Fwd: [MINUTES] W3C CCG CCG Verifiable Credentials for Education Task Force Call - 2023-06-05

Hello friends,

Below is the transcript and audio for our discussion yesterday about CLRs & Plugfest.



> Begin forwarded message:
> From: CCG Minutes Bot <minutes@w3c-ccg.org>
> Subject: [MINUTES] W3C CCG CCG Verifiable Credentials for Education Task Force Call - 2023-06-05
> Date: June 6, 2023 at 3:15:39 PM EDT
> To: public-credentials@w3.org
> Resent-From: public-credentials@w3.org
> Thanks to Our Robot Overlords for scribing this week!
> The transcript for the call is now available here:
> https://w3c-ccg.github.io/meetings/2023-06-05-vc-education/
> Full text of the discussion follows for W3C archival purposes.
> Audio of the meeting is available at the following location:
> https://w3c-ccg.github.io/meetings/2023-06-05-vc-education/audio.ogg
> ----------------------------------------------------------------
> VC for Education Task Force Transcript for 2023-06-05
> Agenda:
>  https://lists.w3.org/Archives/Public/public-vc-edu/2023Jun/0001.html
> Topics:
>  1. IP Note
>  2. Call Notes
>  3. Introductions & Reintroductions
>  4. Announcements & Reminders
>  5. CLR & Plugfest 3
> Organizer:
>  Kerri Lemoie
> Scribe:
>  Our Robot Overlords
> Present:
>  Eric Shepherd, Kerri Lemoie, Andy Griebel, Nis Jespersen , Stuart 
>  Freeman, Hiroyuki Sano, Japan, Simone Ravaoli, Chris Webber, 
>  Sharon Leu, David Ward, Greg Bernstein, TimG, Phil Long, 
>  Geun-Hyung Kim, Kimberly Linson, Maarten Boender, John Kuo, James 
>  Chartrand, Lucy Yang, Dmitri Zagidulin, Tracy Korsmo, Jeff O - 
>  HumanOS, Kayode Ezike, Chandi Cumaranatunge, Manu Sporny, Colin 
>  Reynolds, Ed Design Lab, TallTed // Ted Thibodeau (he/him) 
>  (OpenLinkSw.com), Joey, Jim Goodell
> <kerri_lemoie> Hello all - we'll get started in a few minutes.
> Our Robot Overlords are scribing.
> <kim_duffy> Hoping for Carrie Illinois today
> Kerri Lemoie:  Okay everybody hello happy Monday this is June 5th 
>  the verifiable credentials for Education task force my name is 
>  Kerri Lemoie will be remained to see what the transcriber will 
>  call me today but we will find out I'm going to go through some 
>  boilerplate opening so that we always cover in this call and then 
>  we'll take it from there I'm today's agenda is really.
> Kerri Lemoie:   For the wallets participating in the clutch.
> Kerri Lemoie:  The Wider Community to learn more about the 
>  comprehensive learning record V2 which is one of the edtech 
>  specifications.
> Topic: IP Note
> Kerri Lemoie:  Okay first IP note anybody can participate in 
>  these calls these are open Community calls and everyone is 
>  welcome to join them and discussing them if you are planning to 
>  work on any of the standards at the CCD is part of this group 
>  then you will want to join the community and sign the IPR 
>  agreement and I believe this also applies to plug press 
>  participants second call notes.
> Kerri Lemoie:   These calls are recorded.
> Topic: Call Notes
> Kerri Lemoie:  So I'm video now that we can make available to you 
>  if you need it so everything is archived everything is 
>  transcribed by our robot transcriber and also recorded So that 
>  others can follow along with what we're doing they can't make it 
>  on this call or so that you can look it up in the future and in 
>  reference this if you need to.
> Kerri Lemoie:  Next introduction so actually before I move on to 
>  number 3 one thing to note is that we follow a queue system on 
>  these calls so if you would like to ask a question or have 
>  something to say just type Q Plus like so in the chat to add 
>  yourself to the queue and to remove yourself from the queue keep 
>  - and during the calls we keep an eye on the Queue and try to 
>  call folks either in an order or according to you know the topic 
>  that were discussing.
> Kerri Lemoie:   Next is introductions and reintroductions is 
>  there.
> Topic: Introductions & Reintroductions
> Kerri Lemoie:  Today who's new to the call or you know has been 
>  on the cob would like to introduce themselves.
> Kerri Lemoie:  You are always welcome to do this throughout the 
>  call to yourself up and introduce yourself if you haven't before.
> Topic: Announcements & Reminders
> Kerri Lemoie:  Is announcements and reminders does anybody have 
>  any announcements or reminders about the work they are doing or 
>  anything else going on conferences meetings other types of 
>  special topics that you'd like to bring up now.
> Topic: CLR & Plugfest 3
> Kerri Lemoie:  Then why don't we move on to our main agenda chat 
>  for us so today we are going to talk about the comprehensive 
>  learner record as part of cluckfest we've been sort of exploring 
>  whether we should include other credential standards unlike 
>  previous plug fast / we only did open badges three there are more 
>  standards that are trying to align with VCS and there are other 
>  standards like the CLR that have been in existence.
> Kerri Lemoie:   So today we want to.
> Kerri Lemoie:  Topic Ford and I talked about it with with folks 
>  on this call and in The Wider community of those who are 
>  participating in the plugfest to you know to learn more about it 
>  and to see what the interest is and I take it from there I'm 
>  going to put Tracy is here Tracy Tracy course Moe is joining us 
>  because he has occurred two ladies working on North Dakota and 
>  Tracy and let me know if I'm getting your title.
> Kerri Lemoie:   Wrong but I think you're the leader of the state 
>  longitudinal.
> Kerri Lemoie:  Service in North Dakota right and you've been 
>  working in the space for quite a long time.
> Tracy_Korsmo: Yeah hello everybody Tracy course well here I am 
>  the program manager the Statewide longitudinal data system here 
>  in the state which comprises education and Workforce data 
>  warehouses and through that project we've expanded into digital 
>  credentialing through the collab usage partnering with Randa as 
>  well as PCG and.
> Tracy_Korsmo:  we've published the North Dakota.
> Tracy_Korsmo: Transcript which is a centralized service here in 
>  the state as a digital credential to a wallet and that is a 
>  comprehensive learner record as well from that then we've 
>  expanded into post-secondary as well as more K-12 with the 
>  welding certificates post-secondary really concentrating on 
>  cybersecurity stackable credentials through certificates to 
>  Associates to Bachelors to a master's degree in cyber security.
> Tracy_Korsmo: And more recently we're working with the licensing 
>  organization our health and human services here in the state 
>  issues EMT the EMR EMT Advanced EMT and the paramedic credentials 
>  here in the state and that's what we're currently working with 
>  right now which is really interesting because I think that North 
>  Dakota is firmly grounded in just accepting the national 
>  standards testing on that sorry I'm forgetting.
> Tracy_Korsmo:  in the organization.
> Tracy_Korsmo: But it's just a national test that is accepted in 
>  North Dakota along with about 20 other states so it has 
>  Interstate use so that's where we're headed with the EMT is 
>  issuing that as a digital credential today that's kind of an 
>  introduction Cary how would you like me to expand on.
> Kerri Lemoie:  Yeah thank you for that introduction I was great 
>  Tracy I think you set the stage here to maybe next week and talk 
>  about how you're approaching publishing this standard and the 
>  various parts and if you have anything to show us that might be 
>  helpful for those who have never really seen the sealer.
> Tracy_Korsmo: Sure so let me pull up my test wallet here.
> Kerri Lemoie:  You should be able to show your screen.
> Tracy_Korsmo: Okay so screen sharing.
> Kerri Lemoie:  Yes I can see it thank you.
> Tracy_Korsmo: Okay are you guys seeing my screen yet okay so here 
>  is the open credential publisher wallet that I'm logging into 
>  right now.
> Tracy_Korsmo: And so basically all the.
> Tracy_Korsmo: She'll ours that have been published to me this is 
>  obviously a test account as well as open badges are sitting in 
>  here if I look at a North Dakota High School transcript visually 
>  this is a summary of the transcript and essentially the course 
>  grades but if I get into the details of the transcript you'll see 
>  that it is verifiable credential debut three see the proof and 
>  the CLR Kyle be verified the learner as well.
> Tracy_Korsmo:  as the publisher and each one we do.
> Tracy_Korsmo: Embedded evidence to help with the cold start of 
>  sharing clrs we can do a pdf version of that.
> Tracy_Korsmo: And then we just get into the details of a North 
>  Dakota High School transcript and bringing it down to the level 
>  of an individual course the issuer being Great Plains High School 
>  with its public key the results as well as alignments and this is 
>  referencing the case North Dakota case Network.
> Tracy_Korsmo: We have the state course code defined as well as an 
>  alignment to the national state course codes the sked codes so 
>  that is the metadata reference to the course definition and the 
>  competencies and skills related to that going back to the wall at 
>  if I look at a non transcript type here this is career-ready 
>  practices work based learning it's kind of like 21st century 
>  skills if you will.
> Tracy_Korsmo:  so this is just a.
> Tracy_Korsmo: Issue to the student and this has course transfer 
>  abilities to community colleges and in this credential here 
>  you're going to see a reference to not only the competencies 
>  represented here in North Dakota for that credential but you will 
>  also see a reference to the credential engine.
> Tracy_Korsmo: So here's karate practices as in the credential 
>  registry here in North Dakota and that's kind of where we're 
>  leaning with most of our recognized credentials in the state is 
>  they'll be at least in the credential registry and in some cases 
>  there will be articulation of the skills and competencies in the 
>  case Network as well.
> Tracy_Korsmo: So what I look at what we're currently working on 
>  in mind you these are not published clrs these are uploaded clrs 
>  but if I look at like an EMT.
> Tracy_Korsmo: EMT at this time is not defined as competencies or 
>  skills as that should be a national publication of those but we 
>  do have the credential engine definition here in North Dakota 
>  sorry about this anyway that is a credential engine and the 
>  definition in the credential engine I'll stop there and answer 
>  any questions.
> Kerri Lemoie:  Make sure to yes we have money you in the queue 
>  right now somebody why don't you go ahead with your first 
>  question.
> Manu Sporny:  Sure thanks Kerry Tracy this is this is really cool 
>  really loving the demo so far I noticed that you've been saying 
>  that some of this is CL are I saw an open badges thing in there 
>  as well I take it like this wallet contains both types of Records 
>  in there is that is that right or II I'm getting confused 
>  between.
> Manu Sporny:   In like what's the badge and.
> <kerri_lemoie> Example structure of a CLR v2 in the spec: 
>  https://www.imsglobal.org/spec/clr/v2p0#basic-clrcredential
> Manu Sporny:  What CLR and is there any overlap between the two 
>  you know what.
> <manu_sporny> Thanks Kerri ^ above is helpful, looking now.
> Tracy_Korsmo: Okay so what we've done in this project is we do 
>  allow the individuals to connect to OB 2.1 connections and pull 
>  in any badges they have through a badging vendor and bring that 
>  into your wallet so the open badge hold on a second so now you'll 
>  see that.
> Tracy_Korsmo:  I can pull in any.
> Tracy_Korsmo: Churches that have been published to Badger right 
>  now and put them into my wallet.
> Tracy_Korsmo: So what you're seeing here is the badges that I 
>  have pulled into my wallet and so.
> <kerri_lemoie> 2.1 (2.0) badges are not aligned with W3C 
>  Verifiable Credentials
> Tracy_Korsmo: I can verify this badge with a badger as well but 
>  more importantly I can embed this in a CLR and once it's embedded 
>  in a CLR it's really not verifiable anymore because it's just 
>  self-assertion if you will and that's one of the reasons for OB 
>  3.0 to be able to verify publish and verifiable credential is now 
>  I can publish that as essentially a single assertion CLR.
> Tracy_Korsmo:  so now it's verifiable.
> Manu Sporny:  Yes thank you.
> Tracy_Korsmo: In the credential itself that makes sense and then 
>  I could curate a collection here just by simply choosing which 
>  clrs I want to combine if you will in a presentation and creating 
>  a collection and then I could literally share that collection out 
>  so if an employer or somebody wants to receive three credentials 
>  that I have I don't have.
> Tracy_Korsmo:  have to send them three requests.
> Tracy_Korsmo: To receive them or share them three different times 
>  I could curate a collection of them more like a job resume if you 
>  will and just share the.
> Kerri Lemoie:  Can't you see we have a couple more people in the 
>  queue would you like to present more would you like to answer 
>  questions first.
> Kerri Lemoie:  And Kimberly you are next.
> Kimberly Linson:  I was actually just going to share a couple of 
>  things that I think helped in this open badge versus CL are 
>  formatting like like how do you choose when do you choose why do 
>  you choose and so Tracy I don't do I need to do you need to stop 
>  sharing for me to share or can I start hearing if I just.
> Kerri Lemoie:  I think case you would have to stop yeah then you 
>  can start over there you did.
> Tracy_Korsmo: I think I stopped.
> Kimberly Linson:  Okay so I I have been doing a bit of analysis 
>  around am I showing my are you seeing a welding American Welding 
>  Society license oh good okay it's very tiny on my screen so this 
>  I'm going to show you two different credentials and I think this 
>  is where the conversation has to start around.
> Kimberly Linson:  Kind of credential format are you using this 
>  American Welding Society license and and we do a lot of our work 
>  is in professional licensure so that's what I'm going to I like 
>  to talk about but this one you can see this is American Welding 
>  Society is issuing organization there is basically one assertion 
>  this person is a welding inspector they have there's a license 
>  number associated with it.
> Kimberly Linson:   Some signatures and what not but this.
> Kimberly Linson:  Could probably be accommodated by What Would by 
>  the open batch right it really is asserting one thing the problem 
>  becomes when how do I undo share.
> Kimberly Linson:  Okay there and then I can.
> Kimberly Linson:  Is the Colorado teachers license and we 
>  actually as a part of the work we're doing on the NG a project 
>  wanted to make this an open badge we thought that was going to be 
>  just the easiest and smoothest way to transport this data from 
>  our system into the my Colorado app and into teacher wallet but 
>  unfortunately what we ran into was that because of the way that 
>  there are so many endorsements and then even these children 
>  underneath the.
> Kimberly Linson:   Endorsements that you probably can see.
> Kimberly Linson:  Nations that you can have different 
>  designations and so because there's so much parent and child 
>  reaction inside of this license this is why like the CLR is good 
>  and when Tracy shows the transcript or when we look at at EMTs 
>  and we think about all the things that go underneath their 
>  license that's why the comprehensive learner record really made 
>  sense for this particular license but I think.
> Kimberly Linson:   I think that's one of the.
> Kimberly Linson:  That I want to say is that the decision about 
>  what try not to unsure about which format which standard format 
>  to use is about which one is going to reduce the most friction 
>  right is it is are you only trying to say one thing then open 
>  badges probably the right choice if you're trying to say lots of 
>  things then CLR is probably the right choice.
> Kerri Lemoie:  Thanks Kimberly and I'm going to call it an 
>  unfilled because he's next in the queue but I was wondering the 
>  Tracy or or Kimberly if you have the structure for what it looked 
>  like one of these clrs would look like the actual like metadata 
>  so that those who have wallets could look at see what that looks 
>  like like a real example because I think the one in the bathroom 
>  the CLR spec isn't quite as like quite like yours because what 
>  are you if you.
> Kerri Lemoie:   Have any of that you could.
> Tracy_Korsmo: I should have some Json.
> Kerri Lemoie:  Perfect let me let me call on on fill and then 
>  maybe we could take a look at that that would be really helpful 
>  still anyway yes.
> Phil Long:  Yes hi can you hear me okay great Tracy nights great 
>  great presentation so far and in Kimberly already address I had 
>  two parts to my question the first way is to go into a little bit 
>  more about alignments because I think that's unique to the CLR in 
>  the badge space and and Kimberly Hint it to it and by saying that 
>  alignments actually pertain to the relationship among either 
>  assertions.
> Phil Long:  Endorsements if you will to a particular transcript 
>  which is effect effectively the documentation of the diploma or 
>  degree but I think Kimberly talked about that and the only thing 
>  I would add to it is that it's it's more it can be more than 
>  parent-child it can be a circumstance where the illiterate where 
>  the alignment indicates that there is a set of six courses at 
>  particular.
> Phil Long:   Relationship to the one on.
> <kerri_lemoie> @tracy - do you have the JSON-LD for the EMT 
>  credential?
> Phil Long:  And you have to take one of these six in order to be 
>  able to complete the overall degree requirement and things like 
>  that it's the stuff registrar's a lot of because it distinguishes 
>  the thinking that went behind the set of experiences that a 
>  student took in the pursuit of their of their diploma the second 
>  question I was going to ask was really about.
> Phil Long:  Different differentiation in the CLR between the 
>  publisher and the issuer and you might want to spend a few 
>  minutes just making sure people are clear on that because I think 
>  that's also unique to the CLR structure thanks.
> Tracy_Korsmo: I think you have quite a few questions in their 
>  fellow but you know when it comes to the publisher versus the 
>  issuer in North Dakota we set up the state a state node if you 
>  will of a publisher so we at the state ourselves authorized any 
>  entity that we want to issue underneath the brand of North Dakota 
>  it does not mean that the state is issuing a high school.
> Tracy_Korsmo:  script the issue.
> Tracy_Korsmo: Is still the high school but the state is doing the 
>  publishing of the CLR on behalf of the high school is that where 
>  you wanted to articulate that Phil.
> Phil Long:  Yes I think that the notion there that you correctly 
>  point out is that there's a publisher and there's an issuer and 
>  this particular case I think the issuer is the local organization 
>  if you will or the most local in the context of the hierarchy of 
>  institutional relationships and and the state is the publisher is 
>  that correct yeah so that's why I think that that distinction is 
>  unique to the CLR.
> Phil Long:   Of to an issue were always in a.
> Phil Long:  Me or or other kinds of badge it is it is there's one 
>  entity that is the issuer either the person's self issues or a 
>  third-party issues something to a person but but in the case of C 
>  large distinct.
> Tracy_Korsmo: So this you know I think maybe our CLR terminology 
>  right now might be a little bit misleading because we are calling 
>  it The Publisher is the Great Plains High School but it was 
>  published through an open ends are open credential publisher 
>  installed by the state of North Dakota authorizing Great Plains 
>  High School to publish and that's a good point is.
> Tracy_Korsmo:  each one of these credentials is.
> Tracy_Korsmo: An issuer but up here we are still calling the 
>  publisher Great Plains High School this could be the state of 
>  North Dakota.
> Phil Long:  Yeah that would be helpful to probably normalize in 
>  some fashion that's great and the other thing I guess is the 
>  difference between CLR one and CLR to in part is that the course 
>  that you're considering as an entity in C LR V to at least is the 
>  same data structure in bit for bit as an OB V 3 it's it is a 
>  badge.
> Phil Long:   Edge in the data structure it's simply called in.
> Phil Long:  And as and as a consequence can be individually 
>  signed if the organization wishes to do so.
> Tracy_Korsmo: Yeah each one of these I could there could actually 
>  be an image associated with each one of these assertions and we 
>  could even call it a type badge so an OB 30 is simply a single 
>  assertion same structure as in the CLR.
> Phil Long:  And it's helpful to the to the group thank you Kerry.
> Kerri Lemoie:  Sure thank you I'm going to pull myself out of the 
>  queue for now and let Greco and Greg he grabbed the floor there.
> Kerri Lemoie:  I'll come back.
> Greg Bernstein:  Hi I've been working on this is great Bernstein 
>  I've been working on the test vectors and things like that for a 
>  bunch of the security Suites and most recently been doing a lot 
>  of work with BBs and selective disclosure I went and looked at 
>  the CLR before this talk and I was looking through the document 
>  because I wanted a complicated transcript to apply selective 
>  disclosure.
> Greg Bernstein:   There were no.
> Greg Bernstein:  Document and I see you've got these great 
>  examples do you also have desires as far as functionality related 
>  to selective disclosure as we're looking at BBS and a bunch of 
>  other ways to do selective disclosures what kind of functionality 
>  you want is that documented would you like to discuss it that's 
>  kind of Prime on our plates for some of us right now and having.
> Greg Bernstein:   Some good examples I saw you had like 58 
>  assertions of full.
> Greg Bernstein:  Script that would be great to work with for 
>  comparing different methods of selective disclosure.
> <phil_t3> @Greg Berstein - which CLR were you looking at? (CLRv1 
>  or CLRv2?)
> Tracy_Korsmo: If I would be willing to publish a high school 
>  transcript to North Dakota wallet if you want Greg if you're 
>  looking for.
> Greg Bernstein:  Okay send me a link and such sand I can I it 
>  love the Json and also if there's people that would give feedback 
>  about besides mandatory disclosure of a subset or maybe other 
>  complicated things that you don't.
> Greg Bernstein:  Things taken out of context when you're doing 
>  selective disclosure these are some of these rough Notions trying 
>  to figure out what we want to do with Selective disclosure and 
>  the features we want with it when we take the raw crypto and 
>  apply it to the credentials so not don't need an answer now but 
>  it's people want to talk about these kind of desires as we map 
>  between crypto and the credentials and how we do this that would 
>  be great.
> <kim_duffy> Is that a selective disclosure signature suite per se 
>  or just separately issued/signed claims (in the CLR)?
> Tracy_Korsmo: Yeah I think as we're you know I'm actually seeing 
>  students sharing their High School transcript with colleges today 
>  we've had a couple of them the problem with North Dakota's use 
>  case is we have a centralized State e transcript system already 
>  and we can send out a state albeit PDFs but so it is.
> Tracy_Korsmo:  really handles North Dakota of needs quiet.
> Tracy_Korsmo: All where the value comes for the high school 
>  students is when they're graduated in need to show evidence in 
>  the high school transcript they can you know provide that 
>  transcript to a future employer education institution so we've 
>  had a couple of do that on their own so that's work but I think 
>  the use cases of how this is going to work the EMT first 
>  responder is a really good example of how this would work in 
>  this.
> Tracy_Korsmo: First responder trying to get access into an 
>  emergency response scenario well first responder is any of those 
>  four categories in the v of an EMT through a paramedic but if I'm 
>  a paramedic I can pretty much ignore the fact that I'm an EMT or 
>  Advanced EMT because that Trump's them all so now I have okay 
>  well how do I get this down to a single top credential but then 
>  it also is a policeman fireman.
> Tracy_Korsmo:  emergency medical personnel.
> Tracy_Korsmo: So how does that work in emergency response there's 
>  a QR code that is requesting 56 different credentials and then I 
>  selectively disclosed all five of those so the use cases are just 
>  starting to kind of play out now if that makes sense.
> Greg Bernstein:  Cool cool yeah I didn't think about that one 
>  that's real good.
> Tracy_Korsmo: Yeah and Kimberly you're working I think you're 
>  working with digital bizarre on just conceptually how First 
>  Responders work.
> Kimberly Linson:  Yes we're just starting at work and I think man 
>  who was actually on here too and I'm sure we'll talk more about 
>  that I also am thinking about the work we're doing with education 
>  Design Lab and you know they have a very interesting you know 
>  assessment you got for assessments and then there's an 
>  overarching credential that sort of goes on top of those and 
>  being able to disclose you know part of that all of that none of 
>  the underlying but but the top.
> Kimberly Linson:   Kit level comes to mind.
> Kimberly Linson:  So I definitely would love to talk more about 
>  about it.
> Kerri Lemoie:  Great thanks everybody my money you are in the 
>  queue but if you don't mind I'm going to switch my hats for a 
>  second and then I will call on you I'll put my question yeah I'm 
>  going to put on my my DCC and Standards Developer hat instead of 
>  my bcig hard just just for a moment I'm going to sit back up a 
>  little bit maybe I'm wearing both hats but you know I'm trying so 
>  as the deed as a wallet developer what we've been what we've been 
>  doing during.
> Kerri Lemoie:   During plugfest right what it was about because 
>  her podcast is.
> Kerri Lemoie:  Individual downloads of wallet and then they 
>  connect with the issuer to retrieve their credential there's some 
>  did off that happens where the issuer checks to make sure that 
>  that identity is signed and then it is published just reassign us 
>  publish it is returned back to the wallet where the individual 
>  can choose to accept it or not and this has been the flow that 
>  were using during cluckfest and in that so what I'm wondering as 
>  a wallet provider how would that EMT.
> Kerri Lemoie:   How would all of those credentials and the over.
> Kerri Lemoie:  Inner work in that way they would they all be 
>  individually signed and issued to that single ID with the same 
>  issue and state could you walk us through how that power while it 
>  should handle a COR like that.
> Kerri Lemoie:  I guess it's your Kimberly because Kimberly is 
>  here too so either of you really thanks.
> Tracy_Korsmo: Is that a question to me well I'm assuming that 
>  there's going to be request for five different clrs and so 
>  categorizing or typecasting that CLR it's pretty important that 
>  that that phase to the way I'm thinking about right now is it's 
>  going to have to be a request for law enforcement it's going to 
>  have to be a request.
> Tracy_Korsmo:  for you know.
> Tracy_Korsmo: Firefighting credentials or request for EMT 
>  credentials so to me that's a single qr-code asking for multiple 
>  types of clrs but that's I'm in my infancy of understanding this 
>  at this.
> Kerri Lemoie:  Okay Kimberly do you want to take that on.
> Kimberly Linson:  Well I'm going to I'm going to say I feel like 
>  chappie is the chappie everyone knows here at chop he's my answer 
>  for all problems but man who can you tell me whether chappie 
>  would be the right call here.
> Manu Sporny:  Maybe so I think this is a the answer I think all 
>  right now Kimberly is maybe I can see how it how it might work 
>  but let me back up a bit to something crazy said before we are 
>  you know working with Randa to try in figure out how exactly how 
>  these types of presentations could happen in the real world our 
>  background is in in.
> Manu Sporny:   Employing this stuff.
> Manu Sporny:  He'll sector so think about you know somebody 
>  checking out at a retail counter we have deployed verifiable 
>  credentials into that ecosystem through the true Edge program 
>  150,000 stores across the u.s. yada yada yada and one of the 
>  things that Tracy said is something that we do in that scenario 
>  meaning that an individual walks up in initiates an interaction 
>  at the register so this is an individual initiating a transaction 
>  at.
> Manu Sporny:   The register using a qr-code.
> Manu Sporny:  Then the point of sale you know connects digital 
>  wallet in the cloud and basically asked for multiple credentials 
>  and I think that's where the kind of the core of what Tracy was 
>  talking about and what Kimberly was talking about Kerry was 
>  talking about you know exactly how that is done is currently 
>  being worked through so there are a couple of ways that we could 
>  do it one of them is we look at all of these.
> Manu Sporny:   Initials as atomic things like if they were.
> Manu Sporny:  Completely separate open badges they were kind of 
>  self-contained things whoever is requesting these credentials 
>  could request each one individually so that's one way it could be 
>  done and that could be done through chappie the other way it 
>  could potentially be done is by doing specific sub queries into a 
>  CLR where maybe there's some data within the CLR that's digitally 
>  signed and the dish.
> Manu Sporny:   The wild could pluck that data out of the.
> Manu Sporny:  In just send it individually adjust for the things 
>  that were asked for that's pretty complicated to do meaning like 
>  the digital wallet would have to have a pretty deep understanding 
>  of like the CLR and how its constructed and what it's used for in 
>  those are really the two approaches that come to mind so Kimberly 
>  yes chappie could be used for both mechanisms the query protocol 
>  would probably be pretty different in both situations.
> Manu Sporny:  Um you know my gut feel right now is that you know 
>  a simpler more Atomic you know mechanism might be best or a way 
>  for you know a wall to pluck those credentials out of the CLR 
>  might be best however those wallets are going to have to be 
>  pretty knowledgeable about the CLR data format whereas many of 
>  the Wallets on the market today you know are not so there's some 
>  really interesting I think design questions and ecosystem 
>  questions.
> Manu Sporny:   Is there.
> Manu Sporny:  Things like that like what Tracy said the first 
>  responder you know the request for like five credentials and that 
>  scenario is going to really inform you know what these protocols 
>  look like what you know minimum functionality for a wallet might 
>  look like and it may even you know impact the standards that were 
>  you know in the middle of creating hopefully that was a helpful 
>  answer.
> Kerri Lemoie:  Thanks honey that was really helpful Chase your 
>  Kimberly do you do you want to reply to that respond to that.
> Tracy_Korsmo: No I'm just happy that people are looking at this 
>  scenario.
> <phil_t3> Does the BBS+ selective disclosure approach also 
>  require a the deep knowledge of the CLRv2 structure?
> Kerri Lemoie:  But we don't have anyone in the queue right now 
>  while it folks if you have your question sir they're heading to 
>  yourself up I'm sort of putting myself in the queue right there 
>  just just to keep the conversation going but also to follow up on 
>  something that money my name is said which is is the complexity 
>  of this and there is so much value in the complexity when we 
>  first started talking about issuing open badges as verifiable 
>  credentials in like two years ago I'm a.
> Kerri Lemoie:   Just pretty much we are going for the simple 
>  simple approach we're like great we have this one simple.
> <manu_sporny> kinda/sorta, Phil -- the selective disclosure stuff 
>  gets far more difficult the more complex the VC is.
> Kerri Lemoie:  The one single achievement we're going to go ahead 
>  and try and get this aligned so we can get that going and it 
>  around the same time the conversation started about the complex 
>  credentials and which is which is important there's a lot of 
>  complexity that happens in the world right and we need that also 
>  at this stage just just in my opinion of where we are with 
>  plugfest and ecosystem we have a lot of work to do just from the 
>  simple side still very just from the one-offs of like somebody 
>  graduated yes or no or.
> Kerri Lemoie:   Somebody is enrolled.
> Kerri Lemoie:  He was employed like just these super like micro 
>  credentials not official microcredit has micro versions of 
>  credentials are a lot easier for the wallets to ingest right now 
>  as the protocols and the software exists Kim you are in the you 
>  have the floor sorry go ahead.
> <greg_bernstein> There's a mapping process between the credential 
>  and the simple "list" of statements that BBS works with.
> Geun-Hyung Kim:  Thanks and I was quickly scanning the CLR 
>  respect to refresh my memory and it's it's exploded since the 
>  last time I saw it so forgive me if these are basic questions you 
>  know so in the verifiable credential ecosystem generally we've 
>  been using concept of verifiable presentations sort of 
>  conceptually similar to CLR I would say with the exception that.
> Geun-Hyung Kim:   At the scene.
> <phil_t3> It might be easier if a wallet could simply extract the 
>  OBv3 representative single assertions, which then the wallet 
>  knows what to do with....
> <phil_t3> That is extract it from the CLRv2 compound credential
> Geun-Hyung Kim:  More fit for purpose you know it has the roll 
>  like so a verifiable presentation or you know similar constructs 
>  could be used to achieve as a CLR but a CLR has the terminology 
>  and the concepts that people in this space would be familiar with 
>  like the idea of issuer being separate from you know whatever 
>  granting institution the thing that because the.
> Geun-Hyung Kim:   Peck is big I wasn't able to get a.
> <manu_sporny> yes ^ (but that presumes wallets know how to do 
>  that)
> Geun-Hyung Kim:  Of was how suitable it is for you know sort of 
>  selective disclosure and I briefly ask this question before it 
>  wasn't clear if the CLR itself is meant to be this atomically 
>  atomically issued thing like I know we've talked about being able 
>  we talked about selective disclosure but we haven't been precise 
>  about what we're doing there like.
> Geun-Hyung Kim:   Is that necessarily like.
> <phil_t3> The CLRv2 now supports the signature suites of the VC 
>  DM v1.1
> Geun-Hyung Kim:  CLR now necessarily support flexible Signature 
>  suites are we assuming that the issuer is sort of doing or some 
>  something clever behind the scenes to make it selectively 
>  disclosable just sort of curious about how that works right now 
>  and I know Kimberly mentioned that they've been ran has been 
>  working on something with digital bizarre so maybe what they're 
>  working on represents the future of the spec so just curious.
> Geun-Hyung Kim:   For more details on that.
> Kerri Lemoie:  Tracy or Kimberly to you.
> <manu_sporny> Digital Bazaar are noobs when it comes to CLR :)
> <manu_sporny> RANDA are the experts there
> Kimberly Linson:  I don't really have a reply but I have another 
>  I have a question for you Kim that maybe you can help me 
>  understand around verifiable presentations so so my understanding 
>  is that the benefit of a CLR is that it persists over time it's 
>  just a credential and you've got it and it exists.
> Kimberly Linson:   In a.
> Kimberly Linson:  Itself whereas a presentation a verifiable 
>  presentation when you package it together it is usable and then 
>  it doesn't exist anymore is that.
> Geun-Hyung Kim:  In practice that's how a lot of people have been 
>  using it I think the main thing is the CLR I mean I guess what 
>  I'm getting at is what are the what are the sort of like benefits 
>  of the CLR over you know some some likes a TBD other format and 
>  it does seem to be the sort of like the fit.
> Geun-Hyung Kim:   A purpose nature of.
> Geun-Hyung Kim:  Curious about like how the Signature suites are 
>  implemented or what's the Assumption about the Signature suites 
>  and sort of issues like subject holder binding and all of that 
>  how like how it's implemented now and how it might be in the 
>  future and Manu is queued up he might have the answer on that it 
>  sounds like he's been thinking about it already.
> Kerri Lemoie:  My guy having calling you if you'd like even if 
>  you don't have the answer to this that's okay.
> Manu Sporny:  Yeah I love how much Kim believes that I have an 
>  answer I don't unfortunately there's a there's a high-level 
>  answer right so so specifically I mean R&R the experts here 
>  that's that's with respect to CLR I I can speak to the crypto 
>  sweets primarily we are.
> Manu Sporny:   Actively working.
> Manu Sporny:  Just standard plain old vanilla digital signatures 
>  would which would work just fine for you know CLR V2 we are also 
>  you know we announced this selective disclosure scheme that's 
>  compliant with nist which is important for government in a large 
>  Enterprise use cases so that just went out to the mailing list 
>  last week talking about you know a selective disclosure mechanism 
>  that we could support that selective disclosure.
> Manu Sporny:   Mechanism mechanism is probably better suited for 
>  open badges.
> Manu Sporny:  It's like large documents like like the CLR it 
>  could potentially still work there but we are very early days 
>  with that and so we're going to have to you know one of the 
>  things I'm sure we'll work on with Randall and this is how it 
>  applies to see lrv to and if we need to you know rethink some of 
>  the design you know around the crypto sweet or CL are there and 
>  then finally there are other cryptographic sweets that just have 
>  very.
> Manu Sporny:   Three they have a hard time with.
> Manu Sporny:  Documents of the more complex the document is the 
>  more difficult you know it is to kind of do a selective 
>  disclosure of that thing so when we're talking about selective 
>  disclosure in this space it sounds like we're talking about two 
>  potential ways of doing selective disclosure the first one is to 
>  kind of a demise the thing into multiple different verifiable 
>  credentials which is kind of like the open badges approach and 
>  use presentations as Kim mentioned or the other you know 
>  selective disclosure is like I really do want to.
> Manu Sporny:   Share like some parts of this document.
> Manu Sporny:  So you know at CLR that contains all the classes 
>  that are taken or something of that nature being able to 
>  selectively disclose certain classes would be something that we 
>  could look at but of course I think would be really difficult to 
>  do with at least the cryptographic you know selective disclosure 
>  mechanism so I don't know if that was helpful or not Kim but 
>  that's all I have for now I put myself.
> Manu Sporny:   On the queue for a different.
> Manu Sporny:  And Riku for that.
> Geun-Hyung Kim:  Yes so that is helpful in I though it pitches on 
>  some of maybe bigger questions and I recall re-queue myself for 
>  that.
> Kerri Lemoie:  All right thanks Kim and  Manu you have the floor 
>  now.
> Phil Long:  Yeah and I invite anybody who has been part of the 
>  CLR work group to step in here as well but my understanding of 
>  the cor men mostly focusing now on CL R V2 is it is a document 
>  within a document it is an embedded structure which adds to this 
>  complexity and one can sign the outer credential in which the 
>  embedded credentials of individual course.
> Phil Long:   Is reside.
> <kim_duffy> That's helpful Phil, thanks
> Phil Long:  Consigned the outer credential and the inner 
>  credential excuse me the inner credentials that is the individual 
>  0p V 3s that represent the courses or other badges that might be 
>  associated with this compound document and and they're in my sort 
>  of the challenge for the wallet because the I do agree with 
>  manner that the simpler approach my wallet perspective is you 
>  just be able to parse out if it's a CL R V2.
> Phil Long:   The relevant.
> Phil Long:  Visual obv three is that represent courses which an 
>  individual may wish to have grouped together and send and not the 
>  rest of their transcript because presumably the Target or 
>  audience for this for this transcript or for this set of 
>  information is basically interested in specific aspects of the 
>  person's background and training and not necessarily the fact 
>  that they took theater and basket weaving and and had an 
>  internship.
> Phil Long:   On with some nonprofit as.
> Phil Long:  Anshel so the challenge is that it is the case that 
>  when you parse out the individual obv threes they and they are 
>  individually signed they are still coherent individually provable 
>  obv threes but the oh if you do that then I'm not clear that 
>  there is any risk that the CLR V2 itself as the outer envelope 
>  has may have been violated and there.
> Phil Long:   R4 they over.
> <kim_duffy> right
> Phil Long:  True that that was intended by the way these things 
>  are put together with their associations that describe the 
>  reasons this particular credential is been designed the way it is 
>  might be might be lost thanks.
> Tracy_Korsmo: Yeah and and so listen Tracy here I think my use 
>  case on that one is I have published in official High School 
>  transcript the minute a student starts sharing off individual 
>  certian 's I cannot refer to that as an official High School 
>  transcript anymore so those are some of the use cases that were 
>  looking at and I just looked at an apprenticeship and it requires 
>  a high.
> Tracy_Korsmo: And passing grade in Algebra 1 in high school 
>  perfect use case student sending out diploma not the transcript 
>  in a single course.
> <manu_sporny> Interesting, Tracy -- right, so you really don't 
>  want to be able to selectively disclose this stuff (on many 
>  occasions).
> Phil Long:  Right and in that particular case if I can jump in 
>  the if one if the wallet could parse out that individual course 
>  and send it as a single assertion credential BB3 they could still 
>  send the outer envelope of the transcript which is the diploma 
>  itself correct.
> Tracy_Korsmo: Well if I'm thinking of a diploma as something that 
>  we haven't published yet I'm thinking of a plumber is just a 
>  certificate of high school completion and nothing about grades at 
>  all.
> Phil Long:  It's oh no bv3 essentially.
> Tracy_Korsmo: Exactly it should be embedded in the CLR I'm sorry 
>  it should be embedded in high school transcript as an OB 3.
> <manu_sporny> "All these things belong together and constitute a 
>  transcript... you can't break them apart AND call it a 
>  transcript."
> Phil Long:  Right right so then you take out to credentials from 
>  the OBD2 from the CLR V2 and have those as the things that you 
>  send thank.
> Kerri Lemoie:  Pizza I'm running a little bit low on time so I'll 
>  try to be quick with my question I'm in in the EMT CLR so you'd 
>  have liked the overall EMT and then the other credentials 
>  associated with it for the other roles or skills right that 
>  comprised of that EMT certification would each of those 
>  credentials be signed by the same issuer.
> Kerri Lemoie:   And would they.
> Kerri Lemoie:  With one expires do they did not invalidate the 
>  whole CLR to like Howard verifiers handle that how would they 
>  verify the signatures and also the validation of them of each one 
>  individually.
> Tracy_Korsmo: Well in North Dakota it is a single state agency 
>  that issues the certificate or license in that Arena they're the 
>  single Authority in the state so they they would be the issuer of 
>  all four of the credentials.
> Tracy_Korsmo: But once again one-to-many could be revoked by the 
>  licensing body as well.
> Kerri Lemoie:  And if that was the case with the wholesaler would 
>  get reissued of say one of them was revoked did reassured me one.
> Kerri Lemoie:  I'm going to I'm going to move us forward here Kim 
>  Kim back pain.
> Geun-Hyung Kim: https://www.imsglobal.org/spec/clr/v1p0/impl/
> Geun-Hyung Kim:  I think one thing that stands out so I'm going 
>  to point to the what seems to be the use cases like as an issuer 
>  I want to do this as a publisher I want to do that like I noticed 
>  that there's no individual subject learner use cases in there and 
>  then also the parts so that the discussion we've had just now it 
>  seems like CLR might be useful for more narrow set of use cases 
>  where it's.
> Geun-Hyung Kim:   Like you.
> <phil_t3> @Manu - the registrars of HE institutions see the 
>  complex set as the thing the institution is asserting.  The 
>  individual courses as OBv3s can be parsed, sent and verified, but 
>  it depends on who at the institution is signing the individual 
>  OBv3s (the Department Chair of the discipline or Dean iof the 
>  School, etc.)
> <manu_sporny> ^ makes sense, thanks Phil
> <phil_t3> @Manu the 'complex set'  is the transcript
> Geun-Hyung Kim:  This whole package or like very limited set of 
>  packages you know so like the diploma or whatever makes sense 
>  verifiable presentations allow the holder to more flexibly 
>  combined VC so I think like outside of this sort of more you know 
>  specific set of you know very how do you say like aligned kind of 
>  you know we don't want the whole.
> Geun-Hyung Kim:   Order to be able to share.
> Geun-Hyung Kim:  Anything other than this and its complete form 
>  it seems like it's more advantageous for the learner to have like 
>  feces and be able to aggregate them into presentations as they 
>  see fit now I get the idea with registrar's for example like 
>  they're not going to let certain combinations of those fly in 
>  fact each issue or will have that kind of decision but it seems 
>  like it is interesting that a lot of CLR seems really bound to 
>  this publisher use case which I.
> Geun-Hyung Kim:   Would argue is kind of.
> Geun-Hyung Kim:  This model then a you know sort of like 
>  individual being able to assert their you know their 
>  representation so I do wonder what specific use cases like for 
>  the jmf plugfest we would want to use this for and making sure 
>  that we sort of you know get it for the right combination of use 
>  cases.
> Geun-Hyung Kim:   But we can come back.
> <phil_t3> The community of registrars is getting more comfortable 
>  with the ides of the Transcript sigened (outer credential) AND 
>  individual courses signed (as OBv3s) to give the students agency 
>  in representing themselves to 3rd parties
> Kerri Lemoie:  Okay my name is.
> Manu Sporny:  Yeah real quick and I don't think we need it we're 
>  just short on time what have we won't be able to cover this today 
>  question 2 consists of you know as a wallet implementer so our 
>  organization builds a wallet we demonstrated interop with you 
>  know Randa in a variety of other companies during the jmf 
>  plugfest to I'm I'm like I'm trying to wonder what our wallet 
>  needs to do to support CLR can we just treated.
> Manu Sporny:   Does a big verifiable credential blob and then.
> <phil_t3> AACRAO has been advocating this approach (out 
>  credential and inner credentials as OBv3s both signed)
> Manu Sporny:  Because for that blob and we'll hand it over from 
>  our wallet or will we be required to probe into that CL R 2 and R 
>  stand the inner workings of it and maybe provide things from 
>  within the credential so that's one of the main questions that's 
>  kind of hanging on my mind as we as we talk through this but this 
>  is really it was a great presentation thank you so much Tracy and 
>  you know rainbow for putting it together really exciting stuff.
> Kerri Lemoie:  Yeah thanks Ryan think Tracy new we're almost here 
>  but Sharon is here the Q we're going to let her closes here 
>  sharing you our last question.
> Sharon Leu:  Oh I I feel like Kim mostly got my question but I'm 
>  just not entirely clear what is the utility of in the use case of 
>  the EMT like having a seal our versus just open badge version 3s 
>  and I know that there has been some discussion about which sort 
>  of interpretation of the VC is right for what circumstance and I 
>  think I'm just trying to put in my mind like the different things 
>  that I heard today and just trying.
> Sharon Leu:   To figure out like what makes them a sense but I 
>  think that maybe.
> Sharon Leu:  Act and so I think what I'm going to do is I'm going 
>  to email this as a question to the list sir I think that like to 
>  your point Manu like it's overly complex to suggest that for any 
>  plugfest that are coming up that we would say not only do you 
>  accept the CLR VC blob but that you'd be able to interrogate it 
>  because I think that it hasn't been demonstrated all yet and 
>  there's not really a reference for how that's done so I think 
>  that that will probably be like a hold for much much later for.
> Sharon Leu:   This is like using.
> <phil_t3> Sounds like CHAPIv2 (LOL)
> <manu_sporny> haha :)
> Sharon Leu:  More simpler credentials but again I don't not 100% 
>  sure I'm clear on the entirety of this issue so I'll pose it to 
>  the listserv and I think we can continue having that discussion 
>  there.
> <kayode_ezike> It strikes me that a critical decision is which 
>  party to place greater responsibility on for interop
> Phil Long: +1 Kayode
> Kerri Lemoie:  Yeah that sounds great Sharon Tracy and and 
>  Kimberly thank you so much for coming here today because I we all 
>  have a lot of questions about the CLR and I think we're going to 
>  continue learning about it and trying to figure out how to how to 
>  work with it there's a whole lot of iterations of questions in 
>  ways that it could be used so thank you for the work that you're 
>  doing we appreciate you and thank you for coming here today so 
>  I'm thanks all let's keep talking about this and the plugfest 
>  and.
> Kerri Lemoie:   Hope you all have a wonderful week.
> <sharon_leu> thanks, all!
> <colin_reynolds,_ed_design_lab> Thank you!
> Manu Sporny: +1 Thank you Tracy, Kimberly, all! :)

Received on Tuesday, 6 June 2023 20:47:58 UTC