- From: <meetings@w3c-ccg.org>
- Date: Tue, 28 Apr 2026 19:26:13 -0500
- To: public-vc-wg@w3.org
- Message-ID: <CA+ChqYeS+jxWTp90mxztS-BRN1kvgwceFCBusNw3Zi+f25dqqg@mail.gmail.com>
This meeting of the VCWG Barcodes and Data Integrity task force focused on administrative and process items, followed by a review of pull requests and issues related to the VC barcodes specification. Discussions included resolving GitHub UI and whitespace issues, improving specification examples with clearer explanations and ordering, and merging administrative pull requests related to publishing workflows. The group also explored the integration of GitHub Code Spaces for spec editing and addressed a PR concerning multibase encoding for PDF 417 VCBs. Finally, the team processed several issues, including those related to outdated test vectors, incorrect checksums in MRZ examples, and the use of outdated vocabulary. *Topics Covered:* - *VC Barcodes Spec and Data Integrity Workflow:* The meeting began by outlining the agenda, which included administrative tasks and a significant portion dedicated to reviewing pull requests and issues for both the VC barcodes spec and data integrity work. - *GitHub UI and Whitespace Issues:* The team encountered and discussed issues with GitHub UI, specifically regarding how commits with whitespace changes were being displayed and their impact on the git history, with suggestions to address these offline. - *Improving Specification Examples:* A discussion was held regarding the need to reword and reorder examples in the specification to improve clarity, particularly by starting with simpler cases and distinguishing between standardized and application-specific properties. - *Merging Administrative Pull Requests:* Several administrative pull requests were reviewed for merging, including one that introduced a publishing workflow script, and the team worked through a temporary issue with merging PRs due to a failing preview job. - *GitHub Code Spaces for Spec Editing:* A pull request to enable GitHub Code Spaces for spec editing was discussed, focusing on its benefits for accessibility and ease of contribution, while also addressing concerns about the security and maintenance of the extension used. The PR was left open for further deliberation on alternatives. - *PDF 417 VCBs and Multibase Encoding:* A small pull request was reviewed and will be merged, recommending the use of Base64 URL or multibase encoding for PDF 417 VCBs, acknowledging that multibase offers limited benefit due to the need for prior knowledge to locate VCBs within the barcode. - *Data Integrity Work:* While the lead for this section was absent, it was noted that the final report for the quantum safe specification had been merged, and there was a discussion about the repository transfer process to the task force once other administrative steps are completed. - *Barcode Issue Processing:* Several issues from 2024 were reviewed, including one concerning incorrect checksum digits in MRZ examples, which is to be fixed by updating the examples to reflect current specifications. Another issue about outdated "tur bitstring conversion" was discussed, with the conclusion that a sentence should be added to the specification stating that certain properties are not supported by TUR bitstring lists. Finally, an issue regarding the possibility of putting bare VCs in QR codes was closed as it has been addressed by recent updates to the specification. *Action Items:* - Wesley Smith to investigate and address the whitespace issues encountered with GitHub UI for the VC barcodes spec PRs. - Wesley Smith to ensure that the PR updating test vectors includes updates to generated barcode images. - The team will monitor and potentially address the security and maintenance concerns of the GitHub Code Spaces extension used in the relevant PR. - Wesley Smith to add a comment to the issue regarding incorrect checksum digits in MRZ examples, proposing a fix to update the examples and marking it as a "good first issue" with priority two. - Wesley Smith to add a sentence to the specification stating that certain properties are not supported by TUR bitstring lists and close the corresponding issue, tagging it as a "good first issue." HTML: https://meet.w3c-ccg.org/archives/w3c-vcwg-barcodes-and-data-integrity-2026-04-28.html Video: https://meet.w3c-ccg.org/archives/w3c-vcwg-barcodes-and-data-integrity-2026-04-28.mp4 [image: W3C] <https://www.w3.org/> VCWG Barcodes and Data Integrity 28 April 2026 Attendees Present Benjamin Young, Dave Lehn, Dave Longley, Elaine Wooton, Ivan Herman, Kevin Dean, Parth Bhatt, Wesley Smith Regrets - Chair - Scribe transcriber Contents 1. VC Barcodes Spec and Data Integrity Workflow <#ef2b> 2. GitHub UI and Whitespace Issues <#22c8> 3. Improving Specification Examples <#dd54> 4. Merging Administrative Pull Requests <#8860> 5. GitHub Code Spaces for Spec Editing <#90bf> 6. PDF 417 VCBs and Multibase Encoding <#53c6> Meeting minutes Ivan Herman: Good afternoon. Wesley Smith: Good morning slash afternoon folks. Elaine Wooton: Wanted to say good morning with my real face, but now I'll turn off the camera. Wesley Smith: Morning folks. I'll give it a couple more minutes for people to trickle in before we get started. Wesley Smith: I know we're hoping Greg Bernstein will be here to lead the DI portion of the call. Do we know of anybody else that we're expecting? I know we had quite a lot more cases the first week or two, but … Dave Longley: Yeah, I'm not sure. Dave Longley: This is maybe the first week since the first invite went out and maybe people have not appropriately updated calendars and that sort of thing. Wesley Smith: All right. Wesley Smith: I'll get started at 5 in just a sec here. VC Barcodes Spec and Data Integrity Workflow Wesley Smith: All right, let's go ahead and get started. hey everybody. Thanks for being here. This is the April 28th meeting of the barcodes and data integrity task force of the VC working group. the agenda for today is much the same as it has been the last couple weeks and probably will be for the foreseeable future. we'll go through administrative and process items briefly and then we'll spend about half the call doing PR review and issue processing on the VC barcodes spec and about half the time doing PR review and issue processing on the various GitHub UI and Whitespace Issues Wesley Smith: inflight data integrity works. So with that in mind, I guess we'll do announcements and introductions. I don't have any announcements for the group. Does anybody want to introduce themselves or have any announcements to hearing nothing I think we can go ahead and jump right into some VC barcodes work then let me go ahead and share my screen. So there are now actually a few pull requests open on the barcode spec. A couple of them we've already discussed here. Wesley Smith: A couple of them are kind of small process style pull requests and then some of them do make more substantive changes to the specification itself. So the first thing I want to discuss with the group and that's largely because I have a question is there's something weird happening with GitHub and the GitHub UI and it's breaking something. So, this has been a PR that there's been a fair amount of discussion on, but last night when I committed a change suggestion directly from the GitHub UI,… Ivan Herman: Go ahead. Wesley Smith: it did this thing where it basically rewrites the entire file. Wesley Smith: I know Benjamin Young and I had run into something similar on a different specification and I think he said it was something to do with new line character encodings or something to that effect. but I'm curious what the group's perspective is here on this. So I can show you the actual commit that did it. It's a tiny little commit. Yeah, I guess it won't show you the detail. Basically, this commit updated one line of text. but it caused the entire index file to be sort of rewritten. So, I'm curious what people think about this. I just realized that I don't get hand notifications if I'm not tabbed in. So, feel free to jump in. Dave Lane, go ahead. Dave Lehn: go to the little gear thing and… Dave Lehn: do the ignore whites space thing and see if that fixes it. next to the submit review. Wesley Smith: this gear thing. Dave Lehn: So yeah,… Wesley Smith: Right. Dave Lehn: it was a white space thing. Wesley Smith: So that shows what the commit is, but does that actually solve the problem in the git history? Dave Lehn: No, no, it's just ignoring it for the diff. So the… Dave Lehn: if you were to check it out and look at it, you can probably see that it probably changed all the line endings from whatever it was to whatever it is now. Wesley Smith: … Wesley Smith: what do people suggest as the way to move forward here? Wesley Smith: Should I re redo this PR in a separate branch or something to that effect? right. Dave Lehn: You probably don't want to commit something like that intentionally,… Dave Lehn: but I mean, you might want to check and see what it was. did it get reformatted to all the wrong thing before and… Dave Lehn: it's just fixing it, or did it Wesley Smith: That was my other question. Wesley Smith: Is this flipping a switch back on that was previously flipped off in a similar way? I don't actually know. okay, that's fine. I will maybe take some of this discussion offline, figure out what to do with this PR. regardless of that kind of technical bump, I think this PR is about ready to be … Dave Lehn: just a note that setting that you changed may be stuck on so you may want to turn it off so you will see the differences later. Wesley Smith: sorry. Go ahead. heard that. Dave Lehn: I think it's Yeah. Wesley Smith: Anybody else have their hand up? I'm apparently do not get notifications when I'm in a different tab. All right. So, regardless of that technical hiccup, this PR is about ready to get merged. There's been a fair amount of discussion on the topic. Ivonne, I know you had some questions but recently approved the changes. Wesley Smith: Manu made some points that I attempted to address. So I do think that the content in this PR is about ready. Wesley Smith: So if you're a interested participant in the details in the conversation of this PR, go ahead and take one last look and then I'll try to get it merged in some form at some point soon. Improving Specification Examples Ivan Herman: I looked at it about two hours ago and it looks okay to me. Ivan Herman: Wesley Smith: Okay. … Ivan Herman: I raised a separate issue because I think that the examples should be rewarded but I put that separate issue for good reasons. Wesley Smith: yeah. Yeah. Wesley Smith: So, I noted that and agreed. I think that probably doesn't need to grow in scope to include example reworking. Ivan Herman: Exactly. Wesley Smith: While we're on the topic,… Ivan Herman: That is a separate issue. Wesley Smith: do you want to briefly give an overview of what you put in this issue? What you think the examples could benefit from? Ivan Herman: Usually is a lot of things are presumed as being known and they are not obvious. So, I gave a lot of examples here, but yeah, it's on the screen. I don't want to read up exactly what I mean. One thing is maybe that comes through is it was I think Dave Longley who on the last call when we discussed it made this point which for me was sort of clicked is that in the case of augmenting the subject is different. The subject is essentially the old barcode. that's is the case in the examples but this is something that was worth really emphasizing and in the same direction inversing the order. Ivan Herman: The example three is the obvious one and in your list in the introduction you start with the obvious case where you have a verifiable credential from somewhere and you prove it like we do with all the others and you would the in inverted comma the only thing you do is to convert it into a barcode. and that should be the first example because that the simple one and the other two are more complex. Ivan Herman: And one other thing which permeates very many examples that are written in different documents which always bothers me is that we put in properties or classes that are application specific and not standardized by us and we mix it with those properties and classes that we do standardize and I know that in real JSON it's difficult to differentiate between the two but in our examples we could use a different color or something to make these distinctions very clear. Ivan Herman: I know that this AMV whatever it's unclear where it will be standardized and so that's still a question that we will have to discuss at some point but I see a protected component index and… Ivan Herman: I have not the faintest idea what the hell that is because this is not something that we defined in any of on our spec so far and you put it into an example and that sort of lead people away from the discussion. Wesley Smith: Yeah. … Wesley Smith: Go ahead. Understood. And thanks. Much appreciated. it's useful for you to go through these in such such depth. so to speak briefly to what I understand the current state of the document to be and I think what we want to happen with respect specifically to this ammo driver's license type and the protected compone so I believe protected component index is currently defined by the specification but I believe it is also strongly coupled to this AMA driver's license type which is something that we don't want. Wesley Smith: So I think the last time we discussed it the general consensus is maybe a strong word but the general lean from the group was we are probably going to want to generalize protected component index as much as we can to be an index against the barcode that is being augmented and it's an index defined somehow in some generic way maybe just as an extension point and… Wesley Smith: then we're going to want to have the amber driver's license type B part of an appendex. So that's my current understanding. Right. Ivan Herman: Yeah, I think that's correct. Ivan Herman: That's correct. Yes. But that's right. Wesley Smith: So I want to be clear about the nuance there that I think yeah right now these two are strongly coupled but I do think protected component index is defined. we need to decouple them make this generic so it can be used for expressions of XI cryptoeet signatures over barcode data that are not specified directly in our specification. and then in an appendix say here's how you use it for this type. All right. Ivan Herman: That's fine. Merging Administrative Pull Requests Wesley Smith: Sounds like we are on the same page there. thanks for going over your new issue as it relates to that previous PR. all right. Let's go through a couple of these PRs and get them merged down. So, this one I approved this a week ago. It's been sitting for a week. this is just adding a script. Wesley Smith: It's adding a workflow. I'm go ahead and merge this on the call unless anybody has any objection. actually I am curious this is not an editorial PR. What would you describe this as administrative? Ivan Herman: It's an administrative PR… Ivan Herman: if there is notable… Wesley Smith: Thank you. Ivan Herman: because it's the way we publish the document. ment automatically. And of course you merge this one and then next time we merge a real PR so to say with real changes then we will have to ch to check whether it is really published to see if this works and I have this experience with other documents that we have done it's good time time to make this check I don't say that you have to do Ivan Herman: that you merge but once a month at least or once every two week if you do a PR then check it because I don't know which document there was a miss there was a bug somewhere and for a half a year we didn't realize that nothing was published on slashtr… Ivan Herman: because all the failed and then It's more difficult to find a problem. Wesley Smith: Okay, that's a good note. Wesley Smith: Anybody know why I can't merge this PR? Is it because this preew thing failed? So, deploy PR preview is canceled after 1500 minutes. Ivan Herman: What? I have no idea… Wesley Smith: It's a day or something, right? okay. Ivan Herman: what that stuff is. Wesley Smith: I cannot merge it. Ivan Herman: Let me try. Wesley Smith: I do. We need two reviewers to approve it. Does it need multiple approvals? Multiple reviews? Ivan Herman: I have no idea. Don't let me go there. Just a minute. Wesley Smith: And… Wesley Smith: if we get down in the weeds, we can table this and maybe figure it out offline,… Wesley Smith: Ivon. But if possible, I'd like to get it handled on the call. Ivan Herman: Can I try whether I can merge it… Ivan Herman: because I have an admin, right? I think it merged it for me. Wesley Smith: Sure, go for it. Okay. I'm a lesser being. Wesley Smith: That's fine. I accept this reality. All right. Ivan Herman: And… Ivan Herman: let's not try to understand everything. Wesley Smith: Better All another similar PR. Wesley Smith: You might need to be standing by again, Ivon. I'm logged in. Okay. … Wesley Smith: the preview failed after a day. and maybe that's why. Okay. I'll just type yeah, I Ivan Herman: Can you check other PRs whether it does the same thing? Wesley Smith: I don't think it does because I have merged. Ivan Herman: def container for previewing code spaces. What is this? Wesley Smith: We have the author on the call here. Give me just a second. Ivan Herman: Because this has the same problem. it's not a matter of the spec, it's a matter of the repo. Benjamin Young: Yeah, that shouldn't change the spec at all. Benjamin Young: So yeah,… Benjamin Young: so the problem is which thing in this case? Ivan Herman: I have no idea. Ivan Herman: I have no idea what this is about. Wesley Smith: problem is that I can't click the big green merge button. Wesley Smith: Yes,… Dave Lehn: You can look at the actions. Benjamin Young: But you used to be able to. Wesley Smith: I can click this one and… Dave Lehn: You can look at the actions and see that they are failing. Wesley Smith: this one doesn't have the failing. okay, so it does look the only ones I haven't been able to click are the ones that have that timeout error. Wesley Smith: So, it's probably that to click on the actions to see which ones are failing. Yeah. Ivan Herman: There is a preview thing… Benjamin Young: Yeah. It's also possible somebody set up branch protection rules that are requiring things to pass. Ivan Herman: which I don't know where it comes from. is it possible that preview failed Dave Longley: So, I wasn't watching the screen too closely. Dave Longley: When you say you can't click the button, is that because it looks like you can't click it, or can you click it and it just is that color? Wesley Smith: Wow. Dave Longley: So you can click it. Wesley Smith: Okay. Thanks. That's a little silly. GitHub Code Spaces for Spec Editing Wesley Smith: I can click it. More power than I know. My mistake. I will go ahead and merge this All right. Benjamin, do you want to briefly discuss the dev container P that you put up Benjamin Young: You have more power than Benjamin Young: Yeah, we've done this on at least one other specification. It's essentially allows you to use GitHub code spaces to live in your browser. And the bigger thing that it sets because you can do that already. The bigger thing it sets up is a live server. as you can see there, so that you can preview in your browser as well. And that just makes it possible for folks who don't have VS Code installed or don't want to. and want to just edit some HTML and see what they're editing. it makes that possible. And there's instructions I think referenced if you go back to the conversations tab with and click on Yeah,… Benjamin Young: go ahead and click on that. this is where we did it first was in this render methods repo and there are instructions there. yeah,… Wesley Smith: I'm going to go ahead and… Wesley Smith: just copy paste this into a comment on this PR. Benjamin Young: that'd be fine. We could even put it in the readme, but it's also on the w3ccc.org website, there's a contributing page that explains all that. but the idea is that from GitHub you can click edit in code spaces Benjamin Young: what you're changing make multiple commits from there and create a PR just like somebody who has bothered to set up all the stuff locally and run command line stuff and whatever without having to do all that. So that's it. Wesley Smith: Yeah. … Wesley Smith: this seems to me to be improving one specific workflow for working on the spec at no cost. so, I'm happy to merge Any other opinions? Wesley Smith: Any objections? Dave Lehn: I tried raising my hand again, but I guess you can hear that. Wesley Smith: Yeah, thank you for speaking up. Dave Lehn: Yeah,… Wesley Smith: I can't hear for some reason the meat hand raise noise and other tabs. Dave Lehn: that's fine. this is just that whatever extension that's there. I seem to remember looking at this before and… Dave Lehn: it looked like it was completely unmaintained. I don't know if this is a security issue too, just using random people's code to do this thing. Is that an issue or is this a well understood community thing that people use or what? Benjamin Young: There might be others out there. if you think we need to shop for one, but it's running an HTTP server inside of a dev container that's had a UU ID specific to the person who clicked the code spaces. Benjamin Young: So unless the person is going to self harm through that HTTP server, I really don't know that there's a risk. Dave Lehn: I've never used any of this stuff,… Dave Lehn: so I don't even know what's going on here, Benjamin Young: So code spaces to maybe explain it a little more code spaces is just a docker container with VS code in it by default. Wesley Smith: This code tab. Yep. Benjamin Young: So if Wes you go to the code tab in ub. the default one and then where it says code in the green button and then code spaces tab right below your mouse. if you were to click that now, you don't need to, but if you create code space on main, then you get an environment that's essentially VS Code in your browser and you're by default editing on main. Benjamin Young: The instructions I wrote up talk about switching branches and whatever, but the thing that GitHub weirdly lacks is the ability to preview HTML in your browser. So, the live server thing just makes it possible within that Docker container spin up an HTTP server that… Benjamin Young: then lets you preview what's inside that Docker container. why that's not table stakes for this thing, I don't know, but So, there's a community extension there. There might be another one out there. yeah. Dave Lehn: There's 2,300 open issues on this project. Dave Lehn: … Benjamin Young: It's still the one suggested throughout all the blogs and… Dave Lehn: just beware. Ivan Herman: I'm Benjamin Young: therefore by AI as the thing to use for it. doesn't mean we have to use it, at all. We don't even have to merge this unless somebody wants it. But again it's just HTML in the person's browser out of a Docker container that is the contents of this repo. So the risk here is somebody running HTML in their browser which they're doing already. So I don't like I said they'd have to really be copying and pasting stuff from some other place to do more than they're doing. Wesley Smith: and Ivonne. Wesley Smith: Does W3C have a position on this sort of thing? Do you know Ivan Herman: I don't think that we have ever heard a discussion about it that… Ivan Herman: but nevertheless, me as a person, I am a little bit uneasy based on what Dave said. because who knows what happens and if it destroys one or one of our documents or puts it back to I don't know where later is it really worse the trouble I mean do we really have people on this group who need this I am not convinced I don't Ivan Herman: experimenting with these kind of tools on a repo that has a lot of people working together and… Ivan Herman: has documents which have some level of timing attached to. so I'm a bit uneasy to be honest. Wesley Smith: heard. And really quick,… Wesley Smith: Benjamin, before you go, agreed with some of your points of one point I want to make is you said, do we have people in this group that need this glow? I don't think so. Wesley Smith: I don't think that I think the right way to look at it is accessibility improvements mean that we might get people into the group that currently are kept out of the group by the barrier to entry that we currently have from a very technical contribution process. Ivan Herman: I agree with that. Ivan Herman: Okay, I take that. Dave Lehn> here's the extension source; GitHub - ritwickdey/vscode-live-server: Launch a development local Server with live reload feature for static & dynamic pages. · GitHub <https://github.com/ritwickdey/vscode-live-server> Wesley Smith: Benjamin, go ahead. Benjamin Young: Yeah. Benjamin Young: So the way forward without this is folks who need this kind of environment still have it. they can still do code spaces. they just won't be able to see the effect of working in the code space until after they send in their PR at which point the W3C preview bot which is going to do the same. is going to make a URL that has HTML that one can load in one's browser. then they have to wait on all that to happen before they can see what's happened in their PR and then they can switch to that branch and continue to make changes. so it's the exact same experience. It's just glacial. Benjamin Young: And Dave, if you again want to find something that you feel more comfortable about, please do Wesley Smith: All So, it sounds like we should at the very least leave this PR open for a bit longer while people look into alternatives, that sort of thing. I don't get a tremendous amount of heartburn from this… Wesley Smith: although I do think that good questions to answer things like Ivon raised a concern about sorry okay yeah so Ivon made a point about damaging the specification in some way. Ivan Herman: No, sorry. Ivan Herman: No, no, no. Sorry. But I have remark when we finish this. Wesley Smith: I would be curious what the potential risks would be if a super user with administrative level control over the repository went through this flow. Wesley Smith: Does that pose a security risk? I expect that largely the things that you can do using this flow are limited by your GitHub account level powers. so I don't think that's an issue for most people, but for the corner cases, maybe that's something interesting to look into. That sort of thing. Go ahead, Ivon. Ivan Herman: No, Benjamin,… Ivan Herman: go on because I have something different. I presume you want to answer this, Benjamin. Benjamin Young: Yeah,… Benjamin Young: I mean we can dig into all of that. again it's an HTTP server running inside the Docker container. So it would have to be escalating to a point where it's somehow got your key to commit as you to do anything else. All of which goes through the VS code UI forget and requires additional login steps and… Benjamin Young: and authentication steps just like VS Code does locally. whatever. But if y'all are squeamish about it, don't worry about it. Wesley Smith: So I'm in favor of at least leaving the PR open,… Wesley Smith: give people some time to look into alternatives if they want. Again, I personally don't have a lot of Harvard and I'd be happy to merge this. but if people want to give it some more time to deliberate and look into maybe better maintained alternatives that is fine. I will note that the issue count that you mentioned Dave Lane could be interpreted multiple ways. If these are issue counts if these are issues like this is a pressing security vulnerability please fix this that's one thing but if these are issues like this is a widely used and generally liked piece of software that a lot of people want features in that sort of thing. those are very different things. Benjamin Young> It's already in use on Render Method, fwiw Wesley Smith: I'm gonna go ahead and move on unless anybody has anything else they want to say on the topic. Ivon, go ahead. Ivan Herman: In the meantime I have checked and… Benjamin Young> most of those issues on that repo are bogus… Benjamin Young> f Benjamin Young> for example learn HTML · Issue #3288 · ritwickdey/vscode-live-server · GitHub <https://github.com/ritwickdey/vscode-live-server/issues/3288> Ivan Herman: the latest version is on DR so the akidna stuff works. PDF 417 VCBs and Multibase Encoding Wesley Smith: That is wonderful to hear. let's see all right. We have a very small PR that I raised half an hour ago and that is directly addressing an issue and the entirety of the PR is a twoline change. It basically says that for PDF 417 so for PDF 417 VCBs we recommend that and specifically they use this type. Wesley Smith: We recommend that you use B 64 URL when you encode these things before you put them into the PDF 417. This PR adds a couple of lines of text that say if you want you can also use multibase and then that's essentially it. so I think the value of that is somewhat self-explanatory. we want to be clear that you can use multibase if you want. the reason why multibase isn't essential slash super valuable here is because you need some ahead of time knowledge to understand where in the PDF 417 a VCB is anyway. Benjamin Young> The PRs are similarly bot-junk Wesley Smith: So the self-describing properties of multibase have limited value, but it's value. So it's good to allow it explicitly in the specification. anybody have any questions, points to All right. go ahead and take a look at this approve it if you're an approving type. I'll merge it after it's been sitting out there for a little while. And yeah. Okay, that is that small and simple. we already talked a little bit about this. I guess Benjamin, I'll ping you maybe since I know we ran into the same problem on a different specification about what to do about the whites space thing. there's this R as well. Okay, this is raised last night. Wesley Smith: This is a PR that updates some of the test vectors. it has the same problem. it's because I built it on top of the previous PR. That's why. So, let me go ahead and hide the white space. All right. So yeah, this PR is on top of a different PR. So it looks like there's more in it than there actually is. basically this PR just updates the test vectors to use the correct seabore tag. that's it. Wesley Smith: I actually will need to go back to this PR and make sure that the generated barcode images are updated as well because I don't think this PR currently does that. so this PR is actually not ready to be merged. because I think it should include updates to the images as well. but other than that, I don't know if it needs a tremendous amount of discussion. It's really just a PR that bumps the test vectors to use the correct and modern Cboard tag. any questions, discussion points? All right. so I will make sure that that PR gets updated to bump the images of the barcodes as well and figure out what we're doing with that whites space thing. Wesley Smith: I think that's it for Rs. All right. So, there are basically three content PRs out at the moment. one of them we need to figure out a technical hiccup. The other two need a little bit of time. I think we can go ahead and move into issue Noting that Greg isn't here. I guess does anybody want to run the data integrity portion of the call in Greg Bernsteinstead because now is the time that we'd be doing the switch. Dave Lehn> looking at that whitespace churn commit you can see it went from 0a to 0d0a. Wesley Smith: Okay, Dave Longley. Wesley Smith: Go ahead. Dave Longley: The answer is no to that for me. Dave Longley: But we could just state the one there's at least one update from that group which is that the final report got merged. there's still a little bit more to do over there with CCG process but that's making its way. Dave Longley: This is for the data integrity quantum safe specification. Wesley Smith: Excellent. That's great news. Wesley Smith: Thanks, go ahead, Avon. Ivan Herman: The question is… Ivan Herman: if the CCG finish what it has to do then am I allowed to move over the repo to this task force right away or… Ivan Herman: do we have to wait? the CCG at the CCG. Dave Longley: I think we still have to wait for one other process thing to happen. Dave Longley: I wouldn't want to move it prematurely. Yep. Yes,… Ivan Herman: No, what I'm saying is once that is done, is it okay if I move it over? Dave Longley: Dave Longley: I believe so. someone I think Greg's following that process and he will let you know when it's done. Ivan Herman: Okay, actually ping me and then I will do it. Dave Longley: Yep. Thanks, Von. Wesley Smith: Okay, cool. Wesley Smith: Anybody have anything else to say about the data integrity work? All right. If not, let's do some barcode issue processing. there's a fair amount of issues open on the spec and they are completely untagged on. So, let's start from the oldest stuff from 2024. Dave Longley> which we don't want, so we will want to not do that (changing line endings from \n to \r\n is not desirable) Wesley Smith: When implementing the specification, I came across a few minor issues with the test vectors. it looks like there has been a fair amount of discussion something relating to the check sum digit being incorrect in an MRZ. However, I think that the issue this person is pointing out is at the barcode slashMRZ conformance layer and not the VC barcode correctness layer, if that makes sense. the barcode that was augmented or the MRZ that was augmented had an incorrect check some digit something to that effect. Wesley Smith: I don't know if this has been updated. I was mentioned in a issue that's been closed. So, let's go see what happened there. Updated barcodes with the correct header information will be in slow shortly, excuse me. And that was rge That doesn't have anything to do with the MRZ example that they discussed. So, I don't think this issue can be closed without at least looking into see if that checks some well, I guess it's good for the group to discuss. Wesley Smith: If there is an incorrect check sum in the MRZs on one of these credentials, that's presumably something that we would want to fix. Although it doesn't actually impact our ability to verify the verifiable credential. it does make the underlying barcode look wonky if you're using some verification flow that also checks things like check some digits in an MRZ. folks have thoughts about thoughts about that. Wesley Smith: Go ahead, Dave Longley. Dave Longley: is this whatever version of myself replied to that two years ago. that person is gone. is this just based on an example that we have that is not matching a check sum and… Dave Longley: Wesley Smith: Yeah, it looks like on one of the examples,… Dave Longley: so yeah so it seems like we just have an example we should fix. Wesley Smith: one of the numbers in the MRZ should be different to be a correct check sum,… Dave Longley: I'm sure we don't want to have an example that has an incorrect check sum. Wesley Smith: right? Yeah. Dave Longley: So we will want to do that. Wesley Smith: And we need to check if that actually is still true or if as you say a version of myself from two years ago fixed that and then didn't say anything on this issue. that is that a bug? Ivan Herman: It's about Wesley Smith: Is that a bug? Dave Longley: Yeah. Wesley Smith: That is a bug. Dave Longley from 2024. The same previous Dave Longley. Dave Longley: He's not on the call. Wesley Smith: Yeah, right. Wesley Smith: Can you speak to what you're saying here, Dave Long? Dave Longley: I believe at some point during the development of the contexts here,… Dave Longley: a context was produced that was a later version from what is currently in the spec. and that later version had an error in it or was doing something that the group decided not to do. and we might just want a note somewhere that says don't use version two. I think these are all marked as I hope they're all marked as RC something something anyway. Dave Longley: But this is my vague memory that we published something and then we were like no actually that was a bad idea. Let's just keep version one. Wesley Smith: Yeah. So that's for the VDL context… Wesley Smith: which is why this is linked into the Update examples to use proper tur. So I think the tur bit string stat list was the term incorrectly added to the VDL vocab when we decided this actually live in the VC barcodes space. That is my understanding. that's… Dave Longley: And that might already have been fixed. Wesley Smith: what I'm looking at as well. Dave Longley: If you didn't see or hear it though, Avon's hand went Wesley Smith: Ivonne go ahead. Thank you. Ivan Herman: For me this raises a separate issue. Ivan Herman: So it is related to this but finish what you started. Wesley Smith: … Wesley Smith: we have a pages issue. Ivan Herman: So that raises to me the Wesley Smith: There's an example that uses the incorrect version. Okay, there are two examples. I know that the test vectors should not do that. Yeah, so the test vectors are correct but some of the previous examples in the specification use the incorrect definition. go ahead Ivon. Ivan Herman: question which we may not want to answer right now. But in which vocabulary and which context file will the terms that we define here land? Wesley Smith: Yeah. … Wesley Smith: they currently live at… Ivan Herman: No, but that's not My question is where it will be. Wesley Smith: where it actually didn't work. I'm not sure I totally understand the question. Ivan Herman: Will we extend the current vocabularies that we have already or not? I mean again we don't have to answer that but at some point in time we will have to answer that. Wesley Smith: So, currently the VC barcodes spec has its own data model that includes these definitions. Wesley Smith: Are you talking about are you suggesting that some of the terms defined in that data model such as tur bit strings tless entry would be better to live elsewhere. Ivan Herman: I question I am asking I mean we have already a vocabulary for VC we have a vocabulary for DI we can extend those things I am not sure that adding new vocabularies all the time is really good for usage so that's… Dave Longley> `Verifiable Credential Barcodes v1.0 <https://w3id.org/vc-barcodes#TerseBitstringStatusListEntry`> Wesley Smith: Right. Go ahead. Ivan Herman: what I'm asking that's Dave Longley: So we do have some URLs that are defined the URL for example for the tur bitstring status list entry lives at w3id.org. This is a similar situation with some of the data integrity terms and some other ones that happened in the space that went to production systems before we had a working group that was able to handle the spec and do something with the vocabulary. So, I do expect that we're going to at least say that these URLs are at these locations where we talk about the definitions of them. Dave Longley: I don't remember exactly what we did for that Ivon, but we have similar URLs elsewhere in VC space if you understand what I'm saying. Yeah. Ivan Herman: Yeah. No,… Ivan Herman: I understand what you say. We will have to check. I don't remember either. I remember that we had this. It's in the DI area because in the VCDM it's clear it's W3C URLs all along. But for the DI indeed we have this. We will have to check that and again I'm not saying we have to do it right now but that has to be cleanly done and in the same spirit as it is done elsewhere. Ivan Herman: All right. Dave Longley: Just so we're clear, Wes, what you're typing there, you're saying it has the correct vocabulary, but the link there is to a context, not the vocabulary. Wesley Smith: Right. Thank you. Wesley Smith: Okay. this is important but not critical. That sounds good first issue. Very true. Wesley Smith: If anybody wants to fix this, this would be, control F vdlv2 and put in VC barcodes v1. I think that is good. Wesley Smith: Priority two and good first issue. Dave Longley: Yeah, the thing you just said … Dave Longley: if there is someone who wants to do a first issue, if you copy and paste those two URLs in there and say that's what needs to happen, it's more likely that someone could grab it as a first issue. Wesley Smith: As a first issue that Jason LDBC Wesley Smith: Easy text. Wesley Smith: How's that look? Dave Longley: Yeah, I think that's right. Dave Longley> https://w3id.org/vdl/v2> => https://w3id.org/vc-barcodes/v1> Wesley Smith: for all the hundreds of people on this call desperate to get their hands dirty, that would be a great place to start. All right. next issue, outdated R to bitstring conversion. Again from 2024, the new definition of fishing status entry includes the status size and status messages that cannot be derived from Tur Manu said, "Yep, that's not supported. Does this create a problem?" It does create a problem so that's reiterating the issue. Wesley Smith: I guess the only way to fix is either to put them back into the bitst string status list or pass them as an input of the conversion algorithm. But then the verifier needs to know those parameters in advance. there's some historical context here that I'm missing about the status, no pun intended, changes of these properties in vision set entry. anybody have context to share about those properties. Stay long. Wesley Smith: Go ahead. Dave Longley: Those are some optional properties that are part of the spec for bitstring statusless entry that I think they made it into the spec. There might have been two implementers that were interested in using those properties… Ivan Herman: You mean the B string pack? Dave Longley: but they were kept as optional. in the bitstring status list spec they don't make any sense for bitstring statusless entry and they would definitely cause size problems for those entries defeating the purpose of having it be tur and small. I think the spec should just say that those properties aren't supported by TUR bitstring status lists. And so if you have a bitstring status list that you want to express as a TUR one and it has status size and status message then that's not supported because you'll lose that information. Wesley Smith: What's close? Ivan Herman: In the Bitspring spec,… Ivan Herman: the official one, the word Tur does not arise at all. Dave Longley: That's right. Dave Longley: The tur bitstring status list entry is new and introduced by VC barcodes. it's a way to express status list information in a barcode in a very tur or… Ivan Herman: Okay. But… Dave Longley: very small concise way. Ivan Herman: then the question which maybe that's what you were raising is that this should be added to the bitstring status and… Ivan Herman: not the barcode specific thing. Isn't that correct? Dave Longley: … Dave Longley: where it lands and that might be a better place for it to land certainly. where it lands is a separate question from if you use this it must also have status size and… Wesley Smith: All right. Dave Longley: status message. I don't see any reason why it must have those optional properties. And it would defeat the purpose of using it if it did. Wesley Smith: So, it sounds like we're essentially on the same page. Agreed that potentially down the line there are better places for this term to be defined than here. But right now it is defined here and that is a separate question from what the issue is asking. I think that we just need to add a sentence to the specification that says they're not supported and then close this issue. so I will add this comment to that effect and tag it similarly as a good first issue. Wow. And prior is there a priority three? no. Okay. Wesley Smith: I'll just call it a good first issue. I don't think that's super critical. All right. anything else anyone want to say on that topic? Sorry, I'm very hyper aware that I can't hear if people have their hands up. It's stressing me out. Dave Longley: There are no hands up. Wesley Smith: All right. So, let's go ahead and maybe do one more issue. this is my issue from 2024. allow multibase encoding for driver's license VCBs. yeah, this is the issue that I just raised a PR for last night. So, we don't need to talk about it. It will close when that is I lied. one more issue from 1025. It's possible to put a bare bp in a QR code. Wesley Smith: This is an issue from a time where the specification did not allow the use case where you just stick a VC in a barcode. So, it looks like Manu this PR got merged. Ivan Herman: new kid. Wesley Smith: Manu just didn't use the keyword to close this issue. I think this issue can be closed. anybody disagree or feel differently? Wesley Smith: Nuke it for more of it discussed on 28 issue is outdated and no longer applies back explicitly supports this use case in both session. All right. we are about out of time. Remind me folks, this is supposed to end at five minutes to the hour, It's not supposed to go to the hour. All right. we're about out of time. thank you everyone for the time and effort today. had some good discussion and I will see you folks next week. Meeting ended after 00:55:08 👋 This editable transcript was computer generated and might contain errors. People can also change the text after it was created. This transcription was generated by a large language model (LLM) and might contain errors. When in doubt, check the audio recording. This page was formatted by scribe.perl <https://w3c.github.io/scribe2/scribedoc.html> version 248 (Mon Oct 27 20:04:16 2025 UTC).
Received on Wednesday, 29 April 2026 00:26:23 UTC