[MINUTES] W3C CCG Credentials CG Call - 2023-02-07 from CCG Minutes Bot on 2023-02-07 (public-credentials@w3.org from February 2023)

From: CCG Minutes Bot <minutes@w3c-ccg.org>
Date: Tue, 07 Feb 2023 19:20:32 +0000
Message-ID: <E1pPTVz-00BZTe-2e@titan.w3.org>

Thanks to Our Robot Overlords for scribing this week!

The transcript for the call is now available here:

https://w3c-ccg.github.io/meetings/2023-02-07/

Full text of the discussion follows for W3C archival purposes.
Audio of the meeting is available at the following location:

https://w3c-ccg.github.io/meetings/2023-02-07/audio.ogg

----------------------------------------------------------------
W3C CCG Weekly Teleconference Transcript for 2023-02-07

Agenda:
https://www.w3.org/Search/Mail/Public/advanced_search?hdr-1-name=subject&hdr-1-query=%5BAGENDA&period_month=Feb&period_year=2023&index-grp=Public__FULL&index-type=t&type-index=public-credentials&resultsperpage=20&sortby=date
Organizer:
Mike Prorock, Kimberly Linson, Harrison Tang
Scribe:
Our Robot Overlords
Present:
Jennie Meier, Keith Kowal, Rebal, Harrison Tang, Jack, Sandy
Aggarwal, Bryan Luisana, Gregory Natran, Anil John, Kaliya Young,
Will, Erica Connell, Jeff O - HumanOS, Andres, Sharon Leu, Kerri
Lemoie, Andrew Whitehead, David I. Lehn, Stuart Freeman, John
Kuo, George Lund, Dmitri Zagidulin, Manu Sporny, Nate Otto, Marty
Reed, Phil L (P1), Christopher Allen, Brian Richter, Joe Andrieu,
Orie Steele, James Chartrand, Leo, Paul Dietrich GS1, Kayode
Ezike, Kimberly Linson, Bob Wyman, BrentZ, TallTed // Ted
Thibodeau (he/him) (OpenLinkSw.com), John Henderson, Brent
Shambaugh, Juan Caballero

<harrison_tang> We'll start in a minute
Our Robot Overlords are scribing.
Harrison_Tang: So thanks for attending everyone will start this
week's w3c ccg meeting today are we are pleased to invite the
Jack and rebel from tomomi Foundation to lead and present on the
topic of multi signature verifiable credentials and conditional
proofs but before we get to the main agenda just want to remind
everyone to couple.
<john_kuo> Could Rebal mute please?
Harrison_Tang: It's tough so the first thing is the code of
ethics of professional conduct just want to make sure that we
hold a respectful conversation and we pay respect respectful to
each other quick IP note anyone can participate in these calls
however all substantive contributions to any CG work items must
be members of the ccg with for IP our agreement signed make sure
you have a copy 3C account and if you encounter.
Harrison_Tang: any issues feel free to contact me or any of the
colors.
Harrison_Tang: I will send you the link and the links are also
included in the email agendas I said every week.
Harrison_Tang: Quick call notes these are meetings are being
recorded and the meeting minutes are an audio recordings can be
found in our GitHub link and we usually get out these
transcriptions everything within the same week if you have any
questions on that just let me know.
Harrison_Tang: we used to have.
Harrison_Tang: Uh GT chat to Q speakers so you have any questions
just typing cute plus to add yourself to the Q where Q - to
remove that and yes and you can do a Q&A question mark to see a
who is in the cube.
Harrison_Tang: all right.
Harrison_Tang: That introductions and reintroduction so you're
new to the community or you haven't been active and once you
introduce yourself please feel free to unmute.
Harrison_Tang: Okay I'll call I'll leave about 23 minutes for at
the end of the meaning for introductions reintroductions as well.
Harrison_Tang: Any announcements were reminders.
Harrison_Tang: Haemon you please.
Manu Sporny: Thanks Harrison I'm going to share a couple of
things so the first note is that the verifiable credentials
working group face-to-face meeting in Miami is now at capacity so
we can't take any more folks in person we were at the limit to
what the room can hold but you can still attend.
Manu Sporny: Motely if you'd like.
Manu Sporny: You just need to talk with the chairs to do that
the agenda has been published and this is this is the agenda
which is public we're going to be talking about holder binding
media types content types and how they recite we relate to VC J
WS cozy those kinds of things.
Manu Sporny: We're going to be talking.
Manu Sporny: Points like evidence status list rendering terms of
use we're going to be talking about terminology that's day 1 Day
2 will be verifiable credential data integrity and the crypto
sweets around that as well as VC jot and then some issue
processing and then day 3 will be a discussion around whether or
not at context is going to be optional or not some industry news
which will.
Manu Sporny: More than likely.
Manu Sporny: Be off the Record so that people can share more
about around what's happening so that we can all hopefully
coordinate things that are going on and then.
<manu_sporny> VCWG F2F Agenda:
https://docs.google.com/spreadsheets/d/1c16F5VOwIFvCrZRPzwUHSw2LvpJQRQGFGJtDv2xC_OM/edit#gid=0
Manu Sporny: You processing and then closing out with
deliverables the things that we believe we are going to be able
to accomplish so that's the agenda it's on the public mailing
list I can put the agenda here in the chat Channel b c WG F 2f
agenda so that's that and then second announcement is and give me
a second I've got to find a.
Manu Sporny: Window that's going to be difficult.
Manu Sporny: Apologies I've lost it.
Manu Sporny: Has to do with the.
<christophera> @manu, is there any agenda on selective disclosure
(in particular hash-based like SD-JWT and JSON-LD Merkle?
Manu Sporny: The announcements around like all the things that
are going on in the working group so basically every week we get
a list of things that the working group has been working on in as
you might have seen that list is getting longer and longer.
Manu Sporny: So there is a lot that's going on in the verifiable
credentials working group right now we get a summary of meaning
meaning this this group gets a summary of what goes on there from
week to week but it's called the weekly you know digest here ago
I found it kind of crappy version of it.
Manu Sporny: But as.
Manu Sporny: You can see here they're like these are all the
concurrent conversations the pair of sorry the parallel
conversations that are happening right now in the verifiable
credentials working group so these are all like this is just last
week like these are just the items we talked about last week so
20 issues 52 comments in just you know the VC data model
repository with many more repositories have in common so it's.
Manu Sporny: Getting highly likely that.
Manu Sporny: Going to miss.
Manu Sporny: To keep up keep up so I'm just letting you know
everyone know that keep your eyes peeled every Monday at around
12 p.m. this summary sent out in we are processing a lot of
issues in parallel in coming to resolution and doing PRS and
closing those issues so just be you know pay attention to that
going on that's it.
Harrison_Tang: Thanks Bonnie yeah look at that the VC working
group agenda it's a it's a basic it's like three days of good
conversation so I'm actually going to invite Oliver there's a
good thread around the holder binding the topic of The polder
Binding so we'll have Oliver and the authors of that paper to
actually be the discussion around holder by the the topic of all
the binding April and then at the end there's probably other good
topics in those agenda.
Harrison_Tang: that we might want to invite them to.
Harrison_Tang: Those discussions and actually educate some some
of the folks here including myself on those issues cool any other
agenda any other announcement or reminders.
Harrison_Tang: So in the email I sent out there is a link to the
w3c calendar so we have the agenda actually schedule the topic
schedule until the mid April so if you have any other topics that
people want want us to kind of put into the schedule please feel
free to email any of the cultures.
Harrison_Tang: All right any questions on the work items or any
comments or things that people want to bring up in regards to the
work items.
Harrison_Tang: All right let's get to the main agenda so today we
are very pleased to have Jack and Gribble Fontenot Me Foundation
to present and lead a discussion on both highs signature
verifiable credentials and conditional proofs I think there was a
very interesting thread couple months ago in regards to this
topic and there are also other you know threats in regards to
what multi signature verifiable credentials and.
Harrison_Tang: these kind of topics so I think it's.
Harrison_Tang: It to actually have a meeting and live discussion
on this topic so I'll kind of hint the end of floors to Jack and
rebel and let them kind of lead these these discussions thank you
Jeff.
Manu Sporny: Yes I have one so first first up this is this is
great like really really cool you know the whole concept of you
know verifiable signatures and kind of cryptographic circuits and
that sort of thing is great and totally got the use cases those
make a ton of sense as well I'm wondering is this formulated in
maybe I missed it earlier I saw the verification method and.
Manu Sporny: And how they're all that kind of condition.
Manu Sporny: Russians they're the signature itself I think is
what you're walking us through right now Rebel is is the
expression a single signature or is it like a modified JWT or is
it Ray of signatures what does the like I see this but is this
mean this means that you've basically your signature is a JWT.
Manu Sporny: Duty and then it.
Manu Sporny: Other jwt's within the signature structure is that
correct what is a signature look.
Harrison_Tang: Sorry Christopher has acquired question
Christopher.
Christopher Allen: Yeah yeah one of my questions is increasingly
we're looking at scenarios that where there is a mixed of mCP
based thresholds which you don't actually know that the
thresholds are there do you have any way of marking hey you know
this is a single signature but it is in fact you know a you know
a threshold to of.
Christopher Allen: Three you.
Christopher Allen: You know ecdsa mCP or anything you know do
you deal with any of those types of issues thanks.
Christopher Allen: It's a little more subtle to that but all may
be taken offline.
Christopher Allen: It's so aggregate of all like frost there's
also one now for ecdsa that coinbase and other people are doing
we're basically you're doing you know you're doing signing
operations but at no point is there a single private key ever on
any single machine so it is a kind of multi.
Christopher Allen: Computational process Frost is the one I like
to use but there's several of these.
Christopher Allen: Okay just for your information they.
Christopher Allen: Right but just the result is exactly the same
as a regular Fingal signature but in fact was created by multiple
keys so that's I just say it's more of a a you know how does an
organization know that that was done.
Harrison_Tang: Sorry I have a quick question so earlier you
mentioned is a nest is signature and I'm wondering can you
actually check and verify one of the nest of signatures or you
have to do it all check and verify all signatures out at once.
Harrison_Tang: Got it thanks.
Harrison_Tang: Yes but then you stash the case then the sequence
of the signatures quite important right you can actually get to
the bottom of the stack basically at first basically right.
Harrison_Tang: Got it and by the way I think still you have a
very on the in the speaker cue.
Phil_L_(P1): Right yeah can you hear me okay thankfully I had two
questions you just answered this the second one which is order is
not being checked and doesn't matter in this particular instance
but the first question is just practical question can you give
any sense as to how much additional size is a crude when you
start having four five six embedded signatures as part of the
process how much how much boat are you adding to the credential.
Phil_L_(P1): Renee right right great thank you that helps.
Harrison_Tang: Mommy in your in the queue like I think you have a
comment.
<orie> base64url No pad ; )
Manu Sporny: Thanks yeah there there's effectively you know when
you Basics T4 in code something my presumption here is you're
doing Basics you for URL encoding when you Basics you for encode
something you have 33 percent bloat over the standard binary size
and then as you embed those things inside one another the bloat
kind of goes up so the more complex these signatures are just
purely because of the way John.
Manu Sporny: It's work and they 64 encoding Works you're going.
Manu Sporny: See you know a doubling you know and then a 33
percent overhead at every single nested level in and I you know I
should I think we should clearly outline that like this is not a
bad thing like if you need conditional signatures of this kind
and you want them to you know provide like fairly complex
scenarios you are probably okay with the signature sizes getting
very large.
Manu Sporny: Roaches are mitigated with some of the techniques
that Christopher was talking about like they're near signature
formats that you know don't grow in size like this but again I
mean that requires you to step away from the Jaw tooling to take
advantage of those things and so it really it's really use case
dependent you know I don't think people should look at this as
like you know a terrible thing it's just you know one of the
costs of associating.
Manu Sporny: Of using these.
Manu Sporny: Elegies and fundamentally it's probably not a big
cost given kind of the value that you're getting out of the
signature.
Manu Sporny: That's it.
Harrison_Tang: Thank you Mom you Bob I think you're in the queue.
Bob Wyman: Yeah simple question my apologies if it's dumb but
question is is there anything inherent in the design that would
prevent you from adding ordering conditions like a condition
after will say that required weapon used some other some other
signatures having been.
Bob Wyman: Okay I just wanted to check if there was anything
that would prevent it.
Bob Wyman: Prevent one from say having a condition app.
Harrison_Tang: Bonnie you have a comment.
Manu Sporny: Yeah Bob if your question is around like can you
determine if the sequence of signatures happen in a certain way
there are other Cryptids sweets that you know provide that so for
example like the data Integrity stuff that's going through the
verifiable credential working group right now has the concept of
set signatures like a set of signatures where you don't really
care it's just you you want to make sure that there were like
five signatures on this verifiable credential for whatever
reason.
Manu Sporny: So set.
Manu Sporny: Are supported just with base data Integrity stuff
and then chained signatures so you have a chain of signatures or
a series of signatures that have to follow a specific order
that's a part of just kind of the Baseline data Integrity
mechanism as well so there could be ways of combining like what
we're looking at here with those other more.
Manu Sporny: Or lower level.
Manu Sporny: Primitives that are available in the data Integrity
stuff to get to what you're what you're you know asking about and
those things are going to be through you know this the standards
process there are Global standards track features at this point.
Harrison_Tang: Right we will take one more question and we'll
that Jack and we're both like move out with the rest of the
presentation the Christopher you have the for.
Christopher Allen:
https://github.com/BlockchainCommons/SmartCustody/blob/master/Docs/Multisig.md
https://docs.google.com/presentation/d/13jaeireCRFoI1jFPFkbwBhTMQgUG7zEHRjmq0PWz-CI/edit?usp=sharing
Christopher Allen: Right thank you yeah I think one of the
things that we discovered when we were working on some similar
stuff I put a link into the chat for document on how to design
multisig thresholds and quorums and things of that nature and is
that then to be able to do the kind of next operation then you
need to be able to have Smart signature operations that can
refer.
Christopher Allen: Two smart.
Christopher Allen: In a prior object because these things are
when you were you talking about this particular structure is
great for evaluating this this you know these things are all kind
of signed at the same time of the same data but when you're
trying to verify use a signature to verify that another signature
was valid was valid you have this sort of layer problem because
you're basically having to create.
Christopher Allen: Eight code that then looks at another
signature.
Christopher Allen: Looking at the paint those the payload so
it's a lot harder to do those and I also am a little concerned I
mean we ended up not we found a way of doing it with threshold
signatures instead so we ended up not doing that particular
function because it was we had some questions about its security
but it's hard creating Court quick creating thresholds and
quorums and all that kind of stuff in ways that address all the
needs that's it.
<christophera> BTW, there is a transcript of that video at
http://diyhpl.us/wiki/transcripts/blockchain-protocol-analysis-security-engineering/2018/2018-01-24-christopher-allen-smart-signatures/
<christophera> The slides are at
https://www.slideshare.net/ChristopherA/smart-signaturesexperiments-in-authentication-stanford-bpase-2018-final
<orie> Seems like did web can support that specific type...
<orie> and you don't need to make a new did method.
Harrison_Tang: Thanks Jack thanks though Rebel oh yeah I think
you have a comment on the earlier Jack's question.
<orie> I'm not in Q :)
Harrison_Tang: I Keith you're in the queue.
<harrison_tang> haha, sorry, Orie
<orie> I think this was mentioned earlier...
https://datatracker.ietf.org/doc/draft-irtf-cfrg-frost/
Keith Kowal: Thanks for this it looks really amazing I I think
the challenge I've had with these types of schemes threshold
signatures and multisig is not So Much from the implementation at
the graphic layer but in the region like how you you organize
like multiple collecting wallets from multiple signatures or even
like presenting to a signatory like what it is they're signing
out maybe this probably not your scope of work but I wonder if
you had any thoughts about this.
Keith Kowal: About how you kind of implement this in.
Keith Kowal: Real life products.
Keith Kowal: Or how you collect like if you if you need like
three signatures how you how you organize wallets to go collect
them.
Keith Kowal: Cool thank you yeah I think that to me has been the
challenge and this and how that that part of it is implemented
but yeah thank you.
Harrison_Tang: Christopher you're next in queue.
Christopher Allen:
https://github.com/BlockchainCommons/SmartCustody/blob/master/Docs/Multisig.md
Harrison_Tang: Christopher do you have any comments or questions.
Christopher Allen: Yes I just put into the chat the again that
multisig scenario design thing yes there to answer the previous
question a little there is a lot of design that is required and
how to assemble and you know for instance you'll run into
situations that are not reflected in the conditions but where
somebody wants to be the last finer but the fact that they're the
last signer is not relevant.
Christopher Allen: Went to verification it's.
Christopher Allen: Lay in the process of signing all the others
in some kind of partial form along the way so you might have you
know you know Joe and Ken are the primary signers and you know
the the the the the steel the co only signs after they the first
two primary signers have signed so that there's a quorum.
Christopher Allen: You know that so there's some some things
that can happen in the in the process of signings of processes
there that really aren't reflect don't need to be reflected in
the final conditions because the final condition says hey you
know it's there's three of The Five People You know it's valid or
two or three or whatever it happens to be so there is a lot of
variance there I happen to be a big fan of you know nested
thresholds 2 of 2 of.
Christopher Allen: 32 Of Threes is effectively a for of.
Christopher Allen: But you know it can have a lot of additional
properties in the sense of you know emergency signers you know
this is often important say with a verifiable credential by an
institution where the you really want to have a distributed find
any kind of scenario where you know if New York is down.
Christopher Allen: Or is on vacation.
Christopher Allen: Station or whatever things business processes
can still proceed so you know if you're interested in talking
more about these types of things you know this is a topic that
blockchain Commons has been doing research on and we'd be glad to
to do more thanks.
Harrison_Tang: And Bob I think you are next in queue.
Bob Wyman: Yeah I'm just curious I know that Focus here is on
the technology but have you all given much thought to how a user
interface might present a particularly an incomplete signature to
a user to an end user not a programmer.
Bob Wyman: You know so that.
<christophera> There are a lot of good lessons on "partial
signatures" in bitcoin's PSBT standard, which has evolved. We
(Blockchain Commons) have discovered a number of policy
(pre-signature) problems as well.
Harrison_Tang: Call any other questions.
Harrison_Tang: Right well thank you thank you Jack thank you for
both thank you for by actually Christopher you have a question.
Christopher Allen: Well it's more of a trying to respond to the
last one the user side of this for the you know for signing
things is a is a lot harder than a lot of people think because
you end up having to express a signing policy in ways that are
you know complex so for instance you know Joe you know.
Christopher Allen: Oh is the.
Christopher Allen: Initiate or of a you know again the pre
signing kind of phase of the policy and he needs to explain why
you know other parties might need to sign it or why they're
you're taking advantage of an emergency signer or or you know why
an emergency signers required and and you know that there is a
flow of things sometimes people want to be the last sign or they
don't want to be the first signer.
Christopher Allen: Etc so it turns out it's a lot.
Christopher Allen: A hard problem there have been some good
lessons in Bitcoins partially signed Bitcoin transactions from
the very first version of it which had really no made a data to
later versions that allows for more metadata to be put into it so
there's some lessons there I imagine other cryptocurrency work on
Multi signatures may also you know give you some UI tips there
but you know my my biggest.
Christopher Allen: The thing is that the the.
Christopher Allen: Anything is actually a lot harder you xy's
and you might think it is that's it.
Harrison_Tang: You Christopher Keith yeah before.
Keith Kowal: Yeah I just want to follow on from that comment
yeah I mean I totally agree I think if you have like a back-end
let's say like a work day that how already has those kind of
orchestration features available as part of their bread and
butter then it's fairly like system like you know it got big H HR
System can do that but it's like how do you do in a decentralized
way I would suggest like we maybe need like like new parameters
which basically like the purpose that you're asking someone to
sign or things like that that would have to be populated so.
Keith Kowal: Yeah it's just an echo it's a really tough problem
and in the decentralized world and.
Keith Kowal: Always back to having to build an orchestration
and.
Harrison_Tang: Cool I have a question for Christopher so what's
the trade-off between the like the complexity flexibility of the
business logic versus like performance payload and things like
that like for example earlier you mentioned about thresholds
signatures I think it sounds it sounds cool but what's the how
much complexity like payload and performance trade-offs are
there.
Christopher Allen: Well for this particular approach to it the
conditionals which I'm at by the way a big fan of just because of
its Simplicity is yeah you know the objects get bigger and it you
know it it can be kind of painful and in that regards but I don't
think from a computational perspective that it's particularly
challenging.
Christopher Allen: You know some of the.
Christopher Allen: The other threshold Technologies and stuff
are you know sometimes don't run on small devices in particular
small signing devices so for instance we had a whole conversation
last week at the Silicon Salon that we host on how to accelerate
you know some of those types of operations on new emerging chips.
Christopher Allen: Soooo so.
Christopher Allen: You know there's some issues with some of the
more advanced cryptographic operations but one of the things I
another kind of point I really want to emphasize with people is
that you know this in almost all of the language around this we
are talking about people signing my gut feel is that these things
types of things are going to be deployed you're going to have
people who sign things you're going to have come you know.
<orie> How big is too big?... Are there any limits on document
size of inputs?
Christopher Allen: That's fine things that you know have their
own policies for how they sign it so one person may be actually
represented by a quorum you know it's like it's his ring it's his
phone and it's you know his company cloud service and the all
those are the three you know three signatures but it's one person
I also think that you might have signatures where you know this
is not valid unless the accounting server says the budget is
available has been approved.
Christopher Allen: Moved for it and.
Christopher Allen: Put in the budget and what the budget numbers
are and all that kind of stuff into the conditional you just
simply say Hey you know it requires a you know you know some
Quorum of accounting Surfers to say yes it you know it meets the
budget and it there is no they can't sign by themselves because
there's a different threshold that is the personal approval all
they're doing with their threshold is dealing with the you know
yes it has met you no sir.
Christopher Allen: In kinds of non you know human conditions.
Christopher Allen: So there's a richness there that I think is
going to emerge.
Harrison_Tang: Well thank you thank you Christopher we're we have
two more minutes so we'll take two last comments or questions and
then if you have to drop just want to give a quick note for next
Tuesday we'll have Korea to talk about the ca California vital
records all right pop you're next.
Bob Wyman: Yeah I just wanted to support what I think it was
Keith had said about purpose the reason I asked the question
about presentation was it seems to me that as these conditions
become more and more complex.
Christopher Allen: +1
Bob Wyman: Really complex bullion's here it'll be important to
have some way to carry along some non machine data that explains
to people why their signatures may be required a particular
points and why they're you know why the lodge why the structure
is the way it is and I just think it's important that we remember
that in order to present this stuff to people.
Bob Wyman: Well we are.
Bob Wyman: Have to explain to them have something other than the
raw signature code to explain to them what they need to do and
why they need to do it.
<christophera> …And, some of these prelim metadata will need to
be signed, but not included in final conditional.
Harrison_Tang: Thanks and Jack I think you can close the today's
that discussion and presentation thanks.
<christophera> If there are those interested in the pre/partial
signing policy use cases & requirements, contact me.
Harrison_Tang: Yes so I think first of all in regards to getting
more people involved like if you could send send me the links
then I can or you can just reply back to the the the agenda that
I sent out where I can stand on no set up for you to the ccg
mailing list in regards to the question about how to represent
conditional proof PID method I think Corey earlier made a comment
that you.
Harrison_Tang: might not need to create a new method you.
Harrison_Tang: You can just use the web GID method and then
lastly in regards to update the name and merge the pull request I
can know talk to Mike unfortunately he cannot make it today I can
talk to Mike and then maybe manyu and then we can if there's no
objections I don't think so there's no objections we can actually
just do it.
Harrison_Tang: Actually I think Bumble fudgy I think you have a
comment to make during the Q.
<orie> I can merge PRs at DIF.
Juan Caballero: I was just going to say I don't know I think
those are dormant work items that diff so I'm not even sure who
you talk to about merging them in I think the I'm not sure if any
companies are currently going to bump those 2 V 2 when when the
VC working group has a stable feet.
Juan Caballero: To draft of the.
Juan Caballero: Did we UT and I think they will need to I think
those different pose might be very V 1 or V 1 Point 1 so 0 or he
says he's he's happy to help I would say that you know it's would
be good to combine with a general refresh of those libraries if
anyone wants to do that was on was my only suggestion.
Brent Shambaugh:
https://github.com/decentralized-identity/did-jwt
<orie> Yes, those libraries are v1.1 "compliant"
<orie> but with notable problems regarding JSON-LD.
Juan Caballero: I just meant that if your well or is or is
saying in the chat that these libraries are for V 1.1 of the of
the VC and the JWT expression or proofing mechanism is changing a
lot.
Juan Caballero: Lot in V2.
<orie> "instead of... vs in addition to... for example"
Juan Caballero: Avicii so if you wanted to.
Juan Caballero: So the VC spec itself is changing so if this if
did JWT and digital TV see wanted to support or migrate to or
have a future version that supports V2 J WT V CS.
Juan Caballero: Would be a big undertaking and that might be a
good time to include this multisig stuff it might you know be a
Cooperative thing if you wanted to incorporate.
<christophera> BTW, if SD-JWT comes along, this will also have a
huge effect on this, as signers may need raw details that are not
available as they selectively disclosed in the VC they sign.
<orie> probably you want to an IETF RFC for this kind of "JWT
extension".
Juan Caballero: Sorry yeah ooh ooh sorry I meant for those
libraries I mean I'm saying that if you wanted some you know like
a dialogue and cooperation with a company with sorry with any
organization or group of people bumping those specs to the newer
to have interoperability with V2 conformant JWT systems it would
be a good opportunity to.
Juan Caballero: In this whole teasing stuff.
Brent Shambaugh: https://github.com/mirceanis from Veramo is the
primary maintainer of did-jwt
Juan Caballero: Or you know.
<orie> seems like an IETF thing to extend JWTs, similar to how
SD-JWT is at IETF.
<orie> and DPOP is at IETF.
<christophera> (We've been thinking various issues of
signing/not-signing elided data in Gordian Envelopes)
Juan Caballero: There's there's sort of like I've raised to get
kind of circumspectly but what I'm saying is I don't know who is
actively working on those libraries so I don't think anyone will
say no if you put in a non-breaking change that lets additional
signature types work but if what you're looking for is more
cooperation or checking each other's work then it might you might
have to wait till someone bumps that lat.
Juan Caballero: Prairie to V2.
Juan Caballero: Or just message me or shh or just message me or
said directly.
Christopher Allen: It is is diff going to be doing FD job
because that also has huge implications with all of this.
<orie> I don't think DIF is going to do an item for that, its
currently a work item of the OAuth WG at IETF.
Christopher Allen: The Selective disclosure jot version because
basically you have now this problem where you know for various
information is being selectively disclosed dust you know the
signers may need access to information that is not available in
the actual final verifiable credential which makes the multisig
complicated I mean we ran into this with gordian envelopes.
<orie> (re SD-JWT)
Christopher Allen: Give very clear warnings that you know you
know information has been delighted that you're signing and so
maybe you don't want to sign it but there are cases where you
need to sign stuff that is you know that is alighted for specific
use cases so again it's you know it if I if there's one thing you
guys learned from all of this is that there is a whole different
preflighting before signing you know.
Christopher Allen: Policy process thing that we need to be able
to.
Christopher Allen: And some of these Technologies cause you know
we need to articulate the requirements for the policies which is
very separate from okay you know here is this final conditional
signature that reflects after all the policies have been
implemented that you know that you should continue did you can
you can rely on this.
Juan Caballero: So to answer your question on whether that's a
work item at diff I haven't heard anyone at differing on it I
know that the sum.
Juan Caballero: SD jail.
Juan Caballero: T work and the what's called dang it not jwp
work the Json web proofs work which was originally incubated at
diff has I think they'd both been in been accepted to work in
groups or he said in the chat that the oauth working group at ICF
is working on SD J WT so I think that might be.
Juan Caballero: Sort of.
<orie> JOSE WG at IETF was recently re-chartered, and they have
asked for I-Ds to be submitted for IETF 116.
<orie> seems like exactly the kind of thing that belongs in JOSE
WG at IETF.
Juan Caballero: But I can't c-diff would necessarily I can't
imagine if organizations wanting to incorporate that in general
purpose sort of public option Library if they're moving Target
and you know I think diff diff folks would probably wait until
ATF has a version of it to implement a library and even then it
would probably get implemented by one company and donated rather
than.
Juan Caballero: Co-developed in death.
Christopher Allen: I mean as I understand it St John is based on
mobile driver's licenses selective disclosure so it's an
important competitive feature.
Juan Caballero: Yeah it might happen but I haven't heard of
anyone doing it at that for donating it sad if it may well be
just companies that go to market with that but I don't know.
Harrison_Tang: Jack does that answer your question.
Harrison_Tang: I think we might have lost Jack Jack.
Harrison_Tang: Yes it does that answer your question earlier.
<bumblefudge> mircea
Brent Shambaugh: https://github.com/mirceanis
<bshambaugh> open an issue
<bshambaugh> ?
<bshambaugh> on did-jwt
Harrison_Tang: Yep so I think you have.
<christophera> Ciao!
Harrison_Tang: If you need any help for to connect people from
different communities just let me know.
Harrison_Tang: Thank you thanks a lot.
Harrison_Tang: Thanks have a good one.

Received on Tuesday, 7 February 2023 19:20:32 UTC