- From: CCG Minutes Bot <minutes@w3c-ccg.org>
- Date: Wed, 16 Oct 2024 16:07:38 +0000
- To: public-credentials@w3.org
Thanks to Our Robot Overlords and Our Robot Overlords and Our Robot Overlords for scribing this week! The transcript for the call is now available here: https://w3c-ccg.github.io/meetings/2024-10-15/ Full text of the discussion follows for W3C archival purposes. Audio of the meeting is available at the following location: https://w3c-ccg.github.io/meetings/2024-10-15/audio.ogg A video recording is also available at: https://meet.w3c-ccg.org/archives/w3c-ccg-weekly-2024-10-15.mp4 ---------------------------------------------------------------- W3C CCG Weekly Teleconference Transcript for 2024-10-15 Agenda: https://www.w3.org/Search/Mail/Public/advanced_search?hdr-1-name=subject&hdr-1-query=%5BAGENDA&period_month=Oct&period_year=2024&index-grp=Public__FULL&index-type=t&type-index=public-credentials&resultsperpage=20&sortby=date Organizer: Harrison Tang, Kimberly Linson, Will Abramson Scribe: Our Robot Overlords and Our Robot Overlords and Our Robot Overlords Present: Harrison Tang, Dmitri Zagidulin, Kimberly Linson, James Chartrand, gillian, Sharon Leu, Nis Jespersen , Nate Otto, Sam Smith, TallTed // Ted Thibodeau (he/him) (OpenLinkSw.com), Kerri Lemoie, Gregory Natran, Hiroyuki Sano, Japan, Will Abramson, Erica Connell, Benjamin Young, Patrick St-Louis, Alex H, Vanessa, Joe Andrieu, Markus Sabadello, Leo, Stephan Baur, Kaliya Young, Mike Peck, Rashmi Siravara <kerri_lemoie> Hello all! Our Robot Overlords are scribing. Kimberly Linson: Credentials Consortium at MIT um. Kimberly Linson: I really I I think I speak for for almost everyone here I really appreciate the leadership of the DCC in this community kind of helping us um. Kimberly Linson: Just ha have a have a sort of a I don't know a beacon is how how I feel I feel about it so I'm really excited to hear what you all have been up to uh and so thus I will get through the housekeeping. Kimberly Linson: Uh stuff as quickly as I can uh this is a collaborative uh environment in a collaborative space we treat each other with respect and if you want to read more about our conduct and about ethics and professional conduct you can go ahead and and see the link within the agenda and we do invite anybody this is a community group we are open to any participation by anyone who has any interest at all in learning more about uh credentials digital credentialing and uh however if you are going to participate uh more formally you want to be a more substantive contributor then we would invite you to. Kimberly Linson: Sign the agreement uh in the that also is linked in the agenda. Kimberly Linson: And we keep notes uh and a recording of these calls so that people can go back and and see the historical record of kind of what we've been discussing as a community. Kimberly Linson: Oh dear do you what you want to try it again. Our Robot Overlords are scribing. Harrison_Tang: Uh it says all recorders are currently busy. Harrison_Tang: give me a second. Kimberly Linson: What an odd thing for it to say. Our Robot Overlords are scribing. Kimberly Linson: Hopefully hopefully that's back. Kimberly Linson: Because we keep a recording and we keep um. Kimberly Linson: Transcript for posterity and we use the chat um very intentionally to Q speakers to. Kimberly Linson: Didn't put links in the chat that people might want to reference uh and so I'd invite you to use Q Plus if you have something that you would like to say part of what I'll be doing today is moderating that discussion and as people are putting themselves on the Queue I'll try to keep the conversation uh moving along if you decide you want to remove yourself from the queue you can use Q minus. Kimberly Linson: Um and otherwise I think that should get us going and and uh if you have any uh challenges you can just put those in the chat as well and we'll we'll we'll get it sorted so that you can have your uh thoughts and questions um as a part of the conversation and uh now I am to introductions and reintroductions does anybody uh is anybody new to the community today that would like to introduce themselves or anybody who hasn't been here for a while that. Kimberly Linson: Would like. Kimberly Linson: To let us. Kimberly Linson: Know what they've been been up to. Kimberly Linson: Okay I feel like I've let us be uncomfortable uh silent for long enough uh so I will move on to announcements and reminders does anyone have uh anything they want to share with the community that they know is going on. <kerri_lemoie> DIF Hackathon! https://difhackathon2024.devpost.com/ Kimberly Linson: Everybody is very anxious to get to our main topic of the of the day Carrie do you wanna do you want to jump in real quick and share about the uh the diff hackathon. Kerri Lemoie: Actually I was going to share let's tell a little bit more. Kimberly Linson: Okay so I'll save it for later but you do have the link. Kerri Lemoie: Our presentation yeah I just thought I'd put the link in there for now if people want to click on. Kimberly Linson: Great yep the link is available. Kimberly Linson: All right uh and how about work items does anybody have anything they want to address regarding our work items. Kimberly Linson: Okay without further Ado Carrie and Company um I'm going to let you introduce yourselves and and take it away the floor is yours. Kerri Lemoie: Awesome thank you Kimberly so thank you for that that kind intro that was really really great we appreciate that we have our whole team here today everyone's gonna take part in our presentation and Gillian is going to share the screens. Kerri Lemoie: Uh the slides I mean. Kerri Lemoie: Uh let her get those up. Gillian: Okay bear with me I'm new to. Gillian: New to jitsi. Kerri Lemoie: There you go. Kerri Lemoie: Perfect thank you. Kerri Lemoie: All right everybody I I don't think my my name is is new to you because I'm a huge believer in the work that we're all doing I'm in a co-chair of a VC edu and but today I'm here with my director hat on for the digital credentials Consortium and I'm here with our team to tell you more about who we are what we do and um here to answer any sort of questions you might have about us. Kerri Lemoie: Next slide please. Kerri Lemoie: So the this reflection thing is pretty cool anyway the DCC was founded actually in 2018 um you may recognize the name Kim Hamilton Duffy she was 1 of the um folks who helped to found this we had um I believe uh I think I remember how many members found it I think it was 12 members that founded we now have 14 members and 7 different countries. Kerri Lemoie: The aim of the DCC was really to take the expertise that these institutions had about verifiable credentials and really promote that work and seek alignment in with verifiable credentials in the education space so our aim is really to advance the use and understanding of VCS in higher education. Kerri Lemoie: Next slide please. Kerri Lemoie: I'm gonna only speak a little bit here because everybody else and the team has far more interesting things to tell you about um but I just wanted to introduce them a little bit here um this awesome team helps keep like everything running we we support our members and all the various ways um and really participate in all of this work and all the standards work so a Gillian will tell you a little bit about our operations and Community efforts um and Alex and James and Dmitri will talk some about our software open source software and also our standards work and our community work. Kerri Lemoie: Next slide please. Kerri Lemoie: Okay so this is the slide that has the most on it so I'm going to talk here for a little bit and then pass it on to the team so what we do primarily is we support our members. Kerri Lemoie: Right um and we we try to follow their guidance and their input on what is needed out of verifiable credentials for higher education and with them we develop open source software. Kerri Lemoie: Uh take their input and work on standards we do some code development with them our core we have 2 types of memberships we have core members and members and we do some bespoke development with our our core members but for all of our members we uh we do vendor advocacy so we will talk to their vendors and help them understand how our viable credentials work Point them to our software to help them implement it. Kerri Lemoie: Um we. Kerri Lemoie: Working on uh producing more documentation so case studies so that other higher institutions um can understand or and relate to like what other people have implemented. Kerri Lemoie: Um our open source software is all MIT license so it's it's open source as it can be. Kerri Lemoie: Um and we develop it for their needs but we put it out to the world for others to use um because uh well because we believe in that we believe in Open Standards open source and open communities. Kerri Lemoie: I'm speaking of communities uh Kim Hamilton Duffy actually founded VC edu the task force here at the ccg that is working on um the education alignment with verifiable credentials uh Demetri zagadou who's on our team is also still a co-chair there. Kerri Lemoie: Um we're also collaborating with the open Wallet Foundation we um you'll see that we have a wallet called the learner credential wallet and uh we are moving our code over to that organization so that we can sort of expand um input and and you know brought an interest in the wallet code. Kerri Lemoie: Um we were uh we are very instrumental in development of open badges um I I'm somebody who's been involved with open badges for a very long time um we believe in open recognition. Kerri Lemoie: For deployment support. Kerri Lemoie: So in addition to our membership funding which helps support us toward our team we also get some grant funding and um some of that includes supporting deployments of um other like non-members who are implementing verifiable credentials um so we do a little bit of that too. Kerri Lemoie: Of a research so right now we we do a bunch of like research. Kerri Lemoie: Kind of consider ourselves a bit of an applied research lab so to speak so what we do is try and stay ahead of the game in terms of what education needs and um Implement you know software and think about standards and and then you know help other people understand it and try it out before they get to it. Kerri Lemoie: 1 Of the projects that we are working on right now this year um is the issue of registry project with credential engine which is another organization in our space that um has a language called credential description transparency language and they also have like a. Kerri Lemoie: Like a directory a surgeon to basically Define credentials that are like employment and education related. Kerri Lemoie: And we're working with them to um. Kerri Lemoie: Sort of look into when research and prototype. Kerri Lemoie: She were Registries for Learning and employment records specifically so we are evaluating any trust registry that we can find. Kerri Lemoie: We are. Kerri Lemoie: Are looking into governance specifically related to education and and employment credentials. Kerri Lemoie: And I will be building out prototypes of testing those out with our software releasing all of this is open source and then putting out a report in the spring with some recommendations. Kerri Lemoie: We think about this as like foundational research for issue Registries and we hope that others will be able to take that and you know build upon it from there. Kerri Lemoie: Um Alex will talk a little bit more about how we are also working with uh render method in our wallet doing some PDF rendering of credentials. Kerri Lemoie: Um Demetri might mention a little bit about something we've just started working on just wallet attached storage which is a way for individuals to choose where they want their credentials to be stored versus just in the data on the mobile wallets. Kerri Lemoie: And then. Kerri Lemoie: Also we recently did some issuer issuing load testing. Kerri Lemoie: Hopefully we get that report out by the end of the year and we did this this is an example of how we work. Kerri Lemoie: We did this because 1 of our members told us well we issue like we might sign 20,000 credentials at once you know what what do we need for servers to do that so we started testing that out so we could let them know we thought we'd write it up for the community so we should have that up soon. Kerri Lemoie: And then also if that isn't enough stuff to keep us busy we also do like advocacy and education so we're participating in something called the ler higher ed accelerator and this is um run by Acro which is a the registers organization in the US and um at least 12 other organizations in higher ed who are promoting the use of verifiable credentials in education um and this is a huge thing um because they are going to be pushing on vendors and registers to start implementing this. Kerri Lemoie: I'm also you know we we write white papers and uh we have a new blog that we're starting to publish to more frequently. Kerri Lemoie: All right I think that is pretty good rundown of. Kerri Lemoie: We do I'm happy to answer questions later on but I'm going to pass this on to Alex. Kerri Lemoie: More about our software. Alex_Higuera_(DCC): Great thanks Carrie. Alex_Higuera_(DCC): So like Carrie mentioned uh we do work on a a lot on open source projects and I'll talk a little bit about them here all together they make up our issuer holder verifier ecosystem we listed them here with some QR codes in case you're interested in checking them out um checking out the repos or you know just some more information on each and I'll just briefly go through our list the first of 2 James will talk about in a later slide. <kerri_lemoie> Link to slides: https://docs.google.com/presentation/d/1VWr-zaRoK4HkN8zTRliaq2ZxqdozjLdGVE6MxiiMVdo/edit#slide=id.g2f6cd62a585_0_645 Alex_Higuera_(DCC): So the issue coordinator issues microservices in the app works by coordinating calls to a signing service and a status service each of themselves running as Express apps which uh with all 3 apps running together within Docker compose but I'll let James talk a bit more about that later. Alex_Higuera_(DCC): The admin dashboard is a system for providing groups like Enterprises schools and organizations with a straightforward way to issue VCS in bulk and again James will talk about that. Alex_Higuera_(DCC): The learner credential wallet is a cross-platform IOS and Android mobile app for storing and sharing digital learner credentials. Alex_Higuera_(DCC): And verify our plus is our DCC hosted website for verifying credentials and allows users to verify any supported digital academic credential and uh it's made with um next.js. Alex_Higuera_(DCC): So next slide please. Gillian: Are you seeing okay. Alex_Higuera_(DCC): Thanks so I'll go into the wallet itself here and this is where we house our learning credentials you can see a screenshot here of our UI and how we present the VCS to the user the wallet specification that we used is uh based on the w3c universal wallet interoperability specification and the w3c verifiable credentials data model it gets a port from the US Department of Education this wallet is react native based which means it could get published to both IOS and Android seamlessly which really helps with development. Alex_Higuera_(DCC): Anyone can Fork this wallet on GitHub and customize it for their Institution. Alex_Higuera_(DCC): Um we do provide templates as well. Alex_Higuera_(DCC): uh it's. Alex_Higuera_(DCC): Private and that we don't collect or store information on our end um about you know the users's info it also render method that uses HTML over SVG since we noticed that some of our users of the wallet had trouble displaying long names when exporting to PDF. Alex_Higuera_(DCC): And the wallet is fully open source it uses the VC data model open badges 3.0 VC API as well as trappy and uh signature methods and Open Standards too. <kerri_lemoie> We aim to present on our use of renderMethod some time in the future! Alex_Higuera_(DCC): And going forward we're currently in the process of transitioning ownership of the wallet to the open Wallet Foundation over at the Linux Foundation um with the hopes of garnering more um open source Community Support in continuing to develop the wallet. Alex_Higuera_(DCC): Next slide please. Alex_Higuera_(DCC): All right our verifier plus project is a DCC hosted site for verifying VCS it's a tool for uploading credentials and it allows users to verify any supported digital academic credential it uses unique public links in the form of URLs for sharing online that can be destroyed whenever so hence its privacy preserving because sharing isn't tracked uh the VC shown here is just an example um that can provide a public link for credentials also sharing on LinkedIn via the wallet where it gets uploaded to V plus which provides the public URL and for anybody here that's interested if you wanted to just kind of test this out I provided a link to a spreadsheet where you can buy provide your name and email address and we can send you a sample credential via email. Alex_Higuera_(DCC): Uh and I think that's it for me I'll pass it over to James now. James Chartrand: So Alex went over the uh holder and verifier parts of the ubiquitous or Bible credentials triangle and I will talk a little bit about the issuer part of that triangle. James Chartrand: It's basically it's very simple um it's just a set of services that are VC API conformant these are dockerized nodejs apps Express apps. James Chartrand: Um we publish images for each of these apps in dockerhub. James Chartrand: Um and the part of the reason for that is just so that we we don't want people when they're trying out the software because we've we found that a really important part of what we're doing as Carrie said is advancing the use and understanding of verifiable digital credentials and a big part of that is trying to make it as easy as possible for our members to evaluate the software and also to understand what's involved with digital credentialing um so by splitting everything up into these much smaller um discreet Services is it allows some of the people that are doing the evaluations so specifically the tech people at the different universities and colleges. James Chartrand: Kind of under the hood and understand exactly what's going on so for example with the signing service they can see oh I post a verifiable credential to the signing service and I get back the same verifiable credential with the proof that's been attached so it's kind of a way to help them understand um more easily what's going on. James Chartrand: So we. James Chartrand: Images to Dr Hub um. James Chartrand: And as I said these Services can be used individually like the signing service or they can be wired together um in typically in something like a Docker compose that simply references the images and Docker hub. James Chartrand: Um a prime example of how the services can be put together is the admin dashboard that we have um so this is a Docker compose that wires together uh a bunch of the different services so the workflow coordinator bitstring status list um the signing service and a coordinator as well as uh the UI front end for um. James Chartrand: Acting with the credentials. James Chartrand: So some of the features of the dashboard um for those of you that want to give it a try and again the dashboard is kind of a nice way to get into um the services that we offer uh we've got a Docker compose put together that you can get to from the link that's up at the top of that slide there the deployment guide and you can start up that Docker compose very easily with a single command provided you've got Docker installed on your computer and if you do then you can fire it up and then you can take a look and see how we've made it um pretty easy for people to upload CSV data into the admin dashboard browse some of the credentials that they've uploaded set up a template for the VC that you'd like to issue set up an email template for the emails that will get sent out to the recipients of the credentials um and a way to. James Chartrand: Do exactly that send the credentials out so that the recipients receive emails. James Chartrand: Um we've also got relocation in there and again I mentioned that we use the bit string status list um so that you can go in to this admin dashboard and do the revocation. James Chartrand: Um some of the documentation that we provide for all of this is that we've got GitHub readme for all of the. James Chartrand: GitHub repositories and they're pretty comprehensive. James Chartrand: The deployment guide which again is linked um from the top of that slide tries to provide an introduction for specifically for our members um so for people that might not be so familiar with everything that's involved with setting up a digital credentialing system uh to try to take them through you know some of the issues and point out some of the choices that they have. James Chartrand: Um as part of that deployment guide we've also got starter compose files so you can take a look at those and you can fire those up which will fire up our simple issue with coordinator or the Advent dashboard and let you get going and try it out. James Chartrand: That's about it. James Chartrand: I will pass it over to Demetri. Dmitri Zagidulin: All right uh yeah so uh as part of as part of the work that uh Carrie and Alex and James described uh we we come up against basically all the corner cases and a lot of the specs we work on in the ccg. Dmitri Zagidulin: Uh we we came up uh against for example let's take uh the render method so we created the issuer service verifier service and a wallet. Dmitri Zagidulin: And 1 of the things that we kept hearing from customers is okay but can I print this to a PDF I've got this verifiable credential is there is there any chance I can make a PDF out of it. Dmitri Zagidulin: And so we're like okay uh yeah let's explore some of that and we took a look at the. Dmitri Zagidulin: The early sort of uh specifications being worked on in the various communities. Dmitri Zagidulin: Uh comp. Dmitri Zagidulin: Uh and and took a look at the render methods Prospect and we're like yeah let's let's use this and so we we put together a um a prototype demo of this is how you render uh credential using a template that is carried inside the credential. Dmitri Zagidulin: Uh and our helpful helping along with that spec so. Dmitri Zagidulin: Basically all of the specifications that we use if we such as you know verify the credential but also the protocols like VC API the data models like 1 AD texts uh open badges version 3 which is based on verifiable credentials uh whenever we come across a a corner or an edge case that doesn't have uh What uh what the use case needs or what the education space needs we like to contribute back to the specs and and work with all of you. Dmitri Zagidulin: Uh to. Dmitri Zagidulin: Make it happen. Dmitri Zagidulin: So that's basically what this slide is about uh the CTL advisory groups thing is interesting because so. Dmitri Zagidulin: We've just started talking about sort of trust Registries in this community right over the last couple of couple of years. Dmitri Zagidulin: Uh we we understand that when you hand somebody a verifiable credential and it's signed by a key. Dmitri Zagidulin: Is opaque to the verifier or it did rather the did is still opaque with a verifier uh and so they need to look it up somewhere in some directory that says okay uh this opaque did is mapped to this known entity and the entity is authorized to issue such and such credentials so we need a spec for that and there is uh. Dmitri Zagidulin: Half a. Dmitri Zagidulin: Current specifications that are that are dealing with that including ccgs verified issues and verifiers. Dmitri Zagidulin: The open ID foundations open ID Federation spec uh the diff um I forget what I was forget what it's called Uh trust establishment spec. Dmitri Zagidulin: Uh but also trust over IP uh and and a bunch of others right so there's a number of applications so what the 1 of the projects were involved in with credential engine is basically comparing and contrasting all of the trust registry specifications. <kerri_lemoie> More on the Issuer Registry Research Project: https://wiki.dcconsortium.org/app/page/104B3XcWilwLfIXO8VqaF_ym7yl8w77ZX?p=1h1VJHHv2zSe0n9Ltg-KQevSuqWbGcExy Dmitri Zagidulin: And then picking 1 or 2 and operating a registry for a year and and writing about what it was like to operate so it's that kind of work of first look at the existing specs see which ones need to be expanded and then let's get some Hands-On implementation experience with it so that we can uh feedback to uh to the various organizations. Dmitri Zagidulin: Uh I think I'll I think I'll stop there and and hand over to the next uh slide. Gillian: Awesome thank you Dmitri let let me just run through this and and Carrie's got a few more points and then yeah we'll be happy to to take questions from the group um part of our a big part of what we do at the GCC is is also working to make sure that um materials and resources that help people better understand um how they can both Learners using their data issuers providing the best um options for their clients and verifiers learning the best way to obtain skills or to to learn about the skills and achievements of of folks um it's by making these resources available publicly um and so just um an overview of where and how we offer these things our website digital branches at Mita edu has some white papers and research on it um but our Wiki which is linked here um is quite a trove of information that is ever growing so it contains info on on their private credentials in general and how and and our rationale for promoting their adoption. Gillian: in higher education. Kerri Lemoie: https://lermap.t3networkhub.org/ Gillian: Um and also the the case studies that Carrie mentioned earlier um I uh are all of our open source code is available at our GitHub or uh in here and I think we'll share these slides out with the group afterwards I imagine um so that you have that link and also the link that um directly to to the deployment guide so you can see more um about the how to deploy the issuer tools and the the learning credential wallet is James and Alex were talking about earlier um some of you may have already heard about the cellar ecosystem map this is a collaborative effort to kind of map the ecosystem to show who the different stakeholders that are involved in the learning learning and employment record or L ecosystem how they what their work streams are where they interact and um what are some kind of action items folks can take to promote adoption um we host quarterly Community calls that are spotlighting the interesting work that's being done in the space um whether that's around you know a verifiable credentials or um developing interesting like approaches to governance for micro credential. Gillian: Those types of things. Gillian: Um if you're if you have an initiative that you think is cool and and aligns with the DCC please feel free to reach out and we we can talk about potentially hosting you on a community call um and then um to we're going to mention a little bit more about membership I think in a slide but just to to dangle the carrot um we do have a technical working group that's for for our members we hold those monthly um and some other and plenty of other uh um internal meetings for our member institutions but we also do host um Tech and membership office hours and so once a month um and I can send follow up with information on like when those are exactly and how they do require registration so how you can register for them um but if you're if you're not a member and you just have um tech support questions you can join the tech office hours um and Alex and James and Dmitri or 1 or all 3 um some combination will be there to answer your questions and then once monthly if you if you have an inquiries around membership and what's a different benefits are um I host the membership office hours um. Gillian: once a month as well. Gillian: Those are open. Gillian: To the public um. Kerri Lemoie: Membership: https://wiki.dcconsortium.org/app/page/1-J7FgCK_jubicOukzhDWlI7IIZcbe1CXgitoaz_V724?p=1h1VJHHv2zSe0n9Ltg-KQevSuqWbGcExy Gillian: Real quick because this kind of scrambled to get to add 1 last slide about membership um there is plenty of info on on the wiki about this so we have 2 tiers of membership who are member and member the main distinction being that um we we do Focus much of our efforts on supporting the goals and needs of the the membership in the entire Consortium but the the former the core members get much more kind of bespoke um technical support so if there's something in core member 1 or needs we will you know see prioritize um creating or iterating on that technology um but if you're interested um if you represent a post-secondary or higher education institution anywhere in the world um we we encourage you to to reach out um Carrie I'll hand it back over to you for anything I missed about um membership or and and these announcements in general. Kerri Lemoie: No you did great thank you and thanks everybody um before I get into the announcements um you know I just sort of want to re-emphasize um our focus on our membership and um I'm not sure we'll ever be like a very huge um organ like a you know Consortium we want to be big enough that we are. Kerri Lemoie: Addressing needs and learning more right we like to just really really believe in global interoperability and we really believe in um individual access to their their data and privacy and so we we know this is a very important angle and we know that the education space is very interested in this and we really do believe in community and that's what we're trying to build out um at the DCC um so um yeah if you know of anybody who is interested please have them reach out and we'll help you be happy to talk to them. Kerri Lemoie: Um okay yeah so some announcements um diff hackathon I mentioned this so I put the link in the chat earlier. Kerri Lemoie: If you haven't heard um diff is hosting a substantial hackathon it's going on right now through November 4th um that link right there will um will get you to the page that explains more. Kerri Lemoie: Um hold on I was just going to pull it up so I could look at it too. Kerri Lemoie: Bear with me here. Kerri Lemoie: Um so the education and let's see there. Kerri Lemoie: Okay so the education strand the education Workforce strand has a whole bunch of um different challenges um 1 is for um demonstrating um applications where people are using verifiable credentials so this 1 is pretty open this is for Learning and employment experiences um we're looking for people to propose you know credential types data models um and show how they can be used. Kerri Lemoie: We're also looking for um more power in VC tools so multiple language support because we know that we all need that but we really need an education um especially to promote like cross border Mobility um and also browser integration on 1 of our members had suggested wouldn't it be great if we could just have more browser integration with a verifiable credentials um maybe even using render method right um how can you plug in a VC into the browser and just look at it because part of what we want to do is really encourage um you know not just understanding but ease of use. Kerri Lemoie: Um other also other tasks that you could do as part of the hackathon 1 is to use render method um to help. Kerri Lemoie: Uh to suggest how credentials could be displayed in the learner credential wallet this came right out of um plugfest feedback so all of these these tasks are really based on a continuation of the plugfest that jmf and VC Edge you had in the past. Kerri Lemoie: So uh we are really looking at like how can we display credentials better in wallet um because we know there's so much data that could be displayed how would wallet decide what to show. Kerri Lemoie: Um and also the same for verifier plus we are sort of looking for ideas as how to improve verifier plus because it's all open source we welcome anybody to join um and get prizes the prizes are pretty substantial um between like 2000 and 2500 for some of them so definitely check that out and join us for that. Kerri Lemoie: Um next coming soon so um we are working on a work item for the ccg um it kind of got paused just due to travels and conferences um working on this um with jmf and also diff and others um this is a working on an item for a credential template directory. Kerri Lemoie: This is a place where people could put examples of data models and credentials um. Kerri Lemoie: To help others you know understand how to build out the contents of VCS. Kerri Lemoie: We at the DCC we we don't really focus on the insides of the credentials although we try to support what our members need but what we really want to do is provide examples so people can understand how to do it and the more similarities we have right the the more interoperability will encourage. Kerri Lemoie: So um stay tuned for that we're filling out the forms and should be back in a few weeks or so to present that here. Kerri Lemoie: Um and then also um what we're working on with our members is a degree credential template which would go into this template directory um and we've been working with our members and also looking at the European learning model to determine what a degree could look like as a verifiable credential using standards like open Badges and European learning model. Kerri Lemoie: So we like to get some examples out to the world. Kerri Lemoie: Um and and help people understand why verifiable credentials um are great formats for degrees. Kerri Lemoie: Then lastly I'm just putting iaw on here like most people here know iaw is coming up sadly I will miss it but um most of our team will be there and um I hope you all have a great time. Kerri Lemoie: And um that is it for our presentation I believe unless the team is anything else they'd like to add that I forgot. Kerri Lemoie: Or otherwise opened a questions. Patrick St-Louis: Um I have a quick question about the sharing feature of the wallet uh when you mentioned sharing is it just the wallet would display the credential for a software to um um have a look at or are you are we talking about sort of a presentation request based sharing from the wallet. Kerri Lemoie: Um I'll start that answer Patrick but I don't I'll hand it over to the team to get into more details um 1 is that we make it possible to create a share link like a public URL that goes to verify it plus. Kerri Lemoie: Um an individual could create a link for their credential um and then shared anywhere like on LinkedIn and where have you and it would show as verifiable in real time. Kerri Lemoie: Um but we do also um do like exchanges and presentations and um maybe I'll estimate tree if you might want to describe Demetri how we set that up. Kerri Lemoie: With the. Kerri Lemoie: I'm putting him on the spot here. Dmitri Zagidulin: Sure yeah no problem uh so if I understand if if I understand your uh question correctly Patrick uh this. Kerri Lemoie: https://github.com/w3c-ccg/vc-render-method Dmitri Zagidulin: This rendering template is it just for the wallet is it for other software uh and the answer is so fortunately it can be used for both uh render method for for those who are not familiar with it I highly recommend uh taking a look at the ccg drafts back uh its various things 1 is uh yes it's uh it's an aid for how to display unfamiliar credential times right so at the moment pretty much all wallet implementations for each new credential type. Dmitri Zagidulin: The the display screens are hardcoded that that's that's how it started out and so when the question becomes so what happens if we want our wallets to be general purpose what happens when a wallet um encounters a new and unfamiliar credential how do we display it. Dmitri Zagidulin: Well we can dictate a couple of fields in common right we can say oh we would very much prefer if all verifiable credentials have a uh a name property or a description property that way our wallets can at least display that um so so that that's 1 approach the other approach is of course to. Dmitri Zagidulin: Have this uh list item rendering template and yes of course there's um all sorts of security considerations you want to make sure that whatever template that you use whether it's SVG or HTML or something else that you want to want to make sure and sanitize it um tend to make the the display secure. Dmitri Zagidulin: But yeah so displaying the wallet is 1 use case for render method uh Second Use case is for any sort of verify or relying party once they receive the credential uh it would be nice for them to be able to be able to display to the user new and unfamiliar credential types. Dmitri Zagidulin: Uh and then and then the third sort of major class of use cases is to switch between different display modalities for example how would you render a credential in audio for conversational interfaces how would you render a credential for a braille uh or other uh assistive technology. Dmitri Zagidulin: And how would you uh how would you under a credential when somebody hits print right so we have a chance just like HTML web pages. Dmitri Zagidulin: Where when you hit print there's a technology for the designer to be able to control what happens there's print directives in cascading stylesheets this is a similar sort of thing for okay what what I want to print out the credential or when I want to export it to another format such as PDF. Dmitri Zagidulin: The the software can turn to the render method template does that answer your question. Patrick St-Louis: Um that is interesting over that wasn't exactly my my question but this was all interesting information I was asking more on the concept like if I have a wallet I have I don't know a couple diplomas in there and then I need to present 1 of these specific diplomas to a verifier is it my job to select which 1 I represent provide uh public URL and then show this to the verifier or is it a way for the verifier to ask the wallet directly and then sort of the wallet front me. Dmitri Zagidulin: The latter well so yeah great question uh so. Dmitri Zagidulin: At least in the way we're using it so far and in the way the the render method paper was um sort of envisioned uh it was it's not meant to communicate the structure of the credential during presentation. Dmitri Zagidulin: Uh there are other the other specs that do that for example the Pres the diff presentation exchange that tries to do that. Dmitri Zagidulin: So here the idea is not that the render method the template. Dmitri Zagidulin: This beats directly in the exchange protocol it's more that once the requests are received the credential once the verify receives the credential how they display it afterwards does that make. Patrick St-Louis: Yeah yeah makes a lot of sense. Patrick St-Louis: Yeah yeah can I just 1 more so regarding the uh you said when I get issued a credential I get the share URL um is there any mechanism to prevent uh like credential hijacking so it was mentioned that these URL could be deactivated so I guess they are just random URL that are generated and it's based on the fact that only the recipient would know this URL is there additional sort of authentication mechanism to these URL or they're just really a public URL that someone needs to know to get the credential. Dmitri Zagidulin: Yeah great question great question uh so let's talk about that so I think the share URL problem is going to be familiar to any of you who are wallet implementers right the moment so say we get everything right we have our issuers working we have our nice wallets uh we've got the workflow where uh let's say a student gets a diploma or a course completion credential into their wallet then the question becomes so now what what can they do with it. Dmitri Zagidulin: And 1 of the. Dmitri Zagidulin: Asked uh sort of features is well can I email it to someone or can I text it to someone. Dmitri Zagidulin: So the first set of generation of implementations just added it as an attachment like literally the raw Json of the credential just slap it as an attachment to an email an email very doable uh very easy to implement. Dmitri Zagidulin: Problem is of course the receiver doesn't know what to do with it so what us and a lot of uh other teams independent leads have stumbled against is I would be nice to. Dmitri Zagidulin: Instead of sending it as an attachment to save the raw Json of the credentials somewhere accessible on the net because then you can do 1 of 2 things you can either send the direct link although you have the same problem as an attachment what's the receiver going to do with raw Json. Dmitri Zagidulin: Uh a better yet you can feed that link to a viewer app so uh sending example.com my VC Json you can say example.com viewer app and then pass in. Dmitri Zagidulin: That um just a couple of things. Dmitri Zagidulin: 1 Is to start with you know implementation uh we just started with public credentials with no access control so it is it is a random link uh to and we're careful in the UI to say okay now remember this is just for public credentials. Dmitri Zagidulin: Because anybody can pass along your link and and people will be able to view it there right so don't don't put highly secret things uh don't use this method for sharing for highly secret credentials. Dmitri Zagidulin: As as we can all probably picture that that's very limited we don't want to just rely on the UI and user instructions for anything like that so we do want to add. Dmitri Zagidulin: Some kind of access control their uh now because the user can hopefully controls the storage that they're uh that they're saving it to that they're sharing it to the user can always delete the credential from from that storage so the link breaks and again that's not that's not the best experience but at least the user has that uh sense of control the user can't for example and this is this is a very real uh example that uh that works right now I can save like manually download the raw Json put in my Google Drive and then share share it as a file and then I can use the authorization uh from Google Drive Right the either people or groups or anyone with the link right I can use that but we're also and this is where the concept of wallet attached storage comes in uh we'd also like to standardize right like we we don't want all of these disparate cloud services like Google Drive and Dropbox and fund drive and all of these things all of them have uh slightly different incompatible clients and different incompatible Access Control models. Dmitri Zagidulin: It would be great if we could use some of the stack of bids and verify the credentials and authorization capabilities to uh to standardize to unify that storage interface so that wallet users can uh can get used to it can can start uh getting educated about it so hopefully that answers your question. Patrick St-Louis: Yes thank you. Harrison_Tang: Yeah um I'm just curious like where are we on the kind of the adoption cycle in other words like our uh higher ed uh institutions like uh issuing the credentials or vert use using this to uh verify or if not yet like uh where are we on that. Kerri Lemoie: Yeah I can speak a little bit to that Harrison so some of our members we know are issuing verifiable credentials some of them are issuing them as degrees and some of them are issuing um as a micro credentials or or just um you know badges. Kerri Lemoie: I would. Kerri Lemoie: Kids still really early like we are still really much ahead of the curve so that project that I spoke about the uh the Lear higher ed accelerator is really intended to bring on board understanding in in higher ed um 1 of the reasons the DCC is focusing on on degrees versus other types of of credentials um in education is because a lot of Institutions are already issuing some kind of digital format of a degree so it's an easy conversation to have with their it Department. Kerri Lemoie: You're not there where it's early but that's like part of what we're doing and so we're trying to make it you know easy to understand and um as useful as possible so that um you know we start increasing adoption. Kerri Lemoie: Um open that is 3.0 just was finalized this last spring. Kerri Lemoie: So I think there are many institutions who are just keeping an eye on what others are doing and I expect for the next couple years we'll see a lot more issuing. Kerri Lemoie: Um I should also say here and said that on the verifying side so a lot of. Kerri Lemoie: A lot of work that's happening in the education and Workforce space has to do with something called skills-based hiring and they are really focused on working with employers to Define skills inside of these credentials and um that will will help people get jobs so I think there's a lot of work being H happening right there in terms of um of that work and so for like social Mobility helping people get hired faster help people get hired who don't have degrees um that kind of stuff. Harrison_Tang: Started and by the way just a quick note you probably know already know this but a lot of companies when they do a skill-based hiring the skills definition uh we just use a LinkedIn Talent insights and then I know LinkedIn has spent a lot a lot of money and a lot of resources like categorizing and like do standardizing these definitions so. Harrison_Tang: uh you might. Harrison_Tang: I want to look. Harrison_Tang: You haven't accessed uh haven't looked into it yeah. Kerri Lemoie: Yeah thank you Harrison. Kimberly Linson: Patrick oh no uh sorry Stephen. Nate Otto: +1 Lots of work happening on skills-based hiring. Need even more focus on verification experiences for learning credentials for skills based hiring use cases (included understanding the skills and including trust navigation of issuers.. consumers won't necessarily know which issuers they want to accept credentials from in advance) Stephan_Baur: Yeah thank you I. Kimberly Linson: Was ignoring you Stephen. Stephan_Baur: I was not quite sure how this works with the Q Plus finger um my question is I assume in the um educational VCS you use a date for the subject to bind it to the person. Stephan_Baur: Of that I'm kind of thinking well so if I can actually store the credential for a long time that's good but if I cannot store the private key Associated to the subject did um then I can no longer really prove that I am the person that is bound to and of course you can refer back to first name last name and things like that to to link it um but the challenge I just want to double-check is is is that true are you are you using a subject date and and if so what kind of sort of operational practice does need to be established for people to to know they need to kind of store the private key as well um for decades right when they still want to you know prove that they are actually the person Linked In the VC. Kerri Lemoie: Yeah and that that is a great question I I'll say a little bit here but others in the team might want to jump in um I I can explain mechanically that we're using did key um when someone uh you know downloads the wallet installs it we create a profile Associated um with a did key um and they can create additional profiles for digital DS if they'd like and then when they request the credential from the issuer um that did is sent to the issuer so that it can be signed as part of the subject of. Kerri Lemoie: The credentials um part of why we're looking at a degree data models is the identity part um degrees are are considered somewhat I I won't say legal officially but you know they're more legal documents and they often contain uh like names right so in these cases right now we are just really relying on on putting um identification like names inside of the uh the credential subject. Kerri Lemoie: New we we haven't really done too much about you know storing the keys forever um but I I assume Demetri and others on the team like may have something to say about that. Dmitri Zagidulin: Yeah it's a great question and I think all the verticals are going to need to answer that question and not just education like Kerry mentioned uh 1 of the reasons it's nice to work in education as a vertical is low expectations meaning people are already used to. Dmitri Zagidulin: To looking at a lot of the credentials such as diplomas or uh public certifications as public credentials so there's less privacy concern there's less user push back for using their legal names because when applying those legal names are still going to be checked and so on I'd like to look at uh this question of should you use DDS in a credential on a spectrum right so imagine uh a left to right Spectrum on uh the very left are low threat low value credentials such as I don't know uh 50 cents off coupon off of breakfast cereal you can model that coupon as a verifiable credential do you need to bind it to a subject well not in all cases in some cases the the credentials are so low value low threat that you might not even need to bother you can just use them as Bearer credentials all the way on the other end of the scale is. Dmitri Zagidulin: High value High threat use cases where Biometrics are required right so it's not only are you going to have a subject did and and bind it cryptographically but the use case requires for legal reasons that uh legal identity is bound to it a picture voice print and so on right so imagine uh 50 cents off coupon on 1 1 end and access to a military installation on the other. Dmitri Zagidulin: So credentials with only a did but no legal uh no no legal identity. Dmitri Zagidulin: Narrow band in the middle of that Spectrum uh to like to the left of that band you don't need the legal and to uh to the right of that band you are required to have the legal. Dmitri Zagidulin: But but but the number of use cases where we can get away with just the subject did without anything else are actually fairly narrow so I want I want everybody to keep that in. Stephan_Baur: 3 meter just so real quick then maybe was it is it then true that you you would bind to the subject date or you would not or you would just simply leave it optional. Dmitri Zagidulin: For the moment uh we're leaving at optional for our issuers uh to see to see how it all develops. Stephan_Baur: Yeah I I think it would be valuable. Stephan_Baur: To make the private key in if you have a wallet as well to make the private key exportable as well and then you just store in a highly secure environment the credential and yes actually the private key matching to it so that you online at least can can prove ownership over it. Dmitri Zagidulin: The fun you should mention I I totally agree uh 1 of the 1 of the specs that were uh collaborating with diff on is specifically a wallet export container a secure container where you can export not only the credentials but also the DS and private keys with all of the caveats uh and security warnings of doing that. Stephan_Baur: Exactly yeah thank you that that clarifies it thanks. Kimberly Linson: All right well thank you everyone thank you everyone from from DCC for sharing with us and I hope everyone has a great rest of your day. Kimberly Linson: Look forward to seeing you. Kerri Lemoie: Awesome thanks for having us. Kimberly Linson: Thank you anytime.
Received on Wednesday, 16 October 2024 16:07:46 UTC