- From: Kazuyuki Ashimura <ashimura@w3.org>
- Date: Fri, 21 Sep 2018 19:32:41 +0900
- To: public-vc-wg@w3.org
available at:
https://www.w3.org/2018/09/18-vcwg-minutes.html
also as text below.
Thanks a lot for taking these minutes, Ted!
Kazuyuki
---
[1]W3C
[1] http://www.w3.org/
- DRAFT -
Verifiable Claims Working Group
18 Sep 2018
[2]Agenda
[2] https://lists.w3.org/Archives/Public/public-vc-wg/2018Sep/0004.html
Attendees
Present
Dan_Burnett, Bohdan_Andriyiv, Chris_Webber,
Clare_Nelson, Tzviya_Siegman, Matt_Stone, Alex_Ortiz,
Michael_Lodder, Bob_Burke, Yancy_Ribbens,
Benjamin_Young, BrentZ, Daniel_Hardman, David_Chadwick,
Kaliya_Young, Lovesh_Harchandani, Ted_Thibodeau,
Tim_Tibbals, Kaz_Ashimura
Regrets
Chair
Dan_Burnett, Matt_Stone
Scribe
TallTed
Contents
* [3]Topics
1. [4]Agenda review, Introductions, Re-introductions
2. [5]Assign owners to unassigned issues
3. [6]Review TPAC agenda working copy
4. [7]Most stagnant issues
* [8]Summary of Action Items
* [9]Summary of Resolutions
__________________________________________________________
Agenda review, Introductions, Re-introductions
<scribe> scribenick: TallTed
burn: the usual administrivia; review TPAC draft agenda; review
stagnant issues; review pull requests...
drabiv: Bohdan Andriyiv new to this call, has been in CCG for a
while
burn: no open actions... on to unassigned issues
Assign owners to unassigned issues
<burn>
[10]https://github.com/w3c/vc-data-model/issues?utf8=%E2%9C%93&
q=is%3Aissue+is%3Aopen+no%3Aassignee
[10] https://github.com/w3c/vc-data-model/issues?utf8=✓&q=is:issue+is:open+no:assignee
[11]https://github.com/w3c/vc-data-model/issues/234 - comments
on terms of use
[11] https://github.com/w3c/vc-data-model/issues/234
DavidC: will take 234
[12]https://github.com/w3c/vc-data-model/issues/233 - gap
analysis
[12] https://github.com/w3c/vc-data-model/issues/233
tzviya: created #233 with Joe to raise group awareness
burn: any volunteers to shepherd Gap Analysis?
stonematt: best if folks familiar with the tech named in #233
could do this
DavidC: has some familiarity, would work with someone
stonematt_: will also help
[13]https://github.com/w3c/vc-data-model/issues/231 - context
out of date
[13] https://github.com/w3c/vc-data-model/issues/231
cwebber2: was doing implementation based on data model,
realized some things were out of date, can give this a shot
over next couple weeks
Review TPAC agenda working copy
<burn>
[14]https://docs.google.com/spreadsheets/d/1aYodpYXQg_C9zn3HcNQ
oMN2A_ESsArJaA4jl3x0cahE/edit#gid=975531401
[14] https://docs.google.com/spreadsheets/d/1aYodpYXQg_C9zn3HcNQoMN2A_ESsArJaA4jl3x0cahE/edit#gid=975531401
stonematt_: we're looking at "2018 Schedule Suggestions" tab
... everything here came from the group; daniel and I laid
things out as rough first thought
... we do have some fully open slots, and some time set asides
for PRs later in the week
... no confirmation from PING yet
DavidC: there's been no progress with PING yet, just their
general "yes, we'll give you feedback" which feedback hasn't
arrived yet
... will ping PING again, possibly with a draft of their
response for them to just sign off on -- or argue with
burn: any volunteers to help DavidC with that draft?
ClareNelson: will help
TallTed: hopefully the draft response will get a quick pass by
this group before it goes to PING
<cwebber2> I'm actually nervous about signing off on a
same-origin policy... I'm not sure there's any reason VCs need
to be restricted to any origin
<DavidC>
[15]https://www.w3.org/TR/security-privacy-questionnaire/
[15] https://www.w3.org/TR/security-privacy-questionnaire/
cwebber2: nervous about signing off on a same-origin policy...
this seems very protocol-ly
... every LD system has to pass data along, not sure how
same-origin will increase security of this system
DavidC: this is more privacy than security. using pair-wise
identifiers helps reduce the concern. "global ID" use would be
problematic.
<Zakim> ClareNelson, you wanted to say Threat Model discussion
ClareNelson: unable to attend TPAC, still interested in
contributing on "Threat Model/Trust Model/Security"
... see draft outline of interactive session at
[16]https://docs.google.com/presentation/d/153XarXO1RLQrwoseuFd
qiI--EeDc8bo7O73r2aLOeF8/edit#slide=id.p1
[16] https://docs.google.com/presentation/d/153XarXO1RLQrwoseuFdqiI--EeDc8bo7O73r2aLOeF8/edit#slide=id.p1
stonematt: webex or other telecon possible?
ClareNelson: yes, that's possible
<ClareNelson>
[17]https://docs.google.com/presentation/d/153XarXO1RLQrwoseuFd
qiI--EeDc8bo7O73r2aLOeF8/edit?usp=sharing
[17] https://docs.google.com/presentation/d/153XarXO1RLQrwoseuFdqiI--EeDc8bo7O73r2aLOeF8/edit?usp=sharing
DavidC: given recent discussion levels of delegation,
attenuation of rights, and related -- this might need some f2f
stonematt: "other topics" list is also on the gsheet, as time
allows
burn: last call for current TPAC agenda thoughts ...
Most stagnant issues
<burn>
[18]https://github.com/w3c/vc-data-model/issues?utf8=✓&q=is%3Ai
ssue+is%3Aopen+sort%3Aupdated-asc++-label%3Adefer+
[18] https://github.com/w3c/vc-data-model/issues?utf8=
burn: we did talk a bit about #93 (JOSE/JWT VCs) last week,
without significant progress
stonematt: this needs some group work, as it's a
Charter-related question
<kaz> [19]issue 93
[19] https://github.com/w3c/vc-data-model/issues/93
burn: it's on the "other topics" list for TPAC
[20]https://github.com/w3c/vc-data-model/issues/162 - WebAuthn
with VCs
[20] https://github.com/w3c/vc-data-model/issues/162
burn: waiting on dlongley ... will ping him
stonematt: also on the list for WebCommerce joint session
[21]https://github.com/w3c/vc-data-model/issues/47 - "3 types
of claims"
[21] https://github.com/w3c/vc-data-model/issues/47
burn: pinged joe and ChristopherA in July ... no update since
[22]https://github.com/w3c/vc-data-model/issues/187 - travel
use case
[22] https://github.com/w3c/vc-data-model/issues/187
stonematt: on todo list, will bump it up
[23]https://github.com/w3c/vc-data-model/issues/204 - delegated
authz & vc distro
[23] https://github.com/w3c/vc-data-model/issues/204
burn: can cwebber2 summarize status?
cwebber2: crux is again whether VCs are an authorization
protocol. if yes, then we should have delegation, trust model,
etc., with 100% trust path. if no, then <100% trust raises
other issues.
<bigbluehat> current trust model text in the spec
[24]https://w3c.github.io/vc-data-model/#trust-model
[24] https://w3c.github.io/vc-data-model/#trust-model
stonematt: line between protocol and data model is the hard
part, again, still
<Zakim> cwebber, you wanted to mention that's why this and
capabilities *aren't* equivalent
cwebber2: authzn should probably be removed to another layer
burn: last minutes of call... TPAC time will be set for
protocol/authzn discussion
adjourned
Summary of Action Items
Summary of Resolutions
[End of minutes]
__________________________________________________________
Minutes formatted by David Booth's [25]scribe.perl version
1.152 ([26]CVS log)
$Date: 2018/09/21 10:29:40 $
[25] http://dev.w3.org/cvsweb/~checkout~/2002/scribe/scribedoc.htm
[26] http://dev.w3.org/cvsweb/2002/scribe/
Received on Friday, 21 September 2018 10:33:46 UTC