- From: Kerri Lemoie <kerrilemoie@gmail.com>
- Date: Tue, 6 Jun 2023 16:47:44 -0400
- To: public-vc-edu@w3.org
- Message-Id: <FE8050B0-9969-4720-9217-405148688CDA@gmail.com>
Hello friends, Below is the transcript and audio for our discussion yesterday about CLRs & Plugfest. Best K. > Begin forwarded message: > > From: CCG Minutes Bot <minutes@w3c-ccg.org> > Subject: [MINUTES] W3C CCG CCG Verifiable Credentials for Education Task Force Call - 2023-06-05 > Date: June 6, 2023 at 3:15:39 PM EDT > To: public-credentials@w3.org > Resent-From: public-credentials@w3.org > > Thanks to Our Robot Overlords for scribing this week! > > The transcript for the call is now available here: > > https://w3c-ccg.github.io/meetings/2023-06-05-vc-education/ > > Full text of the discussion follows for W3C archival purposes. > Audio of the meeting is available at the following location: > > https://w3c-ccg.github.io/meetings/2023-06-05-vc-education/audio.ogg > > ---------------------------------------------------------------- > VC for Education Task Force Transcript for 2023-06-05 > > Agenda: > https://lists.w3.org/Archives/Public/public-vc-edu/2023Jun/0001.html > Topics: > 1. IP Note > 2. Call Notes > 3. Introductions & Reintroductions > 4. Announcements & Reminders > 5. CLR & Plugfest 3 > Organizer: > Kerri Lemoie > Scribe: > Our Robot Overlords > Present: > Eric Shepherd, Kerri Lemoie, Andy Griebel, Nis Jespersen , Stuart > Freeman, Hiroyuki Sano, Japan, Simone Ravaoli, Chris Webber, > Sharon Leu, David Ward, Greg Bernstein, TimG, Phil Long, > Geun-Hyung Kim, Kimberly Linson, Maarten Boender, John Kuo, James > Chartrand, Lucy Yang, Dmitri Zagidulin, Tracy Korsmo, Jeff O - > HumanOS, Kayode Ezike, Chandi Cumaranatunge, Manu Sporny, Colin > Reynolds, Ed Design Lab, TallTed // Ted Thibodeau (he/him) > (OpenLinkSw.com), Joey, Jim Goodell > > <kerri_lemoie> Hello all - we'll get started in a few minutes. > Our Robot Overlords are scribing. > <kim_duffy> Hoping for Carrie Illinois today > Kerri Lemoie: Okay everybody hello happy Monday this is June 5th > the verifiable credentials for Education task force my name is > Kerri Lemoie will be remained to see what the transcriber will > call me today but we will find out I'm going to go through some > boilerplate opening so that we always cover in this call and then > we'll take it from there I'm today's agenda is really. > Kerri Lemoie: For the wallets participating in the clutch. > Kerri Lemoie: The Wider Community to learn more about the > comprehensive learning record V2 which is one of the edtech > specifications. > > Topic: IP Note > > Kerri Lemoie: Okay first IP note anybody can participate in > these calls these are open Community calls and everyone is > welcome to join them and discussing them if you are planning to > work on any of the standards at the CCD is part of this group > then you will want to join the community and sign the IPR > agreement and I believe this also applies to plug press > participants second call notes. > Kerri Lemoie: These calls are recorded. > > Topic: Call Notes > > Kerri Lemoie: So I'm video now that we can make available to you > if you need it so everything is archived everything is > transcribed by our robot transcriber and also recorded So that > others can follow along with what we're doing they can't make it > on this call or so that you can look it up in the future and in > reference this if you need to. > Kerri Lemoie: Next introduction so actually before I move on to > number 3 one thing to note is that we follow a queue system on > these calls so if you would like to ask a question or have > something to say just type Q Plus like so in the chat to add > yourself to the queue and to remove yourself from the queue keep > - and during the calls we keep an eye on the Queue and try to > call folks either in an order or according to you know the topic > that were discussing. > Kerri Lemoie: Next is introductions and reintroductions is > there. > > Topic: Introductions & Reintroductions > > Kerri Lemoie: Today who's new to the call or you know has been > on the cob would like to introduce themselves. > Kerri Lemoie: You are always welcome to do this throughout the > call to yourself up and introduce yourself if you haven't before. > > Topic: Announcements & Reminders > > Kerri Lemoie: Is announcements and reminders does anybody have > any announcements or reminders about the work they are doing or > anything else going on conferences meetings other types of > special topics that you'd like to bring up now. > > Topic: CLR & Plugfest 3 > > Kerri Lemoie: Then why don't we move on to our main agenda chat > for us so today we are going to talk about the comprehensive > learner record as part of cluckfest we've been sort of exploring > whether we should include other credential standards unlike > previous plug fast / we only did open badges three there are more > standards that are trying to align with VCS and there are other > standards like the CLR that have been in existence. > Kerri Lemoie: So today we want to. > Kerri Lemoie: Topic Ford and I talked about it with with folks > on this call and in The Wider community of those who are > participating in the plugfest to you know to learn more about it > and to see what the interest is and I take it from there I'm > going to put Tracy is here Tracy Tracy course Moe is joining us > because he has occurred two ladies working on North Dakota and > Tracy and let me know if I'm getting your title. > Kerri Lemoie: Wrong but I think you're the leader of the state > longitudinal. > Kerri Lemoie: Service in North Dakota right and you've been > working in the space for quite a long time. > Tracy_Korsmo: Yeah hello everybody Tracy course well here I am > the program manager the Statewide longitudinal data system here > in the state which comprises education and Workforce data > warehouses and through that project we've expanded into digital > credentialing through the collab usage partnering with Randa as > well as PCG and. > Tracy_Korsmo: we've published the North Dakota. > Tracy_Korsmo: Transcript which is a centralized service here in > the state as a digital credential to a wallet and that is a > comprehensive learner record as well from that then we've > expanded into post-secondary as well as more K-12 with the > welding certificates post-secondary really concentrating on > cybersecurity stackable credentials through certificates to > Associates to Bachelors to a master's degree in cyber security. > Tracy_Korsmo: And more recently we're working with the licensing > organization our health and human services here in the state > issues EMT the EMR EMT Advanced EMT and the paramedic credentials > here in the state and that's what we're currently working with > right now which is really interesting because I think that North > Dakota is firmly grounded in just accepting the national > standards testing on that sorry I'm forgetting. > Tracy_Korsmo: in the organization. > Tracy_Korsmo: But it's just a national test that is accepted in > North Dakota along with about 20 other states so it has > Interstate use so that's where we're headed with the EMT is > issuing that as a digital credential today that's kind of an > introduction Cary how would you like me to expand on. > Kerri Lemoie: Yeah thank you for that introduction I was great > Tracy I think you set the stage here to maybe next week and talk > about how you're approaching publishing this standard and the > various parts and if you have anything to show us that might be > helpful for those who have never really seen the sealer. > Tracy_Korsmo: Sure so let me pull up my test wallet here. > Kerri Lemoie: You should be able to show your screen. > Tracy_Korsmo: Okay so screen sharing. > Kerri Lemoie: Yes I can see it thank you. > Tracy_Korsmo: Okay are you guys seeing my screen yet okay so here > is the open credential publisher wallet that I'm logging into > right now. > Tracy_Korsmo: And so basically all the. > Tracy_Korsmo: She'll ours that have been published to me this is > obviously a test account as well as open badges are sitting in > here if I look at a North Dakota High School transcript visually > this is a summary of the transcript and essentially the course > grades but if I get into the details of the transcript you'll see > that it is verifiable credential debut three see the proof and > the CLR Kyle be verified the learner as well. > Tracy_Korsmo: as the publisher and each one we do. > Tracy_Korsmo: Embedded evidence to help with the cold start of > sharing clrs we can do a pdf version of that. > Tracy_Korsmo: And then we just get into the details of a North > Dakota High School transcript and bringing it down to the level > of an individual course the issuer being Great Plains High School > with its public key the results as well as alignments and this is > referencing the case North Dakota case Network. > Tracy_Korsmo: We have the state course code defined as well as an > alignment to the national state course codes the sked codes so > that is the metadata reference to the course definition and the > competencies and skills related to that going back to the wall at > if I look at a non transcript type here this is career-ready > practices work based learning it's kind of like 21st century > skills if you will. > Tracy_Korsmo: so this is just a. > Tracy_Korsmo: Issue to the student and this has course transfer > abilities to community colleges and in this credential here > you're going to see a reference to not only the competencies > represented here in North Dakota for that credential but you will > also see a reference to the credential engine. > Tracy_Korsmo: So here's karate practices as in the credential > registry here in North Dakota and that's kind of where we're > leaning with most of our recognized credentials in the state is > they'll be at least in the credential registry and in some cases > there will be articulation of the skills and competencies in the > case Network as well. > Tracy_Korsmo: So what I look at what we're currently working on > in mind you these are not published clrs these are uploaded clrs > but if I look at like an EMT. > Tracy_Korsmo: EMT at this time is not defined as competencies or > skills as that should be a national publication of those but we > do have the credential engine definition here in North Dakota > sorry about this anyway that is a credential engine and the > definition in the credential engine I'll stop there and answer > any questions. > Kerri Lemoie: Make sure to yes we have money you in the queue > right now somebody why don't you go ahead with your first > question. > Manu Sporny: Sure thanks Kerry Tracy this is this is really cool > really loving the demo so far I noticed that you've been saying > that some of this is CL are I saw an open badges thing in there > as well I take it like this wallet contains both types of Records > in there is that is that right or II I'm getting confused > between. > Manu Sporny: In like what's the badge and. > <kerri_lemoie> Example structure of a CLR v2 in the spec: > https://www.imsglobal.org/spec/clr/v2p0#basic-clrcredential > Manu Sporny: What CLR and is there any overlap between the two > you know what. > <manu_sporny> Thanks Kerri ^ above is helpful, looking now. > Tracy_Korsmo: Okay so what we've done in this project is we do > allow the individuals to connect to OB 2.1 connections and pull > in any badges they have through a badging vendor and bring that > into your wallet so the open badge hold on a second so now you'll > see that. > Tracy_Korsmo: I can pull in any. > Tracy_Korsmo: Churches that have been published to Badger right > now and put them into my wallet. > Tracy_Korsmo: So what you're seeing here is the badges that I > have pulled into my wallet and so. > <kerri_lemoie> 2.1 (2.0) badges are not aligned with W3C > Verifiable Credentials > Tracy_Korsmo: I can verify this badge with a badger as well but > more importantly I can embed this in a CLR and once it's embedded > in a CLR it's really not verifiable anymore because it's just > self-assertion if you will and that's one of the reasons for OB > 3.0 to be able to verify publish and verifiable credential is now > I can publish that as essentially a single assertion CLR. > Tracy_Korsmo: so now it's verifiable. > Manu Sporny: Yes thank you. > Tracy_Korsmo: In the credential itself that makes sense and then > I could curate a collection here just by simply choosing which > clrs I want to combine if you will in a presentation and creating > a collection and then I could literally share that collection out > so if an employer or somebody wants to receive three credentials > that I have I don't have. > Tracy_Korsmo: have to send them three requests. > Tracy_Korsmo: To receive them or share them three different times > I could curate a collection of them more like a job resume if you > will and just share the. > Kerri Lemoie: Can't you see we have a couple more people in the > queue would you like to present more would you like to answer > questions first. > Kerri Lemoie: And Kimberly you are next. > Kimberly Linson: I was actually just going to share a couple of > things that I think helped in this open badge versus CL are > formatting like like how do you choose when do you choose why do > you choose and so Tracy I don't do I need to do you need to stop > sharing for me to share or can I start hearing if I just. > Kerri Lemoie: I think case you would have to stop yeah then you > can start over there you did. > Tracy_Korsmo: I think I stopped. > Kimberly Linson: Okay so I I have been doing a bit of analysis > around am I showing my are you seeing a welding American Welding > Society license oh good okay it's very tiny on my screen so this > I'm going to show you two different credentials and I think this > is where the conversation has to start around. > Kimberly Linson: Kind of credential format are you using this > American Welding Society license and and we do a lot of our work > is in professional licensure so that's what I'm going to I like > to talk about but this one you can see this is American Welding > Society is issuing organization there is basically one assertion > this person is a welding inspector they have there's a license > number associated with it. > Kimberly Linson: Some signatures and what not but this. > Kimberly Linson: Could probably be accommodated by What Would by > the open batch right it really is asserting one thing the problem > becomes when how do I undo share. > Kimberly Linson: Okay there and then I can. > Kimberly Linson: Is the Colorado teachers license and we > actually as a part of the work we're doing on the NG a project > wanted to make this an open badge we thought that was going to be > just the easiest and smoothest way to transport this data from > our system into the my Colorado app and into teacher wallet but > unfortunately what we ran into was that because of the way that > there are so many endorsements and then even these children > underneath the. > Kimberly Linson: Endorsements that you probably can see. > Kimberly Linson: Nations that you can have different > designations and so because there's so much parent and child > reaction inside of this license this is why like the CLR is good > and when Tracy shows the transcript or when we look at at EMTs > and we think about all the things that go underneath their > license that's why the comprehensive learner record really made > sense for this particular license but I think. > Kimberly Linson: I think that's one of the. > Kimberly Linson: That I want to say is that the decision about > what try not to unsure about which format which standard format > to use is about which one is going to reduce the most friction > right is it is are you only trying to say one thing then open > badges probably the right choice if you're trying to say lots of > things then CLR is probably the right choice. > Kerri Lemoie: Thanks Kimberly and I'm going to call it an > unfilled because he's next in the queue but I was wondering the > Tracy or or Kimberly if you have the structure for what it looked > like one of these clrs would look like the actual like metadata > so that those who have wallets could look at see what that looks > like like a real example because I think the one in the bathroom > the CLR spec isn't quite as like quite like yours because what > are you if you. > Kerri Lemoie: Have any of that you could. > Tracy_Korsmo: I should have some Json. > Kerri Lemoie: Perfect let me let me call on on fill and then > maybe we could take a look at that that would be really helpful > still anyway yes. > Phil Long: Yes hi can you hear me okay great Tracy nights great > great presentation so far and in Kimberly already address I had > two parts to my question the first way is to go into a little bit > more about alignments because I think that's unique to the CLR in > the badge space and and Kimberly Hint it to it and by saying that > alignments actually pertain to the relationship among either > assertions. > Phil Long: Endorsements if you will to a particular transcript > which is effect effectively the documentation of the diploma or > degree but I think Kimberly talked about that and the only thing > I would add to it is that it's it's more it can be more than > parent-child it can be a circumstance where the illiterate where > the alignment indicates that there is a set of six courses at > particular. > Phil Long: Relationship to the one on. > <kerri_lemoie> @tracy - do you have the JSON-LD for the EMT > credential? > Phil Long: And you have to take one of these six in order to be > able to complete the overall degree requirement and things like > that it's the stuff registrar's a lot of because it distinguishes > the thinking that went behind the set of experiences that a > student took in the pursuit of their of their diploma the second > question I was going to ask was really about. > Phil Long: Different differentiation in the CLR between the > publisher and the issuer and you might want to spend a few > minutes just making sure people are clear on that because I think > that's also unique to the CLR structure thanks. > Tracy_Korsmo: I think you have quite a few questions in their > fellow but you know when it comes to the publisher versus the > issuer in North Dakota we set up the state a state node if you > will of a publisher so we at the state ourselves authorized any > entity that we want to issue underneath the brand of North Dakota > it does not mean that the state is issuing a high school. > Tracy_Korsmo: script the issue. > Tracy_Korsmo: Is still the high school but the state is doing the > publishing of the CLR on behalf of the high school is that where > you wanted to articulate that Phil. > Phil Long: Yes I think that the notion there that you correctly > point out is that there's a publisher and there's an issuer and > this particular case I think the issuer is the local organization > if you will or the most local in the context of the hierarchy of > institutional relationships and and the state is the publisher is > that correct yeah so that's why I think that that distinction is > unique to the CLR. > Phil Long: Of to an issue were always in a. > Phil Long: Me or or other kinds of badge it is it is there's one > entity that is the issuer either the person's self issues or a > third-party issues something to a person but but in the case of C > large distinct. > Tracy_Korsmo: So this you know I think maybe our CLR terminology > right now might be a little bit misleading because we are calling > it The Publisher is the Great Plains High School but it was > published through an open ends are open credential publisher > installed by the state of North Dakota authorizing Great Plains > High School to publish and that's a good point is. > Tracy_Korsmo: each one of these credentials is. > Tracy_Korsmo: An issuer but up here we are still calling the > publisher Great Plains High School this could be the state of > North Dakota. > Phil Long: Yeah that would be helpful to probably normalize in > some fashion that's great and the other thing I guess is the > difference between CLR one and CLR to in part is that the course > that you're considering as an entity in C LR V to at least is the > same data structure in bit for bit as an OB V 3 it's it is a > badge. > Phil Long: Edge in the data structure it's simply called in. > Phil Long: And as and as a consequence can be individually > signed if the organization wishes to do so. > Tracy_Korsmo: Yeah each one of these I could there could actually > be an image associated with each one of these assertions and we > could even call it a type badge so an OB 30 is simply a single > assertion same structure as in the CLR. > Phil Long: And it's helpful to the to the group thank you Kerry. > Kerri Lemoie: Sure thank you I'm going to pull myself out of the > queue for now and let Greco and Greg he grabbed the floor there. > Kerri Lemoie: I'll come back. > Greg Bernstein: Hi I've been working on this is great Bernstein > I've been working on the test vectors and things like that for a > bunch of the security Suites and most recently been doing a lot > of work with BBs and selective disclosure I went and looked at > the CLR before this talk and I was looking through the document > because I wanted a complicated transcript to apply selective > disclosure. > Greg Bernstein: There were no. > Greg Bernstein: Document and I see you've got these great > examples do you also have desires as far as functionality related > to selective disclosure as we're looking at BBS and a bunch of > other ways to do selective disclosures what kind of functionality > you want is that documented would you like to discuss it that's > kind of Prime on our plates for some of us right now and having. > Greg Bernstein: Some good examples I saw you had like 58 > assertions of full. > Greg Bernstein: Script that would be great to work with for > comparing different methods of selective disclosure. > <phil_t3> @Greg Berstein - which CLR were you looking at? (CLRv1 > or CLRv2?) > Tracy_Korsmo: If I would be willing to publish a high school > transcript to North Dakota wallet if you want Greg if you're > looking for. > Greg Bernstein: Okay send me a link and such sand I can I it > love the Json and also if there's people that would give feedback > about besides mandatory disclosure of a subset or maybe other > complicated things that you don't. > Greg Bernstein: Things taken out of context when you're doing > selective disclosure these are some of these rough Notions trying > to figure out what we want to do with Selective disclosure and > the features we want with it when we take the raw crypto and > apply it to the credentials so not don't need an answer now but > it's people want to talk about these kind of desires as we map > between crypto and the credentials and how we do this that would > be great. > <kim_duffy> Is that a selective disclosure signature suite per se > or just separately issued/signed claims (in the CLR)? > Tracy_Korsmo: Yeah I think as we're you know I'm actually seeing > students sharing their High School transcript with colleges today > we've had a couple of them the problem with North Dakota's use > case is we have a centralized State e transcript system already > and we can send out a state albeit PDFs but so it is. > Tracy_Korsmo: really handles North Dakota of needs quiet. > Tracy_Korsmo: All where the value comes for the high school > students is when they're graduated in need to show evidence in > the high school transcript they can you know provide that > transcript to a future employer education institution so we've > had a couple of do that on their own so that's work but I think > the use cases of how this is going to work the EMT first > responder is a really good example of how this would work in > this. > Tracy_Korsmo: First responder trying to get access into an > emergency response scenario well first responder is any of those > four categories in the v of an EMT through a paramedic but if I'm > a paramedic I can pretty much ignore the fact that I'm an EMT or > Advanced EMT because that Trump's them all so now I have okay > well how do I get this down to a single top credential but then > it also is a policeman fireman. > Tracy_Korsmo: emergency medical personnel. > Tracy_Korsmo: So how does that work in emergency response there's > a QR code that is requesting 56 different credentials and then I > selectively disclosed all five of those so the use cases are just > starting to kind of play out now if that makes sense. > Greg Bernstein: Cool cool yeah I didn't think about that one > that's real good. > Tracy_Korsmo: Yeah and Kimberly you're working I think you're > working with digital bizarre on just conceptually how First > Responders work. > Kimberly Linson: Yes we're just starting at work and I think man > who was actually on here too and I'm sure we'll talk more about > that I also am thinking about the work we're doing with education > Design Lab and you know they have a very interesting you know > assessment you got for assessments and then there's an > overarching credential that sort of goes on top of those and > being able to disclose you know part of that all of that none of > the underlying but but the top. > Kimberly Linson: Kit level comes to mind. > Kimberly Linson: So I definitely would love to talk more about > about it. > Kerri Lemoie: Great thanks everybody my money you are in the > queue but if you don't mind I'm going to switch my hats for a > second and then I will call on you I'll put my question yeah I'm > going to put on my my DCC and Standards Developer hat instead of > my bcig hard just just for a moment I'm going to sit back up a > little bit maybe I'm wearing both hats but you know I'm trying so > as the deed as a wallet developer what we've been what we've been > doing during. > Kerri Lemoie: During plugfest right what it was about because > her podcast is. > Kerri Lemoie: Individual downloads of wallet and then they > connect with the issuer to retrieve their credential there's some > did off that happens where the issuer checks to make sure that > that identity is signed and then it is published just reassign us > publish it is returned back to the wallet where the individual > can choose to accept it or not and this has been the flow that > were using during cluckfest and in that so what I'm wondering as > a wallet provider how would that EMT. > Kerri Lemoie: How would all of those credentials and the over. > Kerri Lemoie: Inner work in that way they would they all be > individually signed and issued to that single ID with the same > issue and state could you walk us through how that power while it > should handle a COR like that. > Kerri Lemoie: I guess it's your Kimberly because Kimberly is > here too so either of you really thanks. > Tracy_Korsmo: Is that a question to me well I'm assuming that > there's going to be request for five different clrs and so > categorizing or typecasting that CLR it's pretty important that > that that phase to the way I'm thinking about right now is it's > going to have to be a request for law enforcement it's going to > have to be a request. > Tracy_Korsmo: for you know. > Tracy_Korsmo: Firefighting credentials or request for EMT > credentials so to me that's a single qr-code asking for multiple > types of clrs but that's I'm in my infancy of understanding this > at this. > Kerri Lemoie: Okay Kimberly do you want to take that on. > Kimberly Linson: Well I'm going to I'm going to say I feel like > chappie is the chappie everyone knows here at chop he's my answer > for all problems but man who can you tell me whether chappie > would be the right call here. > Manu Sporny: Maybe so I think this is a the answer I think all > right now Kimberly is maybe I can see how it how it might work > but let me back up a bit to something crazy said before we are > you know working with Randa to try in figure out how exactly how > these types of presentations could happen in the real world our > background is in in. > Manu Sporny: Employing this stuff. > Manu Sporny: He'll sector so think about you know somebody > checking out at a retail counter we have deployed verifiable > credentials into that ecosystem through the true Edge program > 150,000 stores across the u.s. yada yada yada and one of the > things that Tracy said is something that we do in that scenario > meaning that an individual walks up in initiates an interaction > at the register so this is an individual initiating a transaction > at. > Manu Sporny: The register using a qr-code. > Manu Sporny: Then the point of sale you know connects digital > wallet in the cloud and basically asked for multiple credentials > and I think that's where the kind of the core of what Tracy was > talking about and what Kimberly was talking about Kerry was > talking about you know exactly how that is done is currently > being worked through so there are a couple of ways that we could > do it one of them is we look at all of these. > Manu Sporny: Initials as atomic things like if they were. > Manu Sporny: Completely separate open badges they were kind of > self-contained things whoever is requesting these credentials > could request each one individually so that's one way it could be > done and that could be done through chappie the other way it > could potentially be done is by doing specific sub queries into a > CLR where maybe there's some data within the CLR that's digitally > signed and the dish. > Manu Sporny: The wild could pluck that data out of the. > Manu Sporny: In just send it individually adjust for the things > that were asked for that's pretty complicated to do meaning like > the digital wallet would have to have a pretty deep understanding > of like the CLR and how its constructed and what it's used for in > those are really the two approaches that come to mind so Kimberly > yes chappie could be used for both mechanisms the query protocol > would probably be pretty different in both situations. > Manu Sporny: Um you know my gut feel right now is that you know > a simpler more Atomic you know mechanism might be best or a way > for you know a wall to pluck those credentials out of the CLR > might be best however those wallets are going to have to be > pretty knowledgeable about the CLR data format whereas many of > the Wallets on the market today you know are not so there's some > really interesting I think design questions and ecosystem > questions. > Manu Sporny: Is there. > Manu Sporny: Things like that like what Tracy said the first > responder you know the request for like five credentials and that > scenario is going to really inform you know what these protocols > look like what you know minimum functionality for a wallet might > look like and it may even you know impact the standards that were > you know in the middle of creating hopefully that was a helpful > answer. > Kerri Lemoie: Thanks honey that was really helpful Chase your > Kimberly do you do you want to reply to that respond to that. > Tracy_Korsmo: No I'm just happy that people are looking at this > scenario. > <phil_t3> Does the BBS+ selective disclosure approach also > require a the deep knowledge of the CLRv2 structure? > Kerri Lemoie: But we don't have anyone in the queue right now > while it folks if you have your question sir they're heading to > yourself up I'm sort of putting myself in the queue right there > just just to keep the conversation going but also to follow up on > something that money my name is said which is is the complexity > of this and there is so much value in the complexity when we > first started talking about issuing open badges as verifiable > credentials in like two years ago I'm a. > Kerri Lemoie: Just pretty much we are going for the simple > simple approach we're like great we have this one simple. > <manu_sporny> kinda/sorta, Phil -- the selective disclosure stuff > gets far more difficult the more complex the VC is. > Kerri Lemoie: The one single achievement we're going to go ahead > and try and get this aligned so we can get that going and it > around the same time the conversation started about the complex > credentials and which is which is important there's a lot of > complexity that happens in the world right and we need that also > at this stage just just in my opinion of where we are with > plugfest and ecosystem we have a lot of work to do just from the > simple side still very just from the one-offs of like somebody > graduated yes or no or. > Kerri Lemoie: Somebody is enrolled. > Kerri Lemoie: He was employed like just these super like micro > credentials not official microcredit has micro versions of > credentials are a lot easier for the wallets to ingest right now > as the protocols and the software exists Kim you are in the you > have the floor sorry go ahead. > <greg_bernstein> There's a mapping process between the credential > and the simple "list" of statements that BBS works with. > Geun-Hyung Kim: Thanks and I was quickly scanning the CLR > respect to refresh my memory and it's it's exploded since the > last time I saw it so forgive me if these are basic questions you > know so in the verifiable credential ecosystem generally we've > been using concept of verifiable presentations sort of > conceptually similar to CLR I would say with the exception that. > Geun-Hyung Kim: At the scene. > <phil_t3> It might be easier if a wallet could simply extract the > OBv3 representative single assertions, which then the wallet > knows what to do with.... > <phil_t3> That is extract it from the CLRv2 compound credential > Geun-Hyung Kim: More fit for purpose you know it has the roll > like so a verifiable presentation or you know similar constructs > could be used to achieve as a CLR but a CLR has the terminology > and the concepts that people in this space would be familiar with > like the idea of issuer being separate from you know whatever > granting institution the thing that because the. > Geun-Hyung Kim: Peck is big I wasn't able to get a. > <manu_sporny> yes ^ (but that presumes wallets know how to do > that) > Geun-Hyung Kim: Of was how suitable it is for you know sort of > selective disclosure and I briefly ask this question before it > wasn't clear if the CLR itself is meant to be this atomically > atomically issued thing like I know we've talked about being able > we talked about selective disclosure but we haven't been precise > about what we're doing there like. > Geun-Hyung Kim: Is that necessarily like. > <phil_t3> The CLRv2 now supports the signature suites of the VC > DM v1.1 > Geun-Hyung Kim: CLR now necessarily support flexible Signature > suites are we assuming that the issuer is sort of doing or some > something clever behind the scenes to make it selectively > disclosable just sort of curious about how that works right now > and I know Kimberly mentioned that they've been ran has been > working on something with digital bizarre so maybe what they're > working on represents the future of the spec so just curious. > Geun-Hyung Kim: For more details on that. > Kerri Lemoie: Tracy or Kimberly to you. > <manu_sporny> Digital Bazaar are noobs when it comes to CLR :) > <manu_sporny> RANDA are the experts there > Kimberly Linson: I don't really have a reply but I have another > I have a question for you Kim that maybe you can help me > understand around verifiable presentations so so my understanding > is that the benefit of a CLR is that it persists over time it's > just a credential and you've got it and it exists. > Kimberly Linson: In a. > Kimberly Linson: Itself whereas a presentation a verifiable > presentation when you package it together it is usable and then > it doesn't exist anymore is that. > Geun-Hyung Kim: In practice that's how a lot of people have been > using it I think the main thing is the CLR I mean I guess what > I'm getting at is what are the what are the sort of like benefits > of the CLR over you know some some likes a TBD other format and > it does seem to be the sort of like the fit. > Geun-Hyung Kim: A purpose nature of. > Geun-Hyung Kim: Curious about like how the Signature suites are > implemented or what's the Assumption about the Signature suites > and sort of issues like subject holder binding and all of that > how like how it's implemented now and how it might be in the > future and Manu is queued up he might have the answer on that it > sounds like he's been thinking about it already. > Kerri Lemoie: My guy having calling you if you'd like even if > you don't have the answer to this that's okay. > Manu Sporny: Yeah I love how much Kim believes that I have an > answer I don't unfortunately there's a there's a high-level > answer right so so specifically I mean R&R the experts here > that's that's with respect to CLR I I can speak to the crypto > sweets primarily we are. > Manu Sporny: Actively working. > Manu Sporny: Just standard plain old vanilla digital signatures > would which would work just fine for you know CLR V2 we are also > you know we announced this selective disclosure scheme that's > compliant with nist which is important for government in a large > Enterprise use cases so that just went out to the mailing list > last week talking about you know a selective disclosure mechanism > that we could support that selective disclosure. > Manu Sporny: Mechanism mechanism is probably better suited for > open badges. > Manu Sporny: It's like large documents like like the CLR it > could potentially still work there but we are very early days > with that and so we're going to have to you know one of the > things I'm sure we'll work on with Randall and this is how it > applies to see lrv to and if we need to you know rethink some of > the design you know around the crypto sweet or CL are there and > then finally there are other cryptographic sweets that just have > very. > Manu Sporny: Three they have a hard time with. > Manu Sporny: Documents of the more complex the document is the > more difficult you know it is to kind of do a selective > disclosure of that thing so when we're talking about selective > disclosure in this space it sounds like we're talking about two > potential ways of doing selective disclosure the first one is to > kind of a demise the thing into multiple different verifiable > credentials which is kind of like the open badges approach and > use presentations as Kim mentioned or the other you know > selective disclosure is like I really do want to. > Manu Sporny: Share like some parts of this document. > Manu Sporny: So you know at CLR that contains all the classes > that are taken or something of that nature being able to > selectively disclose certain classes would be something that we > could look at but of course I think would be really difficult to > do with at least the cryptographic you know selective disclosure > mechanism so I don't know if that was helpful or not Kim but > that's all I have for now I put myself. > Manu Sporny: On the queue for a different. > Manu Sporny: And Riku for that. > Geun-Hyung Kim: Yes so that is helpful in I though it pitches on > some of maybe bigger questions and I recall re-queue myself for > that. > Kerri Lemoie: All right thanks Kim and Manu you have the floor > now. > Phil Long: Yeah and I invite anybody who has been part of the > CLR work group to step in here as well but my understanding of > the cor men mostly focusing now on CL R V2 is it is a document > within a document it is an embedded structure which adds to this > complexity and one can sign the outer credential in which the > embedded credentials of individual course. > Phil Long: Is reside. > <kim_duffy> That's helpful Phil, thanks > Phil Long: Consigned the outer credential and the inner > credential excuse me the inner credentials that is the individual > 0p V 3s that represent the courses or other badges that might be > associated with this compound document and and they're in my sort > of the challenge for the wallet because the I do agree with > manner that the simpler approach my wallet perspective is you > just be able to parse out if it's a CL R V2. > Phil Long: The relevant. > Phil Long: Visual obv three is that represent courses which an > individual may wish to have grouped together and send and not the > rest of their transcript because presumably the Target or > audience for this for this transcript or for this set of > information is basically interested in specific aspects of the > person's background and training and not necessarily the fact > that they took theater and basket weaving and and had an > internship. > Phil Long: On with some nonprofit as. > Phil Long: Anshel so the challenge is that it is the case that > when you parse out the individual obv threes they and they are > individually signed they are still coherent individually provable > obv threes but the oh if you do that then I'm not clear that > there is any risk that the CLR V2 itself as the outer envelope > has may have been violated and there. > Phil Long: R4 they over. > <kim_duffy> right > Phil Long: True that that was intended by the way these things > are put together with their associations that describe the > reasons this particular credential is been designed the way it is > might be might be lost thanks. > Tracy_Korsmo: Yeah and and so listen Tracy here I think my use > case on that one is I have published in official High School > transcript the minute a student starts sharing off individual > certian 's I cannot refer to that as an official High School > transcript anymore so those are some of the use cases that were > looking at and I just looked at an apprenticeship and it requires > a high. > Tracy_Korsmo: And passing grade in Algebra 1 in high school > perfect use case student sending out diploma not the transcript > in a single course. > <manu_sporny> Interesting, Tracy -- right, so you really don't > want to be able to selectively disclose this stuff (on many > occasions). > Phil Long: Right and in that particular case if I can jump in > the if one if the wallet could parse out that individual course > and send it as a single assertion credential BB3 they could still > send the outer envelope of the transcript which is the diploma > itself correct. > Tracy_Korsmo: Well if I'm thinking of a diploma as something that > we haven't published yet I'm thinking of a plumber is just a > certificate of high school completion and nothing about grades at > all. > Phil Long: It's oh no bv3 essentially. > Tracy_Korsmo: Exactly it should be embedded in the CLR I'm sorry > it should be embedded in high school transcript as an OB 3. > <manu_sporny> "All these things belong together and constitute a > transcript... you can't break them apart AND call it a > transcript." > Phil Long: Right right so then you take out to credentials from > the OBD2 from the CLR V2 and have those as the things that you > send thank. > Kerri Lemoie: Pizza I'm running a little bit low on time so I'll > try to be quick with my question I'm in in the EMT CLR so you'd > have liked the overall EMT and then the other credentials > associated with it for the other roles or skills right that > comprised of that EMT certification would each of those > credentials be signed by the same issuer. > Kerri Lemoie: And would they. > Kerri Lemoie: With one expires do they did not invalidate the > whole CLR to like Howard verifiers handle that how would they > verify the signatures and also the validation of them of each one > individually. > Tracy_Korsmo: Well in North Dakota it is a single state agency > that issues the certificate or license in that Arena they're the > single Authority in the state so they they would be the issuer of > all four of the credentials. > Tracy_Korsmo: But once again one-to-many could be revoked by the > licensing body as well. > Kerri Lemoie: And if that was the case with the wholesaler would > get reissued of say one of them was revoked did reassured me one. > Kerri Lemoie: I'm going to I'm going to move us forward here Kim > Kim back pain. > Geun-Hyung Kim: https://www.imsglobal.org/spec/clr/v1p0/impl/ > Geun-Hyung Kim: I think one thing that stands out so I'm going > to point to the what seems to be the use cases like as an issuer > I want to do this as a publisher I want to do that like I noticed > that there's no individual subject learner use cases in there and > then also the parts so that the discussion we've had just now it > seems like CLR might be useful for more narrow set of use cases > where it's. > Geun-Hyung Kim: Like you. > <phil_t3> @Manu - the registrars of HE institutions see the > complex set as the thing the institution is asserting. The > individual courses as OBv3s can be parsed, sent and verified, but > it depends on who at the institution is signing the individual > OBv3s (the Department Chair of the discipline or Dean iof the > School, etc.) > <manu_sporny> ^ makes sense, thanks Phil > <phil_t3> @Manu the 'complex set' is the transcript > Geun-Hyung Kim: This whole package or like very limited set of > packages you know so like the diploma or whatever makes sense > verifiable presentations allow the holder to more flexibly > combined VC so I think like outside of this sort of more you know > specific set of you know very how do you say like aligned kind of > you know we don't want the whole. > Geun-Hyung Kim: Order to be able to share. > Geun-Hyung Kim: Anything other than this and its complete form > it seems like it's more advantageous for the learner to have like > feces and be able to aggregate them into presentations as they > see fit now I get the idea with registrar's for example like > they're not going to let certain combinations of those fly in > fact each issue or will have that kind of decision but it seems > like it is interesting that a lot of CLR seems really bound to > this publisher use case which I. > Geun-Hyung Kim: Would argue is kind of. > Geun-Hyung Kim: This model then a you know sort of like > individual being able to assert their you know their > representation so I do wonder what specific use cases like for > the jmf plugfest we would want to use this for and making sure > that we sort of you know get it for the right combination of use > cases. > Geun-Hyung Kim: But we can come back. > <phil_t3> The community of registrars is getting more comfortable > with the ides of the Transcript sigened (outer credential) AND > individual courses signed (as OBv3s) to give the students agency > in representing themselves to 3rd parties > Kerri Lemoie: Okay my name is. > Manu Sporny: Yeah real quick and I don't think we need it we're > just short on time what have we won't be able to cover this today > question 2 consists of you know as a wallet implementer so our > organization builds a wallet we demonstrated interop with you > know Randa in a variety of other companies during the jmf > plugfest to I'm I'm like I'm trying to wonder what our wallet > needs to do to support CLR can we just treated. > Manu Sporny: Does a big verifiable credential blob and then. > <phil_t3> AACRAO has been advocating this approach (out > credential and inner credentials as OBv3s both signed) > Manu Sporny: Because for that blob and we'll hand it over from > our wallet or will we be required to probe into that CL R 2 and R > stand the inner workings of it and maybe provide things from > within the credential so that's one of the main questions that's > kind of hanging on my mind as we as we talk through this but this > is really it was a great presentation thank you so much Tracy and > you know rainbow for putting it together really exciting stuff. > Kerri Lemoie: Yeah thanks Ryan think Tracy new we're almost here > but Sharon is here the Q we're going to let her closes here > sharing you our last question. > Sharon Leu: Oh I I feel like Kim mostly got my question but I'm > just not entirely clear what is the utility of in the use case of > the EMT like having a seal our versus just open badge version 3s > and I know that there has been some discussion about which sort > of interpretation of the VC is right for what circumstance and I > think I'm just trying to put in my mind like the different things > that I heard today and just trying. > Sharon Leu: To figure out like what makes them a sense but I > think that maybe. > Sharon Leu: Act and so I think what I'm going to do is I'm going > to email this as a question to the list sir I think that like to > your point Manu like it's overly complex to suggest that for any > plugfest that are coming up that we would say not only do you > accept the CLR VC blob but that you'd be able to interrogate it > because I think that it hasn't been demonstrated all yet and > there's not really a reference for how that's done so I think > that that will probably be like a hold for much much later for. > Sharon Leu: This is like using. > <phil_t3> Sounds like CHAPIv2 (LOL) > <manu_sporny> haha :) > Sharon Leu: More simpler credentials but again I don't not 100% > sure I'm clear on the entirety of this issue so I'll pose it to > the listserv and I think we can continue having that discussion > there. > <kayode_ezike> It strikes me that a critical decision is which > party to place greater responsibility on for interop > Phil Long: +1 Kayode > Kerri Lemoie: Yeah that sounds great Sharon Tracy and and > Kimberly thank you so much for coming here today because I we all > have a lot of questions about the CLR and I think we're going to > continue learning about it and trying to figure out how to how to > work with it there's a whole lot of iterations of questions in > ways that it could be used so thank you for the work that you're > doing we appreciate you and thank you for coming here today so > I'm thanks all let's keep talking about this and the plugfest > and. > Kerri Lemoie: Hope you all have a wonderful week. > <sharon_leu> thanks, all! > <colin_reynolds,_ed_design_lab> Thank you! > Manu Sporny: +1 Thank you Tracy, Kimberly, all! :) > >
Received on Tuesday, 6 June 2023 20:47:58 UTC