[MINUTES] W3C CCG CCG Verifiable Credentials for Education Task Force Call - 2023-06-05

Thanks to Our Robot Overlords for scribing this week!

The transcript for the call is now available here:

https://w3c-ccg.github.io/meetings/2023-06-05-vc-education/

Full text of the discussion follows for W3C archival purposes.
Audio of the meeting is available at the following location:

https://w3c-ccg.github.io/meetings/2023-06-05-vc-education/audio.ogg

----------------------------------------------------------------
VC for Education Task Force Transcript for 2023-06-05

Agenda:
  https://lists.w3.org/Archives/Public/public-vc-edu/2023Jun/0001.html
Topics:
  1. IP Note
  2. Call Notes
  3. Introductions & Reintroductions
  4. Announcements & Reminders
  5. CLR & Plugfest 3
Organizer:
  Kerri Lemoie
Scribe:
  Our Robot Overlords
Present:
  Eric Shepherd, Kerri Lemoie, Andy Griebel, Nis Jespersen , Stuart 
  Freeman, Hiroyuki Sano, Japan, Simone Ravaoli, Chris Webber, 
  Sharon Leu, David Ward, Greg Bernstein, TimG, Phil Long, 
  Geun-Hyung Kim, Kimberly Linson, Maarten Boender, John Kuo, James 
  Chartrand, Lucy Yang, Dmitri Zagidulin, Tracy Korsmo, Jeff O - 
  HumanOS, Kayode Ezike, Chandi Cumaranatunge, Manu Sporny, Colin 
  Reynolds, Ed Design Lab, TallTed // Ted Thibodeau (he/him) 
  (OpenLinkSw.com), Joey, Jim Goodell

<kerri_lemoie> Hello all - we'll get started in a few minutes.
Our Robot Overlords are scribing.
<kim_duffy> Hoping for Carrie Illinois today
Kerri Lemoie:  Okay everybody hello happy Monday this is June 5th 
  the verifiable credentials for Education task force my name is 
  Kerri Lemoie will be remained to see what the transcriber will 
  call me today but we will find out I'm going to go through some 
  boilerplate opening so that we always cover in this call and then 
  we'll take it from there I'm today's agenda is really.
Kerri Lemoie:   For the wallets participating in the clutch.
Kerri Lemoie:  The Wider Community to learn more about the 
  comprehensive learning record V2 which is one of the edtech 
  specifications.

Topic: IP Note

Kerri Lemoie:  Okay first IP note anybody can participate in 
  these calls these are open Community calls and everyone is 
  welcome to join them and discussing them if you are planning to 
  work on any of the standards at the CCD is part of this group 
  then you will want to join the community and sign the IPR 
  agreement and I believe this also applies to plug press 
  participants second call notes.
Kerri Lemoie:   These calls are recorded.

Topic: Call Notes

Kerri Lemoie:  So I'm video now that we can make available to you 
  if you need it so everything is archived everything is 
  transcribed by our robot transcriber and also recorded So that 
  others can follow along with what we're doing they can't make it 
  on this call or so that you can look it up in the future and in 
  reference this if you need to.
Kerri Lemoie:  Next introduction so actually before I move on to 
  number 3 one thing to note is that we follow a queue system on 
  these calls so if you would like to ask a question or have 
  something to say just type Q Plus like so in the chat to add 
  yourself to the queue and to remove yourself from the queue keep 
  - and during the calls we keep an eye on the Queue and try to 
  call folks either in an order or according to you know the topic 
  that were discussing.
Kerri Lemoie:   Next is introductions and reintroductions is 
  there.

Topic: Introductions & Reintroductions

Kerri Lemoie:  Today who's new to the call or you know has been 
  on the cob would like to introduce themselves.
Kerri Lemoie:  You are always welcome to do this throughout the 
  call to yourself up and introduce yourself if you haven't before.

Topic: Announcements & Reminders

Kerri Lemoie:  Is announcements and reminders does anybody have 
  any announcements or reminders about the work they are doing or 
  anything else going on conferences meetings other types of 
  special topics that you'd like to bring up now.

Topic: CLR & Plugfest 3

Kerri Lemoie:  Then why don't we move on to our main agenda chat 
  for us so today we are going to talk about the comprehensive 
  learner record as part of cluckfest we've been sort of exploring 
  whether we should include other credential standards unlike 
  previous plug fast / we only did open badges three there are more 
  standards that are trying to align with VCS and there are other 
  standards like the CLR that have been in existence.
Kerri Lemoie:   So today we want to.
Kerri Lemoie:  Topic Ford and I talked about it with with folks 
  on this call and in The Wider community of those who are 
  participating in the plugfest to you know to learn more about it 
  and to see what the interest is and I take it from there I'm 
  going to put Tracy is here Tracy Tracy course Moe is joining us 
  because he has occurred two ladies working on North Dakota and 
  Tracy and let me know if I'm getting your title.
Kerri Lemoie:   Wrong but I think you're the leader of the state 
  longitudinal.
Kerri Lemoie:  Service in North Dakota right and you've been 
  working in the space for quite a long time.
Tracy_Korsmo: Yeah hello everybody Tracy course well here I am 
  the program manager the Statewide longitudinal data system here 
  in the state which comprises education and Workforce data 
  warehouses and through that project we've expanded into digital 
  credentialing through the collab usage partnering with Randa as 
  well as PCG and.
Tracy_Korsmo:  we've published the North Dakota.
Tracy_Korsmo: Transcript which is a centralized service here in 
  the state as a digital credential to a wallet and that is a 
  comprehensive learner record as well from that then we've 
  expanded into post-secondary as well as more K-12 with the 
  welding certificates post-secondary really concentrating on 
  cybersecurity stackable credentials through certificates to 
  Associates to Bachelors to a master's degree in cyber security.
Tracy_Korsmo: And more recently we're working with the licensing 
  organization our health and human services here in the state 
  issues EMT the EMR EMT Advanced EMT and the paramedic credentials 
  here in the state and that's what we're currently working with 
  right now which is really interesting because I think that North 
  Dakota is firmly grounded in just accepting the national 
  standards testing on that sorry I'm forgetting.
Tracy_Korsmo:  in the organization.
Tracy_Korsmo: But it's just a national test that is accepted in 
  North Dakota along with about 20 other states so it has 
  Interstate use so that's where we're headed with the EMT is 
  issuing that as a digital credential today that's kind of an 
  introduction Cary how would you like me to expand on.
Kerri Lemoie:  Yeah thank you for that introduction I was great 
  Tracy I think you set the stage here to maybe next week and talk 
  about how you're approaching publishing this standard and the 
  various parts and if you have anything to show us that might be 
  helpful for those who have never really seen the sealer.
Tracy_Korsmo: Sure so let me pull up my test wallet here.
Kerri Lemoie:  You should be able to show your screen.
Tracy_Korsmo: Okay so screen sharing.
Kerri Lemoie:  Yes I can see it thank you.
Tracy_Korsmo: Okay are you guys seeing my screen yet okay so here 
  is the open credential publisher wallet that I'm logging into 
  right now.
Tracy_Korsmo: And so basically all the.
Tracy_Korsmo: She'll ours that have been published to me this is 
  obviously a test account as well as open badges are sitting in 
  here if I look at a North Dakota High School transcript visually 
  this is a summary of the transcript and essentially the course 
  grades but if I get into the details of the transcript you'll see 
  that it is verifiable credential debut three see the proof and 
  the CLR Kyle be verified the learner as well.
Tracy_Korsmo:  as the publisher and each one we do.
Tracy_Korsmo: Embedded evidence to help with the cold start of 
  sharing clrs we can do a pdf version of that.
Tracy_Korsmo: And then we just get into the details of a North 
  Dakota High School transcript and bringing it down to the level 
  of an individual course the issuer being Great Plains High School 
  with its public key the results as well as alignments and this is 
  referencing the case North Dakota case Network.
Tracy_Korsmo: We have the state course code defined as well as an 
  alignment to the national state course codes the sked codes so 
  that is the metadata reference to the course definition and the 
  competencies and skills related to that going back to the wall at 
  if I look at a non transcript type here this is career-ready 
  practices work based learning it's kind of like 21st century 
  skills if you will.
Tracy_Korsmo:  so this is just a.
Tracy_Korsmo: Issue to the student and this has course transfer 
  abilities to community colleges and in this credential here 
  you're going to see a reference to not only the competencies 
  represented here in North Dakota for that credential but you will 
  also see a reference to the credential engine.
Tracy_Korsmo: So here's karate practices as in the credential 
  registry here in North Dakota and that's kind of where we're 
  leaning with most of our recognized credentials in the state is 
  they'll be at least in the credential registry and in some cases 
  there will be articulation of the skills and competencies in the 
  case Network as well.
Tracy_Korsmo: So what I look at what we're currently working on 
  in mind you these are not published clrs these are uploaded clrs 
  but if I look at like an EMT.
Tracy_Korsmo: EMT at this time is not defined as competencies or 
  skills as that should be a national publication of those but we 
  do have the credential engine definition here in North Dakota 
  sorry about this anyway that is a credential engine and the 
  definition in the credential engine I'll stop there and answer 
  any questions.
Kerri Lemoie:  Make sure to yes we have money you in the queue 
  right now somebody why don't you go ahead with your first 
  question.
Manu Sporny:  Sure thanks Kerry Tracy this is this is really cool 
  really loving the demo so far I noticed that you've been saying 
  that some of this is CL are I saw an open badges thing in there 
  as well I take it like this wallet contains both types of Records 
  in there is that is that right or II I'm getting confused 
  between.
Manu Sporny:   In like what's the badge and.
<kerri_lemoie> Example structure of a CLR v2 in the spec: 
  https://www.imsglobal.org/spec/clr/v2p0#basic-clrcredential
Manu Sporny:  What CLR and is there any overlap between the two 
  you know what.
<manu_sporny> Thanks Kerri ^ above is helpful, looking now.
Tracy_Korsmo: Okay so what we've done in this project is we do 
  allow the individuals to connect to OB 2.1 connections and pull 
  in any badges they have through a badging vendor and bring that 
  into your wallet so the open badge hold on a second so now you'll 
  see that.
Tracy_Korsmo:  I can pull in any.
Tracy_Korsmo: Churches that have been published to Badger right 
  now and put them into my wallet.
Tracy_Korsmo: So what you're seeing here is the badges that I 
  have pulled into my wallet and so.
<kerri_lemoie> 2.1 (2.0) badges are not aligned with W3C 
  Verifiable Credentials
Tracy_Korsmo: I can verify this badge with a badger as well but 
  more importantly I can embed this in a CLR and once it's embedded 
  in a CLR it's really not verifiable anymore because it's just 
  self-assertion if you will and that's one of the reasons for OB 
  3.0 to be able to verify publish and verifiable credential is now 
  I can publish that as essentially a single assertion CLR.
Tracy_Korsmo:  so now it's verifiable.
Manu Sporny:  Yes thank you.
Tracy_Korsmo: In the credential itself that makes sense and then 
  I could curate a collection here just by simply choosing which 
  clrs I want to combine if you will in a presentation and creating 
  a collection and then I could literally share that collection out 
  so if an employer or somebody wants to receive three credentials 
  that I have I don't have.
Tracy_Korsmo:  have to send them three requests.
Tracy_Korsmo: To receive them or share them three different times 
  I could curate a collection of them more like a job resume if you 
  will and just share the.
Kerri Lemoie:  Can't you see we have a couple more people in the 
  queue would you like to present more would you like to answer 
  questions first.
Kerri Lemoie:  And Kimberly you are next.
Kimberly Linson:  I was actually just going to share a couple of 
  things that I think helped in this open badge versus CL are 
  formatting like like how do you choose when do you choose why do 
  you choose and so Tracy I don't do I need to do you need to stop 
  sharing for me to share or can I start hearing if I just.
Kerri Lemoie:  I think case you would have to stop yeah then you 
  can start over there you did.
Tracy_Korsmo: I think I stopped.
Kimberly Linson:  Okay so I I have been doing a bit of analysis 
  around am I showing my are you seeing a welding American Welding 
  Society license oh good okay it's very tiny on my screen so this 
  I'm going to show you two different credentials and I think this 
  is where the conversation has to start around.
Kimberly Linson:  Kind of credential format are you using this 
  American Welding Society license and and we do a lot of our work 
  is in professional licensure so that's what I'm going to I like 
  to talk about but this one you can see this is American Welding 
  Society is issuing organization there is basically one assertion 
  this person is a welding inspector they have there's a license 
  number associated with it.
Kimberly Linson:   Some signatures and what not but this.
Kimberly Linson:  Could probably be accommodated by What Would by 
  the open batch right it really is asserting one thing the problem 
  becomes when how do I undo share.
Kimberly Linson:  Okay there and then I can.
Kimberly Linson:  Is the Colorado teachers license and we 
  actually as a part of the work we're doing on the NG a project 
  wanted to make this an open badge we thought that was going to be 
  just the easiest and smoothest way to transport this data from 
  our system into the my Colorado app and into teacher wallet but 
  unfortunately what we ran into was that because of the way that 
  there are so many endorsements and then even these children 
  underneath the.
Kimberly Linson:   Endorsements that you probably can see.
Kimberly Linson:  Nations that you can have different 
  designations and so because there's so much parent and child 
  reaction inside of this license this is why like the CLR is good 
  and when Tracy shows the transcript or when we look at at EMTs 
  and we think about all the things that go underneath their 
  license that's why the comprehensive learner record really made 
  sense for this particular license but I think.
Kimberly Linson:   I think that's one of the.
Kimberly Linson:  That I want to say is that the decision about 
  what try not to unsure about which format which standard format 
  to use is about which one is going to reduce the most friction 
  right is it is are you only trying to say one thing then open 
  badges probably the right choice if you're trying to say lots of 
  things then CLR is probably the right choice.
Kerri Lemoie:  Thanks Kimberly and I'm going to call it an 
  unfilled because he's next in the queue but I was wondering the 
  Tracy or or Kimberly if you have the structure for what it looked 
  like one of these clrs would look like the actual like metadata 
  so that those who have wallets could look at see what that looks 
  like like a real example because I think the one in the bathroom 
  the CLR spec isn't quite as like quite like yours because what 
  are you if you.
Kerri Lemoie:   Have any of that you could.
Tracy_Korsmo: I should have some Json.
Kerri Lemoie:  Perfect let me let me call on on fill and then 
  maybe we could take a look at that that would be really helpful 
  still anyway yes.
Phil Long:  Yes hi can you hear me okay great Tracy nights great 
  great presentation so far and in Kimberly already address I had 
  two parts to my question the first way is to go into a little bit 
  more about alignments because I think that's unique to the CLR in 
  the badge space and and Kimberly Hint it to it and by saying that 
  alignments actually pertain to the relationship among either 
  assertions.
Phil Long:  Endorsements if you will to a particular transcript 
  which is effect effectively the documentation of the diploma or 
  degree but I think Kimberly talked about that and the only thing 
  I would add to it is that it's it's more it can be more than 
  parent-child it can be a circumstance where the illiterate where 
  the alignment indicates that there is a set of six courses at 
  particular.
Phil Long:   Relationship to the one on.
<kerri_lemoie> @tracy - do you have the JSON-LD for the EMT 
  credential?
Phil Long:  And you have to take one of these six in order to be 
  able to complete the overall degree requirement and things like 
  that it's the stuff registrar's a lot of because it distinguishes 
  the thinking that went behind the set of experiences that a 
  student took in the pursuit of their of their diploma the second 
  question I was going to ask was really about.
Phil Long:  Different differentiation in the CLR between the 
  publisher and the issuer and you might want to spend a few 
  minutes just making sure people are clear on that because I think 
  that's also unique to the CLR structure thanks.
Tracy_Korsmo: I think you have quite a few questions in their 
  fellow but you know when it comes to the publisher versus the 
  issuer in North Dakota we set up the state a state node if you 
  will of a publisher so we at the state ourselves authorized any 
  entity that we want to issue underneath the brand of North Dakota 
  it does not mean that the state is issuing a high school.
Tracy_Korsmo:  script the issue.
Tracy_Korsmo: Is still the high school but the state is doing the 
  publishing of the CLR on behalf of the high school is that where 
  you wanted to articulate that Phil.
Phil Long:  Yes I think that the notion there that you correctly 
  point out is that there's a publisher and there's an issuer and 
  this particular case I think the issuer is the local organization 
  if you will or the most local in the context of the hierarchy of 
  institutional relationships and and the state is the publisher is 
  that correct yeah so that's why I think that that distinction is 
  unique to the CLR.
Phil Long:   Of to an issue were always in a.
Phil Long:  Me or or other kinds of badge it is it is there's one 
  entity that is the issuer either the person's self issues or a 
  third-party issues something to a person but but in the case of C 
  large distinct.
Tracy_Korsmo: So this you know I think maybe our CLR terminology 
  right now might be a little bit misleading because we are calling 
  it The Publisher is the Great Plains High School but it was 
  published through an open ends are open credential publisher 
  installed by the state of North Dakota authorizing Great Plains 
  High School to publish and that's a good point is.
Tracy_Korsmo:  each one of these credentials is.
Tracy_Korsmo: An issuer but up here we are still calling the 
  publisher Great Plains High School this could be the state of 
  North Dakota.
Phil Long:  Yeah that would be helpful to probably normalize in 
  some fashion that's great and the other thing I guess is the 
  difference between CLR one and CLR to in part is that the course 
  that you're considering as an entity in C LR V to at least is the 
  same data structure in bit for bit as an OB V 3 it's it is a 
  badge.
Phil Long:   Edge in the data structure it's simply called in.
Phil Long:  And as and as a consequence can be individually 
  signed if the organization wishes to do so.
Tracy_Korsmo: Yeah each one of these I could there could actually 
  be an image associated with each one of these assertions and we 
  could even call it a type badge so an OB 30 is simply a single 
  assertion same structure as in the CLR.
Phil Long:  And it's helpful to the to the group thank you Kerry.
Kerri Lemoie:  Sure thank you I'm going to pull myself out of the 
  queue for now and let Greco and Greg he grabbed the floor there.
Kerri Lemoie:  I'll come back.
Greg Bernstein:  Hi I've been working on this is great Bernstein 
  I've been working on the test vectors and things like that for a 
  bunch of the security Suites and most recently been doing a lot 
  of work with BBs and selective disclosure I went and looked at 
  the CLR before this talk and I was looking through the document 
  because I wanted a complicated transcript to apply selective 
  disclosure.
Greg Bernstein:   There were no.
Greg Bernstein:  Document and I see you've got these great 
  examples do you also have desires as far as functionality related 
  to selective disclosure as we're looking at BBS and a bunch of 
  other ways to do selective disclosures what kind of functionality 
  you want is that documented would you like to discuss it that's 
  kind of Prime on our plates for some of us right now and having.
Greg Bernstein:   Some good examples I saw you had like 58 
  assertions of full.
Greg Bernstein:  Script that would be great to work with for 
  comparing different methods of selective disclosure.
<phil_t3> @Greg Berstein - which CLR were you looking at? (CLRv1 
  or CLRv2?)
Tracy_Korsmo: If I would be willing to publish a high school 
  transcript to North Dakota wallet if you want Greg if you're 
  looking for.
Greg Bernstein:  Okay send me a link and such sand I can I it 
  love the Json and also if there's people that would give feedback 
  about besides mandatory disclosure of a subset or maybe other 
  complicated things that you don't.
Greg Bernstein:  Things taken out of context when you're doing 
  selective disclosure these are some of these rough Notions trying 
  to figure out what we want to do with Selective disclosure and 
  the features we want with it when we take the raw crypto and 
  apply it to the credentials so not don't need an answer now but 
  it's people want to talk about these kind of desires as we map 
  between crypto and the credentials and how we do this that would 
  be great.
<kim_duffy> Is that a selective disclosure signature suite per se 
  or just separately issued/signed claims (in the CLR)?
Tracy_Korsmo: Yeah I think as we're you know I'm actually seeing 
  students sharing their High School transcript with colleges today 
  we've had a couple of them the problem with North Dakota's use 
  case is we have a centralized State e transcript system already 
  and we can send out a state albeit PDFs but so it is.
Tracy_Korsmo:  really handles North Dakota of needs quiet.
Tracy_Korsmo: All where the value comes for the high school 
  students is when they're graduated in need to show evidence in 
  the high school transcript they can you know provide that 
  transcript to a future employer education institution so we've 
  had a couple of do that on their own so that's work but I think 
  the use cases of how this is going to work the EMT first 
  responder is a really good example of how this would work in 
  this.
Tracy_Korsmo: First responder trying to get access into an 
  emergency response scenario well first responder is any of those 
  four categories in the v of an EMT through a paramedic but if I'm 
  a paramedic I can pretty much ignore the fact that I'm an EMT or 
  Advanced EMT because that Trump's them all so now I have okay 
  well how do I get this down to a single top credential but then 
  it also is a policeman fireman.
Tracy_Korsmo:  emergency medical personnel.
Tracy_Korsmo: So how does that work in emergency response there's 
  a QR code that is requesting 56 different credentials and then I 
  selectively disclosed all five of those so the use cases are just 
  starting to kind of play out now if that makes sense.
Greg Bernstein:  Cool cool yeah I didn't think about that one 
  that's real good.
Tracy_Korsmo: Yeah and Kimberly you're working I think you're 
  working with digital bizarre on just conceptually how First 
  Responders work.
Kimberly Linson:  Yes we're just starting at work and I think man 
  who was actually on here too and I'm sure we'll talk more about 
  that I also am thinking about the work we're doing with education 
  Design Lab and you know they have a very interesting you know 
  assessment you got for assessments and then there's an 
  overarching credential that sort of goes on top of those and 
  being able to disclose you know part of that all of that none of 
  the underlying but but the top.
Kimberly Linson:   Kit level comes to mind.
Kimberly Linson:  So I definitely would love to talk more about 
  about it.
Kerri Lemoie:  Great thanks everybody my money you are in the 
  queue but if you don't mind I'm going to switch my hats for a 
  second and then I will call on you I'll put my question yeah I'm 
  going to put on my my DCC and Standards Developer hat instead of 
  my bcig hard just just for a moment I'm going to sit back up a 
  little bit maybe I'm wearing both hats but you know I'm trying so 
  as the deed as a wallet developer what we've been what we've been 
  doing during.
Kerri Lemoie:   During plugfest right what it was about because 
  her podcast is.
Kerri Lemoie:  Individual downloads of wallet and then they 
  connect with the issuer to retrieve their credential there's some 
  did off that happens where the issuer checks to make sure that 
  that identity is signed and then it is published just reassign us 
  publish it is returned back to the wallet where the individual 
  can choose to accept it or not and this has been the flow that 
  were using during cluckfest and in that so what I'm wondering as 
  a wallet provider how would that EMT.
Kerri Lemoie:   How would all of those credentials and the over.
Kerri Lemoie:  Inner work in that way they would they all be 
  individually signed and issued to that single ID with the same 
  issue and state could you walk us through how that power while it 
  should handle a COR like that.
Kerri Lemoie:  I guess it's your Kimberly because Kimberly is 
  here too so either of you really thanks.
Tracy_Korsmo: Is that a question to me well I'm assuming that 
  there's going to be request for five different clrs and so 
  categorizing or typecasting that CLR it's pretty important that 
  that that phase to the way I'm thinking about right now is it's 
  going to have to be a request for law enforcement it's going to 
  have to be a request.
Tracy_Korsmo:  for you know.
Tracy_Korsmo: Firefighting credentials or request for EMT 
  credentials so to me that's a single qr-code asking for multiple 
  types of clrs but that's I'm in my infancy of understanding this 
  at this.
Kerri Lemoie:  Okay Kimberly do you want to take that on.
Kimberly Linson:  Well I'm going to I'm going to say I feel like 
  chappie is the chappie everyone knows here at chop he's my answer 
  for all problems but man who can you tell me whether chappie 
  would be the right call here.
Manu Sporny:  Maybe so I think this is a the answer I think all 
  right now Kimberly is maybe I can see how it how it might work 
  but let me back up a bit to something crazy said before we are 
  you know working with Randa to try in figure out how exactly how 
  these types of presentations could happen in the real world our 
  background is in in.
Manu Sporny:   Employing this stuff.
Manu Sporny:  He'll sector so think about you know somebody 
  checking out at a retail counter we have deployed verifiable 
  credentials into that ecosystem through the true Edge program 
  150,000 stores across the u.s. yada yada yada and one of the 
  things that Tracy said is something that we do in that scenario 
  meaning that an individual walks up in initiates an interaction 
  at the register so this is an individual initiating a transaction 
  at.
Manu Sporny:   The register using a qr-code.
Manu Sporny:  Then the point of sale you know connects digital 
  wallet in the cloud and basically asked for multiple credentials 
  and I think that's where the kind of the core of what Tracy was 
  talking about and what Kimberly was talking about Kerry was 
  talking about you know exactly how that is done is currently 
  being worked through so there are a couple of ways that we could 
  do it one of them is we look at all of these.
Manu Sporny:   Initials as atomic things like if they were.
Manu Sporny:  Completely separate open badges they were kind of 
  self-contained things whoever is requesting these credentials 
  could request each one individually so that's one way it could be 
  done and that could be done through chappie the other way it 
  could potentially be done is by doing specific sub queries into a 
  CLR where maybe there's some data within the CLR that's digitally 
  signed and the dish.
Manu Sporny:   The wild could pluck that data out of the.
Manu Sporny:  In just send it individually adjust for the things 
  that were asked for that's pretty complicated to do meaning like 
  the digital wallet would have to have a pretty deep understanding 
  of like the CLR and how its constructed and what it's used for in 
  those are really the two approaches that come to mind so Kimberly 
  yes chappie could be used for both mechanisms the query protocol 
  would probably be pretty different in both situations.
Manu Sporny:  Um you know my gut feel right now is that you know 
  a simpler more Atomic you know mechanism might be best or a way 
  for you know a wall to pluck those credentials out of the CLR 
  might be best however those wallets are going to have to be 
  pretty knowledgeable about the CLR data format whereas many of 
  the Wallets on the market today you know are not so there's some 
  really interesting I think design questions and ecosystem 
  questions.
Manu Sporny:   Is there.
Manu Sporny:  Things like that like what Tracy said the first 
  responder you know the request for like five credentials and that 
  scenario is going to really inform you know what these protocols 
  look like what you know minimum functionality for a wallet might 
  look like and it may even you know impact the standards that were 
  you know in the middle of creating hopefully that was a helpful 
  answer.
Kerri Lemoie:  Thanks honey that was really helpful Chase your 
  Kimberly do you do you want to reply to that respond to that.
Tracy_Korsmo: No I'm just happy that people are looking at this 
  scenario.
<phil_t3> Does the BBS+ selective disclosure approach also 
  require a the deep knowledge of the CLRv2 structure?
Kerri Lemoie:  But we don't have anyone in the queue right now 
  while it folks if you have your question sir they're heading to 
  yourself up I'm sort of putting myself in the queue right there 
  just just to keep the conversation going but also to follow up on 
  something that money my name is said which is is the complexity 
  of this and there is so much value in the complexity when we 
  first started talking about issuing open badges as verifiable 
  credentials in like two years ago I'm a.
Kerri Lemoie:   Just pretty much we are going for the simple 
  simple approach we're like great we have this one simple.
<manu_sporny> kinda/sorta, Phil -- the selective disclosure stuff 
  gets far more difficult the more complex the VC is.
Kerri Lemoie:  The one single achievement we're going to go ahead 
  and try and get this aligned so we can get that going and it 
  around the same time the conversation started about the complex 
  credentials and which is which is important there's a lot of 
  complexity that happens in the world right and we need that also 
  at this stage just just in my opinion of where we are with 
  plugfest and ecosystem we have a lot of work to do just from the 
  simple side still very just from the one-offs of like somebody 
  graduated yes or no or.
Kerri Lemoie:   Somebody is enrolled.
Kerri Lemoie:  He was employed like just these super like micro 
  credentials not official microcredit has micro versions of 
  credentials are a lot easier for the wallets to ingest right now 
  as the protocols and the software exists Kim you are in the you 
  have the floor sorry go ahead.
<greg_bernstein> There's a mapping process between the credential 
  and the simple "list" of statements that BBS works with.
Geun-Hyung Kim:  Thanks and I was quickly scanning the CLR 
  respect to refresh my memory and it's it's exploded since the 
  last time I saw it so forgive me if these are basic questions you 
  know so in the verifiable credential ecosystem generally we've 
  been using concept of verifiable presentations sort of 
  conceptually similar to CLR I would say with the exception that.
Geun-Hyung Kim:   At the scene.
<phil_t3> It might be easier if a wallet could simply extract the 
  OBv3 representative single assertions, which then the wallet 
  knows what to do with....
<phil_t3> That is extract it from the CLRv2 compound credential
Geun-Hyung Kim:  More fit for purpose you know it has the roll 
  like so a verifiable presentation or you know similar constructs 
  could be used to achieve as a CLR but a CLR has the terminology 
  and the concepts that people in this space would be familiar with 
  like the idea of issuer being separate from you know whatever 
  granting institution the thing that because the.
Geun-Hyung Kim:   Peck is big I wasn't able to get a.
<manu_sporny> yes ^ (but that presumes wallets know how to do 
  that)
Geun-Hyung Kim:  Of was how suitable it is for you know sort of 
  selective disclosure and I briefly ask this question before it 
  wasn't clear if the CLR itself is meant to be this atomically 
  atomically issued thing like I know we've talked about being able 
  we talked about selective disclosure but we haven't been precise 
  about what we're doing there like.
Geun-Hyung Kim:   Is that necessarily like.
<phil_t3> The CLRv2 now supports the signature suites of the VC 
  DM v1.1
Geun-Hyung Kim:  CLR now necessarily support flexible Signature 
  suites are we assuming that the issuer is sort of doing or some 
  something clever behind the scenes to make it selectively 
  disclosable just sort of curious about how that works right now 
  and I know Kimberly mentioned that they've been ran has been 
  working on something with digital bizarre so maybe what they're 
  working on represents the future of the spec so just curious.
Geun-Hyung Kim:   For more details on that.
Kerri Lemoie:  Tracy or Kimberly to you.
<manu_sporny> Digital Bazaar are noobs when it comes to CLR :)
<manu_sporny> RANDA are the experts there
Kimberly Linson:  I don't really have a reply but I have another 
  I have a question for you Kim that maybe you can help me 
  understand around verifiable presentations so so my understanding 
  is that the benefit of a CLR is that it persists over time it's 
  just a credential and you've got it and it exists.
Kimberly Linson:   In a.
Kimberly Linson:  Itself whereas a presentation a verifiable 
  presentation when you package it together it is usable and then 
  it doesn't exist anymore is that.
Geun-Hyung Kim:  In practice that's how a lot of people have been 
  using it I think the main thing is the CLR I mean I guess what 
  I'm getting at is what are the what are the sort of like benefits 
  of the CLR over you know some some likes a TBD other format and 
  it does seem to be the sort of like the fit.
Geun-Hyung Kim:   A purpose nature of.
Geun-Hyung Kim:  Curious about like how the Signature suites are 
  implemented or what's the Assumption about the Signature suites 
  and sort of issues like subject holder binding and all of that 
  how like how it's implemented now and how it might be in the 
  future and Manu is queued up he might have the answer on that it 
  sounds like he's been thinking about it already.
Kerri Lemoie:  My guy having calling you if you'd like even if 
  you don't have the answer to this that's okay.
Manu Sporny:  Yeah I love how much Kim believes that I have an 
  answer I don't unfortunately there's a there's a high-level 
  answer right so so specifically I mean R&R the experts here 
  that's that's with respect to CLR I I can speak to the crypto 
  sweets primarily we are.
Manu Sporny:   Actively working.
Manu Sporny:  Just standard plain old vanilla digital signatures 
  would which would work just fine for you know CLR V2 we are also 
  you know we announced this selective disclosure scheme that's 
  compliant with nist which is important for government in a large 
  Enterprise use cases so that just went out to the mailing list 
  last week talking about you know a selective disclosure mechanism 
  that we could support that selective disclosure.
Manu Sporny:   Mechanism mechanism is probably better suited for 
  open badges.
Manu Sporny:  It's like large documents like like the CLR it 
  could potentially still work there but we are very early days 
  with that and so we're going to have to you know one of the 
  things I'm sure we'll work on with Randall and this is how it 
  applies to see lrv to and if we need to you know rethink some of 
  the design you know around the crypto sweet or CL are there and 
  then finally there are other cryptographic sweets that just have 
  very.
Manu Sporny:   Three they have a hard time with.
Manu Sporny:  Documents of the more complex the document is the 
  more difficult you know it is to kind of do a selective 
  disclosure of that thing so when we're talking about selective 
  disclosure in this space it sounds like we're talking about two 
  potential ways of doing selective disclosure the first one is to 
  kind of a demise the thing into multiple different verifiable 
  credentials which is kind of like the open badges approach and 
  use presentations as Kim mentioned or the other you know 
  selective disclosure is like I really do want to.
Manu Sporny:   Share like some parts of this document.
Manu Sporny:  So you know at CLR that contains all the classes 
  that are taken or something of that nature being able to 
  selectively disclose certain classes would be something that we 
  could look at but of course I think would be really difficult to 
  do with at least the cryptographic you know selective disclosure 
  mechanism so I don't know if that was helpful or not Kim but 
  that's all I have for now I put myself.
Manu Sporny:   On the queue for a different.
Manu Sporny:  And Riku for that.
Geun-Hyung Kim:  Yes so that is helpful in I though it pitches on 
  some of maybe bigger questions and I recall re-queue myself for 
  that.
Kerri Lemoie:  All right thanks Kim and  Manu you have the floor 
  now.
Phil Long:  Yeah and I invite anybody who has been part of the 
  CLR work group to step in here as well but my understanding of 
  the cor men mostly focusing now on CL R V2 is it is a document 
  within a document it is an embedded structure which adds to this 
  complexity and one can sign the outer credential in which the 
  embedded credentials of individual course.
Phil Long:   Is reside.
<kim_duffy> That's helpful Phil, thanks
Phil Long:  Consigned the outer credential and the inner 
  credential excuse me the inner credentials that is the individual 
  0p V 3s that represent the courses or other badges that might be 
  associated with this compound document and and they're in my sort 
  of the challenge for the wallet because the I do agree with 
  manner that the simpler approach my wallet perspective is you 
  just be able to parse out if it's a CL R V2.
Phil Long:   The relevant.
Phil Long:  Visual obv three is that represent courses which an 
  individual may wish to have grouped together and send and not the 
  rest of their transcript because presumably the Target or 
  audience for this for this transcript or for this set of 
  information is basically interested in specific aspects of the 
  person's background and training and not necessarily the fact 
  that they took theater and basket weaving and and had an 
  internship.
Phil Long:   On with some nonprofit as.
Phil Long:  Anshel so the challenge is that it is the case that 
  when you parse out the individual obv threes they and they are 
  individually signed they are still coherent individually provable 
  obv threes but the oh if you do that then I'm not clear that 
  there is any risk that the CLR V2 itself as the outer envelope 
  has may have been violated and there.
Phil Long:   R4 they over.
<kim_duffy> right
Phil Long:  True that that was intended by the way these things 
  are put together with their associations that describe the 
  reasons this particular credential is been designed the way it is 
  might be might be lost thanks.
Tracy_Korsmo: Yeah and and so listen Tracy here I think my use 
  case on that one is I have published in official High School 
  transcript the minute a student starts sharing off individual 
  certian 's I cannot refer to that as an official High School 
  transcript anymore so those are some of the use cases that were 
  looking at and I just looked at an apprenticeship and it requires 
  a high.
Tracy_Korsmo: And passing grade in Algebra 1 in high school 
  perfect use case student sending out diploma not the transcript 
  in a single course.
<manu_sporny> Interesting, Tracy -- right, so you really don't 
  want to be able to selectively disclose this stuff (on many 
  occasions).
Phil Long:  Right and in that particular case if I can jump in 
  the if one if the wallet could parse out that individual course 
  and send it as a single assertion credential BB3 they could still 
  send the outer envelope of the transcript which is the diploma 
  itself correct.
Tracy_Korsmo: Well if I'm thinking of a diploma as something that 
  we haven't published yet I'm thinking of a plumber is just a 
  certificate of high school completion and nothing about grades at 
  all.
Phil Long:  It's oh no bv3 essentially.
Tracy_Korsmo: Exactly it should be embedded in the CLR I'm sorry 
  it should be embedded in high school transcript as an OB 3.
<manu_sporny> "All these things belong together and constitute a 
  transcript... you can't break them apart AND call it a 
  transcript."
Phil Long:  Right right so then you take out to credentials from 
  the OBD2 from the CLR V2 and have those as the things that you 
  send thank.
Kerri Lemoie:  Pizza I'm running a little bit low on time so I'll 
  try to be quick with my question I'm in in the EMT CLR so you'd 
  have liked the overall EMT and then the other credentials 
  associated with it for the other roles or skills right that 
  comprised of that EMT certification would each of those 
  credentials be signed by the same issuer.
Kerri Lemoie:   And would they.
Kerri Lemoie:  With one expires do they did not invalidate the 
  whole CLR to like Howard verifiers handle that how would they 
  verify the signatures and also the validation of them of each one 
  individually.
Tracy_Korsmo: Well in North Dakota it is a single state agency 
  that issues the certificate or license in that Arena they're the 
  single Authority in the state so they they would be the issuer of 
  all four of the credentials.
Tracy_Korsmo: But once again one-to-many could be revoked by the 
  licensing body as well.
Kerri Lemoie:  And if that was the case with the wholesaler would 
  get reissued of say one of them was revoked did reassured me one.
Kerri Lemoie:  I'm going to I'm going to move us forward here Kim 
  Kim back pain.
Geun-Hyung Kim: https://www.imsglobal.org/spec/clr/v1p0/impl/
Geun-Hyung Kim:  I think one thing that stands out so I'm going 
  to point to the what seems to be the use cases like as an issuer 
  I want to do this as a publisher I want to do that like I noticed 
  that there's no individual subject learner use cases in there and 
  then also the parts so that the discussion we've had just now it 
  seems like CLR might be useful for more narrow set of use cases 
  where it's.
Geun-Hyung Kim:   Like you.
<phil_t3> @Manu - the registrars of HE institutions see the 
  complex set as the thing the institution is asserting.  The 
  individual courses as OBv3s can be parsed, sent and verified, but 
  it depends on who at the institution is signing the individual 
  OBv3s (the Department Chair of the discipline or Dean iof the 
  School, etc.)
<manu_sporny> ^ makes sense, thanks Phil
<phil_t3> @Manu the 'complex set'  is the transcript
Geun-Hyung Kim:  This whole package or like very limited set of 
  packages you know so like the diploma or whatever makes sense 
  verifiable presentations allow the holder to more flexibly 
  combined VC so I think like outside of this sort of more you know 
  specific set of you know very how do you say like aligned kind of 
  you know we don't want the whole.
Geun-Hyung Kim:   Order to be able to share.
Geun-Hyung Kim:  Anything other than this and its complete form 
  it seems like it's more advantageous for the learner to have like 
  feces and be able to aggregate them into presentations as they 
  see fit now I get the idea with registrar's for example like 
  they're not going to let certain combinations of those fly in 
  fact each issue or will have that kind of decision but it seems 
  like it is interesting that a lot of CLR seems really bound to 
  this publisher use case which I.
Geun-Hyung Kim:   Would argue is kind of.
Geun-Hyung Kim:  This model then a you know sort of like 
  individual being able to assert their you know their 
  representation so I do wonder what specific use cases like for 
  the jmf plugfest we would want to use this for and making sure 
  that we sort of you know get it for the right combination of use 
  cases.
Geun-Hyung Kim:   But we can come back.
<phil_t3> The community of registrars is getting more comfortable 
  with the ides of the Transcript sigened (outer credential) AND 
  individual courses signed (as OBv3s) to give the students agency 
  in representing themselves to 3rd parties
Kerri Lemoie:  Okay my name is.
Manu Sporny:  Yeah real quick and I don't think we need it we're 
  just short on time what have we won't be able to cover this today 
  question 2 consists of you know as a wallet implementer so our 
  organization builds a wallet we demonstrated interop with you 
  know Randa in a variety of other companies during the jmf 
  plugfest to I'm I'm like I'm trying to wonder what our wallet 
  needs to do to support CLR can we just treated.
Manu Sporny:   Does a big verifiable credential blob and then.
<phil_t3> AACRAO has been advocating this approach (out 
  credential and inner credentials as OBv3s both signed)
Manu Sporny:  Because for that blob and we'll hand it over from 
  our wallet or will we be required to probe into that CL R 2 and R 
  stand the inner workings of it and maybe provide things from 
  within the credential so that's one of the main questions that's 
  kind of hanging on my mind as we as we talk through this but this 
  is really it was a great presentation thank you so much Tracy and 
  you know rainbow for putting it together really exciting stuff.
Kerri Lemoie:  Yeah thanks Ryan think Tracy new we're almost here 
  but Sharon is here the Q we're going to let her closes here 
  sharing you our last question.
Sharon Leu:  Oh I I feel like Kim mostly got my question but I'm 
  just not entirely clear what is the utility of in the use case of 
  the EMT like having a seal our versus just open badge version 3s 
  and I know that there has been some discussion about which sort 
  of interpretation of the VC is right for what circumstance and I 
  think I'm just trying to put in my mind like the different things 
  that I heard today and just trying.
Sharon Leu:   To figure out like what makes them a sense but I 
  think that maybe.
Sharon Leu:  Act and so I think what I'm going to do is I'm going 
  to email this as a question to the list sir I think that like to 
  your point Manu like it's overly complex to suggest that for any 
  plugfest that are coming up that we would say not only do you 
  accept the CLR VC blob but that you'd be able to interrogate it 
  because I think that it hasn't been demonstrated all yet and 
  there's not really a reference for how that's done so I think 
  that that will probably be like a hold for much much later for.
Sharon Leu:   This is like using.
<phil_t3> Sounds like CHAPIv2 (LOL)
<manu_sporny> haha :)
Sharon Leu:  More simpler credentials but again I don't not 100% 
  sure I'm clear on the entirety of this issue so I'll pose it to 
  the listserv and I think we can continue having that discussion 
  there.
<kayode_ezike> It strikes me that a critical decision is which 
  party to place greater responsibility on for interop
Phil Long: +1 Kayode
Kerri Lemoie:  Yeah that sounds great Sharon Tracy and and 
  Kimberly thank you so much for coming here today because I we all 
  have a lot of questions about the CLR and I think we're going to 
  continue learning about it and trying to figure out how to how to 
  work with it there's a whole lot of iterations of questions in 
  ways that it could be used so thank you for the work that you're 
  doing we appreciate you and thank you for coming here today so 
  I'm thanks all let's keep talking about this and the plugfest 
  and.
Kerri Lemoie:   Hope you all have a wonderful week.
<sharon_leu> thanks, all!
<colin_reynolds,_ed_design_lab> Thank you!
Manu Sporny: +1 Thank you Tracy, Kimberly, all! :)

Received on Tuesday, 6 June 2023 19:15:39 UTC