[MINUTES] W3C CCG {\rtf1\ansi\ansicpg1252\cocoartf2639 Call - 2022-09-26

Thanks to Our Robot Overlords and Our Robot Overlords for scribing this week!

The transcript for the call is now available here:

https://w3c-ccg.github.io/meetings/2022-09-26-vc-education/

Full text of the discussion follows for W3C archival purposes.
Audio of the meeting is available at the following location:

https://w3c-ccg.github.io/meetings/2022-09-26-vc-education/audio.ogg

----------------------------------------------------------------
education\ Transcript for 2022-09-26

Agenda:
  https://lists.w3.org/Archives/Public/public-vc-edu/2022Sep/0009.html\
Topics:
  1. IP Note\
  2. Call Notes \
  3. EBSI Issuer Trust Model\
Organizer:
  
Scribe:
  Our Robot Overlords and Our Robot Overlords
Present:
  Simone Ravaoli, Stuart Freeman, Andy Griebel, Deepak Kulkarni, 
  Jeff O - HumanOS, Akshar Patel, Xander, John Kuo, Brandon 
  Muramatsu DCC/MIT, Razvan B. (Lightpass), David Ward, Keith 
  Kowal, Joao Rodrigues Frade, Phil Barker, Kerri Lemoie, Deb 
  Everhart, Jim Kelly, Joe Kaplan, Colin, Learning Economy, Chandi 
  Cumaranatunge, Alen Horvat, European Commission - EBSI - Maxine 
  Lemm, Sheryl, Allyson Parco, James Chartrand, Mike Peck, Kaliya 
  Young, Naomi, Janko, xander - ASU/Pocketw, David Chadwick, Tayken 
  (LEF), Razvan B. M, Lucy Yang, Sharon Leu, Razvan Braghesiu, Jim 
  Goodell, Nate Otto, Razvan B., Kayode Ezike, Tim Bouma

<simone_ravaioli_(vc_edu)> Hello everyone - will get started in a 
  minute\
Our Robot Overlords are scribing.
<kerri_lemoie> Hello all\
Our Robot Overlords are scribing.
Kerri Lemoie:  A little tweak thank you.\

Topic: IP Note\

<simone_ravaioli_(vc_edu)> Anyone can participate in these calls. 
  However, all substantive contributors to any CCG Work Items must 
  be members of the CCG with full IPR agreements signed. 
  https://www.w3.org/community/credentials/join\

Topic: Call Notes \

<simone_ravaioli_(vc_edu)> a. These minutes and an audio 
  recording of everything said on this call are archived at 
  https://w3c-ccg.github.io/meetings/\
<simone_ravaioli_(vc_edu)> b. We use chat/IRC to queue speakers 
  during the call as well as to take minutes. 
  http://irc.w3.org/?channels=ccg or http://irc.w3.org:6665/#ccg or 
  the Jitsi text chat.\
<simone_ravaioli_(vc_edu)> In chat/IRC type \'93q+\'94 to add 
  yourself to the queue, with an optional reminder, e.g., \'93q+ to 
  mention something\'94. The \'93to\'94 is required. More IRC 
  commands here: https://w3c-ccg.github.io/irc_ref.html\
<simone_ravaioli_(vc_edu)> If you\'92re not on chat/IRC, simply 
  ask to be put on the queue. Please be brief so the rest of the 
  queue get a chance to chime in. You can always q+ again.\

Topic: EBSI Issuer Trust Model\

Joao_Rodrigues_Frade: Thank you so we have a third member of the 
  team and that is Alan go ahead on a brief introduction I will try 
  to share my presentation here while you are introducing yourself 
  go ahead.\
Alen Horvat:  I'm Helen I mean some of you know me from the 
  forking group but lead architect a TBS I and I will present some 
  of the technical details of are you sure trust model and show you 
  some examples.\
Joao_Rodrigues_Frade: Okey-dokey so without further delay I 
  cannot really share a window for some reason I really cannot 
  understand guys so I will share my screen and I'll maybe like 
  this it will work because we typically use teams and I don't know 
  exactly what system is this what do you see my screen.\
Joao_Rodrigues_Frade: Yes it's not in presentation mode right I 
  got it.\
Joao_Rodrigues_Frade: I will go knowing presentation mode and I 
  will wind down here the presentation quickly so to give you a bit 
  of context and the three of us will come from the director 
  general for informatics in the European commission so we are 
  actually doing the work of implementing the first pan-european 
  blockchain in Europe which will be driven by the member states so 
  even.\
Joao_Rodrigues_Frade:  though the technology that is.\
<razvan_b._(lightpass)> Unfortunately I can\'92t hear anyone. Is 
  it me or does anyone else experience this issue?\
Joao_Rodrigues_Frade: Is quite known to all of you it's Italy a 
  oh the the governance structure is based on the member states 
  maybe Maxine do you want to explain a bit about the EPP.\
https://ec.europa.eu/cefdigital/wiki/display/CEFDIGITAL/EBSI\
European_Commission_-_EBSI_-_Maxine_Lemm: Of course so can I get 
  this working again am I here I am here fantastic okay so you do 
  European commission is a complex animal is the European Union and 
  a BSI is no exception it is a collaborative project so it is a 
  project that is owned by European commission specifically by DG 
  connect those responsible for digital policy but it is co steered 
  by an alliance.\
European_Commission_-_EBSI_-_Maxine_Lemm:  is of European member 
  countries so.\
Alen Horvat: 
  https://ec.europa.eu/digital-building-blocks/wikis/display/EBSI/What+is+ebsi\
European_Commission_-_EBSI_-_Maxine_Lemm: The 27 European Union 
  member states plus Norway Liechtenstein and Ukraine as Observer 
  who form what is called European blockchain partnership and the 
  European blockchain partnership and the European commission are 
  responsible for the Strategic Direction and steering of the 
  European blockchain Services infrastructure and part of that is 
  the definition of all of the business capabilities that we want 
  to build using blockchain in order to fulfill Public Services.\
European_Commission_-_EBSI_-_Maxine_Lemm:  one of those use cases 
  is verifiable.\
Alen Horvat: https://api.preprod.ebsi.eu/docs\
European_Commission_-_EBSI_-_Maxine_Lemm: Charles as applied to 
  education and lifelong learning which is the primary focus of 
  what we're going to talk about today because that is the one for 
  which we have developed a quite sophisticated issuers trust model 
  last thing that is worth mentioning is that not only is the 
  steering of the strategy of EBS I decentralized but also the 
  actual node Network that forms the you know the.\
European_Commission_-_EBSI_-_Maxine_Lemm:  Lowell Ledger.\
European_Commission_-_EBSI_-_Maxine_Lemm: Is decentralized as 
  well so there are nodes hosted in all of those 29 countries 
  subset of them but across all of Europe and that's basically host 
  The Ledger and expose the apis are necessary in order to enable 
  actors to record things on Ledger or read from the ledger so 
  there we go.\
Joao_Rodrigues_Frade: In a nutshell we are working with all 
  member states the Block Chain itself will go live we hope still 
  this year has been a project long long project we have been 
  confronted with a lot of legal uncertainty and building a 
  blockchain from scratch is not for everyone but we are getting 
  there and so we hope to have a PSI.\
Joao_Rodrigues_Frade:  the European blockchains.\
Joao_Rodrigues_Frade: Fully online and fully available to 
  everyone to the public services that want to build on top of the 
  the blockchain by the end of the year for the moment we are in 
  pre-production so as I explained by Maxine we have a number of 
  services that are currently in the process of being built and we 
  are focusing mostly on the idea of verification with.\
Joao_Rodrigues_Frade:  verifiable credentials.\
Joao_Rodrigues_Frade: Um we have not only the diploma use case 
  but we also have social security and the identity use case the 
  identity use case is a bit Frozen for the moment but we are 
  mostly focusing on the mobility of workers with Social Security 
  and the mobility of students with diploma so in a nutshell we are 
  working on blockchain we are working on verifiable credentials.\
Joao_Rodrigues_Frade:  not only for.\
Joao_Rodrigues_Frade: But in general and we are also of course 
  using digital wallets to start this verifiable credentials the 
  wallets they are not built by BSI the wallets they come directly 
  from different providers in the market I don't know Maxine if you 
  want to say something about the engagement wallets are we leave 
  it for later.\
European_Commission_-_EBSI_-_Maxine_Lemm: Hurricane I can 
  compliment so our approach has been not to undercut the market 
  the rather to allow it to flourish and provide the services that 
  are needed for holders for issuers for verifiers to interact with 
  CBS eye and in order to ensure that they are able to connect our 
  apis and perform the services that are needed we've developed 
  conformance testing conformist it's a service that we run from.\
European_Commission_-_EBSI_-_Maxine_Lemm:  the European 
  commission that allows any.\
Alen Horvat: https://api.preprod.ebsi.eu/docs/wallet-conformance\
European_Commission_-_EBSI_-_Maxine_Lemm: Provider to test 
  whether their wallet is actually compatible with our 
  specifications for verifiable credentials and at the moment our 
  conformance testing has 15 conformant wallets confirmed we 
  launched it in the first quarter of this year and we are 
  constantly trying to unload obviously Recruit new can for my 
  wallets it is very much a work in progress we are still updating 
  our specifications as we go so we expect that there will be 
  additional features that.\
European_Commission_-_EBSI_-_Maxine_Lemm:  we be tested for 
  conformance in the future.\
Joao_Rodrigues_Frade: Exactly and the verifiable credentials 
  profile that we are working on we call it gbesi verifiable 
  credentials profile based or completely compatible or I'd say 
  it's just a profile of the w3c one so there is nothing special 
  there of course we have to create a profile because there's no 
  other way of using it and we will explain in more detail how we 
  are currently trying to.\
Joao_Rodrigues_Frade:  to apply these three Technologies.\
Joao_Rodrigues_Frade: To the mobility of students in Europe and 
  the context again is this large.\
<simone_ravaioli_(vc_edu)> Thx Alen for the links... keep it 
  coming  :slightly_smiling_face:\
Joao_Rodrigues_Frade: That you call European blockchain Services 
  infrastructure so keep this in mind when we move forward so this 
  is what this slide tries to explain we have not really a mandate 
  as European commission to transition to verifiable credentials 
  and this is a more like Innovation track that is running in 
  parallel to what the Asian para and AJ Iraq which are.\
Joao_Rodrigues_Frade:  policy teaches of the commission.\
Joao_Rodrigues_Frade: Already doing we are complimenting that 
  with an Innovative way to enable verification of diplomas which 
  can then be taken up or not but hopefully yes by the policy DG's 
  so in the European commission again you have different policy 
  DG's we come from digit the informatics TG we are really doing 
  the work here of putting these two to action and and making.\
Joao_Rodrigues_Frade:  network with the member states we.\
<simone_ravaioli_(vc_edu)> DG = Directorate General\
Joao_Rodrigues_Frade: Supported financially by the program of the 
  G connect and by the G connect itself that is more the brother DG 
  in terms of digital policy but then when it comes to education 
  there are two other DG's that are specifically working in this 
  field and they look at us as a Innovation track so there is no 
  commitment from the European commission to transition.\
Joao_Rodrigues_Frade: Diploma verification to w3c verifiable 
  credentials so don't get that idea after this presentation that 
  the European commission has committed itself together with the 
  member states to move fully to w3c verifiable credentials because 
  that's not the case what we are doing is to work with this group 
  of member states the Epp and the other DG's in innovating and 
  using these Technologies for verification purposes and 
  specifically.\
Joao_Rodrigues_Frade:  for the cross-border verification of.\
Joao_Rodrigues_Frade: In Europe did I forget something yes.\
Joao_Rodrigues_Frade: No they're not I'm sorry I don't know 
  exactly it's a bit frightening because I don't know even if my 
  camera is working a you see my slide with ever there no you see a 
  slight with now you see it it wasn't that fun.\
European_Commission_-_EBSI_-_Maxine_Lemm: But we're not in 
  presentation mode trawl.\
Joao_Rodrigues_Frade: I cannot see if you see him let me see my 
  screen so I'm going to assign presentation mode because I see it 
  in presentation no okay so okay doesn't matter I think as long as 
  you have a because what I can do and I'm sorry because we should 
  have tested this software I have no clue what you guys are 
  actually seeing what I will do is to present my screen not the 
  and maybe this will help and then I okay so my camera is 
  working.\
Joao_Rodrigues_Frade:  if we.\
Joao_Rodrigues_Frade: We are experimenting as we move along okay 
  this works so I will try again to share content and I will share 
  my screen boom okay and then okay and now this is going to be in 
  presentation mode I guess is it.\
Joao_Rodrigues_Frade: Okay so this is what I was trying to 
  explain is that we have carried out a number of Pilots with the 
  member states to do cross their verification of diplomas using 
  w3c verifiable credentials but again this is an innovation track 
  of the European commission this is not a commitment from the 
  policy side that we are moving towards verifiable credentials 
  even in the near future.\
Joao_Rodrigues_Frade:  but nothing.\
<sharon_leu> Question - you mentioned that the EC is not 
  currently moving towards W3C VCs - can you say more about why 
  that is or what are you currently discussing instead?\
Joao_Rodrigues_Frade: Us to promote this track alongside the work 
  that is already happening being by the Jack because we're in 
  contact with them in the Erasmus without paper project or there's 
  a bra with the Rope has platform and we reuse the model of Arrow 
  past when we created a verifiable credential so this is done in 
  collaboration with the policy DTS but it's not.\
Joao_Rodrigues_Frade:  commitment from the policy side.\
Joao_Rodrigues_Frade: We're actually adopt what we are doing at 
  large even though we are already working there with them to make 
  this happen yep.\
Joao_Rodrigues_Frade: So in the in the commission there are 
  policy DG's that are responsible for specific policies and the d 
  g that is actually responsible for education is called the ja 
  takk and of course they have a certain mandate within the 
  education domain as you know the European commission cannot set 
  you know and they know better than I do so I will just probably 
  explain.\
Joao_Rodrigues_Frade:  that of course the.\
<simone_ravaioli_(vc_edu)> DG EAC - Education department of the 
  European Commission\
<jeff_o_-_humanos> Is Slide deck available and/or can key prior 
  skipped slides be flashed through before  end of presentation?\
Joao_Rodrigues_Frade: Remember that for example everyone in 
  Europe has to express a diploma in the Rope as format or in a 
  verifiable credential format most of the initiatives that are 
  happening are funding initiative so there is Grants and money 
  given or within specific domains where the European commission 
  actually has a driver row we are collaborating with both Mark and 
  with.\
Joao_Rodrigues_Frade:  imply that are the.\
Joao_Rodrigues_Frade: That are currently working on credentials 
  for education and we are let's say.\
Joao_Rodrigues_Frade: Influencing that process where for example 
  the aeroplus platform soon we'll be able to express credentials 
  indication credentials in w3c verifiable credentials format which 
  currently is not the case they are having a pure XML format and 
  they will be moving with the same data model of the diploma to a 
  w3c version of credentials for me.\
Joao_Rodrigues_Frade:  now when we do this.\
Joao_Rodrigues_Frade: Alongside with them and in collaboration 
  but that doesn't mean that we are in control of their apis 
  platform that is the GM plant so they might provide that 
  additional feature and those that are interested to go there and 
  create as they call a count and you know participate in their 
  password platform they will be able to choose very valid 
  credentials as a format but what would be wrong for us is to come 
  here and give you the impression.\
Joao_Rodrigues_Frade:  now that there is a sort of mandate on the 
  member state.\
Joao_Rodrigues_Frade: They are now sort of applies to use the 
  Bluetooth receiver for a credentials that would be because that's 
  not the case what we are saying is that we are working with 
  initiatives of the European commission such as europa's and 
  Erasmus of that paper that our initiatives with the specific 
  mandate to support them in the development of these initiatives 
  with an innovation track that we started in Pilot mode.\
Joao_Rodrigues_Frade:  load under the European blockchain sir.\
<sharon_leu> Got it, thanks!\
Joao_Rodrigues_Frade: Sir initiative which is funded by the 
  digital Europe program does this make sense so you have to 
  distinguish funding initiatives more like Innovation that the 
  commission promotes together with the member states from one 
  standing you know policy initiatives which have let's say their 
  own governance and are slower to adopt new technologies just 
  because of course they have a different governance process.\
Joao_Rodrigues_Frade:  was I.\
Joao_Rodrigues_Frade: Clear about this.\
Kerri Lemoie: +1 -- Thanks for explaining that Joao\
Joao_Rodrigues_Frade: Okay what is important for you to 
  understand this we as European commission are working with the 
  member states in the structure called the European blockchain 
  partnership in promoting this Innovation track which is really to 
  use w3c verifiable credentials in the cross-border verification 
  of diplomas so this was done this was let's say there were grants 
  given and provided two universities interested in doing that.\
Joao_Rodrigues_Frade: So we have done that and this is what.\
Joao_Rodrigues_Frade: We are showing to you.\
https://europa.eu/europass/en/europass-digital-credentials\
https://github.com/european-commission-empl/European-Learning-Model\
Joao_Rodrigues_Frade: And we are currently working with the 
  policy DG's so that the results of this pilot is now adopted by 
  them in their own policy initiatives which again are not as 
  mandatory because of the field of Education in the field of 
  education has a certain let's say limit by the European 
  commission we cannot like you know that subsidiarity the member 
  states know better how to run it but there.\
Joao_Rodrigues_Frade:  are quite something.\
Joao_Rodrigues_Frade: Two teams that are currently working with 
  us to eventually adopt the results of our Pilots so what we have 
  done is the typical model of the literacy which is now shown on 
  the screen where we have a holder meaning a student that goes to 
  a university asks for the issuance of a diploma.\
Joao_Rodrigues_Frade: Receives it on its digital wallet and 
  presents it to a verifier and we have tried to have the verifier 
  in some other member state so that's the typical use case now 
  what we came here to present in water because we could present of 
  course therapist data model the claims were expressed as a repast 
  is the in the verification step we have created new also an 
  Innovative model.\
Joao_Rodrigues_Frade:  jul 28.\
Joao_Rodrigues_Frade: That the verifier can trust the issuer what 
  we call an issuer trust model and that has been done using 
  blockchain so that's where let's say blockchain comes into play 
  not really too let's say store the diploma that's not the case at 
  all the diploma is only stored on the digital wallet.\
Joao_Rodrigues_Frade: Information about the deed of the holder 
  because we also use the word recede it's both for issuers and 
  holders but not for verifiers because they don't get an additive 
  only issuers and holders even the deed of the older will be only 
  starred on the wallet so the sort of the document of the holder 
  is only on the wallet but on the other hand on the blockchain we 
  have all the information about the issues and why did we decide 
  to do this on the blog.\
Joao_Rodrigues_Frade:  lock chain to decentralize the 
  information.\
Joao_Rodrigues_Frade: Central point where we would start all 
  public keys and the information of whether or not the issuer is 
  accredited to issue this type of diploma we have done it on the 
  blockchain because we believe that the blockchain has certain 
  advantages to hold the information of issuers and of course 
  because we don't want to put the verifier in contact with the 
  issuer so it's also a way to not.\
Joao_Rodrigues_Frade:  call home.\
Joao_Rodrigues_Frade: Half the very fires calling issuers the 
  very fires can simply go on the blockchain we provide a number of 
  services that can be consumed by any verifier app in read mode 
  and read the information necessary to retrieve the document of 
  the issuer to retrieve what we call the accreditation of the 
  issuer that enables the issuer to be trusted to issue that of.\
Joao_Rodrigues_Frade: And we also have the typical revocation 
  list that is stored on chain so this is where we have used 
  blockchain and this so-called trust model for issuers based on 
  blockchain is what is the subject of the talk of today so I get 
  here it's where Ellen is now going more into detail and Alan is 
  our lead architect.\
Joao_Rodrigues_Frade: Three how would say that the the person 
  that can know whether or not that's a technical level this is the 
  wisest decision that we have made and is here to give you a bit 
  of his wisdom Alan are you there.\
Alen Horvat:  Yeah that we share my screen and I can take it from 
  here.\
<simone_ravaioli_(vc_edu)> EBSI uses Blockchain  only for 
  governance (Trusted registries), not for verifying individual 
  credentials (anchoring credentials to a blockhain)\
Alen Horvat:  Okay there's my screen yes you do okay so first 
  before I go to slides here just a few pages where you can find 
  all the relevant information so this will all shared in the chat 
  so everything about EBS I everything about what it conformance 
  testing and here in what is AB c-- you will find different 
  factors that cover everything from verify our.\
Alen Horvat:  The idea is as we use them in a BSI digital 
  identity trust issue model and exchange of are valid credentials 
  and some chapters that will be published soon okay now let's go I 
  so sorry I need to share it again because.\
Alen Horvat:  Let's go to a presentation.\
Alen Horvat:  For some reason I cannot see this one instance.\
<kerri_lemoie> How do the issuers get registered in the 
  blockchain?\
<kerri_lemoie> What are the qualifications?\
Kerri Lemoie: :+1:\
Joao_Rodrigues_Frade: That's exactly what we want to show you and 
  we have created as you know a way to reflect the chain of trust 
  of issuers and everything is online but so the idea is that an 
  issuer of a diploma.\
Joao_Rodrigues_Frade:  is a.\
Joao_Rodrigues_Frade: It's by an institution such as in Europe 
  Ministry of Education to do so now that Ministry of Education 
  might be at National level might be at Regional level and 
  therefore the there is not like just one actor in this 
  accreditation process there might be several actors and we need 
  to have a chain of trust that works on change so that you have 
  the information that you require to trace back the.\
Joao_Rodrigues_Frade:  the Trust on.\
Joao_Rodrigues_Frade: Be sure to the highest level of authority 
  in the member state or even at European level that shows and 
  demonstrates that the issuer can be trusted for that specific 
  type of of Education credential.\
Joao_Rodrigues_Frade: And that has been really the they know 
  Innovative part because all the other options that we saw they 
  were quite simple so they just said either you trust an 
  intermediary platform that is known for containing information 
  about trusted institutions so you trust that platform or you 
  trust the certificate that is qualified and therefore.\
Joao_Rodrigues_Frade: Trust the issuer of the certificate of the 
  Kali fighter and therefore you trust the entity and according to 
  us that those two Alternatives they have quite some embedded 
  mutations that we try to overcome by using verifiable credentials 
  to express the trust of chain of Institutions and we will show 
  you now.\
Alen Horvat:  Okay so here is a very brief overview of what will 
  be presented in this chapter so we will just go quickly through 
  different trust models that are used today and how he dies I can 
  help to map the trust relationship into the digital forms of that 
  verifiable credentials are easily verifiable then we will explain 
  some of the details of EVS is issuer trust model and what are 
  they.\
Alen Horvat:   Benefits and in the end.\
Alen Horvat:  Examples that that early adopters produced in honor 
  or programs where different universities showcased cross-border 
  diploma exchange of student development.\
Alen Horvat:  Okay so in the classic classical trust model of 
  issuers the information about the holder is usually exchange with 
  direct between the issuer and the verifier and then verifier 
  usually calls and checks with the issue directly whether or not 
  that credential is still valid it was really issued by that issue 
  or so and this this is called phoning home of course phoning home 
  causes several.\
Alen Horvat:  Issues because it allows.\
Alen Horvat:  And that's one of the reasons why we'd like to 
  avoid such a model so the three main challenges are the technical 
  burden because it's places like they're just a technical 
  requirements audition always needs to be online and always 
  available so that verifiers can check the status of any time 
  there's some operational burden which requires.\
Alen Horvat:   With verifiers to create.\
Alen Horvat:  Interaction with all the issuer's they want to 
  physically check the very first default credentials from so the 
  number of required interaction increases with the number of 
  issuers verify respond to interact and there's of course a 
  privacy challenge because is sure issues with always learn it 
  which where fires a holders interactive so this is.\
Alen Horvat:  So these are the main three challenges that we want 
  to solve.\
Alen Horvat:  Of course with the w3c and SSI in new information 
  exchange model was introduced or issuers have their own 
  decentralized identifier the issue credentials to holders and 
  holders presents the credentials to the verifier and now gbesi as 
  a fully decentralized framework or service enables to make the 
  verification of your fabric credential easy and reliable.\
Alen Horvat:   Without needing to contact.\
Alen Horvat:  It wrecked me.\
Joao_Rodrigues_Frade: Or to or to have a centralized model.\
Alen Horvat:  Yeah Crim so so he BSI is is just like an 
  infrastructure that holds all the information so if it's not an 
  entity that controls and overseas so all the information The 
  Ledger as well as is controlled by the trust of the creation 
  organizations and trust and ensures themselves for each domain or 
  so okay.\
Alen Horvat:   Here we are.\
Alen Horvat:  The three conceptual trust models and the first 2 
  or use or your frequent free used frequently today first is the 
  centralized trust model where we have a one entity which manages 
  all certificates and the keys.\
Alen Horvat:  Have the Federated stress model where these 
  operations can be delegated to different like intermediary 
  certificate authorities and one example is Europeans list of 
  trusted list of qualified trust service providers where National 
  bodies maintain the list for their own country and there's a 
  distributed trust model gbesi.\
Alen Horvat:   Which is completely open.\
Alen Horvat:  In a sense that there's no Central entity that 
  controls the rudder let's say roots of trust or trust chains or 
  do or the relationships but it allows mapping all the information 
  into digital form so that therefore credentials are easily 
  verifiable and this service is sin since is fully distributed 
  replicated it's always available and also praised the link 
  between the.\
Alen Horvat:   The farmer and the issue.\
Alen Horvat:  No sir takes off some operational work guns from 
  from both entities because now verifiers can easily check 
  accreditations on of any issue within the within the ecosystem 
  and they don't need to create special connections with all the 
  different issuers in the field.\
Alen Horvat:  I don't know what how he be a science trust model 
  compares to other stress model so the most widely used is the 
  central or decentralized and Federated trust models which rely on 
  a certificate authorities and x.509 certificates this structure 
  is not as flexible and it's usually applied only for identity 
  credentials we know that x.509 are.\
Alen Horvat:  Usually public Keys bound together.\
Alen Horvat:  True person identity and those organ is should and 
  in that ecosystem we have several roles certificate Authority 
  registration Authority validation Authority distribution 
  Authority and the whole structure is not very very like agile or 
  it cannot adapt very easily to different scenarios or use cases.\
Alen Horvat:   Whereas in.\
Alen Horvat:  PSI based on the business requirements we got 
  from.\
Alen Horvat:  From different use cases and all the stakeholders 
  involved evolved we came to a trust We Trust model we're only two 
  rules or required these are trusted accreditation organizations 
  or ta 0 which basically identifies verifies accredits the 
  so-called trusted issuers who issue electronic documents or 
  verifiable credentials trusted.\
Alen Horvat:   Issuers are.\
Alen Horvat:  Edited by Toews can then issue certain types of 
  verifiable credentials and sign them either while their existing 
  certificates or delete keys that are used for for first time.\
Alen Horvat:  Okay now let's take a look at CBS eyes trust model 
  and how it works.\
Alen Horvat:  Here we present the relationship and onboarding of 
  so-called ta yo and trusted issuers and basically in order for to 
  let like create a new chain of trust for given domain we need to 
  identify or domain needs to identify organizations which can 
  issue some information about the accreditations for trusted 
  issuers.\
Alen Horvat:  This created this Theo's register schemas in the 
  BBS ice trusted schemas registry schema is Json schema which 
  defines the data model of the very fabric credentials that that 
  is going to be issued by trusted issues within the domain and for 
  example TOS can be Ministries so one example would be like 
  Ministry of Education within a country which is then responsible 
  for creating.\
Alen Horvat:   With all the universities or set of.\
Alen Horvat:  See in that country trusted issuers once once the 
  root of trust is set can then request from ta 0 and accreditation 
  it's a it's a it's the standard fare follow credential exchange 
  so trusted Tau identifies a trusted issue or issues that are 
  verifiable accreditations and then trustworthy first register 
  drawer.\
Alen Horvat:   They're accreditations and Associates.\
Alen Horvat:  CBS eye so here we see that there is no entity 
  within EBS I which would register information on behalf of others 
  but everything is managed by the actors within the domain and 
  then it B SI acts as a public Ledger of issuers so it contains 
  information about trust degradation organizations their dids 
  their did keys and so about the trust of issuers.\
Alen Horvat:   And schema.\
Alen Horvat:  Which are you should buy the issues within the 
  given domain.\
Joao_Rodrigues_Frade: Before we go into more detail given that 
  this is actually the conceptual model and everything Builds on 
  that maybe we can ask if there are any questions at this point 
  the the previous slide.\
<keith_kowal> What framework is used for revocation?\
Joao_Rodrigues_Frade: Because this is the essential conceptual 
  model or it's is this let's say make sense to the people working 
  in this group have you seen something similar.\
Joao_Rodrigues_Frade: Does this seem to make sense.\
Joao_Rodrigues_Frade: There is one Krishna.\
Joao_Rodrigues_Frade: Is one raised hand.\
Joao_Rodrigues_Frade: We are not put indeed you can use specific 
  thrust list so I guess they're not using the trustees of Trustees 
  from let's say Idols they are creating a sector specific thrust 
  is most likely right.\
Joao_Rodrigues_Frade: Very very interesting I mean I don't know 
  Alan do you know about this specific variant to The Trusted list 
  model.\
<kerri_lemoie> It's interesting that the TAOs determine the 
  schemas of the VCs.\
Alen Horvat:  Yeah I know about the project and the model there 
  is its to mind understanding its DNA it's also dns-based but 
  what's that's correct yeah yeah so so it has so it has some nice 
  properties and it's applicable to certain use cases but to add to 
  that the what we're presenting here is like like a very Broad.\
Alen Horvat:   Model and it also.\
Alen Horvat:  When it comes to a particular domain within that 
  given domain it's up to the up to the use case basically this app 
  so we Define or like EVS I only defines an envelope of what we 
  call a verifiable accreditation and so very basic I can try to 
  share the link to the to the data models and schemas is a very 
  basic data model and that's can be is usual that extended by 
  domain specific properties which can reach.\
Alen Horvat:   Can be basically.\
Alen Horvat:  As long as it's like verifiable in a in a simple 
  way so it can express any relationship or limitations for the 
  europass I think they call it a creation records They mapped the 
  accreditation records data modem to verify credentials for and 
  that is basically if you check the schema you see that it takes 
  the basic or like the core there for accreditation scheme has and 
  then schema and then.\
Alen Horvat:  So subject properties within the very fun 
  potentials with the domain specific planes so that it can really 
  control to to the level to like really introduced a fine-grained 
  control of which university can issue exactly which diploma 
  recognized within the field so.\
Joao_Rodrigues_Frade: Okay maybe Island there may be moved on to 
  the next slide and we can quickly touch upon that because you 
  already see you already see the other that we can build 
  revocation on top of the Heap ESL Ledger as well so the idea is 
  let's build the whole trust model around verifiable credentials 
  let's create this accreditation data model that is going to be 
  fairly flexible to accommodate.\
Joao_Rodrigues_Frade:  the trust chain.\
Joao_Rodrigues_Frade: Of issuers essentially the Ministry of 
  Education empowering Regional entity to then Empower issuers for 
  you know specific education domains that's all verifiable 
  credentials native so that is the idea and then the second idea 
  is we can use a BSI to make available.\
Joao_Rodrigues_Frade: The documents of all this issuers the 
  accreditation verifiable credentials of all of them as well and 
  thirdly any revocation information that the verifier needs to 
  make the decision of whether or not this diploma is authentic or 
  valid so this idea of a passport so when they get the diploma 
  they have access to all the information they are they.\
Joao_Rodrigues_Frade:  need to make that.\
Joao_Rodrigues_Frade: Maybe Ellen going to go ahead and call 
  compliment.\
Lucy Yang:  Okay thank you I was just about to ask if I can I had 
  a comment on the earlier and discussion on train a model II so 
  I'm working on a project that actually used trying for a higher 
  level trust under direct resource pretty much like AB c-- Ledger 
  is a level lower which means like you and like the The Trusted I 
  think the TA oh you mentioned here there are managing their own 
  list but if there's any there any higher level Discovery 
  especially globally.\
Lucy Yang:   E for example if you're thinking about covid there 
  different kind of trust.\
Lucy Yang:  Who are having their own Bliss try but how how to 
  actually bring them together so the train models very flexible in 
  the sense that they can't deal with whatever AB c-- is doing but 
  also higher level they leverage DNS as already mentioned and they 
  can work with both x.509 and it so it's very very flexible so 
  kind of look at you like you can list existing trust Registries 
  on a higher level directory for kind of a global level Discovery 
  so that's something.\
Lucy Yang:   I'm working on like particularly for covid and house 
  credentials.\
Lucy Yang:  Earlier I was on a call where India presenting their 
  trust Brothers recall Sunbird I think it's something like kind of 
  at liko Louisville with ab c-- and and but if they're anything 
  for example you're talking about education credentials why if 
  Europe is using some kind of service for European educational 
  credentials were India's using there are saying for educational 
  credentials how you're going to do like globally when like in a 
  student's where people move around borders to actually find out 
  who was trusted in different regions so that's what I want.\
Lucy Yang:   Comment down.\
Joao_Rodrigues_Frade: But you believe that the model that we are 
  showing here and of course almost those are wrong but some of 
  them are useful but the the model that we are showing here is 
  compared to the one that you were just describing as some 
  Advantage disadvantage what would be your.\
Lucy Yang:  It's complimentary so that idea is that you you has 
  your own regulations right and when you're issuing credential 
  whether it's covid credentials were educational credentials and 
  and won't have not every other country for Regions will be 
  following your regulation so you need to allow them or I think 
  you are allowing them to figure out their own thing but 
  eventually if you know you has your own educational registry 
  right where India has their own registry how.\
Lucy Yang:   Different Registries are going to find each other 
  and and Bill.\
Lucy Yang:  Higher level it's complemented is not conflicting 
  work or anything.\
Alen Horvat:  Cam anything remember.\
Joao_Rodrigues_Frade: What what you say there is just very 
  interesting because exactly this is what we discussed when we 
  briefly prepare this call is maybe we can reinforce that idea we 
  believe that sort of generic data model for accreditation because 
  the one we came up with is you can call it European but actually 
  is our project so it's not even European but so that would of 
  course.\
Joao_Rodrigues_Frade: Help different regions to develop 
  accreditation change based on a similar set of claims about the 
  issuer's so we are Allen has shared now the data model that we 
  believe.\
Joao_Rodrigues_Frade: Our needs but of course I think what would 
  be interesting is that data model is actually.\
Alen Horvat: 
  https://ec.europa.eu/digital-building-blocks/wikis/display/EBSIDOC/Data+Models+and+Schemas\
Joao_Rodrigues_Frade: Well I'm not saying really standardized to 
  the level but like maybe made Global would really support High 
  higher interoperability across Europe United States India and but 
  currently there is no such model that's that's that's I think 
  what we want to highlight is that we had to come up with ours in 
  there will come up with others and once you need to let's say 
  having.\
Joao_Rodrigues_Frade:  interoperability you will have a.\
European_Commission_-_EBSI_-_Maxine_Lemm: Can I maybe jump in 
  because I feel like the question that was just asked 
  misrepresented slightly what we were trying to explain the 
  European commission does not have a centralized verified database 
  of universities I think very that's a good place to start and 
  it's not a competency of the European Union to do so that is a 
  National Competency and much the same way that India is in charge 
  of its educational policy and this Ministry of Education or 
  equivalent will be responsible for.\
European_Commission_-_EBSI_-_Maxine_Lemm:  ting reliable 
  education organizations it is the same.\
European_Commission_-_EBSI_-_Maxine_Lemm: Visual countries member 
  states of the European Union so what the model that we've built 
  like Alan and jo\'e3o just explained is not relying on a central 
  source of Truth it is relying on a self Sovereign type of 
  management of accreditations where as long as a country that is 
  Sovereign identifies the appropriate entity for accrediting 
  University bodies in this case then the whole trust thing can be 
  self-managed as long as that.\
European_Commission_-_EBSI_-_Maxine_Lemm:  one institution is 
  identified within one country.\
European_Commission_-_EBSI_-_Maxine_Lemm: The root of trust then 
  all of the subsequent accreditations say education recognizes two 
  Regional bodies that manage University accreditations within a 
  region you know subset of the University of that country all of 
  this is self-managed I don't know if that helps.\
European_Commission_-_EBSI_-_Maxine_Lemm: Okay then I 
  misunderstood you.\
Lucy Yang:  Yeah that does my understanding I don't think I miss 
  understand what your what is this.\
Joao_Rodrigues_Frade: So we all understand each other which is 
  actually quite positive of course we we know that we are limited 
  when it comes to to time and we want to just let's say pass the 
  key messages and also to contextualize the work that we are doing 
  because that's quite important when we leave so that there are no 
  misunderstandings there as well of where this is going but maybe 
  Alan you want to say something about this of the data.\
<simone_ravaioli_(vc_edu)> This is set of videos from the EBSI 
  Early Adopters Demo Day which focused on the Edu use cases 
  (Diploma, Transcript, Microcredentials) 
  https://www.youtube.com/playlist?list=PLPMb0otsCuFLpE4UYiAZ_y3HhP2VX6q8O\
Joao_Rodrigues_Frade: How important we believe it is to actually 
  look at this more attentively and eventually integrate this into 
  let's say w3c or some entity that could make it really 
  generalized and and not only lets say EPS I let the model.\
Alen Horvat:  Yeah of course so maybe one thing to add here 
  because I mean common of Lucifer is in place and it's very 
  relevant but no technology will be able to solve the problem of 
  who trust whom I mean we're farts will always need to decide like 
  which issuers or roots of trust they they trust and that's 
  completely independent of the technology of.\
Alen Horvat:  It's important to maybe let me go to a 2-1 to 22 
  that the example from the education news case with it's not 
  showing the right slide.\
Alen Horvat:  But let's see.\
Joao_Rodrigues_Frade: It is it is it is.\
Alen Horvat:  It is it is it's not okay so okay so what we need 
  to understand here is that the the infrastructure and the trust 
  model or completely open so EPS I can can basically host 
  information of as many trust change or or hierarchies or whatever 
  trust relationships as possible so it's not limited to any 
  specific use case in a is not limited.\
Alen Horvat:   It to any specific domain.\
<simone_ravaioli_(vc_edu)> this is the juicer part, we will let 
  this run a few more minutes to capture the recording and share... 
  in case people need to leave.\
Alen Horvat:  And the beauty of the data model is that it's 
  fairly simple everything is linked so whether it's hosted on E 
  BSI or somewhere else I mean very far will always be able to find 
  the PATH and who are created whom weather data creation is still 
  valid or not to each schema it links who were credits who 
  registered that schema and all the relevant information now of 
  course storing this on eBay.\
Alen Horvat:  Side has several advantages.\
Alen Horvat:  The information that is stored there it's all 
  verified beforehand so that information that goes on The Ledger 
  complies with all the rules for accreditations so that's one and 
  the second is basically you can have like it can accommodate 
  everything from a simple like list where all issuers are on sale 
  at the same level or an arbitrarily complex hierarchical.\
Alen Horvat:   Structure and.\
Alen Horvat:  Also be extended by domain specific rules for 
  issuance for example that given University can only issue and 
  diplomas in a specific region of the country or or similar so 
  those are completely open I think that these are the points that 
  I'd like to highlight here and here is a very simple example of a 
  use case when we have like a Ministry and we see that depending 
  on the.\
Alen Horvat:   Accreditations in.\
Alen Horvat:  S which is in this case for root of trust then 
  accredits different bodies within that within their domain.\
Alen Horvat:  So before we close.\
Joao_Rodrigues_Frade: So before we close the presentation I think 
  we want to thank you again for of course the invitation and 
  having us here today although work that we do is by its nature 
  open source so you will see that every slide that we showed you 
  today is already available online in one way or the other we are 
  of course more than happy to give you additional information in 
  case.\
Joao_Rodrigues_Frade:  you feel that.\
Joao_Rodrigues_Frade: Since after the discussion and we would 
  support of course you in any specific challenge that you might 
  see or let's say additional questions or challenges that you 
  could you could make to the model because it's in our benefit so 
  the more we are able to learn about like have you thought about 
  this or could this also work with that type of questions.\
Joao_Rodrigues_Frade: Happy to receive them because that would be 
  helpful eventually in your group but also to us in improving the 
  model so the model is not that I set in stone and clothes is not 
  in the policy document as I explained this is really Innovation 
  it's then the pilot to work with the stakeholders is not part of 
  really a policy initiative so we can be flexible we can 
  accommodate improvements and we would be more than happy to do so 
  and this is why we.\
Joao_Rodrigues_Frade:  I'm here to like even though I mean I'm 
  sorry for that.\
Joao_Rodrigues_Frade: Issues with the presentation slides not 
  moving camera is not working but I think we try to pass the 
  essential message essential messages to the group similarly.\
Joao_Rodrigues_Frade: Thank you very much I don't know Maxine if 
  you want to say something and Allen Before We Say Goodbye.\
<kerri_lemoie> Thank you!\
Alen Horvat:  But thanks for having us if anyone has any 
  suggestions for improving feel free to check what we produce and 
  if you have any ideas for improvements let us know.\
<simone_ravaioli_(vc_edu)> Thank you\

Received on Tuesday, 27 September 2022 22:44:17 UTC