[MINUTES] W3C CCG CCG Verifiable Credentials for Education Task Force Call - 2023-05-08

Thanks to Our Robot Overlords for scribing this week!

The transcript for the call is now available here:

https://w3c-ccg.github.io/meetings/2023-05-08-vc-education/

Full text of the discussion follows for W3C archival purposes.
Audio of the meeting is available at the following location:

https://w3c-ccg.github.io/meetings/2023-05-08-vc-education/audio.ogg

----------------------------------------------------------------
VC for Education Task Force Transcript for 2023-05-08

Agenda:
  https://lists.w3.org/Archives/Public/public-vc-edu/2023May/0003.html
Topics:
  1. IP Note
  2. Call Notes
  3. Introductions & Reintroductions
  4. Announcements & Reminders
  5. The Next Step in Digital Credentials — Hash-based Elision
Organizer:
  Kerri Lemoie
Scribe:
  Our Robot Overlords
Present:
  Kerri Lemoie, Stuart Freeman, Wolf McNally, Eric Shepherd, Greg 
  Bernstein, Sharon Leu, TallTed // Ted Thibodeau (he/him) 
  (OpenLinkSw.com), Christopher Allen, Phil L (P1), James 
  Chartrand, TimG, Marty Reed, Hiroyuki Sano, Kaliya Young, Nis 
  Jespersen , Kimberly Linson, Jeff O - HumanOS, Mahesh Balan - 
  pocketcred.com, Chris Webber, Colin Reynolds, Ed Design Lab, 
  Keith Kowal, David Mason, Dmitri Zagidulin, Andrew, Chandi 
  Cumaranatunge, Jim Kelly, Elizabeth Millet, Lucy Yang, David 
  Ward, PL/T3-ASU, Jim Goodell, Phil Barker

Our Robot Overlords are scribing.
Kerri Lemoie:  Great hello everybody Welcome to the Monday May 
  8th edition of the BBC edu task force called my name is Cary 
  Illinois and I'm one of the co-chairs of the group and hosting 
  today's call I'm going to go through some introductory 
  boilerplate stuff that we do at the beginning of every call and 
  then we will get to our main topic with Christopher Alan wolf 
  McNally from blockchain Commons we're going to talk to us about a 
  slut.
Kerri Lemoie:   Active disclosure.

Topic: IP Note

Kerri Lemoie:  So first anyone can participate in these calls 
  this is an open Community call and we welcome anyone also but 
  note that if you are planning on participating on contributing to 
  any of the specs at w3c or the ccg you should join the group and 
  sign the paperwork and if you're curious about that information 
  you can follow this link right here that I'll put it in the chat.
<kerri_lemoie> join info: 
  https://www.w3.org/community/credentials/join
Kerri Lemoie:  I mean info Link in the chat right here.

Topic: Call Notes

Kerri Lemoie:  These calls are recorded the minutes are taken by 
  this robot transcriber that is pretty smart the most part and 
  also we are doing an audio recording and there is now a video 
  recording we send out the minutes after the call you don't 
  typically include the video right now but if you would like a 
  video of this please feel free to reach out to the chairs I try 
  to remember to send it out to the mailing list when I whenever I.
Kerri Lemoie:   An excuse me so next let's talk.
Kerri Lemoie:  Introductions and reintroductions is there anybody 
  that's new to the call today that would like to introduce 
  themselves or perhaps Christopher wolf would like to introduce 
  themselves before we get started on the main topic today.

Topic: Introductions & Reintroductions

Christopher Allen:  Sure I'm Christopher Alan I am the former 
  co-chair of the ccg and one of the co-authors of the didd 1.0 
  standard and I also have founded and host rebooting web of trust 
  which I hope you all have heard of we have another event coming 
  up in Cologne in September 18th so I hope to see some of.
Christopher Allen:   You in person there.
Christopher Allen:  I don't think I've ever been to a VC edu 
  meeting so this would be my first meeting wolf.
Wolf_McNally: Ali Ali researcher for location Commons Christopher 
  and I have been working for several years together on a variety 
  of Open Standards that allow of the Privacy Community I think 
  should be very interested in and so excited to be here this is my 
  first meeting.
Kerri Lemoie:  Awesome thank you both for joining us I think bed 
  and touch on the ccg Carl says great to have you at our age you 
  call this week anybody else here want to make any introductions 
  or reintroductions.
Kerri Lemoie:  There is one thing I forgot to mention is that we 
  use a cue system on these calls just like most of the ccg calls 
  to if you would like to you know participate in in the 
  conversation just put a plus in the chat and if you take it take 
  yourself out of the cutest type Cube - you can also use the 
  little hand in the bottom of my dashboard is good see.
Kerri Lemoie:  Here next part is announcement.
Kerri Lemoie:  Announcements and reminders of anybody have any 
  announcements for they would like to make today.
Kerri Lemoie:  Coming up at you like a fill us in on just put 
  yourself in the queue right this Leah look.

Topic: Announcements & Reminders

Kaliya Young:  Hi I will share again if you are based in Europe 
  or working in Europe and want to join us we're having the digital 
  identity unconference Europe or dice happening June 7 2009 in 
  Zurich the eighth and the ninth are the main unconference day and 
  there's a pre-conference.
Kaliya Young:   Reference had a on the 7th.
Kaliya Young:  It's less is Central.
Kaliya Young:  I'll put a link to the registration in chat feel 
  free to reach out a few questions too.
Kerri Lemoie:  That's great thank you for Leah.
Kerri Lemoie:  And you have the floor.
Kaliya Young: https://diceurope.org/
<kaliya_identitywoman> kaliya@identitywoman.net
Colin_Reynolds,_Ed_Design_Lab: Hey good morning afternoon evening 
  of all God's wanted to throw out there one of the sort of 
  projects or things that someone my team and in our networking but 
  working on are related to The Last Mile challenges from the 
  employer perspective and HR Tech Menders specifically and some of 
  the challenges and barriers associated with the consumption of 
  digital credentials and skills data so we are actively working on 
  kind of a series.
Colin_Reynolds,_Ed_Design_Lab:  he's of convenings and in-person 
  get.
<christopher_allen> Rebooting Web of Trust 12 (aka RWOT), on 
  September 18th, in Cologne Germany: 
  https://www.eventbrite.com/e/rebooting-the-web-of-trust-12-2023-cologne-tickets-597232116337
Colin_Reynolds,_Ed_Design_Lab: Over the next five six months and 
  so if anyone on the call has any good relationships or interest 
  in supporting good relationships with individuals who are in kind 
  of that perspective space and The Last Mile Challenge then what 
  about the connect put my email address in the chat but yeah we're 
  really I think we you know the last mile is a is a complex 
  challenge but I think the employers and engaging them in the 
  conversation and some of these HR Tech group.
Colin_Reynolds,_Ed_Design_Lab:  has been something we've heard a 
  lot about and have some.
Colin_Reynolds,_Ed_Design_Lab: Who are engaging us to dive into 
  this work so just wanted to throw that out there you know wants 
  to chat about it or has any good contacts that they think might 
  be helpful.
Kerri Lemoie:  Thank you calling I like to talk more about it at 
  some point when you have a chance.
Colin_Reynolds,_Ed_Design_Lab: Awesome you're gonna be in The 
  Trusted learner now become conference coming up yeah.
Kerri Lemoie:  Yes actually that was going to be why I put myself 
  in the key so yes.
Colin_Reynolds,_Ed_Design_Lab: All right I'll get out of the way 
  let's shut them.
Kerri Lemoie:  And also I just want to point out they Christopher 
  Allen put a reboot of trust in the chat too oh you bet that's 
  what you mentioned his first sorry that's the link to reboot I 
  did for myself only when I think in there right now and the q1 
  for the ASU tln on conference next week which runs at on Thursday 
  next week I'm going to be running a workshop there that I'm 
  hoping will be helpful to folks I'm still working through it 
  because it's kind of challenging but.
Kerri Lemoie:   It's about the language to describe.
Kerri Lemoie: https://github.com/digitalbazaar/vc-render-method
Kerri Lemoie:  Both credentials and education and Workforce so 
  verifiable lers but sort of been leaning towards calling things 
  lately so that folks could be able to take this Tech back to 
  their communities and describe it in ways that are comfortable 
  and familiar to them so I'm working on that for next week and 
  then the other announcement that I had for all of you if you 
  haven't seen it in the ccg there's been a new work item announced 
  that is going to be really useful to this community this.
Kerri Lemoie:   Is that the rendering methods work item put the 
  link to the.
Kerri Lemoie:  Reaper there and essentially what this is is 
  making it possible for issuers to make suggestions as to how they 
  think a credential should display in wallet well I won't have to 
  necessarily pay attention to this but they could and so I work 
  for the digital credential Consortium we work with universities 
  and one use case for us for that is diplomas that institutions 
  may want to say hey we're going to issue a VC version of this 
  diploma but we would really have to look at.
Kerri Lemoie:   This way.
Kerri Lemoie:  And we're going to provide it.
Kerri Lemoie:  Actions for the wireless to do that so if you are 
  interested in in that work item please go do that repo and read 
  through what they have there and and participate.
Kerri Lemoie:  Okay so I think that is all for Nelson's and 
  reminders for now if you think of anything feel free to cure 
  yourself up later I'm going to know him things over to 
  Christopher and wolf you do their announced do their presentation 
  I'm going to put a link to it in the chat for all of you so that 
  you have it.

Topic: The Next Step in Digital Credentials — Hash-based Elision

Christopher Allen:  Okay thank you thank you just booting up my 
  screen.
<kerri_lemoie> Presentation Link: 
  https://tinyurl.com/gordian-educational-pdf
Christopher Allen:  Okay I hope everybody can see that so I'm 
  Christopher Allen from blockchain Commons you know our big goal 
  is what we create an open interoperable secure and compassionate 
  digital infrastructure to enable people to control their Destiny 
  and to maintain their human dignity online we are particularly 
  focused now on working with developer communities.
Christopher Allen:  Tools for digital identity digital assets and 
  responsible key management but these are based on our gordian 
  principles are Guardian principles are for Independence privacy 
  resilience and openness and those in turn are based on the self 
  Sovereign identity principles so that is really kind of the 
  context where we came into this.
<colin_reynolds,_ed_design_lab> If you'd like to connect on the 
  employer + HR Tech side of the Last Mile challenge, please send 
  me an email: creynolds@eddesignlab.org
Christopher Allen:  This discussion so obviously I've been 
  involved in D IDs and verifiable credentials for a very long time 
  I'm a co-author of the didd 1.0 standard and then I'm also a 
  co-author of the TLs standard from the late 90s and I really 
  wanted to talk with you as you know we I think you guys have done 
  a great job with schemas and VC group has done a great job.
Christopher Allen:  Model I just really wanted us to take the 
  next step and the next step is significantly more privacy so 
  clearly digital credentials are a better way of sharing when we 
  wouldn't be in this meeting today if we didn't believe that to be 
  true I mean they simplify Administration you know you just create 
  this thing that is a digital version of what you've done in the 
  past you digitally sign it you put your public keys in a pki and 
  to a certain extent that's relatively simple you know.
Christopher Allen:   You're publishing.
<kerri_lemoie> Announcement that I forgot: ELM Webinar this Thurs 
  May 11, 2-4pm CET 
  https://www.linkedin.com/feed/update/urn:li:activity:7059946834986754048
Christopher Allen:  The you know they allow you to simplify your 
  usage the students can use them as they will it's not Institute 
  necessary for you know a staffer an institution to verify because 
  the signature does that and of course there's no phone home that 
  that's actually one of the first useful things from a verifiable 
  credentials model is that the holder can basically get it 
  verified without having to call home.
Christopher Allen:  Which could cause privacy problems but I also 
  feel like digital credentials can be dangerous all that we've 
  done with them is right now make them better but we haven't 
  necessarily addressed the the problem so in particular how do you 
  protect student privacy so you know a subclass of that is how do 
  you protect against discrimination against students but possibly 
  even.
Christopher Allen:   I'm more important especially.
<kerri_lemoie> Fixed presentation link: 
  https://tinyurl.com/gordian-educational-pdf
Christopher Allen:  Group which is working directly with 
  universities and other educational institutions is how do we 
  reduce liability especially given laws like gdpr the CCPA in 
  California and I've been involved with even more digital privacy 
  laws that are emerging so what are the problems of digital 
  credentials well obviously an important one is identity theft you 
  know you get three points of data about somebody and.
Christopher Allen:   And you know you're on.
Christopher Allen:  Well on the path of understanding who they 
  are why they are what are their weaknesses what are their 
  strengths excetera so we're always trying to minimize this and 
  credentials even educational credentials contain a huge amount of 
  info and a lot of stuff is you know not properly boxed so 
  oftentimes you'll have you know personal identification issue to 
  allow for Authentication.
Christopher Allen:   Action which.
Christopher Allen:  Nothing to do with the credential data so you 
  know oftentimes in there will be things like birthdays you know 
  real names various ID numbers and these are often used by other 
  parties as identity questions but specific data can cause 
  problems too so let's talk about that a little bit gender 
  discrimination so at the last rebooting we had a young woman from 
  Eastern Europe.
Christopher Allen:  Who was a doctoral candidate come and her 
  basic thing was you know a she's already dealing with gender 
  discrimination but then she also graduated from a central 
  European University so she's also discriminated against as 
  central European and her name sounds ethnic and so she's also 
  potentially discriminated on a religious.
Christopher Allen:   All data.
Christopher Allen:  That's going to be on her her credentials in 
  addition to that it may have their birthplace in may have various 
  issuer location information other things that can be used for 
  racial or other things there's age discrimination when I last 
  taught in an MBA program number of my students were in their 50s 
  and you know in the years since that I've communicated with them 
  despite.
Christopher Allen:   Getting their MBA.
Christopher Allen:  They felt discriminated against because of 
  their age at least the initial interviews with people so 
  faith-based school information whether or not it's a religious 
  school or something that gives a clue about religious details can 
  also be used and then you know in the basic problem is the more 
  data the more problems so how do we solve this and one of the 
  simplest Solutions is something that we call holder based 
  Elysian.
Christopher Allen:   So what is this.
Christopher Allen:  Session is the data field credentials should 
  be out shouldn't be out in the wild as much as possible instead 
  let the holder redact the information as they see fit now note 
  very carefully I'm not saying subject I'm saying the holder 
  redact information yes the subject is the first holder but there 
  are a variety of reasons as these go back out to HR departments 
  out to various accrediting bodies or Loan review bodies Etc where 
  they become.
Christopher Allen:   Um holders and they to me.
Christopher Allen:  To redact potentially in different ways that 
  meet their needs so this allows all the parties to you know 
  eliminate potential discriminatory information or partially 
  reveal it but the holder still have the full credential when it's 
  needed because the signatures will still verify that's the 
  question of data retention deletion.
Christopher Allen:  And Etc becomes more of an issue for the 
  holder and of course the holders Wallet not the educational 
  institution so how do we how does this work so I'm going to talk 
  about one particular approach to it this is from blockchain 
  Commons wolf is the implementer and it basically starts with a 
  hash I presume that everybody here knows you know what is a hash 
  I mean it's a data fingerprint you can see here the input is 
  hello.
Christopher Allen:  A 256-bit hash we also have beside it here as 
  something called a life hash which is a visual version of that 
  that was invented by wolf because it's really hard to read those 
  numbers I mean on everybody I know looks at like the first three 
  in the last three which isn't as secure but if you see both the 
  hash and a life print you can feel much more confident that two 
  hashes are the same.
Christopher Allen:   We very small.
Christopher Allen:  Changing the input from a no to a gnome Lotto 
  makes for a drastic change both in the hash and in the Life print 
  so that's what pastures are there fixed size no matter what the 
  size of the input is you can kind of consider them to be the 
  ultimate in lossy compression and hashes are one way you can pack 
  them out and they're really a long series of numbers but again 
  they can be made more visually visible so what does hash-based 
  elisions so.
Christopher Allen:   Right now when you sign a document.
<kerri_lemoie> ASU TLN Unconference: 
  https://tech.asu.edu/events/2023-tln-unconference
Christopher Allen:  And then you remove the data you can no 
  longer verify the signatures so you're kind of stuck without the 
  data so how do we allow the holder to remove the data without 
  invalidating the signature so instead of signing the the input 
  we're basically signing the hash now you could say it's pretty 
  obvious because that's actually technically underneath the scenes 
  what actually is happening but we're making this even more 
  explicit and designing it in the.
Christopher Allen:  The key thing is that with the data is 
  removed the hash remains in the document when the Hat when the 
  data is restored you can verify that the data is Hash matches the 
  hash in the document so let's take this up to the next level what 
  is a tree of hashes so data can be arranged in a tree oops and 
  for some reason I'm not seeing the tree image there it is the all 
  similar data is kept in the same.
Christopher Allen:   Branch for credentials.
Christopher Allen:  All of us.
Christopher Allen:  Students personally identifiable information 
  might be in one branch all of their qualifications might be 
  another this organization continues down from there now this 
  allows us to Allied specific types of envelope so how does this 
  work you know every bit has its own hash and you know it you know 
  is reflected all the way up to the root hash this is a really old 
  and you know consider to be mature technology the Merkle tree.
Christopher Allen:   Was invented in.
Christopher Allen:  It was one of the first cryptography things 
  so we know how to do this well so what is hash-based Elysian well 
  if a document is a tree of hashes than any change anywhere will 
  invalidate the signatures so you know we see here we sign this 
  route document and it's basically you know anything changes and 
  Below boom it propagates other upward and now the signature no 
  longer verifies because the hashes different right.
Christopher Allen:   Pretty Basics but with hash.
Christopher Allen:  The document is a tree of hashes not a tree 
  of the actual data than any branch can be removed while leaving 
  the hash behind so that all the higher-level signatures can be 
  evaluated so in this case the root is also signed but we can 
  choose to Allied this particular document let's say that this is 
  my age and I don't want to send that to somebody it removes 
  certain information about me I can send this.
Christopher Allen:   Along to someone else and.
Christopher Allen:  Given that a lighted information the 
  signature still verifies and maybe they don't care or not are not 
  supposed to care about my age they don't need that extra alighted 
  information so this really allows for data minimization which is 
  the Cornerstone of privacy the basic reveal reveal no more than 
  what is needed you know that's the bottom line any kind of data 
  minimization and my opinion requires some.
Christopher Allen:   Um system of selecting.
Christopher Allen:  Are there and there are a number of other 
  approaches I think this is one of the better ones because holder 
  based hash based religion makes students allows student holders 
  to make all of the initial decisions about how things are going 
  to be shared so you know as people creating these credentials why 
  do we care so we want meaningful credentials but we also want to 
  protect students and their Futures we want to protect vulnerable 
  populations that are.
Christopher Allen:   Coming to our schools.
Christopher Allen:  Students are particularly vulnerable they're 
  young they're away from home they're away from their support 
  systems their way often times from their own cultures we have to 
  protect them and then of course we value diversity and we want to 
  protect the diversity in our institutions and but we also want 
  people to be able to leave our institutions and get great jobs 
  and careers and support our institutions in the future.
Christopher Allen:   Some other ways that it helps Institution.
Christopher Allen:  As you don't have the admin of a light and 
  credentials the institution does not have to understand what the 
  risk requirements of a you know a somebody who is the third party 
  and a verifiable credential you know the person that is hiring 
  the student now has some information about the students 
  credentials and they have very different needs they may need to 
  prove hey I've got 10 people in my organization who have these 
  qualifications.
Christopher Allen:   Ins to some other body but they don't want 
  to give the people.
Christopher Allen:  Names or anything.
Christopher Allen:  Allows other parties to to poach those 
  students those employees so they have a different holding and 
  Elysian requirement than what is needed the institution doesn't 
  need to have to understand this and how this works or enable it 
  it's just automatic with Gordy and envelope thus they also don't 
  have the liability of overfull credentials you know having too 
  much data in there because it is all a Lie To Believe.
Christopher Allen:   By the by.
Christopher Allen:  This lowers your responsibility I probably 
  should have put a legal caveat here you still have 
  responsibilities in GDP are but it lowers your responsibility for 
  gdpr because some of it is and you know specific to the holder 
  institutional compliance Elysian can also protect institutions 
  from violating laws so for instance often time institutions need 
  to be able to say this number of students graduated to somebody.
Christopher Allen:   That is loaning money to students and wanted 
  to make sure that the.
Christopher Allen:  Doing that how do you exchange all of this 
  thing to know what is the status of you know these students 
  without violating their privacy well with Elysian you can prove 
  yes we have these number of students and this number of students 
  is employed and you know the the hash tree works and the and 
  compliance rules work for this and but I'm not giving you the 
  names of the students and names of the instead of the.
Christopher Allen:   The their employees.
Christopher Allen:  This is particularly important in the United 
  States because of FERPA and the ppra which has very very strong 
  requirements as far as how information about students is passed 
  forward and I think a lot of Institutions are in violation in the 
  sense that you know they're doing stuff that allows others to 
  violate the Privacy so.
Christopher Allen:   I don't think there's any case.
Christopher Allen:  It pulls it back to him but institutions can 
  clearly do better in your there isn't a specific law around 
  student information but gdpr is pretty Broad and of course CCPA 
  and California is you know kind of a variant cjd PR ish some pros 
  and cons but there's a whole bunch more coming data supporting 
  data minimization can really help you provide compliance for a 
  lot of these different kinds of rules and regulations.
Christopher Allen:  So that is in general what is elision and why 
  it's important specific to gordian envelope are some additional 
  features so there's this concept of something called a proof of 
  inclusion so instead of having an individual certificate you can 
  basically sign the root hash and publish it with no other 
  information then when someone reveals.
Christopher Allen:   Their document to say oh.
Christopher Allen:  You know I'm a student only the necessary 
  hashes are revealed between the students credential and this root 
  hash and that allows for a lot of interesting use cases so that's 
  one that's one thing we really wanted to support natively one of 
  the particular ones that I really like with this is something 
  called heard privacy the institution can give every student or 
  credential like they do now but with some additional information.
Christopher Allen:  You know where are they in the cohort and 
  then it all the institution has to do is publish the public root 
  for the entire cohort so instead of giving out you know a 
  thousand graduation credentials certificate credential great 
  credentials and all this type of stuff for a cohort of students 
  you can just publish a public you know a public route and the 
  students can choose to to prove that they were.
Christopher Allen:   Part of that particular court.
Christopher Allen:  Graduating class or the you know quarterly 
  ending public root of something this allows for a lot of 
  additional anti-correlation capabilities and such it is however 
  different than the classic verifiable credentials model so there 
  would have to be some adjustment to think about it because in 
  some sense as you this is a giant verifiable credential for 
  everybody in the class rather than a you know per individual per.
Christopher Allen:   Per subject.
Christopher Allen:  More I'm going the wrong direction sorry.
Christopher Allen:  So again the student can prove inclusion in a 
  cohort also another aspect of gordian envelope is that we allow 
  for a lot of different kinds of elisions so Gordy and envelope 
  I'm sure all of you are comfortable and familiar with triples you 
  know Alice knows Bob in this particular case and the gordian 
  envelope anode is the the kind of the the leaf hash of Allah.
Christopher Allen:   Less its assertions Who and the nose and.
Christopher Allen:  You can see the Hat there are five hashes 
  here we can Allied the subject we can say that somebody knows Bob 
  and have it be signed we can say that Alice has some relationship 
  to Bob but not what that specific relationship is we can say 
  Alice knows somebody yeah we're has some predicate there and we 
  can also just say Alice has a number of.
Christopher Allen:   Oceans but we're not going to.
Christopher Allen:  Many and of course there is just the ability 
  to have the single hash route where everything is a lighted this 
  gives for a lot more choices as compared to some other Elysian 
  spec so right now these are the four major ones there's SD jaw 
  twitch is being run through the ietf it leverages the verifiable 
  credentials jot Echo System dif uses a lot of.
Christopher Allen:   Of those it's.
Christopher Allen:  Needed to the iso mdl and MDOC standards that 
  are being used for mobile driver's license you know for a lot of 
  people if they like it because it doesn't require schemas which 
  you know if you're familiar with this area that's a complicated 
  pro and con a particular con is that the hash list is not a tree 
  they basically elide a whole claim from a list.
Christopher Allen:   So they basically the list of claims and 
  they say well we're going.
Christopher Allen:  You know three five and nine so it is not 
  quite as flexible As a treat version of it there's LD Merkel 
  disclosure which I think is a little less mature but there is a 
  w3c doc on it the particular advantages of it is that it 
  leverages the json-ld echo system which I believe the vce you 
  community is losing its particularly convenient.
Christopher Allen:   For node graph data.
Christopher Allen:  But again it is a you know a hash list not a 
  tree you're just basically being able to allocate Allied an 
  entire claim and it does require you to have a node graph 
  structure for your data and a schema for it to properly work 
  Gordy it envelope is ours its data structure agnostic meaning you 
  can do graphs you can do lists you can do schemas or no schemas 
  you can even do different.
Christopher Allen:   Kinds of graphs you can do node graphs you 
  can.
Christopher Allen:  Edge graphs Etc so that gives it a lot more 
  capability that this is why we can offer things like redaction 
  inclusion proofs heard privacy that I discussed earlier but we 
  can also encrypt data we can put you know is something in escrow 
  and still be able to verify it signed if it's a large object we 
  can press it and then we have some special capabilities as far as 
  secret sharing the cons is it's not W3 cvcc.
Christopher Allen:   Trick in some ways it's a little bit below 
  the VC it's useful for many other purposes also.
Christopher Allen:  IDs and other data but it's not on a 
  standards track we have submitted it to the ietf and we hope at 
  some point it will be standards track but it's not been a you 
  know accepted by an existing working group yet finally we have 
  BBS plus signature which is being run through the ietf but are 
  active people in both the dif and w3c communities in regarding 
  regarding it.
Christopher Allen:   Its main advantage is that it allows for.
Christopher Allen:  Signatures that's something hash Collision 
  can't do because what happens with it as you're offering proof of 
  knowledge of an undisclosed the signature and then correlating 
  that it's a powerful feature it doesn't use hashes and instead 
  uses a brand-new cryptography I would even argue two layers of it 
  it uses pairing cryptography and then it uses new cut 
  cryptography on top of pairing cryptography the combination of.
Christopher Allen:   Of this makes it more complicated.
Christopher Allen:  There are it's a little bit more complicated 
  to do holder based elision scenarios but it's still a very 
  powerful technology.
Christopher Allen:  Digital credentials are powerful simple 
  Productions credentials do not protect privacy both the holder 
  and the issue issue or have risks they're also transient they can 
  be lost there's too much information we need strong safe 
  credentials with control by the holder the ability to alai 
  maintenance of signatures through hashing and proofs for further 
  data minimization and I really need to put this call to action 
  here holder based.
Christopher Allen:   Collision is crucial for privacy.
Christopher Allen:  It can do more I mean I if you're supporting 
  BBS plus proofs fabulous that doesn't mean that you shouldn't 
  also be considering holder base to listen we really need to turn 
  some of these oh well maybe we can do some privacy things maybe 
  we should do some privacy things and start putting them in musts 
  I'd like to see more specs more groups saying this must be done 
  could because legally data minimization really is a requirement 
  so.
Christopher Allen:   Why aren't we doing that.
Christopher Allen:  Ethically if you're part of the self 
  Sovereign Community you've also said that user control is a 
  requirement so we need to turn these in the musts we'd love for 
  you to use gordian envelope because it has some of these 
  additional features capabilities privacy Etc but if not please 
  please use one of these other Elysian specs for your base so more 
  on gordian Tiny you.
Christopher Allen:   Your url.
<kerri_lemoie> INTRO TO GORDIAN ENVELOPE: 
  https://tinyurl.com/gordian-envelope
<kerri_lemoie> GORDIAN ENVELOPE VIDEOS: 
  https://tinyurl.com/gordian-videos
<kerri_lemoie> EDUCATIONAL USE CASES: 
  https://tinyurl.com/gordian-educational
Christopher Allen:  Elope there's also a bunch of very useful 
  videos and transcripts of videos Etc at this URL tinyurl tinyurl 
  gordian hyphen videos and then specifically there is this 
  educational use case where we've tried to describe you know the 
  utility of gordian for for that and I'll quickly show you what 
  that looks like so this is the educational use case.
Christopher Allen:   You know we talked about.
Christopher Allen:  Various would call this a progressive use 
  case various official credentials she restricts them somebody 
  wants to hire her she gives them their information later there's 
  an open badge and then three kind of progressive heard privacy 
  credentials we'd really like to see contributions from this 
  community to take this educational and credential industry use 
  case forward I think.
Christopher Allen:   That's it.
Kerri Lemoie:  Thank you Christopher is still a lot but also 
  really interesting and important I have I'm free to thank you I 
  see if we have fill in the cube I have a question for you to 
  controlling could you explain to us how how would a wallet how 
  would a VC wallet Implement something like ordering envelopes so 
  that an individual would know that they have the option to you 
  know share limited pieces of data.
Kerri Lemoie:   And also how would a verifier.
Kerri Lemoie:  That so how would you apply this to the software 
  simplest kind of the suffer we have now you know.
Christopher Allen:  Correct so I mean one of the problems with 
  any of these types of things is it does put a greater burden not 
  just on the the provider of the information in the form of the 
  holder but also the verifier in the information so my kind of 
  take on it is it needs to be incentivize hand-in-hand because to 
  a certain extent the holders don't want the information I mean 
  the non subject holders don't want the information either becomes 
  toxic.
Christopher Allen:   Asic data so we really want to you know 
  create systems.
Christopher Allen: 
  https://github.com/WebOfTrustInfo/rwot11-the-hague/blob/master/draft-documents/selective-correlation.md
Christopher Allen:  Are the the verifier goes this is the 
  information I must have and so we've actually kind of written a 
  at rebooting we have this draft paper called selective disclosure 
  I'll send put the link in the chat the talks about a different 
  way of thinking about things which is we really need to deeply 
  understand you know what we.
Christopher Allen:   Want and need to be correlated.
Christopher Allen:  So that's part of it I think there's a lot of 
  exploration to in ux of how to do this without overwhelming users 
  you know my hope is that as we you know look carefully at these 
  schemas and such that we maybe break them apart a little bit more 
  it's one of the advantages of the tree structure that gordian has 
  because on one hand and institution who is.
Christopher Allen:   You know making.
Christopher Allen:  About authentication information of a user 
  which allows you know the you know it's kind of like the student 
  ID type stuff for the purpose of then separately being able to 
  validate the credential keeping those separate really helps and 
  then within the credential itself you know having it have sub 
  credentials and things of that nature will also help you X in 
  this so one of the other things is I've written an article on 
  something called Progressive.
Christopher Allen:   Rest of trust.
Christopher Allen: 
  https://www.blockchaincommons.com/musings/musings-progressive-trust/
Christopher Allen:  I think that anybody who's implementing this 
  type of thing has to think in this sense there is a there's a 
  desire among developers in this community which is O going to get 
  this blob and I'm going to throw the blob into a box and the box 
  is going to Glow green and say go you're done okay I just don't 
  think that's the way the world works in the in in its patterns of 
  trust things are much more gray than that you know you only.
Christopher Allen:   We want the information.
Christopher Allen:  The risks that you're having at the moment so 
  that means the the the verifiers need to be able to throw these 
  blobs into the box and box come back it's okay but it might just 
  need one more thing and then go ask for the one more thing and 
  then the user can basically say well do I really want to do this 
  I mean why are they asking me for this one more thing and I 
  basically can decide no I don't want to give him this one more 
  thing you know it's.
Christopher Allen:   I don't need this.
Christopher Allen:  Of that bad I've got other applicants who 
  aren't asking for that information I hope that helps.
Wolf_McNally: Yeah I look at something too if that's okay.
Wolf_McNally: Yeah so what we tried to do with envelope is design 
  a substrate that is very flexible and because of the tree 
  structure is because tremendous and you can have these triples 
  which are assertions but you can also have assertion Zahn the 
  assertions as many levels as you want and so there's many 
  possible structures that could emerge to make this easier for 
  users one would be and of course you know a nose in substrate 
  we'd like to see people start to create tools and standards 
  around this substrate for instance you could provide.
Wolf_McNally:  templates that say okay for a particular purpose 
  here's the required information.
Wolf_McNally: This credential that we need and then you apply the 
  template and it shows you in one step essentially what's being a 
  lighted because and only with the required information is left 
  another possibility is that issuers can actually put assertions 
  on various parts of the data saying this is potentially 
  discriminatory and so the user can just use a tool to say 
  eliminate all potentially discriminatory information or let me 
  review it so I can decide what to Allied so there's a lot of ways 
  that these documents can be both constructive.
Wolf_McNally:  and and manipulated such that the user actually 
  has a lot of transparency into the kind of information they're 
  providing are choosing not to provide.
Christopher Allen:  Yeah just to be clear on that one of the 
  differences between the sort of the node graph model of json-ld 
  is that you know you you have this triple and then you have one 
  more value that you can add to that triple which allows for the 
  quad to function and do ordering and other different types of 
  things we're not limited to that kind of structure so you know 
  you.
Christopher Allen:   You can basically have.
Christopher Allen:  Certian zor multiple predicate surround the 
  same claim so you can have all kinds of annotation sub 
  annotations of things and in fact even the predicates can be 
  envelopes so they can have multiple assertions about the 
  predicate to say oh this is an owl schema this is a you know this 
  is a you know belongs to such and such a template or whatever so 
  again it's a lot depends on whether or not you.
Christopher Allen:   Want to go up to the full flexibility.
Christopher Allen:  Gordy and envelope if you're using json-ld 
  jot or nuts ild it's anyhow you're if you're using one of the 
  selective disclosure Alternatives in the jaw or json-ld system 
  you won't be able to take advantage of those but it you know you 
  can at least say you know this one claim you know I don't want to 
  share.
Wolf_McNally: Yeah I'd also had the the Christopher went to this 
  5 illusion points in a document of course that applies to the you 
  know all the way down the the tree but any of those illusion 
  points can also be encrypted public symmetrical encrypted public 
  key encrypted split into shares which can be distributed to a 
  group of parties where a quorum is required to actually 
  reconstruct the secret and compressed things like that they're 
  all available illusion obviously is one way of protecting 
  information such as the holder has.
Wolf_McNally:  tourist provide the information but it could be 
  encrypted or other kinds of escrow so it's very flexible.
Kerri Lemoie:  It's very interesting I'm going to I'm going to 
  oversimplify and then really feel I'm going to hand it over to 
  you in a second we work with the open badges spent quite a bit in 
  the space right now because it's the one that's really like a 
  line to BC so far pretty closely and education could it be so 
  simple as that spec includes a property that says this is where 
  you put this if somebody just wants to know that this person say 
  it's a diploma they just won't know if they wanted to graduate.
Kerri Lemoie:   And then we add a property for that.
Kerri Lemoie:  Would that be useful.
Christopher Allen:  There has been discussion in some other 
  places where admits another format you know you know Jason or 
  whatever there is a gordian spot inside it gordian is uses see 
  bore if you're familiar with that so that's a binary expression 
  language that is determined we use a particular variant of Sabor 
  called.
Christopher Allen:   DC borer which is.
Christopher Allen:  Some deterministic variant so our data is 
  binary but that being said it can be because of the you know how 
  we've done the layers you can encode it any way you want you can 
  turn it into boring hex you can have used various other 
  compression things or whatever but it is a self describing format 
  and there are some real advantages to using Seaboard directly and 
  that is a you know an ietf standard and there's lots of tooling 
  out there for it the it.
Christopher Allen:   It but it isn't Jason.
Christopher Allen:  I mean you obviously can you know put it into 
  a Jason statement but it's not Jason.
Kerri Lemoie:  It does help thank you Phil Long you have the 
  floor now thank you for your patience.
PL/T3-ASU: Can you hear me clearly a complex topic I just had a 
  really simple question at the very beginning you mentioned that 
  you were able to doing this eliminates the check the sections of 
  the tree that you relied in and presumably that means it's 
  actually not transmitted it's it's not hashing those things that 
  the individual receiving it can't.
PL/T3-ASU:  view and.
Kerri Lemoie: CBOR: https://cbor.io/
PL/T3-ASU: Translate or otherwise recover the information in it 
  it's removing it from the actual credential that is true that is 
  transmitted and received by the.
Christopher Allen:  That is correct so I mean there are some 
  subtleties here again we're trying to keep this simple not use a 
  whole bunch of advanced cryptography and things and you know I 
  can talk to you exactly when you must really do BBS plus proofs 
  or things of that nature but most of the time 99% of the time you 
  just basically either want to provide the data the data don't 
  provide the data.
Christopher Allen:   And then there's sort of an arc.
Christopher Allen:  You going to solve the data for 
  anti-correlation so again this requires a different sense of 
  thinking we do have a sense sometimes in the as a trust architect 
  it's like oh everything should be selectively disclosed you know 
  disclosed we should you know you know nothing should be 
  correlative all etcetera but I think you have to turn that upside 
  down and say no you need to design very carefully there are some 
  things that must be correlated or won't work because it's the 
  whole point of a car.
Christopher Allen:   Essentials your correlating that somebody 
  graduated with a person who graduated and.
Christopher Allen:  So there is.
Christopher Allen:  Nation things that are important but you know 
  what is the Persistence of that correlation you know an 
  institution doesn't need signature privacy a user might you know 
  so you can salt things such that you know things can't be reused 
  or somebody can't try to play games but in some cases salting you 
  know not salting can be advantageous so there are some design 
  considerations will.
Wolf_McNally: If I can give a quick really quick you know 
  intuitive kind understanding of this if a person's name is John 
  Smith and you hash that you get a particular you know a 
  fingerprint back and if you know at that fingerprint is for John 
  Smith you can search a large database fine every hash that's 
  identical and say oh this correlates to John Smith so 
  theoretically if you have unsalted hashes you can find every John 
  Smith in the database without that data being actually present 
  just by its hash so Christopher Ford assaulting salty.
Wolf_McNally:  because it's.
Wolf_McNally: Because you can have a certian saint anything you 
  can have random data asserted on which is called salt asserted on 
  a name and therefore what that does because that's part of the 
  tree of that name when the name is lighted the hash is unique in 
  the whole world and so you can have 15,000 John Smith's and every 
  single one of them in this kind of document will have a different 
  hash on their name and you won't be able to correlate them so 
  that's the kind of thing Foresters talking about.
PL/T3-ASU: That's a good that's a good example I think thank you.
Christopher Allen:  So yeah and just to be also clear so the the 
  SD jaw and LD Merkel both have salting in them but they're in 
  order to say space in the case of the SD jot they basically have 
  one salt and then they basically create children salts from that 
  one salt.
Christopher Allen:   Each has some pros and.
Christopher Allen:  It means you're only salting the individual 
  you know once you're only having to put you know a few bites in / 
  the entire Prudential but it also really limits what you can do 
  there and one of the consequences of that is they often you know 
  they kind of have two blobs here are the things that can be 
  alighted and then here's the things that can't be delighted in 
  gordian there isn't really a difference everything would be a 
  lighted so.
PL/T3-ASU: If I can if I can ask one other quick question you 
  mentioned that gordian aligns with both Edge graphs as well as as 
  node graphs that would suggest then that property graphs are 
  natively supportable within okay just wanted to clarify.
Kerri Lemoie:  Thank you hash I see you in the queue here you 
  have the floor.
Mahesh_Balan_-_pocketcred.com: Thank you great presentation 
  Christopher and work for just a quick question maybe this is very 
  clear to everybody else but you know I just wanted to clarify so 
  in the example you just gave about let's say that John Smith 
  really wants to reveal his name to you know an institution so 
  that they can know that it is John Smith so how does the verifier 
  actually decrypt any piece of disclosed information right.
Mahesh_Balan_-_pocketcred.com:  whatever they disclose How do 
  they.
Mahesh_Balan_-_pocketcred.com: 10 and know who you are right.
Christopher Allen:  So in that sense you know what if you give 
  somebody your name you know so I'm John I'm Christopher Alan you 
  know I graduated and here is my credential to you know hiring 
  institution you have the the in that particular institution that 
  hiring body has that information it's not encrypted okay and it's 
  very easy to tell that the educational institution has.
Christopher Allen:  It because there's a signature associated 
  with it and you know and there's the ongoing problem okay so now 
  how do you identify that I'm Christopher Allen and that can be 
  done within the credential in some way or some external method of 
  doing that authentication Etc the the heart the harder problem is 
  that let's say I'm applying for a job okay and the job says I 
  need to have a laser welding safety certificate for that job.
Christopher Allen:   Okay so.
Christopher Allen:  Up that I can basically prove that I have 
  that and I can give them a you know idid and how to contact me 
  with it whatever but I don't need to give them that I'm you know 
  that I'm Mohammed Joan Muhammad something and I got my degree 
  from an accredited institution in in Central Europe I can just 
  basically say you know I have a degree from a European 
  credentialed school and I.
Christopher Allen:   Have this have.
Christopher Allen:  Particular credential that you are asking for 
  and now you know are you interested in interviewing me and if 
  you're not interested in interviewing me I'm not gonna give you 
  any more information so there this is what I mean by Progressive 
  disclosure and again I have a whole article on you know kind of 
  what the implications of that are so the next step is that you 
  know the company comes back and says yeah you know we're only 
  like you know what information you've given you we've given you 
  we'd like an interview you may reveal some.
Christopher Allen:   Other information which might be how a 
  contact you and zoom links and other.
Christopher Allen:  Different things of that.
Christopher Allen:  Nature endorsements in the form of badges 
  personal endorsements I've been long encouraging Kim Hamilton to 
  put peer endorsements into the schemas that you guys are working 
  on he'll present a few of those again being sensitive to privacy 
  and when they actually make you an offer and you accept that 
  offer that's when you might actually give all here is my 
  equivalent of social security number I might prove that I have I 
  can have a.
Christopher Allen:   Field that's basically.
Christopher Allen:  You know social security number is alighted 
  and signed by another institution that basically says yes we have 
  their social security number so we actually does have a Social 
  Security number not to give it to you until you give me a job 
  because you don't need it until I you give me a job so that's 
  Progressive trust it you know that is you know I think 
  increasingly how we have to think about our designs.
Christopher Allen: https://lifehash.info
Mahesh_Balan_-_pocketcred.com: Super I find might slip in another 
  question I was really curious about the graphic display of the 
  hash itself seems very fascinating as a human way of kind of you 
  know interpreting what is just a jumble of numbers so is there 
  some you can you say a few words about it as to what kind of 
  technology that is.
<kerri_lemoie> We'll close after this question.
Christopher Allen:  Sure so what I'm going to do is I'm going to 
  put in the the the link to the life hash page and if you take a 
  look at that page wolf we'll talk about it.
Wolf_McNally: Yeah so life hash was my conception and 
  implementation as a kid I became familiar with an algorithm that 
  is John Conway's Game of Life which is not really a game at the 
  cellular Atacama automata and it produces these patterns which 
  are very concerned with very simple to simple grid of black and 
  white squares and it involves a long very kind of organic lines 
  as you watch it and I was inspired to create what's called often 
  called a a visual.
Wolf_McNally:  hash based on the idea that because you give it 
  unique input you get unique output.
Wolf_McNally: Using a number of techniques to have retained the 
  whole history of this evolving pattern called life and then using 
  mirroring and coloring to make it even more kind of interpret 
  what people's minds I was able to come up with a system where 
  pretty much any two pieces of data can go in and even if they 
  were similar they come up with very different visuals and you 
  know and they're very difficult to it's very difficult to come up 
  with two pieces of data that actually come up with visually 
  indistinguishable hashes.
Wolf_McNally:  I want impossible I think and so we published this 
  is an open-source specification we.
Wolf_McNally: Limitations other people have converted from 
  patient other languages so we're very happy to see that it's 
  being adopted in kind of inspiring people as well and that's part 
  of our mission is to you know be compassionate about these kinds 
  of things working with long strings of numbers especially trying 
  to find you know where they might differ is not a very easy 
  cognitive tasks and so you know from a ux perspective you know 
  this isn't the only system that does these kinds of visual hashes 
  this is the one we developed and we think it has a lot of.
Wolf_McNally:  of kind of.
Wolf_McNally: Approachability compared to some others and yeah so 
  and all the information is there and I hashed out in fact you can 
  enter strings and see the life has changed you know Generate 
  random life hashes and kind of compare them and kind of see for 
  yourself and then download the software and and the plate 
  yourself so it's just open for anybody to use.
Christopher Allen:  And of course to be clear from a 
  cryptographers perspective there we do not have a proof that this 
  is as strong a hash that this visual hash is as strong a hash as 
  a sha-256 or you know even md5 the but that's not the point you 
  know we do have strong machine-readable hashes that allow for 
  that have the cryptographic details that we need.
Christopher Allen:   We just need.
Christopher Allen:  Additional hint to users and this this helps 
  you know.
Wolf_McNally: Yeah we often recommend this be used in conjunction 
  with at least like eight digits of the of a hash itself of the 
  Apple hexadecimal digits and that way users have kind of 
  multimodal ways of quickly verifying that a hash is the same 
  across providers.
Mahesh_Balan_-_pocketcred.com: Excellent thank you so much.
<pl/t3-asu> Gotta run - Thank you Christopher & Wolf
<christopher_allen> ChristopherA@LifeWithAlacrity.com
Kerri Lemoie:  Thank you for the question Christopher and well 
  thank you very much for coming here today we appreciate this I'll 
  get the minutes published soon so thanks again everybody thanks 
  for being here good week you next week take care.
Christopher Allen:  Thank you everybody I put my email and 
  contact information.
Christopher Allen:  Thank you everybody.
Wolf_McNally: Thank you it's great.

Received on Thursday, 11 May 2023 20:53:33 UTC