- From: Kerri Lemoie <klemoie@concentricsky.com>
- Date: Mon, 25 Apr 2022 06:34:54 -0400
- To: Snorre Lothar von Gohren Edwin <snorre@diwala.io>
- Cc: public-vc-edu@w3.org
- Message-Id: <8B461F43-3DBF-46C6-9FE9-15AF4066F190@concentricsky.com>
Hi Snorre, We’re playing catch up on publishing minutes. But you can access the raw minutes & audio here: https://w3c-ccg.github.io/meetings/scribe-tool/ <https://w3c-ccg.github.io/meetings/scribe-tool/> In the “Weekly Meeting” dropdown choose “Education” and enter the date of the meeting you’re retrieving. This is the same tool the co-chairs use to edit the minutes, download audio, and publish to the CCG meetings repo. Thanks, Kerri > On Apr 25, 2022, at 4:07 AM, Snorre Lothar von Gohren Edwin <snorre@diwala.io> wrote: > > How do one find video recordings of vc edu meetings? > CCG calls can be "decucted" from url and date, but what are these edu meetings under? > This meeting particularly has some visuals that is interesting to look at > ᐧ > > On Thu, Apr 21, 2022 at 7:56 PM Kerri Lemoie <klemoie@concentricsky.com <mailto:klemoie@concentricsky.com>> wrote: > > >> Begin forwarded message: >> >> From: CCG Minutes Bot <minutes@w3c-ccg.org <mailto:minutes@w3c-ccg.org>> >> Subject: [MINUTES] W3C CCG Verifiable Credentials for Education Task Force Call - 2022-04-18 >> Date: April 21, 2022 at 1:53:36 PM EDT >> To: public-credentials@w3.org <mailto:public-credentials@w3.org> >> Resent-From: public-credentials@w3.org <mailto:public-credentials@w3.org> >> >> Thanks to Our Robot Overlords for scribing this week! >> >> The transcript for the call is now available here: >> >> https://w3c-ccg.github.io/meetings/2022-04-18-vc-education/ <https://w3c-ccg.github.io/meetings/2022-04-18-vc-education/> >> >> Full text of the discussion follows for W3C archival purposes. >> Audio of the meeting is available at the following location: >> >> https://w3c-ccg.github.io/meetings/2022-04-18-vc-education/audio.ogg <https://w3c-ccg.github.io/meetings/2022-04-18-vc-education/audio.ogg> >> >> ---------------------------------------------------------------- >> VC for Education Task Force Transcript for 2022-04-18 >> >> Agenda: >> https://lists.w3.org/Archives/Public/public-vc-edu/2022Apr/0020.html <https://lists.w3.org/Archives/Public/public-vc-edu/2022Apr/0020.html> >> Topics: >> 1. IP Note >> 2. Call Notes >> 3. Introductions & Reintroductions >> 4. Announcements & Reminders >> 5. VC Governance >> 6. PDFS as VCs with James Chartrand from McMaster University >> 7. Credential Display in Wallets Discussion >> Organizer: >> Kerri Lemoie >> Scribe: >> Our Robot Overlords >> Present: >> Kerri Lemoie, James Chartrand, Stuart Freeman, Deb Everhart, >> Brandon Muramatsu, JeffO Real-IT, Geun-Hyung, Simone Ravaoli, >> Marty Reed, Dmitri Zagidulin, John Kuo, Andy Miller, Keith, Phil >> L (P1), Nikos Fotiou, Yashwardhan, Leon, yashwardhan, G, Alan >> Davies, Colin (LEF), Kayode Ezike, David Chadwick, Jim Goodell, >> Kaliya, Timothy Summers >> >> Our Robot Overlords are scribing. >> Kerri Lemoie: Hello welcome to the VC edu task force call on >> Monday April 18th I'm today we are going to be discussing >> credential display in the wallets including PDFs and also a quick >> touch base on VC and VC Edu governance. >> >> Topic: IP Note >> >> Kerri Lemoie: I'm for we get started let's start with the IP >> note anyone can participate in these calls everyone is welcome >> however any substitutive contributors to any of the ccg work >> items including this task force must be done by members of the >> ccg with full IP our agreement signed in you can learn more about >> this at this link that I'm going to put in the chat right now. >> Kerri Lemoie: https://www.w3.org/community/credentials/join <https://www.w3.org/community/credentials/join> >> >> Topic: Call Notes >> >> Kerri Lemoie: Hey for call notes these minutes well this isn't >> that these meetings are recorded an audio recording done for >> every call as much as we can do this but they're also transcribed >> by the robot overlords and you will see in the chat the job that >> they are doing as we speak if you see that there is anything that >> could be corrected that's being transcribed improperly please do >> us a favor and. >> Kerri Lemoie: You see it do a. >> Kerri Lemoie: Substitution and the chat and you can do that by >> typing s /i'm phrased to fix or word and then fix phrase I'll put >> that in the chat as an example. >> Kerri Lemoie: Example: s/phrase to fix/fixed phrase/ >> Kerri Lemoie: I'm sure that as I speak robot overlords and I >> don't always get along well so I'm sure we will see lots of >> examples of that please note that we do use a cue system and >> these calls so if you have something to say or question to say >> please type Q the letter Q & A plus sign farewell adieu to the Q >> and if you feel as though your kids your mind you can type Q - >> and I will remove you from the queue by doing. >> Kerri Lemoie: I'm this we will. >> Kerri Lemoie: At the Q and then call on you in order. >> >> Topic: Introductions & Reintroductions >> >> Kerri Lemoie: Okay why don't we see first is there anyone here >> who's new to the call or who like to make an introduction of >> themselves today or anyone who's been in the call for a while and >> would like to reintroduce themselves or have some news to share >> Dimitri you're in the cube. >> Dmitri Zagidulin: Hi can you hear me okay. >> Dmitri Zagidulin: So yeah I thought I'd do a quick >> reintroduction only because one of my hats has changed so I have >> recently reduced my work with digital bizarre do I'm still in >> close collaboration with Angela's our team and have stepped up my >> involvement in virtual reality and augmented reality so I'm still >> doing the same things verifiable credential. >> Dmitri Zagidulin: Decentralized identifiers Secure Storage just >> bringing that toolbox to the AR and VR world still also involved >> in digital credentials Consortium and the learner wallet there >> that's it. >> Kerri Lemoie: Thanks Dimitri that sounds incredibly exciting >> that's awesome. >> Kerri Lemoie: Anybody else have would like to make an >> introduction or update us on your current work. >> >> Topic: Announcements & Reminders >> >> Kerri Lemoie: So next we have announcements and reminders keep >> in mind that every Tuesday at noon Eastern is the ccg call and >> that is always worth checking out if you have time to do so to >> stay up to date on what is going on overall in this community. >> Kerri Lemoie: I'm also next week is the internet identity >> workshop and that starts on Tuesday this Tuesday through >> Wednesday or is this Tuesday Wednesday I think but it's next week >> and that means that we will not have a call next week so next >> Monday there will be no VC I'd you call I'll send an email >> reminder out but I just want to let you know they were going to >> skip next week because some of us will be at that meeting and >> we'll be able to do this as well are we traveling that day. >> <jeffo_real-it> IIW is Tues, Wed Thurs - Sodl out apparently. >> Kerri Lemoie: Just check the queue here see if we have. >> Kerri Lemoie: I'm sorry I let sold out incredible thank you. >> <jeffo_real-it> 250 cap >> >> Topic: VC Governance >> >> Kerri Lemoie: So before we get started with James we have Jim >> chartered in here who's been doing some interesting work on PDFs >> as we seize I was here from McMaster University and I'm just >> going to fill us in on that work you may have seen some >> descriptions of this and the mailing list and we thought it would >> make a lot of sense to ask him to come tell us and every CH you >> you know what how they've gone about doing this PDFs is something >> that open badges has discussed for a long time it also has come >> up quite a bit in this community. >> Kerri Lemoie: You before there's a whole lot of reasons to use >> PDFs in education. >> <jeffo_real-it> If anyone wants IIW ticket check in any case just >> in case. >> Kerri Lemoie: I'm there there are well understood format and you >> know and can be secured and have embedded data in such as James >> will tell you and then we're going to talk more about a >> credential display and wallets and then I'm gonna have to meet >> you just helped lead that discussion to you because he has some >> things in mind but before we get started if you don't mind I just >> I wanted to ask you all to take a look. >> Kerri Lemoie: At this mirror board. >> Kerri Lemoie: https://miro.com/app/board/uXjVO8bG_9s=/ <https://miro.com/app/board/uXjVO8bG_9s=/> >> Kerri Lemoie: The chat and I will share my screen when one thing >> that we have been talking about or thinking about a lot is what >> is governance right what is governance in this space. >> Kerri Lemoie: A lot of misconceptions and a lot of questions and >> I really hope to be able to push on this topic more at internet >> at the iaw next week and so I'm hoping that I could do some >> research with folks in this community before we go to see what >> kind of assumptions and questions and understandings that you >> have about about what governance is so although I'm not a huge >> fan of Mero I feel like this is a good place to do this because. >> Kerri Lemoie: You can bring it whatever you'd like whenever you >> want if. >> Kerri Lemoie: We need another section other than assumptions and >> questions go ahead and create that you could do what you want >> with this board and then we'll take a look at it at the end of >> the week or early next week and and see what we're learning in >> here and what you know of questions and assumptions we should be >> addressing. >> Kerri Lemoie: And before I move on I sort of want to check in to >> see if anybody would like to talk about that now if they have >> anyone has any questions about this or any sort of like it's up >> to some questions you'd like to bring up right now before we even >> get into our main topic. >> Kerri Lemoie: You I will start an email thread on this later >> today and then feel free to respond to that and add whatever >> you'd like to this board also feel free to reach out to me >> directly if you'd like to just talk about it some more I am I >> don't have a lot of understanding of what governance is I've seen >> it implemented in various ways and I've heard of some really >> interesting ideas for Registries Registries and things of that >> nature I've also heard a lot of. >> Kerri Lemoie: Fusion between what accreditation is and what VC >> governance is and so I thought it would be a good idea for us to >> really gather as many questions that assumptions as we could so >> we can start tackling this over the next couple of months. >> Kerri Lemoie: Critic you some tea so James like to write you to >> participate and and present what you have for us I will stop >> sharing my screen so you can do that like you. >> >> Topic: PDFS as VCs with James Chartrand from McMaster University >> >> Kerri Lemoie: How you doing James nice to see you. >> James Chartrand: Okay thank you I'm good yeah. >> Kerri Lemoie: One thing you might want to do James's turn off >> your video because we've been having some problems with memory >> issues the jitsi and I'd love to record as much of this as >> possible so. >> Kerri Lemoie: Awesome yes thank you. >> James Chartrand: Yeah I just turned it on for a sec so people >> can see what I look like here we go sure so share my screen. >> James Chartrand: Sorry I'm looks like I'm having to go through >> and. >> James Chartrand: So it's I'm going to have to restart but I will >> be right back. >> Kerri Lemoie: Okay Dimitri while we're waiting for James to come >> back to you want to sort of approach to subjective credentials >> displays and wallets. >> Dmitri Zagidulin: Sure yeah so with invisi edu here we've got >> two pressing problems that we need to solve we've got to pain >> points one is so we have these verifiable credentials that are >> going to be displayed in wallets but we also would like. >> Dmitri Zagidulin: To bind them to more traditional display >> artifacts such as PDFs and that's what James is going to be >> talking about and then the second one is also on the subject of >> display slightly different somewhat related we want issuers to be >> able to specify exactly or at least advised to wallets verifiers >> and other software how to display the credential because at the >> moment every single wallet everything would be so. >> Dmitri Zagidulin: A soft fire. >> Dmitri Zagidulin: On in the DC world is some way out now there >> have been precedents in for example open Badges and and some >> other VC projects that have used things like embedded images to >> specify how the credential should be displayed and that's that's >> the other topic that would like to touch on today but James is >> back so over to you. >> James Chartrand: Okay so maybe I'll just get a very quick bit of >> background so this is a project at McMaster University and it's a >> joint project between the faculty of engineering and the office >> of the registrar there they got into SSI a couple of years ago >> and started out with lock certs so kind of one of the precursors >> to I guess verifiable credentials and we at the time started out >> with a very. >> James Chartrand: It's a relatively small pilot. >> James Chartrand: Like like 50 students where we issued >> certificates so not degrees and they were issued to the students >> as a batch and went into the block search wallet and that's where >> the student held the certificate and they would share it from >> there and it was all Json that went very well we then went and >> decided to do degrees so issued for very small cohort of students >> maybe 50 students in the faculty of engineering their actual >> degrees again they. >> James Chartrand: They lived in the block search wallet and the >> students shared their. >> James Chartrand: That also went very well and then when covid >> hit the registrar thought and so when covid hit there were a lot >> of problems Distributing will they were alone all sorts of >> problems but among them was Distributing the degrees the paper >> copies of degrees to students so rather than mail out all of the >> copies the university decided to also offer the option to get the >> digital copy of the block. >> James Chartrand: Shorts and they open that up to. >> James Chartrand: And remarkably that went very well as well and >> there was massive uptake it was 80 something percent of students >> chose to download a copy of their degree everybody was super >> happy with it blocks Arts was great but at that time as a result >> of our work we kind of got introduced to the DCC and eventually >> joined the DCC and from there we're introduced a verifiable >> credentials and. >> James Chartrand: Centralized identifiers so wanted to move. >> James Chartrand: Our prior blocks our system to verify with >> pensions and decentralized identifiers we also wanted to move off >> of the Bitcoin blockchain which is where we've been just where >> our blocks our system anchored hashes of the credentials and we >> wanted to move off for a couple of reasons one is gdpr and >> similar kinds of privacy laws where it seems It's not entirely >> clear but it seems at times as though even hashes aren't allowed >> on a blockchain. >> James Chartrand: For us with the degrees it was fine. >> James Chartrand: As the degree information is public information >> and so the fact that somebody got a degree from McMasters public >> information and so you know we thought it was decided that that >> was okay to put that up permanently on the Bitcoin blockchain >> even even though it was just a hash anyhow also wanted to get off >> the Bitcoin blockchain because we wanted to move from a batch >> issuance which is what we're doing with blocks hurts where you >> know the entire cohort at graduation time so thousand. >> James Chartrand: It's whatever would all get their degrees at >> once. >> James Chartrand: It was all a Merkel took all the credentials >> were hashed together into a Merkel and the Merkel was put up on >> the Bitcoin blockchain and so that made it you know affordable >> but with Rising transaction costs on blockchains like Bitcoin and >> fact that we wanted to move to an on-demand issuance system where >> a student could request and get their credential or degree >> immediately but if we were to Anchor every one of those on the >> Bitcoin blockchain. >> James Chartrand: The cost would become likely. >> James Chartrand: Exorbitant so anyhow we wanted to move to >> verify the credentials decentralized identifiers talked to the >> registrar thought maybe we should start with a pilot again she >> suggested this is Melissa pool is the Registrar of McMaster very >> forward-thinking registrar she suggested that we take a look at >> letters that the registrar's office issues to students to confirm >> basically student status in different ways so like the letter >> that you see up there on the left which control confirms the >> enrollment details. >> James Chartrand: Or student so these are letters that students >> use say when they're applying. >> James Chartrand: Job if the letter say says that they've earned >> their degree they are also used but things like getting a better >> student bank account freeing up money from your student savings >> plan or incoming foreign students might use one of these letters >> when they're applying for a Visa coming into the country. >> James Chartrand: And so we thought great and initially we >> thought okay we'll just do it the same way will issue Json copies >> so you know the actual verifiable credential as Json to the >> student and it will live in a wallet but we in talking to some of >> the people in the registrar's office realized that just wasn't >> feasible because these letters are often they pretty much need to >> be PDFs because of how they're used so. >> James Chartrand: In some cases they're uploaded as. >> James Chartrand: Application process say if you are applying for >> a Visa and you need to upload a letter confirming your status the >> system will only take you know an image or a PDF and that's later >> reviewed by somebody who looks at it so if it had been Json they >> wouldn't you know it would be nonsensical to them and they >> wouldn't know what to do with it also sometimes the letters do >> need to be printed off and handed to somebody like say when a >> foreign student is riding in the country and the way it works in >> Canada is you. >> James Chartrand: To process your visa application as you as you >> step off the airplane. >> James Chartrand: Typically you've got all your papers you know >> you know folder and you present them to the agent the agent goes >> through them and reviews from them decides yay or nay so it had >> to be printable as a paper copy okay so I will take you very >> quickly through what we've built here this is totally integrated >> into the Microsoft Azure authentication system on campus and >> draws data from a back-end PeopleSoft system. >> James Chartrand: Go to this web browser on the right this is >> where the student would write this again is just a pilot nothing >> here is in production and the dire warnings there are because >> rightfully so the registrar is concerned that we don't want >> anybody to think that this is the system that's being used at >> McMaster University because then you could imagine scenarios like >> the student arrived a student arriving at. >> James Chartrand: The border agent of the. >> James Chartrand: Thanks this is what they should thinks that >> they should be getting a copy of a letter like this with a QR you >> know and then doesn't accept one without a QR so we're being >> extra careful not to make anyone think that this is a production >> system okay yeah so I am here I'm a student I will login. >> James Chartrand: I will request a letter we've got the red star >> chose four different letters I'll choose confirmation of status >> so that kicked off a dynamic process in the background it pulls >> the information from the PeopleSoft system based on the student >> login ID assembles the PDF letter I'm using I think Jace PDF some >> kind of JavaScript PDF library to construct it on the Fly insert >> the information at the same time. >> James Chartrand: I turn the information into. >> James Chartrand: The information into a verifiable credential >> then into a verifiable presentation then use digital bazaars >> amazing libraries and be pqr to produce the QR code which I then >> insert into the PDF which you can see down in the bottom right >> hand corner of the letter on the left hand side and then return >> it to the student so it's been downloaded and it's in my >> downloads there I will show you a and so anyhow it corresponds >> exactly to the letter that you see on the left here. >> James Chartrand: Now the student can of course take. >> James Chartrand: In email it to somebody that can text message >> it to somebody they can do whatever they want to with it they can >> use it as many times as they want to so say they emailed it to me >> and I'm an employer I can come to this website potential Sonic >> Master don't see a pretty much have to know in advance that >> that's the website to which I should go and of course you know >> I'm sure people rightfully point out here that there are >> significant problems with this among them are that. >> James Chartrand: Um somebody can fake the verification website >> but I think that's a general problem in any case assuming I know >> to go to credentials dot McMaster C.C a I arrived there I choose >> verify letter I will choose to upload a letter file I choose the >> file upload and it does its verification on you know the usual >> way of extracting the BC from the qur an and then doing the >> verification one kind of interesting thing that happened there is >> that. >> James Chartrand: What I did what the code did and first of all. >> James Chartrand: That code is running entirely in the web >> browser there's there was no call back to the server there so it >> took the it was another JavaScript library that took the PDF >> opened it up found the QR image inside the PDF and then from >> there and vote the digital bizarre libraries to extract the VC >> and run the normal verification okay so that was one kind of >> verification now I will show you. >> James Chartrand: Printed copy of that letter the sitting on my >> desk here and I've got my phone hooked up which you can see on >> the left so I will choose sorry so I'm going to go over here to >> my phone and it's the same webpage this time I will choose her if >> I let her again and I will choose scan QR on letter L. >> James Chartrand: And again at 35 exactly the same way and that's >> it that's it's a super simple system which you know we kind of >> figures one of the appealing parts of it there's it's dead simple >> so extremely easy to use some of the challenges that we still >> face or that I guess we Face our somebody could fake the PDF so >> they could change some of the details that are within the PDF we >> kind. >> James Chartrand: Dove deal with that a little. >> James Chartrand: By virtue of the fact that the entire that >> sorry what's in the BC that's in that QR code contains the >> critical information that somebody would want to verify so up >> there on the left and my phone you can see that the down below it >> says undefined undefined because we're blanking out student >> information for this and it says is registered at McMaster >> University is a full-time undergraduate student for the 2028 term >> so it. >> James Chartrand: I was there what was inside the veritable >> verifiable credential So what had been signed and you know >> doesn't show. >> James Chartrand: What was in the PDF nessus I mean it is what's >> in the PF but it's only what was in the verifiable credentialing >> confirmed but of course somebody could take the entire PDF and >> they could put a fake QR code on there and they could provide a >> fake link and if somebody didn't know to go to the McMaster web >> page to verify this they would they could very easily be fooled >> the other thing that we would very much like to do is to start to >> move. >> James Chartrand: From these letters. >> James Chartrand: Towards something more like a student ID >> because what we've got here is effectively a student ID I mean it >> declares the student status but we'd like to take a you know a >> little step further and start to use it within a wallet like the >> DCCC wallet as a replacement for the plastic student card in >> which case we would have to put more information into it and in >> particular would have to put a student photo into it and at that >> point. >> James Chartrand: Point the verifiable credential would be. >> James Chartrand: It inside a QR code so this is where I think >> Dimitri was talking about this a little bit before I got started >> that we need to start to think about how we can transfer some of >> that information and one way is maybe to create a kind of >> ephemeral storage for the full DC and the QR code simply points >> to that storage and it might be encrypted as well and we passed >> the key to the verifier so anyhow different kinds of things to >> start to look at after that and that works out well because I'm >> done no I. >> James Chartrand: I know it's great you're going to restart it >> but. >> Kerri Lemoie: Sorry about that I'm not going to start the >> recording but the transcriber we'll keep going so we'll take it >> from there thanks. >> James Chartrand: So I am is so any questions that anybody has >> feel free. >> Kerri Lemoie: Don't see any questions in the queue right now >> James what are some common questions that you've gotten besides >> say the QR code issues and the faking of PD PDFs. >> Kerri Lemoie: Or have you already covered those terms of what >> you told us excuse me. >> James Chartrand: Yeah I think I covered them. >> Kerri Lemoie: Okay I do see Phil Long in the queue so I'm gonna >> call in fill her. >> <yashwardhan> what was the acceptance level of administration? >> <keith> I think its a great solution bridging the legacy world >> with the new digital world. >> Kerri Lemoie: Phil Long you have a give the floor if you can >> hear us. >> Dmitri Zagidulin: And you're speaking you're muted. >> Kerri Lemoie: Yes okay why don't I call on Marty Marty you have >> the floor and can come back we'll add them back to the queue. >> Marty Reed: Sure thanks James for this question a couple >> questions one you know how do you how do you handle revocation >> or. >> Marty Reed: Or how do you handle versioning or do you is that >> part of this. >> <kerri_lemoie> @yashwardhan - I'll ask your question next >> James Chartrand: The simple answer is it's not part of it the >> idea with these legs and this is one of the reasons that we chose >> the letters as kind of a starting point is that they in a sense >> it expire then the other way where are they. >> James Chartrand: Dated letters and so--. >> James Chartrand: Are no longer useful after a given day so >> exactly the same way the paper letter would have you know become >> dated at some point it would be very nice to be able to revoke >> them and at some point I mean once we have a relocation system in >> place we would do that and I think at that point it would just >> work like any other room relocation system for credentials. >> Kerri Lemoie: I feel before you go I'm sorry I'm going to call >> and I yes I'm going to ask you a short answer question what was >> the acceptance level of administration. >> James Chartrand: It probably depends with part of the >> administration the registrar has been incredibly supportive and >> as I said before is very very forward-thinking I don't know that >> at other universities registrar's would look at it quite the same >> way however generally we found that whenever we've shown this to >> anybody within the administration you know they pretty quickly. >> James Chartrand: We see the benefits of it. >> James Chartrand: And the fact that it's extremely easy to use >> you get instant verification so I would say it's almost it's >> almost always the case that we get very very positive feedback >> from everybody within Administration and I suppose another way of >> looking at it is they've continued to fund this so that's a >> pretty good indication that people can see the value of it. >> Kerri Lemoie: Yeah totally alright Phil on you have the floor. >> Phil_L_(P1): Yeah apologies can you hear me. >> Phil_L_(P1): Okay I was curious that you mentioned that you did >> internally decided that the need to use sort of existing >> processes and systems which were PDF depend if you will lead you >> at this stage to focus on encompassing the verifiable credential >> as an attachment to the PDF through the QR code but I was >> wondering is. >> Phil_L_(P1): And some sense looking at the rendering of the data >> in a Json file into something that could be more approximating a >> fully rendered text document of the sort to PDFs generate as a >> second phase so that you didn't have to deal with that particular >> problem that I suspect Dimitri's going to be talking about in >> later in the session or was there some other reason beyond that >> other than the not wanting to have to. >> Phil_L_(P1): Icon building a renderer that could make it look >> pretty for. >> James Chartrand: Yes so initially we thought that we would send >> these credentials down into our what a digital wallet you know on >> somebody's phone and then from there they would share it and you >> know possibly even at that point PDF could be automatically >> generated from the wallet directly but. >> James Chartrand: Talking to the registrar's office they made it >> pretty clear that students expect at the moment a PDF and that's >> almost always how they use this thing and so kind of introducing >> a wallet into it just overcomplicate it they basically just need >> to go to this website Download a pdf and then use the PDF if it >> went into a wallet and then they had to do something from the >> wallet then they'd have to install the wallet app today. >> James Chartrand: Deal with what was in the wallet so. >> James Chartrand: Only just that for this pilot it's what made >> the most sense I don't know if that answers your question. >> <deb_everhart> but isn't the wallet the way the person controls >> the record? >> James Chartrand: Yes yes exactly. >> Phil_L_(P1): No it does it I think that you're making a very >> Salient point that there's only so much transition you can make >> in one jump and at and the bigger problem isn't the technology so >> in so much as it is the humans that need to be able to feel >> comfortable with it so I think that's a very good observation >> thank you. >> James Chartrand: Yeah and it was also very very easy well it was >> relatively easy to do what we did you know the amazing libraries >> that digital bizarre provides and they you know the amazing all >> of the amazing libraries that are in mpm just made it pretty easy >> to put this thing together and produce something that's actually >> is immediately usable. >> Phil_L_(P1): Got it understood. >> >> Topic: Credential Display in Wallets Discussion >> >> Dmitri Zagidulin: Thanks so I wanted to respond to Phil's >> question real quick and then touch on the two points that Marty >> brought up in terms of your question Phil. >> Dmitri Zagidulin: And why the approach of the PDF rather than >> being able to embed the display logic in the VC we need both we >> definitely need both will be talking about the display logic part >> are shortly but I wanted to highlight that one very important >> point. >> Dmitri Zagidulin: In a way. >> Dmitri Zagidulin: Producing a PDF or rather binding. >> Dmitri Zagidulin: From a PDF to a credential shortcuts the need >> for a widely deployed verifier architecture and widely deployed >> wallet and display architecture because everybody from students >> too. >> Dmitri Zagidulin: Admission counselors to border guards knows >> what to do with either PDFs or paper. >> Dmitri Zagidulin: A binding from PDF to credential your you >> doing sort of progressive layering your you bootstrapping the >> whole ecosystem oh Natasha real quick on the two points that >> Marty brought up which is about revocation and about versioning. >> Dmitri Zagidulin: Put lipstick revocation first one thing that I >> want to highlight is and James touched on this already. >> Dmitri Zagidulin: Separation is an alternative mechanism to >> versioning so Ian a couple of use cases such as when you have a >> printed piece of paper or a generated PDF with the student hens >> over. >> Dmitri Zagidulin: There's no way to do revocation there or if >> there is it's very crude like putting a footer down down at the >> bottom that says before accepting this please pick up the phone >> and call this admission officer to make sure that's still valid >> right that's that has both privacy implications and is incredibly >> awkward usability wise so what what that project does is use >> expiration. >> Dmitri Zagidulin: As a risk mitigation mechanism. >> Dmitri Zagidulin: Same way that replication is used so just >> wanted to highlight in those cases where you can't do revocation >> the forget that exploration plays the same. >> <kerri_lemoie> I've been working on an LER interoperablity >> spectrum that is open for input/opinions: >> https://docs.google.com/document/d/1fwMNbrFL78bVWnZ0BmObFBJnj0uGnFHhR00frybUiTA/edit <https://docs.google.com/document/d/1fwMNbrFL78bVWnZ0BmObFBJnj0uGnFHhR00frybUiTA/edit> >> Dmitri Zagidulin: Same method the other thing that I wanted to >> talk John or a rather ask a clarifying question about is >> versioning can you tell us a little more what are what do you >> mean by versioning of of credentials what are some use cases >> where you would immersion it thanks. >> Marty Reed: That a question for me. >> Dmitri Zagidulin: Yes if you don't mind. >> Marty Reed: Oh yeah sure so well at least in the open credential >> publisher project we have the idea that transcripts can be issued >> as verifiable credentials to a student however they may change >> until the official transcript is released and so we're just >> thinking about you know versioning. >> Marty Reed: As far. >> <john_kuo> Wouldn't that be more of a lineage of revocation and >> re-issuance? >> Marty Reed: You know as that transcript is updated do we need to >> replace the existing credential in the wallet do we need to call >> home and and check for a new version of that credential so into >> your to your expiration point you know that is one one thing that >> we've definitely you know looked at. >> Marty Reed: From a from a verification standpoint but that's >> that's the use cases like the the transcript may be issued to a >> wallet prior to its being quote unquote official and so in that >> case you know the desired functionality would be that you know a >> student would go in look at their credential and it would say hey >> there's a new version of your credential would you like to >> download that now. >> Marty Reed: And also. >> <dmitri_zagidulin> @John - revocation (of previous versions) >> might not be needed or appropriate. Because each VC says "at this >> point in time the following is true" >> <dmitri_zagidulin> revoking such a VC says "actually, that VC >> WASN'T valid at that point in time" >> Marty Reed: For like a teacher teacher license a teacher could >> have a license with multiple endorsements attached to it that >> license can be updated over time to add and subtract endorsements >> and so for professional licenses there's this idea of you know >> versioning and updating endorsements within the existing >> credential. >> Dmitri Zagidulin: Got it I think if I can jump the queue real >> quick so that makes a lot of sense and this sounds like a great >> topic for a future call the particular question of versioning of >> long-run credentials such as a medical history employment record >> or transcript sounds like there's a lot that we want to discuss >> their. >> Dmitri Zagidulin: I do want to touch on. >> Dmitri Zagidulin: Something that was brought up a question by >> John and Chad of would you be able to implement versioning as a >> series of revocation and reissuance and as I pointed out in chat >> that. >> Dmitri Zagidulin: Visions yes revocation might not be required >> or even even allowed there because essentially each one of those >> success of their fiber credentials are snapshots of something >> that is true at that point in time so much by the way our paper >> existing paper credentials already have this notion of versioning >> intuitively such as a bank statement that says this is what we >> know to be true as of this point in time. >> Dmitri Zagidulin: And then later if. >> Dmitri Zagidulin: If another transaction comes in or if the bank >> changes something. >> Dmitri Zagidulin: The bank statement looks different but at that >> point in time that was the views similarly what we're saying with >> the transcript is at this point in time this was the snapshot and >> by revoking such a verifiable credential we're essentially saying >> no that wasn't true of that time right revocation doesn't mean >> there is a newer version available it means whatever was said >> then is not true thanks. >> Kerri Lemoie: Thank you Phil you have the floor. >> Phil_L_(P1): Thank you I didn't that I think Dimitri is what I >> was asked about in the versioning system that Marty was >> describing which is if let's say that a new version is available >> when the individual opens their wallet to look at a particular >> credential presumably the credential the wallet has been has been >> informed that there is a new version available to prompt them to >> do that if the individual. >> Phil_L_(P1): chose not to I'm. >> <marty_reed> On the revocation discussion, I'd love to hear/see >> any demonstrations of revocation. >> Dmitri Zagidulin: Wicked can you ask that again about the Third. >> <marty_reed> currently validation fails if there is a new version >> in the parent system >> Phil_L_(P1): Assuming that you would you're saying that the >> validation would fail when if they decided to send it to a third >> party and I just wanted to verify that that's what the intent in >> the current thinking would be and I guess sure yes that you know >> the way in which the question was posed to the person holding the >> wall at the holder is that there's a new version the credential >> available. >> Phil_L_(P1): I presume you. >> Phil_L_(P1): Declined to accept that and just send the existing >> one you have because it is signed and the like the question is is >> the presumption that the verifier knows the new exhibit new >> version is available somehow and therefore would decline >> verification of the one that was sent to a an employer or some >> other entity and they then chose to verify try to verify that >> one. >> Kerri Lemoie: Feels bad I'm question who is that question >> directed Up. >> Phil_L_(P1): Well it to put to full 12 Marty because he talked >> about it in the ocp but I'm also interested in McMaster case >> because it sounds like the way it's currently designed the coming >> back to the Mother Ship so to speak as part of the current >> designs of the system which would potentially allow them to be >> able to decline a credential that's been updated and the >> individual has failed to download the newest version so I just >> want to verify that too. >> Kerri Lemoie: Okay to be introduced by and holding in the queue >> for one moment so James and Marty could reply. >> Dmitri Zagidulin: Not at all sure though I do want to reply to >> that as well. >> Kerri Lemoie: Okay great tips. >> James Chartrand: Um so this is actually something that we've >> talked about a lot of Ink Master in the context the context of >> transcripts which is something that we would like to issue this >> way but my suspicion is that different registrars will have >> different policies and some might be fine with the kind of the >> snapshot in time and having a whole load of those circulating >> around and it's up to whoever's you know verifying the transcript >> to make sure they've got the latest and greatest. >> James Chartrand: You know as they would. >> James Chartrand: Copies before but I suspect in some cases the >> registrar would like to have more control over that and make sure >> that people are getting the latest copy fill you asked if at >> McMaster we might exert some control at verification time over >> what's available what's you know considered the latest and >> greatest and I mean we're not anywhere near there this is the >> pilot that I showed is pretty much what we've got for this. >> James Chartrand: So we. >> James Chartrand: Have anything beyond that however my guess is >> that at McMaster. >> James Chartrand: They would want to indicate in some way that a >> newer version was available so you know so which is another way >> that it could work is simply that when you come to verify a check >> is made against a relocation list which might also show not just >> that something had been you know there might be different levels >> of relocation or different types of relocations so. >> James Chartrand: You know as Dimitri said you. >> James Chartrand: Means that the credential is no longer valid >> but you could imagine having a different type that's Ed's the >> credential is old and there's a newer version so that's a >> possibility and that I also wanted to just say quickly that yes >> the verification does come back to McMaster at the moment but >> only in the sense that you load the web page the actual >> verification is happening entirely within the web browser within >> the JavaScript so there's no phone home going on there. >> James Chartrand: We could so any kind of you know check on the >> validity of a transcript would have to check a re vocation or >> status list of some sort hopefully that answers your question. >> Kerri Lemoie: Thanks James Marty. >> Marty Reed: So I kind of have a layered answer one is that in >> the simplest form that verification fails if the issuer decides >> that that credential is no longer valid so it's a call home to >> the publishing service that that request that verification now I >> will say publishing to Sovereign base wallet. >> Marty Reed: Lisa the VC. >> Marty Reed: It's you know again not elegant I'm not known for >> Elegance but the VC that is issued to the wallet is verifiable >> and then the payload itself must be verified to the issuer as >> it's basically a self-published or self issued VC at that point >> so there's there's two layers to the approach but we're exploring >> different different methods but that's how it works right now. >> <deb_everhart> don't registrars already submit "in progress" >> student data, such as NSC PDP data reporting and current >> enrollment requests from students and others, such as the >> enrollment letter shown? >> Kerri Lemoie: Thanks Marty Dimitri you have the floor. >> <deb_everhart> I thought in progress reporting was a common use >> case >> Dmitri Zagidulin: Thanks so I wanted to add to the discussion >> that so one I think versioning is a really useful mechanism we >> should an issue on it on the PC you do you repo and discuss it >> continue the discussion in depth on a future call I just want to >> say we already use something like this. >> Dmitri Zagidulin: SeaWorld but in the w3c spec World each draft >> of the spec says here's the snapshot as of this date but go check >> over here here's the canonical location of the spec please check >> to see if it's it's been updated so it might make sense for us to >> explicitly able to specify this is a version where fiber >> credential and this is not a version where fiber credential the >> example of non version verify. >> Dmitri Zagidulin: Credentials for example. >> Dmitri Zagidulin: Here's an age verification credential that >> somebody is over 21. >> Dmitri Zagidulin: That statement is never going to change the >> thing that can change is that it could be revoked. >> Dmitri Zagidulin: They used fake ID or whatever however there's >> no there's not going to be an updated version like they're always >> going to be over 21 until they die is ETC but that's a different >> problem so let's open an issue this might be a really useful item >> for this group to work on. >> Kerri Lemoie: Yeah I agree let's definitely do that does anyone >> else have any other questions for James or James you have >> anything else you'd like to add. >> James Chartrand: No I think I'll take a look at this time so I'm >> good thanks thank you very much for having me. >> <phil_l_(p1)> Thank you James. Great work! >> Kerri Lemoie: Now we appreciate it we appreciate it thank you >> very much doing chairman and hand things over to you so you can >> talk to us more about the while it display just continue on that >> discussion. >> Dmitri Zagidulin: Thanks Kerri okay so let's look at thank you >> again very much James and let's look at late logic short of it >> is. >> <deb_everhart> thank you James! >> Kerri Lemoie: +1 Great work! >> Dmitri Zagidulin: Pretty much all the while the projects are up >> against this this use case this need we need to be able to >> specify how to display the credential either HUD specify to the >> pixel or give some suggestions. >> Dmitri Zagidulin: https://github.com/w3c-ccg/vc-ed/issues/16 <https://github.com/w3c-ccg/vc-ed/issues/16> >> Dmitri Zagidulin: So this is perfect group to make a >> recommendation test it out and then make a proposal to Upstream >> to the ccg and to the verifiable credential working group so I'm >> going to have issued number 16 on our repo talking about this I >> add a couple of notes of use cases. >> Dmitri Zagidulin: And so I'd like to ask people disease did he >> sound reasonable are there. >> Dmitri Zagidulin: Either use cases to this display specifying >> the display logic that we should add and then we can propose a >> mechanism in the next calls and get dry so essentially. >> Dmitri Zagidulin: I was not able to pull up the credentials the >> GitHub issue. >> Dmitri Zagidulin: We need to specify or advise. >> Dmitri Zagidulin: Any sort of VC consuming software how to >> display that VC. >> Dmitri Zagidulin: We need to support both cases. >> Dmitri Zagidulin: Display logic is completely embedded in the >> credential or. >> Dmitri Zagidulin: Display logical if somewhere else so you we're >> linking to an image file or an SVG file or an HTML template >> somewhere else and we just linking to it from the credential so >> that when it comes time to display it display software go use >> that template. >> Dmitri Zagidulin: Obviously when we're embedding the display its >> Integrity texted by the verifiable credential signature itself. >> Dmitri Zagidulin: Always we're using linking we definitely want >> to recommend using a digest hash like the anchored resource >> mechanism. >> Dmitri Zagidulin: We probably should be able to specify the >> content type of the logic but this link or this embedded logic is >> PDF and HTML and so on. >> <phil_l_(p1)> The anchored resource mechanism has greater >> applicability to other cases where the size of the "thing" is too >> big to be included within the credential itself. >> Dmitri Zagidulin: And we should talk about the preference of the >> credential display being cross-platform right if we're going to >> we're going to have a template if we're going to have an image >> you'd be great if we could just specify one and it would work >> across all platforms mobile desktop and so on but is anybody who >> works in web design knows that is an almost on achievable dream >> so given that as a second step we should provide mechanisms. >> Dmitri Zagidulin: That say okay if you're using this. >> Dmitri Zagidulin: Of device use this Logic for using a much more >> constrained device or a much bigger screen then use this logic >> fortunately we have prior art for both images and stylesheets in >> general so lot of HTML world has the technology that says if >> you're viewing this page on a mobile phone display this way to >> using it on desktop display this way if you printing it then use >> this way so we should we should be mindful of that. >> Dmitri Zagidulin: Let's see we got six minutes. >> Dmitri Zagidulin: Love to hear from from the group are there >> other considerations are there other input requirements for this >> item. >> Dmitri Zagidulin: Keith go ahead. >> Keith: I think maybe I can just dig deeper on display because I >> think that there can be differences in how well it's display >> information like what's it take Atticus talk about what kind of >> information like typically I mean other while it's that I've been >> involved in you just say things like issue or info like contact >> support info and then the contents of the VC itself and maybe >> images so like I've often thought that while it vendors can >> independently choose how to show that information but I do I mean >> I totally agree with you. >> Keith: a point that when you want to display things like issuer >> logo. >> Keith: This PDF image then you need ways that wallets you know >> you don't want to get a crop properly you want to be able to get >> it sized properly as you can display it properly is that what you >> mean by this because is that what you mean by display a my >> capturing it correctly or are you mean other things as well. >> Dmitri Zagidulin: Yes yes no that's it and you're absolutely >> right that it should be optional. >> Keith: And I just like it's up to wallet that I mean that's kind >> of the beauty of the market is that the the wallet with the best >> presentation kind of will you know be preferred be preferred by >> consumers is that rather than some sort of like trying to do >> static what is it often like display will be one of the key areas >> of differentiation between wallets how well they do display. >> Dmitri Zagidulin: So you're absolutely right though I do want to >> say that they're still in need to be able to do this optionally >> as well James go ahead Joe. >> James Chartrand: Yeah so I mean just one of those needs to do it >> statically is as I mentioned before one of the things we'd like >> to do at McMaster is how the student basically. >> James Chartrand: Create the plastic student card inside a wallet >> and we want to try to make it initially you know as kind of a >> progressive introduction of this to make it backwards compatible >> and so therefore we want to include the barcode that's on the >> plastic student card and possibly also a QR code that somebody >> could use to similarly scan their student ID so you know it's >> unlikely that a wallet will know how to. >> James Chartrand: A show those kinds of things or even know to >> show. >> James Chartrand: So if we could instead just provide a single >> image that's shown in the wallet or a student card or for a >> student ID it could be pre you know pretty constructed with the >> barcode down at the bottom with the student image on it with the >> logo of the University so basically again recreating the pretty >> much the same image image that's printed on the plastic card. >> Dmitri Zagidulin: Thanks James you've got a couple minutes left >> Andy go ahead. >> <kaliya> QR codes that are static with VC s dangerous >> Andy Miller: I was wondering your thoughts about the use case of >> where the VC is actually embedded in the image or PDF that's >> centrally how open badges that's it now I'm baked badges is a PNG >> or SVG that has the credential in baked into it using the >> structured data. >> Dmitri Zagidulin: Great question that that should not should be >> another item of discussion Phil go ahead. >> Phil_L_(P1): Yes I guess what I wanted to say that it seems to me >> that the hash link approach that you described is actually a >> broadly applicable to any kind of circumstance where the content >> of an object is bigger than is reasonable to include in the in >> the VC itself and so by you know focusing on how you would apply >> that to different circumstances such as the image on a card and >> what's presented when it's displayed. >> <kaliya> Very dangerous because the can be super easily copied >> and replyed >> Phil_L_(P1): then is the composite of the polled image from >> wherever the Third. >> <dmitri_zagidulin> @Kaliya - great point >> <dmitri_zagidulin> which suggests the need for templating (rather >> than static image) >> Phil_L_(P1): And the rendering of the thing of the way it's done >> traditionally on the plastic would be indistinguishable from the >> plastic itself so I think that's the probably the most productive >> approach and the one I would urge us to consider the biggest >> problem that that and UND just described is the the same problem >> of payload size you can do that for small DC's but you can't do >> it for VCS that contain much like evidence and things like that. >> Phil_L_(P1): that thanks. >> Dmitri Zagidulin: Thank you two minutees left James go ahead. >> James Chartrand: So just about the of the idea of using a hash >> link for I think there might be privacy concerns there so we >> might not want to have the student information so and in >> particular say their photo at a URL you know available add URL we >> would want to keep an entirely embedded within the credential the >> so that's just one concern possible concern. >> Dmitri Zagidulin: Thanks James and Kalia. >> <phil_l_(p1)> are there privacy concerns there if the destination >> is itself encrypted? >> Kaliya: I'll just say what I said in chat stata QR codes. >> Kaliya: And I guess the same is true for barcodes but you know >> static QR codes with verifiable credentials within them that are >> signed are very very very dangerous the reason being is that they >> are entirely copyable and replayable. >> <phil_l_(p1)> Excellent point Kaliya >> Kaliya: Is this not true of verifiable presentations that are you >> can't copy and replace because their presentations not the >> original credential so I have an unfinished but readable paper >> about this largely written by John Jordan that I think I'll try >> and send a list I'm sick right now otherwise I'd send it to chat >> right now but. >> Dmitri Zagidulin: https://github.com/w3c-ccg/vc-ed/issues/16 <https://github.com/w3c-ccg/vc-ed/issues/16> >> <kerri_lemoie> Thank you! >> Dmitri Zagidulin: Thank you so much Kelly and we hope you feel >> better soon alright so everyone please let's continue the >> discussion on issue 16. >> Dmitri Zagidulin: And a quick questions before we adjourn go >> ahead. >> Dmitri Zagidulin: Thank you everyone. >> Kerri Lemoie: It sounds good nope I would just say and that's >> good that's take a look at that issue and keep it going we can >> revisit this in the near future thank you so much James and >> Dimitri appreciate it all thank you. >> <phil_l_(p1)> Thanks! >> >> > > > > -- > Snorre Lothar von Gohren Edwin > Co-Founder & CTO, Diwala > +47 411 611 94 > www.diwala.io <http://www.diwala.io/> > <http://www.diwala.io/> > Stay on top of Diwala news on social media! Facebook <https://www.facebook.com/diwalaorg> / LinkedIn <https://www.linkedin.com/company/diwala> / Instagram <https://www.instagram.com/diwala_/> / Twitter <https://twitter.com/Diwala>
Received on Monday, 25 April 2022 10:35:14 UTC