Re: Chairs' decision on VC-ACDC Proposal from Orie Steele on 2023-03-22 (public-vc-wg@w3.org from March 2023)

From: Orie Steele <orie@transmute.industries>
Date: Wed, 22 Mar 2023 14:26:41 -0500
To: Personal Sam Smith <sam@samuelsmith.org>
Cc: Kristina Yasuda <kristina.yasuda@microsoft.com>, Manu Sporny <msporny@digitalbazaar.com>, W3C VC Working Group <public-vc-wg@w3.org>, Mike Jones <Michael.Jones@microsoft.com>
Message-ID: <CAN8C-_+-1tJhg4eEjjAiBdM6-zNGb-rUbXwaUhHQK2FGT3VuWQ@mail.gmail.com>
Yes, and by a similar argument.

CBOR-LD must be mapped to vc+ld+json, to be considered a VC format.

CBOR-LD VC mapping is not defined in this working group.

If it is a valid representation of a W3C Verifiable Credential after the
mapping has been applied, and the mapped object conforms... Then CBOR-LD is
a valid "wire format / native formats" for a W3C Verifiable Credential.

The resolution on day 3 does not grant our working group the ability to
tell other groups what they can register and whether or not they can define
a mapping... That is their business, not ours.

The resolution expresses our working groups' intention to enable other
groups to define verifiable credential formats, such as vc-acdc, or
CBOR-LD, by demonstrating conformance through a mapping.

The interpretation for CBOR-LD also applies to JWT, CWT, ACDC, Gordion and
mDoc.

vc-acdc is a verifiable credential format, if a one way mapping produces
JSON that is conformant to the vc data model, and that mapping is defined
in the vc-acdc spec...

The W3C has no authority over ANY VC format specs if they are not formal
work items.

... and yet our resolution on day 3 provides for any spec to demonstrate
conformance, and define a verifiable credential format, that is no more or
less a verifiable credential than a CBOR-LD verifiable credential is.

vc-acdc should be accepted as a vc format in the vc-specs-dir, as should
vc-gordion, or vc-cbor-ld... If they define such a mapping to a conformant
JSON-LD object.

Perhaps some resolutions on formats would help make this clearer to the
working group, and remove any doubt that treatment will be applied
consistently.

The tent has been made bigger, and W3C is not the only entity that can
define verifiable credential formats... Even if the W3C defines the base
media type that is expected to be mapped too.

Regards,

OS





On Wed, Mar 22, 2023, 1:51 PM Personal Sam Smith <sam@samuelsmith.org>
wrote:

> +1
>
> To clarify, what I interpret this to mean is that a work item is not
> required in order to be a compliant VC external proof format.
>
>
> On Mar 22, 2023, at 12:11, Kristina Yasuda <kristina.yasuda@microsoft.com>
> wrote:
>
> Based on this resolution from a WG meeting  on 2023-02-16 [1]
> Resolution #1: The base media type for the VCDM is credential+ld+json.
> @context is required (MUST) in the base media type; other media types MAY
> choose to include @context. Serializations in other media types (defined by
> the VCWG) MUST be able to be transformed into the base media type. Another
> media type MUST identify if this transformation is one-directional or
> bi-directional. Bi-directional transformation MUST preserve @context.
> Transformation rules MUST be defined, but not necessarily by this WG..
>
> And this resolution from a WG meeting  on 2023-03-15 [2]
> Resolution #2: VC spec directory will have an entry for documents that
> define a mapping to VCDM and these documents can be defined outside W3C
> VCWG..
>
> I think what follows is that "making a mapping (that can be outside VC WG)
> that produces a VC as defined in VCDM-core means conformance to the VCDM".
>
> During the WG call today, Joe and Manu said:
> <JoeAndrieu> making a mapping does not make anything a VC. Conformance to
> the VCDM defines VCs
> <manu> ^^ yes, that.
>
> Yes, a random mapping does not make anything a VC. Bur a mapping that
> produces a VC as defined in VCDM means conformance to the VCDM.
>
> I don't think it's a different in "interpretation", but a matter of being
> specific that a mapping has to produce a VC as defined in VCDM 😊
>
> Best,
> Kristina (chair hat off)
>
> [1] https://www.w3.org/2017/vc/WG/Meetings/Minutes/2023-02-16-vcwg
> [2] https://www.w3.org/2017/vc/WG/Meetings/Minutes/2023-03-15-vcwg
>
> -----Original Message-----
> From: Personal Sam Smith <sam@samuelsmith.org>
> Sent: Wednesday, March 22, 2023 9:48 AM
> To: Manu Sporny <msporny@digitalbazaar.com>
> Cc: public-vc-wg@w3.org; Mike Jones <Michael.Jones@microsoft.com>
> Subject: Re: Chairs' decision on VC-ACDC Proposal
>
> Manu,
>
> I agree, that there could be vagueness but the vc-acdc work item proposal
> repo defines explicitly that mapping and that mapping AFAIK outputs a
> json-ld document that satisfies the MUSTs and SHOULDs for a compliant VCDM.
>
> So vd-acdc as an external proof format is not speculative at this point.
>
> We could define unit tests that test for such compliance, thereby removing
> any vagueness.
>
>
> So my request for clarification is not because there is any intent to
> produce garbage and call it a compliant external proof but to have clear
> guidance and how one might in good faith be able to do so (absent a work
> item). And if any member of the community can assert that a good faith
> attempt at following the Miami compromise  is not compliant,  then I want
> to know on what basis they could make such a claim.
>
> Sam
>
>
> On Mar 22, 2023, at 10:31, Manu Sporny <msporny@digitalbazaar.com> wrote:
>
> On Wed, Mar 22, 2023 at 11:15 AM Mike Jones wrote:
>
> The ACDC proponents can still define a mapping per the resolution that
> makes ACDCs VCs.
>
>
> "ACDC VCs" is the sort of vagueness that is probably going to get the
> group into trouble. :)
>
> Per the resolution at the Miami F2F, the ACDC proponents can define a
> mapping, through any process that they see fit, and publish it
> anywhere on the Internet,  that converts an ACDC into an
> `application/vc+ld+json` media type serialization that can then only
> be called a "Verifiable Credential" if it conforms to the normative
> rules in the VCDM. The same goes for JWTs, Gordian Enveloped, and Data
> Integrity protected content.
>
> We really need to clarify the above, because if we don't have
> alignment on it, we'll continue to see  "strange PRs" raised in these
> specifications (because we're not all on the same page about the
> above) and, even worse, specifications defined outside of the VCWG
> that call themselves "VCs", while not conforming to a variety of
> statements in the VCDM.
>
> -- manu
>
> --
> Manu Sporny -
> https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.
> linkedin.com%2Fin%2Fmanusporny%2F&data=05%7C01%7Ckristina.yasuda%40mic
> rosoft.com%7Cc1478c5df41b4da34d5808db2af54932%7C72f988bf86f141af91ab2d
> 7cd011db47%7C1%7C0%7C638151005230040077%7CUnknown%7CTWFpbGZsb3d8eyJWIj
> oiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C
> %7C%7C&sdata=SZz7fZhLLMWjc5XbacxzNCiCcQhk%2FQ6NIE8T9vyY94w%3D&reserved
> =0
> Founder/CEO - Digital Bazaar, Inc.
> News: Digital Bazaar Announces New Case Studies (2021)
> https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.
> digitalbazaar.com%2F&data=05%7C01%7Ckristina.yasuda%40microsoft.com%7C
> c1478c5df41b4da34d5808db2af54932%7C72f988bf86f141af91ab2d7cd011db47%7C
> 1%7C0%7C638151005230040077%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDA
> iLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=
> fM8eqVPByS9cg%2BydovLX5XO9Xev7cOp7xO%2BampMPryM%3D&reserved=0
>
>
>
Received on Wednesday, 22 March 2023 19:27:06 UTC