- From: <meetings@w3c-ccg.org>
- Date: Sun, 5 Oct 2025 08:01:58 -0700
- To: public-credentials@w3.org
- Message-ID: <CA+ChqYdMNkA9eMc6FnTHBZJiRZ=Ttnk5A1NP4ADDKj+A1CMU-w@mail.gmail.com>
Meeting Summary: kte-hamg-bpj (2025-09-29) *Attendees:* Alex Higuera, David Ward, Dmitri Zagidulin, Eric Shepherd, Hiroyuki Sano, Ildiko Mazar, James Chartrand, Kayode Ezike, Nate Otto, Phillip Long, Ted Thibodeau Jr *Summary:* This meeting of the VC Edu task force focused on defining "wallets" in the context of verifiable credentials and discussing alternative names. The discussion covered functional definitions, key features, and the challenges of using the term "wallet." *Topics Covered:* - *Defining "Wallet":* The meeting aimed to define the functional criteria of a credential wallet. - *Alternative Names:* The team discussed whether "wallet" is the best term for this technology. - *Core Functionality:* The meeting listed and debated the core functions that a wallet should have. - *Upcoming Topics:* The team also discussed potential future discussion topics *Key Points:* - *Functional Definition:* The proposed functional definition of a wallet includes managing keys, receiving and storing credentials, using standardized APIs, displaying credentials, and servicing external requests from unknown parties. - *Interoperability:* Interoperability, specifically how wallets export and import credentials, is an essential function of a credential wallet. - *Name Debate:* The term "wallet" is easy to explain and understand, it may also bring to mind cryptocurrency. - *Credential Manager:* There was a discussion about having an underlying credentials manager that serves the function of a wallet but is more like a password manager in use. - *Verification:* It was suggested that verification should be a function provided by wallets. - *Future Topics:* Future discussion topics include self-issued credentials, credential APIs, and login/sign-in functionality using wallets. Text: https://meet.w3c-ccg.org/archives/w3c-ccg-vcs-for-education-2025-09-29.md Video: https://meet.w3c-ccg.org/archives/w3c-ccg-vcs-for-education-2025-09-29.mp4 *kte-hamg-bpj (2025-09-29 10:58 GMT-4) - Transcript* *Attendees* Alex Higuera, David Ward, Dmitri Zagidulin, Eric Shepherd, Hiroyuki Sano, Ildiko Mazar, James Chartrand, Kayode Ezike, Nate Otto, Phillip Long, Ted Thibodeau Jr *Transcript* Ildiko Mazar: Hello. It's very nice to see you twice. Dmitri Zagidulin: Hello. Hi, Alico. Yeah, I'm presenting on a different screen. Ildiko Mazar: People look Eric Shepherd: Is it just the three of us here? Dmitri Zagidulin: We're early. Eric Shepherd: We're early. Okay. Dmitri Zagidulin: I think a lot of people as a presenter and as a chair I usually try to start meetings two minutes or three minutes after the hour. Dmitri Zagidulin: But as an attendee and I think a lot of people are like that, a lot of people show up, four to six minutes after the meeting starts. Okay, copy that, Ted. just because usually the first couple of minutes of a standards call it always bo bo bo bo bo bo bo bo bo bo bo bo bo bo bo bo bo bo bo bo bo bo bo bo bo bo bo bo boiler plate. Eric Shepherd: Mhm. Dmitri Zagidulin: And in some groups you ask for volunteers to scribe and so a lot of people just show up late to miss all of that. Dmitri Zagidulin: So there's a tension we want to start early but we also want people to file in so it's like that. Ildiko Mazar: Not to mention that this technology doesn't always work. Ildiko Mazar: You click on and… Dmitri Zagidulin: Exactly. on the west coast it is. Ildiko Mazar: for you it's the first thing in the morning right on that side of the pond. It's 8 o'clock a.m. in some of the states. Dmitri Zagidulin: Yeah. on the east coast it's a more tolerable 11. Ildiko Mazar: Yeah. Yeah. Dmitri Zagidulin: Yeah. So, people filing in. We'll get started shortly. Eric Shepherd: Dimmitri, where are these presentations filed? I should probably know this,… Dmitri Zagidulin: Yeah, great question. Eric Shepherd: but … Dmitri Zagidulin: So, what I was… Ildiko Mazar: Keep going. Mhm. Dmitri Zagidulin: what we usually do is email the slides after the presentation just for those that haven't attended… Eric Shepherd: that's perfect. Yeah. Thank you. 00:05:00 Dmitri Zagidulin: but also in addition we paste them in chat. So, for example, slides are here in Google account. I wonder So, if you a message, those that join the call after still get to see the message unlike other messages. So, that's really good to know. All right, it is three minutes after the hour. Dmitri Zagidulin: we might as well get started. welcome everyone to the weekly VC Edu task force These calls excellent. we also have a Google drive for it. Okay, I'll copy those links there too. these links are recorded. anyone can join the calls. You don't have to be a member of W3C or the community group, although you should be if you want to make any substantive contributions to the spec. reach out to myself, Ildico or Simony. U will help help you get started. and as always, we're operating under the W3C code of conduct. we usually go through introductions and reintroductions if anybody wants to say hi or haven't introduced themselves in a while. Dmitri Zagidulin: If anybody's new here, feel free to raise any community announcements? there's the perpetual announcement that we have IW coming up in the week of October 20th 24th and we also have the annual in-person W3C conference called TAC technical planner something conference in happening in Japan in November this year. So, if you can make it, a lot of the CCG folks will be there. I won't be able to be there this year, but, it's always a good time. All right. in that case, let's get to our main agenda. Dmitri Zagidulin: So today I wanted to talk a little more about wallets, what some possible functional definitions of wallets could be and continue the conversation of hey, could we have a better name than wallet? so… Ildiko Mazar: Yeah. Dmitri Zagidulin: since this is a smaller group, we'll make the discussion informal though I figured I'd have slides anyways just for conversation topics. So, please feel free to jump in at any point. Either type in chat or better yet, raise your hand and then, they'll get you in the queue. All right. So, functional technical definition, better name. So, what's a wallet? Dmitri Zagidulin: First question to ask is what do we think of the name wallet or credentials wallet and how have we been defining it in the community right so I think going to conferences or even elevator and taxi conversations what do you do I work on credential wallets what is that how's that been working out for us and this is a genuine question I'm curious to hear from some of you do people understand Dmitri Zagidulin: what credentials and credentials wallets are. the bene some of the benefits which is the reason we have been calling them wallets is we can take advantage of the skillorphism which is resemblance to a real world analogy. So we can say just in your physical wallet you store various cards like your driver's licenses and your membership cards, your coupons and stuff. Dmitri Zagidulin: A credential wallet is similar. It's an app. You store things in it. And you can present your identity documents,… Ildiko Mazar: It does. Dmitri Zagidulin: your membership documents, things like that. Drawbacks of course is the wallet immediately makes people think of cryptocurrency. yeah. yeah. 100%. a because outside okay. Dmitri Zagidulin: So Eric is saying in chat so for Eric it doesn't immediately skew but with a lot of people that I talk to and partly this depends on the audience right if you're talking to more sort of like internet aware and web3 aware folks their mind immediately jumps to cryptocurrency wallet and… 00:10:00 Dmitri Zagidulin: in general if you talk about something like Google wallet or something like Samsung wallet, there's the notion of you tap to pay at Starbucks and Hold on one second. So, somebody's here for the dogs. Nixie go. Ildiko Mazar: Yeah, I guess to me as well the wallet is more like the Apple wallet where you store your boarding passes etc. Ildiko Mazar: And this is my goto when I try to explain to somebody what I do. never thought of cryptocurrency to be honest. Dmitri Zagidulin: Excellent. Okay. Dmitri Zagidulin: So, That's good. so this is good feedback. this is a good item of and you're absolutely right. So, if not currency wallets,… Dmitri Zagidulin: a lot of people think Google wallet and Apple wallet. Absolutely. I agree. I'm curious though like Eric James, how have you found the term credential wallet hurts more than it helps other way around? Ildiko Mazar: Hey, heat. Eric Shepherd: Demetri, if I could just jump in here. just… Dmitri Zagidulin: Please, please. Eric Shepherd: because I've spent a lot of my career trying to work out names for products and stuff and… Dmitri Zagidulin: And names are hard. Eric Shepherd: the… Dmitri Zagidulin: Ha. Eric Shepherd: what first of all we need to do is define the audience. So if we said the audience was young adults, we would use a different name that if we said all adults and if we said all adults what's the target population? I do think that credentials are a struggle for most young adults and adults. they would tend to think of other things, I agree with the idea that wallets are very pervasive on apps and I went to the movies the other night and I had the movie tickets in my wallet. it feels like a very natural term to me. So, whenever I'm asked about it, I say, "Well, you got a wallet on your phone. Eric Shepherd: this just stores your qualifications and your degrees and stuff like that and people get it pretty quickly. I think if you say credential wallet, the word credential just feels to me like it over complicates it. It's a term that we all understand readily, so there's an expression in English I think it's called the common man or the average man. And it's the type of man that you would meet on the Clappam omlab bus. And so, we could all fly to London and ride the Clappam omla bus and ask them or we could set up some virtual panels so we get the definitions of the different target audience personas and then just run a synthetic panel to run the various names. Eric Shepherd: But I can just say from my point of view wallets is very easy to explain. Credential is harder. Ildiko Mazar: Totally. Yeah. Dmitri Zagidulin: Excellent point. Eric Shepherd: So we'll see you in Clappam. Dmitri Zagidulin: Would love to. Ildiko Mazar: I think it also depends on the context, if you're having a conversation about how to innovate education or credentiing or support skills portability or skills recognition lifelong learning then it's a different entry point to the description of the concept of a credential wallet than if you start from the technical point of view which you guys are much more likely to enter into the conversation from Dmitri Zagidulin: Yeah, it's a really good point. J James or Alex, I'm curious since you have this conversation a lot. have you found the term credential wallet to be helpful or confusing? as Eric points out that in some cases the term credentials is more confusing than the term wallet. James Chartrand: Yeah, I would agree with that. I think that number one, I don't think there are a lot of people just overall talking about credentials. it's not like I actually have a lot of conversations with people about the credentials they're receiving because very few people are receiving credentials. they don't have any. So it's a little bit hard I think for them to relate to what's being talked about… 00:15:00 Ildiko Mazar: Okay. James Chartrand: if they can't think to a time when they themselves received a credential of some sort like a digital credential. Dmitri Zagidulin: right? James Chartrand: Maybe it's different in Europe I'm speaking for myself in Canada where we don't have digital driver's licenses or really anything like that. We did have the closest thing I think that we had were the vaccination certificates during co which but then they were kept in your Apple wallet typically. but and I guess part of the reason I mentioned those is that they actually were verifiable credentials and they were verified by a verification app but sorry I'm wandering off badly here. James Chartrand: It looked like Ilico was going to jump in and… James Chartrand: speak maybe to the fact that people in Europe have digital credentials than we might have over here in North America. Ildiko Mazar: No, but I think you mentioned something that is quite important the verifiable aspect like that's when it gets difficult to separate just any online repository or… Ildiko Mazar: of some sort of documents versus verifiable credentials that have this layer of security and verifiability. That's where I stop explaining Alex Higuera: just to answer and piggyback on what James was saying, I've also seen that people have a more intuitive understanding on what a wallet is versus credential. But I think it's because a wallet has a visual physical component that people already understand, whereas a credential might be, I don't know, people can make analogies for what it would be. if you were to use a wallet, it could be money or a verification system, a currency exchange, what there are different ways of explaining it that I think is the reason why people are confused on… Alex Higuera: what credentials are because there hasn't really been a physical analogy to help people understand Dmitri Zagidulin: Makes sense. Dmitri Zagidulin: Makes sense. and to touch in what James said that not only does it depend on audience, depends on the times. not that long ago and not that long ago, most folks in the US were not familiar with QR codes and native phone camera support for QR codes were not there. Dmitri Zagidulin: And so, if you happen to have been, writing using apps myself and Alex have, back in 2018 or so, there was still that friction of what is a QR code, how do I scan it? versus now when it's built into the cameras when a lot of the apps that we use such as WhatsApp and… Eric Shepherd: that we use. That doesn't work. Dmitri Zagidulin: Snapchat signal and so on add another device by scanning this QR code when COVID and the vaccinations test passes where QR codes now a lot more people are familiar with it similarly to get back to wallets Dmitri Zagidulin: Now that EU is passing European Union identity wallet legislation and for example just the other day the Swiss EID the electronic ID referendum has passed and interestingly passed with a very narrow 4% over half margin so we'll see what happens there but my point is as these legislations pass and these conversations continue especially in the European Union possibly more people will be familiar with wallets please yeah Eric Shepherd: Dimmitri, could I just jump in again? I think another aspect here is who's going to provide the wallets? Dmitri Zagidulin: Nice. Eric Shepherd: So, is it going to be a commercial market where there's lots of different wallets? So, to David's point, there was a separate app for some of the COVID vaccinations. So, if there's going to be a standardized wallet, then probably the name matters. But if we're going to see lots of vendors providing their own kind of wallets I think ASU provides pocket so if we're going to see that then it really doesn't matter. It's up to the vendors to select their name and… 00:20:00 Eric Shepherd: this community and the others involved in verifiable can say credential wallet because we all know what we're talking about and then it would be just up to the vendors to pick the name that they think would be successful. Dmitri Zagidulin: That's a good point. Dmitri Zagidulin: Agreed. Phil mentions in chat that the first person credential project and the sort of issuer registry project uses the term cards instead of credentials which I like that might be worth experimenting with in terms of elevator and taxi conversations though I do wonder if credit cards again come to mind but that's cool. We should play with that. Phillip Long: just as an addition there… Phillip Long: if I might. and I think Eric has a good. Is my voice not my Okay,… Dmitri Zagidulin: Yeah. No,… Dmitri Zagidulin: you're okay. You're okay. Go ahead. Phillip Long: I agree that is and my both agree I think for what the suggestion is that there may well be multiple wallet rs. but I think an understanding of what the core meaning minimal requirements for what a wallet has regardless of the provider is the part that we probably should be paying most attention to… Phillip Long: because I expect they'll be doing additional enhancements and value ads for particular markets or types of credentials. But there has to be something that is reliably consistent among the different providers of wallets that give you a boundary about whether you can expect this particular credential or that one to work. D. That's it. Dmitri Zagidulin: Yeah, makes sense. Dmitri Zagidulin: Makes sense. Excellent conversation and we'll come back to this in just a bit. But back to can we have so assuming we understand what a credential wallet is on this call. Can we come up with a functional definition as in these are the criteria. This is what a wallet does. So let's start with some possibilities. Dmitri Zagidulin: Let's start with some functional criteria that immediately come to mind and with most of these you'll see that those are core functionalities but alone not sufficient to be a wallet. Let's start with what's a wallet? It's an app or service that stores credentials. I usually start with that. when Phil in chat asks isn't core functional criteria interoperability based yes but the interoperability of what right so what we were discussing is what are the interoperable operations what are the functions that a wallet must do before we can talk about interoperability. Dmitri Zagidulin: So storing credentials right receiving and storing credentials is one of them. also sort of corresponds with holder role in the VC data model specification. Although personally honestly I don't really like holder in the sense that I find that subject or receiver and presenter tends to be less confusing. But going to put that aside. So storing credentials is clearly a core functionality of a wallet alone it's not sufficient because any sort of file system can store credentials right in that perspective from storage I can store a credential that I receive in Google Drive or just on my desktop right the storing necessary but not sufficient and as Kyod points out in chat controller is also a really important term Dmitri Zagidulin: in this with regards to holder. what about something that can display credentials or render credentials? So also core function, right? we need apps that for any of this to work, we need to come up with a common vocabulary of this is how we're going to display these things, credentials and cards. just to provide a counter example that just rendering is not really sufficient, right? We can have apps that render credentials standalone that are not wallets. Dmitri Zagidulin: So for example, this is verifier plus which is just open- general purpose verification software and I can just paste the raw source code of a credential into it and it'll render the credentials for me and verify it. So this is a credential aware app. It can display them but it by itself is not a wallet. what about wallet is something that speaks credential related APIs right kind of similar to what Phil is saying in chat depends on the data model so we have at least three standardized APR and actually more we're also going to say I forgot 00:25:00 Dmitri Zagidulin: about VidCcom. So we have the CCG credential life cycle API. we have the open ID federations open for credential issuance and we have the up andcoming digital credentials API that is being implemented by OS and browser vendors. essentially the big three, Apple, and tragically Mozilla has declined from implementing it so far. So it's just the big three for the moment. but it is a digital credentials API. it's really important. It's provides some necessary link between the browser and mobile apps. Dmitri Zagidulin: And we're going to dive deeper into a digital credential API here on these Similarly, for requesting credentials, we have these three or four standardized APIs that allow other apps or services to request credentials from a user's wallets. what about managing keys? it turns out those that's not the first thing that comes to mind when talking about wallets. Certainly doesn't come up in most elevator or u taxi conversations unless the elevator is at a credentials convention which is where most of my elevator conversations happen. It turns out that managing cryptographic keys is also a core functionality of a wallet. and why is that right? Dmitri Zagidulin: we can have wallet that doesn't manage keys on behalf of a user. this is what we were discussing. But basically a lot of pro issuance processes require if they're going to issue to a given person to a g given did decentralized identifier they require during the presentation ceremony during the issuance ceremony rather for the wallet to essentially did off request to prove control of a cryptographic Dmitri Zagidulin: material proof control over a did. wallets can also perform authentication. So login with wallet, they can encrypt and decrypt things. some advanced functionality that we're going to touch on. and again you're starting to notice a theme managing keys on behalf of the user insufficient by itself So as counter examples, what about the operating system keychain? most of us as users don't really use see the keychain, right? there's the old saying that I personally enjoy that if a normal internet user encounters an IP address, something has gone wrong. Meaning, IP addresses are not userfacing. They're not something that a normal person encounters unless something goes wrong, unless there's an error on the page. Dmitri Zagidulin: and it's usually opaque and confusing. same thing just like we don't expect normal people to deal with IP addresses directly, we don't expect people to deal with DIDs directly or keys. So for most of us, when was the last time you opened let's say the Windows keychain service the Mac OS keychain service? I had to open it I don't know last year or so because I'm a mobile developer and it was for signing in fact one of the wallets that I work on. But in general most people aren't familiar with it. Dmitri Zagidulin: But operating systems keychain services do manage keys on behalf of wallet under the hood. similarly an even more familiar example signal or WhatsApp or Snapchat or any of those apps they actually have cryptographic keys for each user. that's what happens when you add a device by ning a keycha by scanning a QR code. There's a key exchange in the background and cryptographic keys are how these apps authenticate clients, users, chat rooms and so encrypt in the case of signal. So for each account that joins they generate encryption keys and so on. 00:30:00 Dmitri Zagidulin: the so magic key is important by itself is not sufficient. and would we call signal a wallet? I wouldn't. Why is that? The critical distinction here is that signal manages keys for its own internal use. It does not service key related requests from external app. There's no way at least at the moment to say login with signal or even more importantly sign this document with your signal key or encrypt this document with your signal key so that another recipient can decrypt it. Dmitri Zagidulin: So I would say a narrowing down of that is an external requests that are related to credentials looking at it from that lens. wallet is an app that can service external requests from unknown and untrusted parties. Now, we're starting to get down to the heart of what's a wallet because it differentiates it from operating systems, key chains, and signal. They manage keys but don't service requests. Dmitri Zagidulin: And the other sub subtle but important part is it's easy enough without any specifications to wire together proprietary integrations of I have my document here and I can put a button that says transfer this document to some other proprietary service, that's easy enough. it's not repeatable, doesn't use standard APIs, but most importantly and subtly there's that trust relationship. if it's a limited integration, both of the parties know each other. They typically sign legal documents. Dmitri Zagidulin: What differentiates a credential wallet from just regular integrations is that the party that's going to be issuing credentials into your wallet. And more importantly, the parties that are going to be asking for credentials, we don't know them yet. The issuer has no idea who's going to be verifying. and the verifier parties can be So managing risk for the user managing the identity and the reputation of people handing out credentials or people requesting credentials even more importantly that's a key functionality on part of a wallet. Dmitri Zagidulin: So like I mentioned in addition receiving and requesting credentials once we have these wallets and we realize that they manage keys on behalf of a user and they service requests now we can start getting into really interesting stuff like hey can we use our wallets to docuine right as in general to sign contracts to sign any sort of PDFs So word documents, sure, why not? large part of what a wallet does is sign stuff on behalf of the user. What about since wallets know how to perform data authentication during the course of issuance? Dmitri Zagidulin: can we do a login with wallet and even if in case you're using a cryptographic based access control system, could we do a request access to this document through the wallet? So, I mean, I'm biased. I would say yes. and just to give an example of what that looks like, here is again open source application that provides login requests that standardized wallets can present. So this is a login with wallet QR code and this is the underlying JSON and you would scan it with the wallet and it would come back to this app. 00:35:00 Dmitri Zagidulin: this is a request for a authorization capability and this is a issue request of hey wallet can you please sign this document? Okay but this is advanced functionality we'll come back to that hopefully later on. So summarized to start the conversation my proposal for a functional definition of wallet it's an app or a service cloud or native or whatever manages keys on behalf of a user receives and stores credentials using standardized APIs any of those three or four that we talked about is aware enough of Dmitri Zagidulin: the ver credential data model to even minimally display a credential even if it is just displaying the name of the credential or the fact that it's a verifiable credential right like that that's sufficient wallet is something that can service external requests from unknown issuers which means it needs to involve issue registries and verifier registries. It needs to be able to display who the party is who's asking for your credentials. And if you're really advanced, it can service login sign with encrypt with wallet kind of requests. So any questions about this proposal? What else would you put in here? And so go ahead and raise your hand if you want to hop on the queue. Dmitri Zagidulin: All right, coyote. Go ahead. Kayode Ezike: Yeah, this might be under the advanced to bucket as well considering that there's I think only so many specs for something like this, but export between different wallets. Dmitri Zagidulin: Yeah. Kayode Ezike: Yeah, I know that there's some control manifest stuff going on. Dmitri Zagidulin: Yeah, absolutely. Kayode Ezike: I know that you've also been thinking a little bit about the different ways to go about that,… Kayode Ezike: but that's seems like another one that is worth shooting. Dmitri Zagidulin: 100% agreed. Dmitri Zagidulin: It's critical for interoperability So we're absolutely going to add approval or preferably encrypted, but yes, 100% agree with you. let's see. I think Phil is next on the queue. Go ahead, Phil. Phillip Long: Yeah. One of the things that you mentioned in your comment about some of the advanced functions and… Phillip Long: in particular the idea of a to me ultimately does wherever I am placing these credentials is it somewhere that I control or can someone else turn it off without my permission. and I think what you're suggesting with did login is at least in that context there may be an opportunity to prevent a platform oversight of the storage that I am unable to have any influence on as a holder or an individual. Thanks. Dmitri Zagidulin: Thanks, Phil. I think you're up next. Ildiko Mazar: Yes, I don't know… Dmitri Zagidulin: Go ahead. Ildiko Mazar: if it's implied by the already existing points but verification would be something that could be quite important for at least some credential types and… Dmitri Zagidulin: Great so okay, so I didn't include verification here, but let's talk about it. Ildiko Mazar: Ildiko Mazar: I guess I cheated. I looked at slide 14 as well and… Dmitri Zagidulin: Do I have … Ildiko Mazar: I'll have the credential portfolio here… Dmitri Zagidulin: yeah. Yeah, yeah, yeah, yeah. Of course. Ildiko Mazar: which makes me think of the self claims and the self-signed credentials which might have different credibility than third party issued credentials. Again, depending on what kind of credential we're talking about,… Ildiko Mazar: driving licenses, formal or informal learning credentials, etc. Dmitri Zagidulin: Yeah, great question. Dmitri Zagidulin: We're doing good on time. Let's talk about verifier functionality. Should wallets also serve as verifiers? and I could see it both ways. So, one, I would love for all wallets to have a verify button and you scan something or you follow a link or you copy and paste and it serves as your own trusted verifier. we've got standalone verifiers, but I think a lot of us build in verify functionality for the wallet as a user courtesy. 00:40:00 Dmitri Zagidulin: mostly we put it in there so that users themselves are aware that hey if I hand this credential over to a requester to relying party it's not going to verify over there so for the most part we do it for user convenience and user courtesy but I think that's a really good point that it might be really good functionality let's see. Dmitri Zagidulin: Eric, go ahead. You're next on the queue. Eric Shepherd: Thank you,… Eric Shepherd: Demetri. I really appreciate all the thinking that you've put into this. And as you were going through the various standards, I was reminded of my work on email standards in the 80s and so I did a quick look up of all the email standards that are now in play for effective email. So all the verification that goes on of the senders and the receivers and what you can do and then I was thinking now I understand why wallet might not be the best term. Eric Shepherd: for the person on the Clappam omnibus, I think it might still work very effectively. But if we think about the functionality of Gmail or Outlook, we have an inbox where stuff is coming to us. We can decide maybe to verify it or to forward it or to share it. And we have kind of an outbox that will say, " for this employer or this college admissions program, I will share this stuff and I will not share." And so we want to see what we've been sending out. And so maybe the parallels for wallets have come about because issuers have been thinking about their own wallets. But when this goes exponential, we're going to have too many wallets. so there's got to be a consolidation of wallets because not every issuer can have a wallet. Eric Shepherd: So now we're looking at something that has more like the functionality of an email client to accept and share and store and manage effectively. Dmitri Zagidulin: I think that's a really great point. Dmitri Zagidulin: That's rucial. that what we're going for is general purpose standardized functionality more like an email client, There's nothing like we've been passing messages on computers as long as there have been computers. Dmitri Zagidulin: The innovation of email has been standardizing and… Dmitri Zagidulin: making it general and interoperable. And that's what we hope to do with the wallets as well. I really like that. you let me sure make sure I capture that. Eric Shepherd: And just for fun,… Eric Shepherd: I put a list of all the email standards in the chat just so that you'd understand. There's a lot of stuff going on with email that we just take for granted. James Chartrand: I was actually going to say something very similar to Eric in that I imagine that at some point there is going to be this underlying kind of utility that manages credentials. Dmitri Zagidulin: Exactly. James Chartrand: But I was thinking of it more analogous to a password manager, So on your phone, you might have a password manager and it manages the passwords for everything. and it's called upon, at different moments in time to present the right password for whatever the application is that you're using. And you could imagine credentials working the same way. there's some underlying utility that lives on your phone and it stores all of your verifiable credentials. and it's queried by something like the verifiable credentials API that you mentioned, Demetri, that Google, Apple, and Microsoft are working on. And I guess what I'm getting at is that there's a split between some of the things that we think are always in a wallet. James Chartrand: there's this sense of managing the credentials but then we also layer on this idea of what we're doing with the in the sense of educational credentials managing them in a portfolio creating some set of credentials that we're going to submit as part of a job application or what have you. And we think of that as being part of the wallet as well. But really it's a layer over top I think of this fundamental credentials manager that sits underneath everything and that is like you said with IP addresses Dimmitri hidden away. Nobody ever knows about the credentials manager under or the keychain that you mentioned that we never go look at… 00:45:00 James Chartrand: but it's there and it handles all of these requests. And so the same thing could be true of a credentials manager. It's just something in the lying operating system almost that lives there and handles these things for you and you never really have to go and look at it. Dmitri Zagidulin: Yeah, that's a really good point. Dmitri Zagidulin: Also echoes what Eric said about just like we've got the protocol stacks. James Chartrand: Yeah. Yes. Dmitri Zagidulin: That's a really good lens to look at it with layers. Let's see somebody else on the queue. Phil's talking about peer endorsements. Dmitri Zagidulin: Yeah, it's endorsements and selfish credentials are huge and fascinating topic and I think one of the next upcoming VCU calls we're going to dive deeper into that topic as well. we now have some experience with it from the field. so it'll make for a great discussion. So as a bonus I mentioned one do we need another name other than wallet and if we do what would it be right things that come to mind portfolio credential agent other stuff that I probably have not thought of that I would love to hear from James Chartrand: It could just be credentials. It could just be, you have an app on your phone and it's called credentials or… Dmitri Zagidulin: Just okay. Dmitri Zagidulin: Yeah. which… James Chartrand: Credentials manager, I think, is a good one. I think it, gets at what the app is doing more so than a wallet. Dmitri Zagidulin: which is funny because just earlier in the call I think a lot of us have pointed out that in a lot of ways credentials is more confusing than wallet right so it's an interesting tension James Chartrand: Yeah yeah yeah yeah yeah. True. Yeah. Alex Higuera: credentials is more confusing if you use it in conjunction with a wallet because people have a wallet hold things that can be used and… Dmitri Zagidulin: Makes sense. Alex Higuera: exchanged and if credentials are supposed to be what a wallet holds then I think that would add a lot of confusion to the general public. Dmitri Zagidulin: Makes sense. Phillip Long: is the implicit thing there that the credential is a piece of paper… Phillip Long: but not really anything dynamic. Is that kind of the notion that you're getting at, Alex? Alex Higuera: No, not necessarily because these days, I mean, people have wallets for crypto that can be used to, buy things in exchange. but I think that the issue are credentials meant to be used in a constructive way? Phillip Long: Thanks. Alex Higuera: And if so, maybe a wallet does make sense. And if we're going to use them more like a password manager that people never see, then we shouldn't be using the term wallet. Dmitri Zagidulin: So, I'm glad you mentioned those two things,… Dmitri Zagidulin: us passive credentials and to put in, password managers and Google Wallet and Apple Wallet in here. Just ran out of time. but since we're discussing them the password manager comes up a lot for example when I'm explaining wallets especially to developers they often say is it like a credential man sorry is it like a password manager or people ask do password managers provide this functionality since they already keep secrets for you right they keep your password and what is a cryptographic key other than just a long random looking password and the answer is yes they absolutely should provide that functionality they don't Dmitri Zagidulin: It's not yet on their radar. I would love to have somebody like KeyPass Bit Warden or LastPass or whatever get into the credential wallet game. They don't yet. Similarly, and this kind of goes back to what we were saying, a lot of people immediately think of Apple Wallet and Google Wallet. One of the reasons even though recently I think it was Apple wallet put out a press release that they can store W3C verifiable credentials. Dmitri Zagidulin: one of according to our proposed functional definition the reason that Apple and Google wallet don't quite apply yet just at this moment but very soon is they store them passively. They don't have the ability to present or sign on behalf of a user. they don't serve as external requests from other unknown parties. but I know that both Apple and… 00:50:00 Alex Higuera: What the freak? Dmitri Zagidulin: Google are what are involved in the W3C Fed ID working group on the digital identity API which means in addition to building into their browsers into Safari and Chrome they're going to be building responding to that credential API into their respective wallets. Dmitri Zagidulin: So very soon, if not even immediately, they're going to be active instead of passive, which is I like that terminology that in chat, Philo says 100% in favor of supporting beer endorsements. And Phil mentions external request manager is the person who holds their Apple wallet with their TSA ID for the DSA agent to read. Phillip Long: I'm being cheat. Dmitri Zagidulin: So it's the standardized credential API. Yeah. Yep. I'm with you there. Dmitri Zagidulin: Are there any other core wallet functionality that's missing from this list you can help me think of. Eric Shepherd: Wouldn't there be the ability to share and… Phillip Long: Give me too much. Dmitri Zagidulin: Yeah. Yeah. Good call. receive store and… Eric Shepherd: share with our application? Dmitri Zagidulin: Yeah, good good point. James Chartrand: And I would say even as far as sharing goes in an educational context,… James Chartrand: you probably want your credentials manager or your wallet to allow you to assemble, a portfolio kind of thing. Eric Shepherd: Yeah. Yeah. Dmitri Zagidulin: Good point. Dmitri Zagidulin: Go ahead. Ildiko Mazar: along the same lines to curate your al because the more credentials we have the more we would like to store them in subfolders or the I don't know tag them so that they are more easily identifiable and usable but that's an advanced feature if we go very very Right. Dmitri Zagidulin: Yeah. Yeah. Yeah. Yeah, that's a good point. curation as a possible core feature. I like that. Anything else? All right. Dmitri Zagidulin: thank you so much for an excellent discussion. sounds like we should definitely coming back to the future topics for VC edge calls. So we'll definitely do a call on selfissue credentials and evidence and endorsement. how should wlets handle them? What are some ways to strengthen value of those? We should probably at some point soon do a current state-of-the-art in credential APIs, right? Dmitri Zagidulin: We should go over the W W W W W W W WC credential API, the Open ID issuance and presentation API, the digital identity API built into the browser, possibly TDCOM just to put them all together this is what a request for a credential looks like in each of these protocols. These are things in common. these are the core differences. So I think that might be a really useful topic and I would love to demo the login with sign with wallet functionality as well which should be coming up for at least learn a credential wallet if not others. Dmitri Zagidulin: All Any other last minute questions before we Put a reminder in chat. work item update call is that during the regular CCG call at noon or whatever? All so at least one of us VCI co-chair should be there to just say a word. Phil in chat says QA protocols, right? Interesting. 00:55:00 Phillip Long: We'll do of course. Dmitri Zagidulin: Yeah, these ILO and Phil you both make really good points. be sure to bring them also to our upcoming discussion on self-issue credentials versus institutionally issued. All right, thank you everyone. really appreciate your excellent discussion and keep thinking about names because names are hard and whether we want to replace the word wallet or not. Cheers all. Ildiko Mazar: Have a nice day. Eric Shepherd: Thank you. Dmitri Zagidulin: Bye all. Meeting ended after 00:58:45 👋 *This editable transcript was computer generated and might contain errors. People can also change the text after it was created.*
Received on Sunday, 5 October 2025 15:02:08 UTC