[MINUTES] Data Integrity 2025-07-11 from meetings@w3c-ccg.org on 2025-07-11 (public-credentials@w3.org from July 2025)

From: <meetings@w3c-ccg.org>
Date: Fri, 11 Jul 2025 23:12:13 +0100
To: public-credentials@w3.org
Message-ID: <CA+ChqYdQuMnsORa=68NOO8h1dzXF3t0NoCniUqLXrnwv54XMOg@mail.gmail.com>
W3C Credentials Community Group Data Integrity Call Summary - July 11, 2025

*Topics Covered:*

   - *GDC Updates:* Discussion of the Global Digital Collaboration event,
   noting the US corporate presence, concerns about centralization and
   surveillance, and lack of government representation. Longfellow ZK
   presentations were mentioned but no detailed discussion occurred.
   - *BBS Updates:* Progress on the BBS pseudonyms work, aiming for a last
   call on the base draft. Discussion of post-quantum cryptography challenges
   with ZKPs and BBS, highlighting the difficulty of integrating with
   lattice-based techniques and the need for alternative solutions or fallback
   mechanisms for post-2030. Exploration of quantum-resistant cryptography and
   key distribution was also briefly touched upon.
   - *Quantum-Safe Crypto Suites:* Review of Dine and Forkbomb's MLDDSA
   crypto suite implementation using Zen Room. Next steps include updating
   suite names, selecting public key identifiers, and addressing base encoding
   inconsistencies. The integration of common algorithms into data integrity
   specifications was also planned, pending the VCWG's return from summer
   break.
   - *Data Integrity Presentation (September):* Planning for a September
   presentation on data integrity, with ideas for a tutorial format using
   Jupyter notebooks, focusing on foundational technology and the flexibility
   of the data integrity approach to accommodate evolving cryptographic
   methods. The presentation will emphasize the ability to upgrade
   cryptographic methods without impacting the core format. Integration with
   existing tools like the credential playground was also discussed.
   - *Refactoring Data Integrity Specifications:* Discussion on refactoring
   the data integrity specifications, potentially starting with a smaller
   subset of algorithms to gauge the effort required before tackling a
   complete overhaul. The goal is to improve clarity and address repetition
   within the spec.

*Key Points:*

   - Significant challenges exist in integrating zero-knowledge proofs with
   post-quantum cryptography, potentially necessitating fallback solutions.
   Hash-based solutions or tokenization approaches are considered as potential
   backups.
   - The data integrity approach offers flexibility by allowing
   cryptographic upgrades without modifying the core credential format. This
   is a key advantage compared to other approaches.
   - The community is exploring different approaches to address the
   post-quantum cryptography challenges, including investigating SQI pairing
   techniques and developing tokenization services.
   - A September presentation on data integrity is planned, likely to
   include a practical tutorial format using Jupyter notebooks and potentially
   leveraging existing tools and resources.
   - Refactoring the data integrity specification is needed to improve
   clarity and generalizability. A phased approach, starting with a subset of
   algorithms, is suggested.
   - The "experimental" prefix for quantum-safe crypto suites will likely
   be maintained until significant uptake warrants a name change.

Text: https://meet.w3c-ccg.org/archives/w3c-ccg-data-integrity-2025-07-11.md

Video:
https://meet.w3c-ccg.org/archives/w3c-ccg-data-integrity-2025-07-11.mp4
*Data Integrity - 2025/07/11 09:53 EDT - Transcript* *Attendees*

Dave Longley, Geun-Hyung Kim, Greg Bernstein, Hiroyuki Sano, John's
Notetaker, Manu Sporny, Parth Bhatt, Phillip Long, Ted Thibodeau Jr, Will
Abramson
*Transcript*

Manu Sporny: All right, let's go ahead and get started. Welcome everyone to
the credentials community group data integrity call for Friday. This is
July 11th, 2025. we have a fairly compact agenda today. We might get
through it fairly quickly. we wanted to cover some updates from the digital
collaboration GDC which happened last week. if there are anything that
happened during that meeting that was relevant to the work that we're doing
on data integrity it would be good to cover that. I know there were some
presentations on Longfellow ZK that Google did at GDC. and kind of some of
the Greg, if you've got any updates on the BBS work, it'd be good to review
some of that.

Manu Sporny: and then we should spend a decent chunk of time talking about
how to move the quantum safe crypto suites forward. I know that Dine and
Forkbomb did a presentation on their MLDDSA cryptouite implementation that
uses the quantum safe cryptouite spec loosely. So, we need to figure out
what we need to do to kind of keep moving that forward so it's ready for
adoption by VCWG shortly. are there any other updates or changes to the
agenda? Anything else we want to cover today?

Will Abramson: This is just an add-on really. I don't usually send these
calls anymore, but one of the things is the quantum save stuff like I mean
I talk about this more,…

Will Abramson: but I think we should also talk about the refactoring, to
bring some stuff into data integrity.

Manu Sporny: Plus one to that.

Manu Sporny: We can add that to the agenda as well. go ahead, Greg.

Greg Bernstein: If there's a little time left, I'm scheduled to give a
general presentation to u the CCG in September on data integrity and
wouldn't mind some discussion of what might be best. I generally have been
doing these tutorials on this stuff and…
00:05:00

Manu Sporny: Cool. Yeah,…

Greg Bernstein: wouldn't mind some ideas of what I could do because I
wouldn't mind putting together a nice tutorial to go along with the
presentation so people can have that for a reference. So, sounds good.

Manu Sporny: absolutely. We can add that to the agenda as well. let's add
that one further up in the agenda. just so we can make sure that we cover
it. maybe Greg when you cover your BBS stuff, we'll also cover any other
items for the agenda today? All right. if not, let's get started with any
updates from GDC, the global digital collaboration. it was a very
successful event.

Manu Sporny: from what we hear, they just posted, all of the videos from
day one along with the presentation decks. this morning I got kind of a
notification of that. let me see if I can find that email. here it is.
presentations. Let's see. YouTube channel all of day one. So that is
available at this link here which will unfortunately not be saved in the
minutes. but maybe we can share it to the mailing list. so if you weren't
able to attend you can still watch all the presentations from day one. so
that's one of the things that came out of it.

Manu Sporny: the other thing that I know is that there was some
presentation on Longfellow by so that was of interest to the community.
anyone that attended I think Phil were there anything covered that's
relevant to data integrity like privacy preserving cryptography or gaps or
anything of that nature?

Phillip Long: I can go first and be brief. I think the thing that was
probably most notable was well on the one hand the US presence was
primarily by virtue of the corporations m Google and others. there wasn't
any government presence to speak of. secondly, there was a general eliding
over issues associated with centralization. no one there was no plenary
that talked about the MDL serverish side issues or anything like that that
I recall. There was discussion in a subsequent day two meeting but that was
in the educational credentials group because Kim and Carrie and I were
there and others.

Phillip Long: but I think that there was a sense that there's a strong
concern about both surveillance and tracking being reintegrated into
centralized ways of managing and dealing with DIDs. And I believe that
Christopher Allen's in the process of writing something he's going to be
post on posting on his musings thread that addresses this. will

Will Abramson: Yeah, I mean I don't have anything, it was a great event. I
don't have anything that's directly relevant to data for integrity, I don't
think. But yeah, it's a shame. I don't know if they're going to publish
also the day two stuff because I found that most interesting. I mean, day
one is good for overview of…

Will Abramson: what all the countries and in specific domains are looking
at. Day two is really the day I enjoyed most.

Manu Sporny: Okay.

Manu Sporny: Okay. thank you for, the report out, Phil and, Will.
interesting stuff. It'll be interesting to see, what some of the outcomes,
from that, meeting, are going to be. and since we don't have anyone, did
either of you or either of you able to attend kind of the ZKP Longfellow
kind of discussion or have some thoughts on that.

Will Abramson: I did not know.

Phillip Long: No, I did not either.

Manu Sporny: All right. that is that item then review of GDC in ZKPS. we
move into kind of updates from the BBS work. Greg, how things going in BBS
land
00:10:00

Greg Bernstein: What most interesting is to me u so first of all pseudonyms
is moving forward we're going to be presenting at the IETF meeting in the
end of this month. but what we've al also seen is we've seen more
implementers talking on the u IETF list. So we saw Ubico and I think people
from Cloudflare, sorry.

Greg Bernstein: they were going under the name Circle or something like
that, but there were Cloudflare people. so we've been seeing more
implementations. some feedback on This is and so hopefully we're getting
that base draft ready for last call. That's the kind of thing that's is
kind of got stalled with the very long review process because I think
mostly not because of anything terribly technical but I think it just
dropped off people's radar. So net net is that it seems like the base draft
is moving forward.

Greg Bernstein: We've got the PR in for pseudonyms with the everlasting
privacy. We'll be explaining the solution at the CFRG. We had a bit little
hiccup on getting the new draft version of that published, but it should be
coming out next week. And that's mostly what's happening. as far as privacy
preserving stuff and particularly with postquantum we have to kind of
remember that the ZKP stuff is doing things around a non-postquantum thing
right so the long fellow isn't postquantum

Greg Bernstein: Lee Harrow is a postquantum proof technique but it's doing
a proof over ECDSA and I think hopefully other monu techniques that are so
zero knowledge proof techniques that can allow us to prove things in zero
knowledge that are postquantum.

Manu Sporny: Please finish the thought.

Greg Bernstein: They use hash functions and they do cool stuff. But the
base technique is ECDSA to try and take a ZKP technique and put it around
MLDDSA or something like that is going to be a lot more difficult.

Greg Bernstein: And in addition, there are lattisbased techniques for
selective disclosure and anonymous credential techniques. if we've heard of
something called mtru, some of these other lattice techniques use a
trapdoor technique and that is what goes into the one privacy preserving
postquantum item that we've been looking at. There was a paper published
earlier on that. We just been kind of watching it.

Greg Bernstein: But the problem is we haven't seen any place that's been
doing any competition or something like that to get these postquantum
anonymous privacy preserving signatures going. So I know

Manu Sporny: Yeah, I guess that's largely where my question is around I
asked Matteo, there was some good back and forth on the mailing list around
the Longfellow ZK stuff. and I asked Matteo, he said, trying to get to
something that's postquantum is going to be much more difficult. And I
asked him, why exactly is that? I guess it has to do with some of the
complexity of MLDDSA and that I don't know maybe it's building a
cryptographic circuit that can take in a MLDDSA signature is just we're
talking gigabytes in size for the circuit maybe
00:15:00

Greg Bernstein: I think that's exactly what you're getting at because the
lattice techniques are more complicated. you heard in those discuss or the
emails things grew as the size of what you were hashing because basically
you're proving stuff about a hash and so the circuit gets bigger for the
more stuff you're hashing. That's why, they were one of those nice small
sizes of some of the ML doc stuff,…

Manu Sporny: Mhm.

Greg Bernstein: right? It was like, that's kind of small. There's no image
in there, right?

Manu Sporny: Got it.

Greg Bernstein: But that…

Greg Bernstein: but once again there are other lattice techniques that lend
themselves more to a selective disclosure unlinkable proof type of thing
and that was Oliver Sanders or I may be mispronouncing his name and that
research group had some stuff that was doing some of those things and so
it's a good question to put to cryptographers, like Anna and…

Greg Bernstein: some of those folks about that because I think just
throwing a ZKP technique against a lattice or one of these newer methods
might result in, as you said, huge circuits.

Manu Sporny: Mhm. Yeah.

Manu Sporny: I mean, which then basically, leaves us with postquantum
solution yet, And that's a big issue because we're effectively going to
regress back to selective disclosure being the only thing and tokens being
the only thing that's going to actually work. and so, trying to make sure
that we feature proof the community and the solutions. It may be that we
really need to start thinking about what the backup solution is once 2030,…

Greg Bernstein: yes.

Manu Sporny: 2035 hits. we all know how long it takes for cryptographers to
get to the next solution and we know for a fact that hashing should not be
susceptible to postquantum attack and single token usage isn't susceptible
to that and so what we may be looking at is some kind of hashbased solution
as a absolute backup.

Manu Sporny: so there's a question here around can we reuse existing
primitives and provide a worstc case scenario solution in data integrity we
don't get a postquantum secure mechanism in time and so what's the fallback
there and then kind of work forward based on that instead of basically
saying what that we're just not going to have an unlinkable, mechanism. and
we're waiting for one to appear. That feels like a much worse position to
kind of be go ahead, Will.

Will Abramson: So this is maybe a little bit left field but I wondered is
anyone tracking or following anything to do with cryptography. So not quant
postquantum but cryptography that is known to be secure…

Greg Bernstein: It's the key distribution people. Yes.

Will Abramson: because it uses quantum mechanics basically. So it isn't
post it's cryptography that uses quantum computing to be guaranteed to be
in the face of quantum computers.

Manu Sporny: We are at a distance.

Manu Sporny: We know a couple of people that have founded quantum key
distribution. so yes yes yes in a way…

Will Abramson: Yeah, I think it's primal that shot.

Manu Sporny: but again it's like an industry that is going to take I don't
know a decade to form there's so much patents and…

Will Abramson: Yeah, absolutely.

Manu Sporny: and whatever in the space right now and these are all
companies that are hardware anything and so a lot of the focus is on
simulators for postquantum key distribution.

Will Abramson: Early.

Manu Sporny: It just feels, very very early. excellent.
00:20:00

Will Abramson: No, I just share because I mean a couple of months ago I was
at a really cool talk in London about quantum computers and where it's
going and I just share this one link. I'm trying to work my way through it.
It's very deep and mathematical, but this is an excellent course on quantum
information theory and quantum computing if anybody digs that kind of stuff.

Manu Sporny: Dave, you've got your hand up.

Dave Longley: Yeah, I also wanted to direct people to once again the SQI
sign paper. It's got a section there on computing pairings, which is a
technique that's used by BBS to achieve unlikability. And there might be
something to that going forward. That's in section 8.3. And there's a link
to it from that table of contents.

Greg Bernstein: That would be great.

Manu Sporny: Very cool.

Manu Sporny: Yeah. I mean, again, this would be great. I guess what I'm
trying to get at here is that, given how long it's going to take for this
stuff to make its way through, but we could do a couple of things here is
really a question around where do we want to spend our time. we if there's
something behind this computing pairings thing we can do an experimental
crypto suite to try and put something together talk to the authors of SQI
ask them what they're focused on kind of go at it from that angle give them
a set of requirements that we have from BBS and say how would we do this in
the same way with SQI maybe invite them in to come

Manu Sporny: chat here and then that gives us, at least something to point
at hey, if SQI survives, then this thing might also survive. so that's one
and that would be quite a bit of R\&D. We would, as a community have to go
out and try to find where the would we could get the money to pay for that
kind of, level of R\&D. so that's the other thing is for example keeping a
set of effectively random values like a tokenization service where you can
prove in real time you provide a

Manu Sporny: postquantum signed, thing and you get back a postquantum
signed token from some kind of token provider and then you can submit that
as a very short-lived thing. The downside there being is that is 100% phone
home to whoever is giving you the token. Maybe we can create something like
a token provider service where any organization can run one of these things
where it takes an input VC does a transformation checks for a c certain
value and then expresses the value in a short-lived ephemeral VC that is
given to the holder who the holder can then provide and that's the way that
we achieve kind of scalability for the postquantum thing

Manu Sporny: without using any of the unlinkability cryptography but having
effectively an unlinkable token that's generated. So that's another fairly
large effort. it would kind of mirror the way that the true age system is
deployed and worked. we would, end up standardizing something along those
lines to make sure that we've got an answer for the unlinkable problem
that's more decentralized, doesn't phone back to the issuer, that sort of
thing. So that's the other, potential thing we could work on is instead of
trying to figure out a way to get the cryptography to work, figure out a
way to design a system that, does the tokenization of the initial VC so
that it's unlinkable.

Manu Sporny: totally different approach but one where we could actually
build and deploy that system today and then have use MLDDSA or any of the
postquantum things and not have to push any new cryptography through any
system. So, those are two approaches that we could take. any thoughts or
opinions from folks on which one of those we might focus on.
00:25:00

Manu Sporny: All without opinions, we're not going to move forward on
either one of those probably,…

Greg Bernstein: I think there's as Dave pointed out with the SQI and…

Manu Sporny: right? Mhm.

Greg Bernstein: with some of the lattice things, I think there are
techniques if we can get the cryptographic community more interested
There's techniques to do things like the pairings in postquantum ways that
would lead then naturally to anonymous type privacy preserving signatures.
however I'll be listening in on next week at the Simons Institute they're
having their cryptography thing.

Greg Bernstein: This next week is all going to be about proof CKP stuff.
They've got all the big names, but they actually didn't give the titles yet
of the talks. The big names are going to be like Baylor, Gay Cha or…

Greg Bernstein: whatever and such like that. So, I'll see if I can put some
questions to those folks. See what they say.

Manu Sporny: All right.

Manu Sporny: Sounds good. please keep us apprised. but I think in the
meantime, we're going to keep pushing the quantum safe crypto suites
forward. and please anyone report back in if they see something interesting
happen in the unlinkable postquantum all right so that is that item. you
also wanted to cover the data integrity presentation. one thing will I keep
forgetting to mention is I am not going to be here next week.

Manu Sporny: I will not be able to give an update on…

Manu Sporny: where we are with a number of the specifications. Hopefully
somebody else can cover that. I won't even be able to update the slide
deck. I'm just overwhelmed with much on my plate.

Will Abramson: Yeah,…

Will Abramson: no worries. No worries.

Manu Sporny: But know that stuff is moving forward these are the specs that
are moving forward at a rapid clip. and we probably do want to cover them.
so hopefully there'll be folks to speak up on each one of those.

Will Abramson: Issue 250.

Manu Sporny: Yeah,…

Will Abramson: That's issue 250.

Manu Sporny: issue 250 in the community.

Will Abramson: Yeah.

Manu Sporny: Okay. let's see. Here's the link there. let's see…

Will Abramson: I wanted to speak on Greg's thing about the presentation on
data integrity,…

Manu Sporny: what Yeah.

Will Abramson: but it's not till September, yeah, I mean one thing and…

Greg Bernstein: That's the September 23rd.

Will Abramson: you wanted to demo and one thing I could maybe help with we
could see one thing I like to do is use Jupy to notebooks. I have a Jupyter
notebook that works with SECP 256K1 and you run through every step in the
crypto suite and the data integrity right and you can document each cell
that you run and explain why. It's kind of like an explanatory demo that we
could run through on the call.

Greg Bernstein: Cool. one of the things I was …

Will Abramson: Also, people could run through it for themselves to just
kind of get a feel for what's really going on if that's the kind of thing
you're looking for.

Greg Bernstein: there's two different things I've been thinking of now. I
know. Go ahead. Okay.

Manu Sporny: No, please finish the thought.

Manu Sporny: I was just going to link you to some other material that we've
used

Greg Bernstein: So now I've done a bunch of these different talks and I
also did all the test vector code and I have all my repos for I do think
I've done stuff with JavaScript. it's little easier sometimes than I like
Python and all that but I've done all my prototyping for this stuff in
JavaScript. The other thing I also have not only did I do the test vectors
but I also have a test server. When we were very early on some of the tech
and data integrity I did server implementations for so other people could
interop against when we didn't have a lot of people when we first did
selective disclosure ECDSA.

Greg Bernstein: I talked with Harrison we were saying it would be like
implementing data integrity and I have two different themes I was thinking
about one was I used to teach pro web programming where he taught people
all the tech behind building a website and then adding in everything to
give you login and the sessions and all that stuff. And I thought about the
same theme what would it take if you had a university club or some kind of
club and you were going to have them give out credentials.
00:30:00

Greg Bernstein: you're going to have a wind surfing club and you're going
to give out credentials to see if people could check out equipment and such
like that and a whole kind of thing about what it would take and could you
do this all with our tech, because I don't do open ID and such like that
and I server side stuff, I issue credentials and such like that. I never
actually went into somebody's wallet or something like that. So, that's
what kind of one theme of a very small user, right, group, not big company.

Greg Bernstein: The other thing I was thinking about which is maybe a
little bit more technical but in data integrity we've got proof sets and
proof chains which are these nice mechanisms that really go nicely with
kind of business rules and such like that. And I also was noticing that I
was looking at some stuff, BC for wireless and I noticed that the BC API
stuff has some workflow kind of stuff and I was thinking about wow could I
combine is that of the right maturity that I could come up with a signature
chain workflow thing to demonstrate how powerful proof sets and signature
chains are.

Greg Bernstein: So those are my two kind of things and I would once again
have a slideshow but behind it I'd open source code maybe a more documented
tutorial to help people see the power of either of those things. So those
are my two ideas.

Manu Sporny: So just my two cents I think it might be more broadly useful
to step through the base technology when we get to proof sets and…

Manu Sporny: proof chains in the VC wireless stuff we can get pretty fancy
there but I think without some kind of tutorial on just the low-level stuff
I think we're kind of jumping ahead too much. so to be clear,…

Greg Bernstein: Okay. Yeah.

Manu Sporny: I don't know if we've seen a whole bunch of immediate use
cases around proof sets. Absolutely. Right. the immediate use case there is
you want to do ECDSA and…

Greg Bernstein: Yeah. questions.

Manu Sporny: you want to do postquantum and you want to issue one
credential that's where you'd use a proof set, And the proof chain stuff is
more like notary an endorsement, style use cases. But even then, some
people disagree on is a notary two signatures or is a notary, an additional
VC? And I think you want to kind of avoid those kinds of, discussions.
yeah. So,…

Greg Bernstein: Yes,…

Manu Sporny: so I like, what will said a lot about Jupyter Notebook step
people through kind of the processes. What I wanted to point you to is we
do have some core material that we've used in the past. So feel free to use
of this stuff, any of these diagrams,…

Greg Bernstein: the nice the beautiful diagrams.

Manu Sporny: so there's some, and these are very old slides at this point.
This is when we were just starting the work. things have updated. So be
very wary of number of implementations. Those numbers have grown quite a
bit since then. so that we've got one on data integrity and then we have
one on kind of very specifically selective disclosure in data integrity.
that gives you kind of what's the size of the signatures as you add
statements what's the size of the revealed thing.
00:35:00

Manu Sporny: how do you step through and sort and secure and sign and then
request and deliver the credential. so there's a lot of stuff you could
just copy and…

Greg Bernstein: Damn it.

Manu Sporny: paste from this. So please feel free to do that. that's it.

Dave Longley: And I wanted to make the point that it's implicit in sort of
these slides and everything. the strength of the approach whereby the
format of these credentials does not have to change, but you can start
securing them in any number of different ways and you can add new securing
mechanisms without affecting everyone else up the stack who's consuming
verifiable credentials because fundamentally they don't have to change
their software to process the format use it in any way. new cryptography
can be added to it. And that's something that's unique about the approach
that as if you walk through these sort of slides that are on the screen or
if you did s talked about sold you can implicitly get that because it's
like I can repackage this into a much smaller bundle send it and I don't
lose the cryptography but other formats don't let you do that.

Dave Longley: you lose the protection and other formats like how we're
talking about with MDL and applying ZKPs to it it's an inefficient process
and they'd have to change their format and everyone who consumes MDLs would
have to change how they pro receive and actually use the data in an MDL if
they wanted to improve that. And the data integrity approach makes it so
you don't have to do none of those additional layers have to change. You
only have to add a new crypto processing layer.

Dave Longley: And that would be something that's important I think to point
out u explicitly in the presentation.

Greg Bernstein: Yes, that's partially…

Greg Bernstein: what I'm pretty I got to make sure I get it that message
out. But I lived it because I was able to start with my I don't know what
did I started with? EDDDSA test then ECDSA test vectors, then SD, all
because of the structure of the processing. And so it just, a lot of code
reuse when I was coming up with those test vectors.

Will Abramson: Yeah. No, totally. I mean, they were amazingly useful. I
used your code and…

Will Abramson: just swapped out SEC P256K1 and generated all the test specs
for that spec that we're working on.

Greg Bernstein: Yeah, and…

Greg Bernstein: that should be the case for I haven't done it myself, but
for MLDDSA and the stateless hash Yeah,…

Will Abramson: Yeah, in theory. And I think that totally speaks to how we
need to generalize the spec, right? Because the code can be like that, but
the spec currently is a lot of repeating itself all over the place. And we
do need to do some work to make that more general

Greg Bernstein: I haven't staring as much as the spec. But when I saw one
of the same guy that I been using for the ECDSA and ECDSA cryptography, he
published MLDDSA stuff in JavaScript. I go, " I can come up with test
vectors or I can." But somebody else is doing that, aren't they?

Will Abramson: So maybe Greg me and you can take this offline. I mean I
would be happy to spend some cycles developing some Jupyter notebooks…

Will Abramson: if that makes sense. But what I think creating some sort of
code first demo would be excellent for people to just get it a little bit
deeper…

Greg Bernstein: Yeah. Yeah.

Will Abramson: because I didn't really get data integrity until I
implemented it fully. it's kind of complicated not unnecessarily. but you
have to get past the complexity to realize it's not actually complicated
and it's simple. But a lot of people don't get there,

Greg Bernstein: the thing I may be using to do this write up or I've
started I'm a big markdown guy and Quartto is a publishing system based on
markdown and if I mean one of the things is they're allow you to just embed
the Jupyter notebook type syntax right in it and…

Will Abramson: totally. Yeah.

Greg Bernstein: publish from it and things like that.

Greg Bernstein: So if you've never looked at Cordo I'm a big pandoc user
markdown but these guys have packaged it up and you can go from that to
revealjs for the slideshow and all that so can make it easier for other
people to work with monitor Yes.

Manu Sporny: at the risk of greatly ex expanding the scope of one
presentation. I think what you guys talking about is great. I think we're
fundamentally talking about kind of self-directed tutorials that people can
take themselves through but using that as the presentation material. So I
think it's wonderful and great you're willing to spend some cycles and
thank you very much Greg for spending cycles doing this. we're also
exploring this new website in the CCG mailing list and I think this might
be a really good thing to kind of put on the website meaning it would be
nice to basically say hey want to learn more about data integrity here here
you go and you kind of walk through it.
00:40:00

Manu Sporny: So either in that website or it could be on a website by
itself.

Manu Sporny: But one of the things that we've been trying to put some time
into we being digital bazaar is add creating more debugging utilities just
web- based debugging utilities. So, you can just go onto the website. I
don't know if you saw the Jason LD what is it? Next playground. now has
Seabore LD encodings.

Greg Bernstein: I would definitely …

Manu Sporny: So, it'll automatically take you to Seabore LD and YAML LD as
well. And we are going to be adding, the data integ the big thing that's
missing here of course is the data integrity stuff. and…

Greg Bernstein: okay. No,…

Manu Sporny: so we're going to be adding things to do data integrity here.
So again, it's not the Jupyter Notebook style tutorial stuff,…

Greg Bernstein: no, no.

Greg Bernstein: But it's a nice I mean I wanted to try and…

Manu Sporny:

Manu Sporny: but it's tooling thing.

Greg Bernstein: grab these different and remind people of things because I
forgot how much I use the JSONLD website to help me learn JSONLD and the
intermediate processing for debugging. so I got to make sure once again
it's going to be a short presentation, but everybody knows for a short
presentation, an hour presentation, you put in a lot of background. And so
I take a lot of notes when I put things together. So I might as well turn
that into a tutorial thing while I'm writing as I go along for the long
form version that somebody can just go to.

Greg Bernstein: Also, yeah, there's the credential playground and that can
issue what I never got as far as I never issued into wallets or anything in
any of my example code, right? I interoperated for the interop stuff. I did
the test vectors, but I never actually issued into a wallet. So I was kind
of curious to see…

Greg Bernstein: if that's something I can do without I'd rather not go get
into open ID and such like that. So issuer demo you've got it all good.

Manu Sporny: Yeah, there is I think so you have the ability to we can hook
up to multiple different issuers.

Manu Sporny: The downside being that the issuer needs to at least support a
very basic version of the VC API.

Manu Sporny: I think just the issue and verify endpoints. …

Greg Bernstein: Yeah, but that's something I already have code for,…

Greg Bernstein: so that doesn't freak me out,…

Manu Sporny: Okay.

Greg Bernstein: right? Because I had Okay.

Manu Sporny: Then we can just add you to this list. that is a fairly easy
thing to do. You just talk with Benjamin Young and he'll be able to just
add you in. should be a fairly easy integration. There's just one JSON
config file You provide your endpoints like your issuance endpoint and your
verification endpoint. and that's and then you'll show up in this list and
then you can issue into any wallet vary wallet should be able to hold the
thing you're issuing and then the verifier demo is you select something you
want to verify. You can also cut and copy and paste a custom credential
into here.

Manu Sporny: So if you want a totally different type of credential, you can
just dump it in here as raw json LD or…

Manu Sporny: link to a URL. and then you can call out to your issuer, have
that issue it and it sends it directly to any wallet that speaks. yeah.

Greg Bernstein: …

Greg Bernstein: I dig because I'm going to go with this theme of a college
club using verifiable credentials. So, that means they're gonna issue them,
you're gonna verify them, all that kind of stuff. walk through it because,
I love verifiable credentials. I've just been so focused on the
cryptography and I've kind of been a little while since I did the interop
of the various suites and such like that. So, it'll be a good review for me.
00:45:00

Greg Bernstein: And if it's a review for me, that means if I put it down,
it's a good review for everybody because sometimes when you have to see it
or review it so you can implement it. So I think that's a good idea rather
than getting too I love proof change and proof sets because I go, "Wow,
that's really cool. We can do all this stuff, but it's specialized." Thanks.

Manu Sporny: Yeah. okay. does that give you enough? Greg,…

Greg Bernstein: Yeah.

Manu Sporny: I want to make sure we can touch on our last agenda item.

Greg Bernstein: Yeah. Yeah. Yeah. Yeah. Yeah. Yeah. Yeah.

Manu Sporny: And I might have to leave five minutes early. Yeah, that's
great. Thank you so much for working on that, Greg. And thank you, for
willing to help as well. let us know if there's anything, we can help on as
the weeks kind of roll on. okay, that is that item. let's talk about the
quantum safe crypto suites really quickly. Andre Andrea and Jerem presented
on their implementation of one of these postquantum crypto suites.

Manu Sporny: so specifically they implemented MLDDSA 44 and they went
through their implementation of it during the last credentials community
group call which was great to see. they've made some really great progress.
they have their own kind of it's a domain specific language for describing
how to create a verifiable credential. it's called Zen Room. I think it's a
really interesting way of approaching cryptography because it's very
declarative and it just uses kind of regular kind of human English
sentences fairly, straightforward. So, it was kind of like a no code
environment. You kind of describe what you want to have happen and then Zen
room kind of runs all the cryptographic operations behind the scenes to
make it happen.

Manu Sporny: and then they showed it generating a verifiable credential
that was secured with MLDDSA 44. There was some slight adjustment that they
needed to make. for example, they were encoding the signature value as base
58 instead of B We suggested B 64 URL. I don't quite remember what they
were using for the public key format. but they said they are using multi
key and multibase had some good discussion. So, if you're interested in
that thing, the video is up along with the transcript this past Tuesday's
call. and so since then, Andrea has said, "What do we need to do to move
this crypto suite forward?" I have not had a chance to respond to him yet.

Manu Sporny: We did discuss we need to update the names of these crypto
suites. I think and we have a issue to track that. we need to pick some of
the public key identifiers. so we need to do that. So we need to probably
chat with Andre and Jerem to make sure that we're aligned and…

Will Abramson: Sure.

Manu Sporny: moving this forward. yep the other part of it is the common
algorithm stuff and moving it into the data integrity specifications. I
think we have broad agreement to do that. we just need to do that and
that's where it requires coordination meaning it is definitely in scope in
the current BCWG to maintain and move that stuff around. We can do that
under our current charter. We don't need to recharter to do that. but the
BCWG, is taking a break until the end of the summer.

Manu Sporny: So we can't publish to one document and we can't start moving
things around. I expect that we'll be able to do that once the VCWG starts
up again. do you have any kind of questions on that?

Manu Sporny: Was that what you kind of wanted to talk to about the

Will Abramson: Yeah,…

Will Abramson: I mean I guess I've just been out of it for a little while,
but I'm happy to take on that work, To move it through this process. And I
think one of the things we talked about before is like if we're going to do
this whole refactoring, maybe it's good to just pick a couple and…

Will Abramson: and try and see what that looks like before we go whole hog
and do it all.
00:50:00

Manu Sporny: Mhm.

Will Abramson: But I think I know what to do because Greg says right we've
been in the code we know where there's repetition but I think one of the
challenges maybe you just spoke to is some of these changes are changes
that need to go into the data integrity core spec right so yeah maybe we
can just explore…

Manu Sporny: Yeah. I think that's right.

Will Abramson: what that would look in a PR to a quantum thing imagining
that the data integrity spec has changed just to have a

Will Abramson: Yeah.

Manu Sporny: Yeah. I mean, I think what we can do here is I mean, you've
gone a good bit towards that, You have a common algorithm section. I think
the presumption here is we would just lift that and…

Will Abramson: Yeah. Yeah.

Manu Sporny: put it into the data integrity spec when That's right.

Will Abramson: Yeah. With some text around how you'd extend and overwrite
those common algorithms, right? Sure.

Manu Sporny:

Manu Sporny: So, I think we have everything that we need to do that
refactoring in here. yeah.

Will Abramson: They just need to go a bit further. I think like Dave said,
there's more we can do. So, I'll try and…

Manu Sporny: Yeah. Yeah.

Will Abramson: do that.

Manu Sporny: The other thing I'm a bit concerned about is the parts of it.
we've only really defined selective disclosure for ECDSA, and I'm fairly
confident that we're going to have to define it for the postquantum suites.
and the only reason we didn't do it for EDDDSA is we just ran out of time.
and if we had a way of having pulling the common parts of SD or the
selective disclosure stuff out into data integrity, then I think we could
just apply a selective disclosure version of these kind of across the
board. making it so that we can do that more easily I think would be a
goal. But that is more work like way more work. I think so.

Manu Sporny: I don't think we need to do that as a first draft,…

Will Abramson: Cool.

Manu Sporny: but in time I think that ideally would be a goal of ours to
make that happen. All right. anything else? it's the other question I have
and I totally forgot what we decided here. Are we dropping the experimental
dash at this point or are we keeping it until we get the danger here is
that we put in an identifier and someone implements it and they deploy it
to production. we've seen that happen multiple times at this point.
Mastadon did that with one of our first crypto suites and we had to use a
new name.

Manu Sporny: the Jason Web Signature 2020 stuff escaped into the wild. what
are we thinking about renaming at this point

Dave Longley: Since we don't have our final version of this, I would say we
keep it the way it is for now. There will reach a point where we're going
to have to commit to something and we should switch the name at that point.
we went through something similar with the ECDSA and ED DSA suites. and I
think it's working out like we had an original name it escaped into the
wild but I think more or less with the new name everyone's implementing
that or has implemented that and I think it worked out So I think switching
the name is probably okay provided that there isn't some massive uptake of
this experimental one and then it sticks around forever.

Dave Longley: That's always the lesson from the x-header problem and the
CSS prefix problem in other spaces on the web. But I don't think we have
that problem here. if we start to see it happening, we should be vigilant
and switch the name up.

Manu Sporny: Switch the name away from experimental or switch the name as
increase the year.

Dave Longley: Yes. yeah,…

Manu Sporny: So you're arguing for let's keep the experimental prefix for
now. That shouldn't really affect any of the implementers and then once we
Right.

Dave Longley: at least until we get it into VCWG or if we start seeing
uptake, then we can drop the experimental.

Manu Sporny: All and maybe we do it when we go into CR …

Manu Sporny: because again it's like a search and replace string search and
replace okay all right I think that's it for the call I need to drop a bit
early for another call thank

Dave Longley: Yeah, I think the triggering event is whether or…

Dave Longley: it seems like this crypto suite is really starting to get
uptake and that's going to sort of lock it in order for us to have interop.
00:55:00

Manu Sporny: Thank you everyone. really appreciate all the discussion today
and all the work across the various things we're working on. we will not
have a call next week. I'm on the road. but we will meet the week after
that. have a wonderful rest of your day, wonderful weekend, wonderful next
week and…

Greg Bernstein: All right. I

Manu Sporny: we will chat again in two weeks. Thanks all. Bye.

Will Abramson: Cool. See you.
Meeting ended after 00:55:46 👋

*This editable transcript was computer generated and might contain errors.
People can also change the text after it was created.*
Received on Friday, 11 July 2025 22:12:23 UTC