.\ Irene_Hernandez_(GATACA): now what I wanted to show a holler.\ Irene_Hernandez_(GATACA): But it got us going in at least to implement the pilot between these two universities but promise okay transcript of record is just an example how do we represent complex credentials in the wallet and that comes to the fact that it's not only important at data model when defining a schema it's also very important to take into account that that data model needs to be.\ Irene_Hernandez_(GATACA): Did you know what it and then is when it comes to okay let's define a set of default values that can be presented that layer 1 and and how different wallets represent this situation files like let's embed in those cameras some hints so that wallets can nicely represent in a generic way any type of complex credential what is definitely not scalable.\ Irene_Hernandez_(GATACA): is too.\ Irene_Hernandez_(GATACA): Fine I represent patreon or our way to represent our very specific type of credential because that would imply that any time a new schema appears into the schema catalog and you wanted version would need to be deployed and holders would need to update their wallets all the time to make sure the credentials are seeing correctly so that's not usable that's not really another way to go so the problem here.\ Irene_Hernandez_(GATACA): our our Challenge and we don't have.\ Irene_Hernandez_(GATACA): Sorry yet but the challenge is how do you define or including those data model definitions these hints for what providers on how to present them so far we have an approach that generic approach for complex credentials but it's not what we believe should be the final version.\ Dmitri Zagidulin: Yeah we're definitely looking at.\ Dmitri Zagidulin: We're definitely looking at transcripts and diplomas both.\ Dmitri Zagidulin: Thank you so we're just looking okay so this is e-learning credential wallet are the first iteration of it has been looking at very simple credentials what I think it's being called micro credentials in the industry so student ID completion of a single course that sort of thing.\ Dmitri Zagidulin: We have on our roadmap to implement complex credentials like like transcripts but don't have experience with it yet so we're looking to to Europe to to AB c-- for the transfer of data model for guidance.\ Nate_Otto_(he/him): Sure I could comment on just sort of the analogy here CL are very much like open badges is just kind of like a bucket for a bunch of open Badges and so it's one more onion layer of verifiable credentials inside another verifiable credential and what that means for how the ecosystem builds out support for it is that any piece of software that wants to do something with the actual meaning of the data inside the complex CLR.\ Nate_Otto_(he/him): they need to have.\ Nate_Otto_(he/him): Special support for that schema in the software otherwise it's treated much like we saw the complex credentials in the pilot phase wallet you just can display the Json but it's not very meaningful for the users and so it will kind of remain to be seen which wallets will invest in supporting this additional schema and that will probably depend on how much verifier support there is we're all building the.\ Nate_Otto_(he/him): the ecosystem together.\ Nate_Otto_(he/him): You know with driving building the car as we're driving it and whenever we add a layer of complexity like that nesting that happens in CLR it's an extra may be an order of magnitude of complexity for wallet implementers and verifiers to make sure that not only do they support the basic verifiable credentials features but they also support the nesting of credentials within credentials and that's similar to the MCV to.\ Nate_Otto_(he/him): did here where you can't actually.\ Nate_Otto_(he/him): All of the Dead back to a did document itself because you can't go from a thumbprint to the key so in order to support credentials issued to these dids the ecosystem is going to and have to include wallets that have specific support for the sharing of the did documents in the presentation along with the issued credentials another example of how we roll up another layer of complexity into our.\ Marty Reed: Well I you know agree with what made coming in on and one thing I just think is important is the CLR has a concept of associations where the VCS within the CLR BC can be related and you can identify those relationships so I point to folks like territory mmm.\ Marty Reed: We could work as far as how those relationships occur and national student Clearinghouse also has that Concept in their industry credential as well so there are some there are some demonstrable use cases out there for in the case of territory mm as well as the North Dakota transcript in production that are actively using Concepts like associations.\ Marty Reed: I do think that the FC work is.\ Marty Reed: Really far along and there should be some cheering between where CLR has come to at this point and and where the kind of the global transcript work is that really we discussed and had a special work group with it and within this VC edu or group called complex credentials and maybe it's time to resurrect that subgroup.\ Irene_Hernandez_(GATACA): Very quickly I just wanted to mention that perhaps a good approach would be to have a default mode for anyone at provider to be able to represent complex credentials not just related to specific crl for instance type of credentials but any type of God complex credential to always relate to our default mode and then let wallet invest more or less time on building specific look and feel sore.\ Irene_Hernandez_(GATACA): Ways of representing specific.\ Irene_Hernandez_(GATACA): To get into on each if they want but at least to be able to enable that default mode so that interoperability really happened some we don't implicitly kind of add vendor lock-in situations yes because of all its kind of represented correctly a specific credential.\ <phil_l_(p1)> 1Edtech nee IMSGLOBAL.\ Irene_Hernandez_(GATACA): I can't answer that question I'm not sure really we had got that guy we knew about this pact with not been working on it I would say that currently the da DB schema catalog at Pepsi is is in development face so I wouldn't say that they have already a mature schema catalog where they can start thinking about how they're gonna include.\ Irene_Hernandez_(GATACA): That but that's my personal opinion.\ <phil_l_(p1)> The CLRv2 is not public yet and that's the version that is VC compatible.\ <nate_otto_(he/him)> Yes, probably-november\ Marty Reed: I believe so I'm not 100% on that right now it's just in its in the security review phase before the candidate final but that that candidate final is imminent.\ Marty Reed: In the next you know couple of months here so.\ <phil_l_(p1)> Colin's security review seemed to reveal very little in terms of issues.\ <nate_otto_(he/him)> (Actually, I think Marty is right. CLR v2.0 Candidate Final Public should be released after security review... maybe weeks not months)\ Irene_Hernandez_(GATACA): Thank you so much thank you.\
Received on Tuesday, 27 September 2022 21:44:25 UTC