- From: <meetings@w3c-ccg.org>
- Date: Sun, 4 Jan 2026 09:29:23 -0800
- To: public-vc-wg@w3.org
- Message-ID: <CA+ChqYeEVWDsV72mOwosEi6HePDr2cpBctt5JQ842GxK6Rek+w@mail.gmail.com>
VCWG Spec Refinement Meeting Summary - 2025/12/17
*Date:* 2025/12/17 *Time:* 10:53 EST
*Attendees:* Benjamin Young, Brent Zundel, Dave Longley, Denken Chen,
Dmitri Zagidulin, Elaine Wooton, Hiroyuki Sano, Ivan Herman, Joe Andrieu,
Kevin Dean, Manu Sporny, Patrick St-Louis, Phillip Long, Ted Thibodeau Jr,
Vasileios Konstantinou, Will Abramson
------------------------------
Topics Covered:
- *Render Method Discussion:* Manu Sporny provided an update on the
potential for HTML support in the render method, highlighting the
robustness of browser sandbox features in addressing security and privacy
concerns.
- *Confidence Method Spec Refinement:* The primary focus of the meeting
was to discuss and address outstanding issues related to the confidence
method specification.
- *Issue 16: Confidence Level Sufficiency:* Discussion on whether
confidence level is sufficient on its own. The group generally
agreed that
examples illustrating multi-subject VCs and how confidence
methods apply to
specific subjects are needed.
- *Issue 14: Align with MOSIP Claim 169 Work for Biometrics:* The
group discussed incorporating MOSIP's Claim 169 work into the confidence
method specification, with a leaning towards creating a more flexible and
extensible biometric mechanism rather than a strict adherence to Claim
169's format.
- *Issue 17: Confidence Levels from the Issuer:* A discussion on
whether issuer-provided confidence levels (related to NIST Identity
Assurance Levels) should be in the confidence method or evidence
field. The
consensus was that LOA/IAL are not for confidence methods but
belong in the
evidence field.
- *Evidence Specification and Interplay with Confidence Methods:* A
significant portion of the discussion revolved around the lack of an
evidence specification and how it relates to the confidence method spec.
This included exploring the possibility of defining an evidence type within
the confidence method spec and the implications for charter changes.
- *Charter Updates and Spec Title:* Discussions on potential charter
adjustments to accommodate the evolving scope, including the possibility of
renaming the "Verifiable Credential Confidence Method" spec to "Verifiable
Credential Confidence" to encompass a broader scope.
- *Multi-Factor Authentication (MFA) and Confidence Methods:* A brief
discussion on adding email, phone numbers, and biometrics as confidence
methods.
Key Points:
- *HTML Sandbox for Render Method:* Browser sandbox features
significantly mitigate security and privacy risks associated with HTML
rendering, making it a more viable option for the render method.
- *Multi-Subject VC Examples:* The need for concrete examples
demonstrating how confidence methods are applied to multiple subjects
within a single VC was highlighted.
- *Biometric Flexibility:* The confidence method spec should aim for a
flexible and extensible approach to biometrics, potentially building upon
but not strictly limited by MOSIP's Claim 169.
- *LOA/IAL in Evidence, Not Confidence Method:* Identity Assurance
Levels (IAL) and Levels of Assurance (LOA) are distinct from confidence
methods and should be expressed in the evidence field.
- *Evidence Spec and Charter:* The group acknowledged the need for an
evidence specification and discussed how this could be handled, including
potential charter amendments and the possibility of defining evidence types
within the confidence method spec.
- *Spec Title Change:* There was support for renaming the "Confidence
Method" spec to "Confidence" to reflect a broader scope and better
accommodate related concepts like evidence.
- *Divergent Views on Evidence/Confidence:* Ted Thibodeau Jr. raised
concerns about overloading fields with secondary uses and the potential for
confusion regarding the roles of issuer, holder, and verifier. Brent Zundel
also emphasized the importance of clean separation of goals for
implementability.
- *Focus on Presenter Identity:* A key aspect of the confidence method
discussion is verifying if the presenter of a credential is the intended
recipient or one of the individuals mentioned within it, drawing parallels
to DIDAuth patterns.
- *Future Discussions:* The group will continue these discussions in the
new year, with the next meeting tentatively scheduled for January 10th,
following the Render Method call.
Text:
https://meet.w3c-ccg.org/archives/w3c-ccg-vcwg-spec-refinement-2025-12-17.md
HTML:
https://meet.w3c-ccg.org/archives/w3c-ccg-vcwg-spec-refinement-2025-12-17.html
Video:
https://meet.w3c-ccg.org/archives/w3c-ccg-vcwg-spec-refinement-2025-12-17.mp4
*VCWG Spec Refinement - 2025/12/17 10:53 EST - Transcript* *Attendees*
Benjamin Young, Brent Zundel, Dave Longley, Denken Chen, Dmitri Zagidulin,
Elaine Wooton, Hiroyuki Sano, Ivan Herman, Joe Andrieu, Kevin Dean, Manu
Sporny, Patrick St-Louis, Phillip Long, Ted Thibodeau Jr, Vasileios
Konstantinou, Will Abramson
*Transcript*
Benjamin Young: Hang on.
Benjamin Young: I was just about to ask cover text that this one's
happening. Mark, gotcha.
Manu Sporny: Yes,…
Manu Sporny: I think so. Today is Joe and Denin running the confidence
method discussion. I'm pretty sure
Benjamin Young: It was just still marked as tentative, so I didn't That's
great.
Joe Andrieu: What just happened?
Joe Andrieu: Okay, I think enough of us are here to probably get started.
So, Den, I think our plan was just to go over the issues we have
outstanding. Is that right?
Denken Chen: That's correct.
Joe Andrieu: Okay, let me share my screen and we go through these in oldest
order.
Joe Andrieu: Yes,…
Manu Sporny: One sec,…
Manu Sporny: I've got one tiny thing I could add to the agenda before we
get started. I know this is a spec refinement call and I know that we're
not doing render method this week, but I wanted to convey something we
learned over the past week that's of use that I'd love people to think
about over the holidays if that would be Five minutes.
Joe Andrieu: please. Yeah,…
Manu Sporny: All right.
Joe Andrieu: that'd be great.
Manu Sporny: So thanks Joe. this is about render method.
Manu Sporny: we have been talking about whether or not it would be possible
for us to support through render method. right now I think the focus was on
SVG and PDF. we at Dig Bazar have been doing some work looking at the HTML
stuff and if you'll remember I was fairly anti HTML is too complicated. We
probably can't do it. and Demetri was u pretty pro but it's super useful
and we've done some looking into the HTML sandbox feature that every
browser engine supports right now. and it looks like it addresses a number
of the privacy and security concerns that'll be had around HTML rendering.
Manu Sporny: meaning you can turn off network access, you can turn off form
access, if you can turn off JavaScript. you can turn off requests for
cameras and other types of features like that sandboxing feature was
largely built for the ad industry and making it so that the ad industry
couldn't spy on you more than the site wanted them And because of that,
it's pretty robust and addresses all of the security and privacy things
that at least we digar were concerned about to the point that I think we're
okay with HTML support in render method.
Manu Sporny: I think it covers all the security and privacy considerations
concerns we had, meaning that I think we would have an easy time defending
it with ping and singing. so, just wanted to provide that update to the
group. I think we're going to want to start having discussions around that
when the render method, spec u reconvenes. Anyway, just putting that out
there. if other people want to take a look at the sandbox feature for HTML
that's in the HTML spec,…
00:05:00
Manu Sporny: please do see if you see any concerns, around that. that's it,
Joe. Back over to you,
Joe Andrieu: Cool. Thanks,…
Joe Andrieu: Manny. all right. That actually reminded me of an issue that,
Den and I have talked about a bit and, I guess I want to pick the first
issue to talk about the charter, issues around, evidence. Dan, I'm not sure
if it's 16 or 12 that would capture it best.
Joe Andrieu: Okay, Then I think we should be able to get through to that.
All Excellent. I didn't know you had created that. Thank you.
Denken Chen: I have created another one 23 so we can discuss it later.
Joe Andrieu: All right, then.
Joe Andrieu: which ones Don? Want to talk about the ones that need
discussion? Then the first one is this issue from David Chadwick. The
confidence level is not sufficient on its own.
Denken Chen: I think we can just go through it one by one to make sure the
actions we are going to move forward.
Joe Andrieu: and our sense I believe is that on some level we agree with
him in that it's confusing how to use confidence level and we think in this
particular case the solution is to have an example that illustrates a
multi-ubject VC because I think the way that you deal with the fact that
there is a juvenile or a guardian involved or a dependent like a dog or a
cat is that you don't think about how the owner would authenticate on
behalf of the dog on its own but rather you embed in the VC hey Joe is the
owner this is his dog his dog has had his shots and so by putting the
semantics in the VC I think we can have an example which addresses this
Joe Andrieu: Go ahead, man.
Manu Sporny: That sounds good to me. are there spec changes necessary? I
think the examples would be like a multi-ubject credential and you would
put confidence method on one of the subjects I guess or would you put it on
the topmost what would the example do would we use evidence I'm guessing
not and…
Manu Sporny: then if we use confidence method what of the objects does
confidence method go on and then what does that
Joe Andrieu: Dave, did you want to address that or…
Joe Andrieu: do you want me to try fielding it? Go ahead, Dave.
Dave Longley: Yeah. and…
Dave Longley: then you can correct me. I think we might want to have more
than one example. I think we need at least one example that shows a VC that
has multiple confidence methods on multiple subjects and then it shows that
in a verifiable presentation. you can express who the holder is that's
doing the presentation and it can be one of those subjects and then that I
think becomes clear to the verifier that you can see who the holder is in
the presentation and that they are a particular subject in the VC and based
on the semantics of the VC that might be acceptable to a verifier. I think
that's the more complex case.
Dave Longley: The less complex case is something like what you were saying
Manu where you have multiple subjects but only one of them has a confidence
method maybe the owner of a pet and…
Dave Longley: then you show that when you do the presentation you check the
holder against that subject as opposed to some other one or the
Joe Andrieu: Yeah, plus one to that.
Joe Andrieu: That was basically what I was going to propose. We have in I
think the marriage license example. and so we could augment that and have
confidence method to show, both parties in a marriage credential could have
independent confidence methods. and then I do think the owner and the pet
makes it clear why the pet doesn't have one, right? It's like you don't
have to do this but for the subjects that it's useful to do it for, you can
do it. Go ahead, man.
Manu Sporny: I'm wondering if Fluffy should have a picture of the pet, I
mean, as a confidence method. I'm openly wondering about that. not saying
it's good because I think what we want to do is just do a very simple
confidence method first. but there's also this kind of biometric component
that's floating out there and biometrics are complicated and dangerous and
all that kind of stuff. but when it comes to identifying the pet, maybe you
do want a picture of it as to raise your confidence that that's fluffy and…
00:10:00
Manu Sporny: not, snooks or whatever. Get
Joe Andrieu: I take it that's an old one.
Joe Andrieu: Many to respond real quick, I think I'd like to separate those
two. we do Dacon and I do want to get to a biometric verification method.
We've identified three that we're going to try and push for in this cycle.
and we'll cue up the rest. but the first one would not be the image. the
easiest one is, hey, you have a verification method in did document. so
we're going to do that one. that's our intention. Followed by an email
confirmation loop. if you can verify this email because also I think that's
common and in use. And then the photo for the dog is interesting. I hadn't
thought about that.
Joe Andrieu: But certainly I want to make it clear that you can have a
subject that doesn't have anything at all. that's not invalid. It's just
part of the complicated relationships you can express in RDF. all right.
I'm seeing some thumbs up. So, what should we memorialize here? Is there
anything new that we should note down? Feels like we got a general
endorsement on what we were proposing.
Manu Sporny: I think just the multiple examples that Dave said. no.
Joe Andrieu: Do we have the bot connected to auto? We don't.
Manu Sporny: No we don't. Unfortunately, not yet.
Joe Andrieu: I do see. So Ivan, you just did that by hand on the 13th. I
just see a note above. I was hoping that …
Dave Longley: I think that's from the other meeting tools. Yeah.
Joe Andrieu: that was from VCWG meeting, Okay.
Ivan Herman: But if you put pointers to the minutes manually someone then
this will trigger the actions running the bot of op of y one. but it has to
be done manually.
Joe Andrieu: Next up is line with motive claim 169.
Joe Andrieu: Thank you.
Manu Sporny: one sorry Joe on the last one.
Joe Andrieu: Do you want to It is welcome.
Manu Sporny: We have a ready for PR marker. Was that marked with ready for
PR? Okay, sorry. Thanks.
Joe Andrieu: Issue 14 align with most of claim 169 work for biometrics.
Thank you. Anyone want to introduce us?
Denken Chen: Yeah. I think I can take this one to study how the spec works
and trying to incorporate the spec in this confidence method when going for
biometric. And one thing I would like to make it clear that is it really a
quest for changes? I think it's already within this competence method. so I
believe it should be ready for if anyone is okay with this directions
because we shouldn't we which we have already have one base 64
representation of the biometric and we could continue to including other
formats. Yeah. Menu please.
Manu Sporny: I think of son before
Denken Chen: Hold on,
Ivan Herman: So I would prefer not to refer to this level one two three or…
Ivan Herman: class one two three four with dispersect of this work because
the class 4 thing is when we edit we upgrade published recommendations. and
in this case it's totally irrelevant. So it just makes the discussion more
difficult by using that terminology. There is no class 4 issue. This is a
new document. the group is chartered to develop it let alone doing it in
the new charter. But even in the current charter is perfectly fine.
00:15:00
Denken Chen: Right.
Ivan Herman: There is no relevance to classes.
Manu Sporny: While that's true, Ivonne, I was going off of something I
heard, I can't remember where we were trying to unify the way we talk about
features at W3C. class 4 just means that it's a new feature,…
Ivan Herman: Yeah.
Manu Sporny: And there are process implications of that. But here I'm just
saying that this is a new feature versus it's an editorial change. What I
was trying to signal by starting to add these labels is to give the working
group some understanding of the significance of the change to the
specification. I'm fine with taking it off, but it was kind of like if W3C
is saying we should start referring to, certain types of changes, could we
start doing that with the initial spec before it even gets to CR? I take
your point, right?
Manu Sporny: I mean typically class 4 is like we can't do that because the
charter doesn't allow it but currently this is a new spec like that we can
make class 4 changes to it right my understanding of the process is But
that's totally fine.
Ivan Herman: I mean it just creates problems in my view.
Ivan Herman: least for me it's always disturbing when I see it because for
me class 4 is relegated to the core problematic of updating and maintaining
an existing recommendation. It has nothing to do with the development of
What?
Manu Sporny: That's not…
Joe Andrieu: Let Okay.
Manu Sporny: that's not why I put my myself on the Q4. I was going to talk
to this use case unlet
Joe Andrieu:
Joe Andrieu: Let me ask about this one, I think we're probably better off
if we flip the other way and we mark editorial to let folks know when it's
not significant. the class three to me sort of is on some level all of
these are class 4…
Ivan Herman: Yes.
Joe Andrieu: because everything's new. and I don't want to have a debate.
Is it class three or close four? sometimes I like having those debates. I
think many of us know that. but in this case, I'm not sure it's adding
much. Do you mind if we remove it,…
Manu Sporny: Absolutely. Sure.
Joe Andrieu: Yeah.
Manu Sporny: Yeah, I'm totally fine. Yeah, I Sounds like I'm in the rough
here. so, on this particular one, the claim 169 work, my hope is that there
are a couple of ways we could go with this. One of them is, MOSUP's going
to do whatever they want and they've registered, claim 169 in the Seabore
repository and there's a fairly static format for doing biometricy things.
Manu Sporny: So one of the confidence method types we could have literally
the type is claim 169 and then it's a seabore encoded claim 169 strict
format biometric thing right okay so that's the other approach is that we
look at the claim 169 use case because it has things in it for doing iris
Manu Sporny: print fingerprints index pinky it's got a lot of kind of
biometricy components to it that are iris biometrics fingerprint biometrics
face biometrics and maybe we want to generalize that and break it out of
that kind of fairly constrained static format that they have in claim 169 9
and allow more variability in the expression of that stuff. So some people
might want to express iris, other people will definitely not want to
express it. and then there may be other biometrics like palm print nose
print for livestock for example.
Manu Sporny: do that because we found out in Japan and other things like
that. So I'm wondering if I think the right way to do this is to look at
claim 169 and break it out into a more flexible kind of biometricy
mechanism that can evolve over time rather than just rashing it down to
claim claim 169. So providing equivalence to what claim 169 is doing maybe
providing claim 169 as its own type but providing I think the outright
thing to do is provide equivalence to what claim 169 is doing but do it in
a way that's upgradable throughout time and has more of an open extension
capability and…
00:20:00
Manu Sporny: and we need to talk with MOSIP about that and get consensus
from them about it.
Joe Andrieu: Okay, cool.
Joe Andrieu: I think I captured that. but I have another question which
maybe is a chair failure. I don't think we're recording this and we don't
have a scribe. okay.
Manu Sporny: We are recording It's auto transcribed and It's auto correct.
Yep.
Joe Andrieu: So we have that tooling. What we didn't have was the topic
integration thing. Thank you, Any other comments on this issue? I think
this is not yet ready for PR. So, someone needs to go look at 169 and think
about how we would apply it.
Joe Andrieu: Dang it. Okay, excellent.
Denken Chen: Yeah, I think I can take this one and…
Denken Chen: to have some study and discussing with most folks. Yeah.
Joe Andrieu: Thanks, D. All right, next Confidence levels from the issuer
currently flagged that as ready for PR. and this queued up this other issue.
Joe Andrieu: that we'll address then but I'll frame it here. So in our
understanding of what David Chadwick was getting at here wait no this was
related to David but you raised it. confidence level in our
conceptualization is something that the issuer uses to inform the verifier
that there is something they can do to increase their confidence that the
current presenter of a credential is the intended recipient or the party
that is being discussed in that credential.
Joe Andrieu: the confidence level or assurance level of and I should say
these NIST identity assurance levels or levels of assurance from ISO 29115.
these are things that we think go in the evidence field where the issuer is
saying we satisfied this regulatory standard before we issued this
credential. So that a verifier without having any of the evidence at least
knows that the issuer has performed XYZ and if they trust the issuer on
that level then they may themselves infer something but it has not
established their own identity assurance level because some of these
identity assurance levels are not transferable in that manner. so we were
thinking of separating those two. and we're curious about feedback. I don't
know Denin if you want to add anything.
Denken Chen: Yeah I think in the below that is comment I believe should be
in the evidence field because there will be one confidence level from each
issuance of the credential. and that'll be easier and reasonable rather
than binding to the confidence level to each subject and that's the case
and I should discuss it in the next charter when developing VCDN 2.1 right
manual face.
Manu Sporny: Yes, I think this has more to do with evidence than it has to
do with confidence method. I think some of the NIS specs and the IIL
stuff's supposed to work is that you as the evaluator determine the level
of assurance that you have. it is not something an the issuer can tell you
through the evidence field I checked their passport or driver's license and
here's the level of assurance that I got to when I issued that doesn't mean
that the verifier gets to believe that and they get to just believe that
right meaning the issuer could lie about it and so the confidence method
00:25:00
Manu Sporny: is meant to raise your level of confidence in the subject, but
the verifier is the one that is responsible for determining the level of
assurance, the level, all of that kind of stuff. It's their job and their
evaluation to see if they reach the same they reached the LOA or that's
acceptable to their use case, so I do think these two things are very
separate. I don't think we should use confidence I don't think we should
state and LOA levels in confidence method data but I do think we should
mention them potentially in the evidence field.
Manu Sporny: Our current the rechartering text says that we can make I
think class 4 changes if it's in support of some of the new work that we're
doing. this is a bit of a gray area but I think we would be allowed to add
new properties to the core context of the B21 context if we wanted to start
specifying I levels in the evidence field for example.
Manu Sporny: As long as we're not making backwards incompatible breaking
changes I think we're okay but Ivon you might be on the queue to tell me
I'm mistaken.
Ivan Herman: So the current charter of today doesn't talk about that just
to make it clear…
Ivan Herman: but the current charter proposal it was Phil who added it in a
PR right before I sent it to the W3C team that besides the possible changes
re for privacy and security reasons we have some text which says we are
also O allowed to make changes to accommodate newly coming up other
recommendations something of that sort in a better English than mine. so
yes formally we don't have that charter approved and by the time it will be
approved it will be end of February mid-March something like that.
Ivan Herman: So we have to be a little bit careful not to change things
today but we can postpone that to let's say mid-March. and one more thing
we are not modifying the current recommendations along these lines. We are
issuing a new recommendation for 2.1 which will include that.
Ivan Herman: We have to be clear how we do that. That's it. It will be
version 2.1 which is formally speaking a new recommendation indeed and…
Joe Andrieu: Did you mean for that Ivon the new recommendation for VCDM?
Joe Andrieu: I see. Okay. Thank you.
Ivan Herman: that's true not only for VCDM. I've listed in the charter all
the seven recommendations that we have published. potentially all of these
go to a 2.1
Joe Andrieu: So, thinking I'm not sure how to resolve this particular
issue. I feel like we've wandered into the other issue that you raised.
Joe Andrieu: Should we maybe go resolve that and then come back to this one?
Denken Chen: And yeah, I think this issue will be closed and I can open
another new issue in VCDN, So we can continue to the discussion when
developing the VCDN 2.1
Ivan Herman: We don't have to an issue.
Joe Andrieu: So that's one proposal made
Manu Sporny: I was going to agree with Denvon. I think what we potentially
are deciding today is that LOA and I has no place in confidence method. It
shouldn't be expressed there. It needs to be expressed in evidence. And so
the right place to deal with it is in the s in an issue there on the
evidence property. And we should close this issue because we have
determined that I and LOA shouldn't go in confidence method.
Ivan Herman: Yeah, my apologies.
Ivan Herman: If it's raised in the other repository, then it's fine.
00:30:00
Joe Andrieu: So, I'm not sure about that.
Joe Andrieu: And that ends up, I think, in the framing of this other issue.
So, let me pull that up and introduce that, which was we don't have an
evidence spec. We don't have any proposal for a type of object that would
go in evidence. but we could put one in the document that is the
deliverable for the confidence method. this was an idea that Denin and We
ran it by PA unfortunately who was the wrong person. I should have included
Yvon, but it made it to Yvon and we sort of missed the deadline to change
the charter before it went out.
Joe Andrieu: But it did go out, right? …
Ivan Herman: No, the church.
Ivan Herman: Then what do you mean by going out?
Joe Andrieu: I was hoping to get it adjusted before it was formally
announced, so we didn't hit that window.
Ivan Herman: Yes,…
Joe Andrieu: But I'll let you explain. We still have a chance to update it.
Ivan Herman: that's why I'm saying It's gone out when it went to the AC for
a vote. We are not yet there. So if the working group wants to make a
change on the charter it's an kind of an adjustment or expansion of the
topic or whatever then it can raise a PR for doing it. I will put a note in
the other issue which is the one that is reviewed by the team and…
Joe Andrieu: Go ahead there.
Ivan Herman: and that's it and then we get reviews and comments and we do
it. There is nothing that makes it impossible right now.
Dave Longley: I also wanted to comment if the confidence method spec wanted
to define an evidence type that's related to in the confidence method
specification. I don't understand why that would require any charter
changes whatsoever. There's already an evidence extension point in VCDM. we
already have in the charter working on confidence method. If there's some
component of working on confidence method that requires or is best achieved
by adding an evidence type, I don't see any reason why that can't be in the
confidence method specification as is.
Joe Andrieu: minute. Go ahead.
Manu Sporny: Yeah, plus one to that. and if it's goes in the confidence
method spec, then there's an argument for that it should probably go in the
main spec. and I think the current language covers that kind of change,
which I think is what Ivonne was getting to. we can update evidence if we
find out that it's best to do that because we were thinking about
confidence method and turns out confidence method and evidence kind of have
an interplay there and because of that it would be best for the ecosystem
to have this new type specified and if someone objects to putting in the
main spec we'll basically be like fine we'll put it in the confidence
method spec but that's probably not where it belongs over the
Manu Sporny: the long term. so that's just are we allowed to make this kind
of change? even with the current spec recharter text, I think should we
have a unified type? I think there's some core properties that would
benefit from being unified. But for example, the I and LOA thing, I think
that's an example of where you definitely don't want to put that in
confidence method. It goes in evidence. and that's where I would be
concerned about us saying yeah, no, the type's totally unified between
evidence and confidence. I think they do share some base properties,…
Manu Sporny: but they are different. and maybe teasing out that difference
is some of the work that we have to do here.
Joe Andrieu: Yeah, let me correct…
Joe Andrieu: what was meant by unified there. because I didn't mean the
same types. I meant just right now because we do still have the wrinkle as
might be the case that we want evidence to be attached to a particular
subject then it may make more sense to treat evidence as confidence method
as a property of a claim set as opposed to a property of the VC and that
would be a class 4 change and so we can make class 4 changes
Joe Andrieu: within deliverable called the verifiable credential confidence
method. but potentially taking out evidence from the VCDM would be class 4
over there. so that's what I would be concerned about.
00:35:00
Dave Longley: So the framing I have in my mind for this entire feature is
and maybe people think about this differently is that we're defining some
confidence methods and then issuers might say they themselves consumed
these confidence methods when they performed some authentication or
whatever it is that they did and they want to be able to express that in a
VC. All of that seems really related to confidence the use of confidence
methods and so it seems to me like there's a good argument to be made that
in the confidence method spec you define the confidence methods and then
you can say and if you have consumed these and want to express that NBC you
express that in the evidence field like this and we define an type of
evidence confidence whatever we want to call this thing and you say you put
that and this is an evidence
Dave Longley: extension of the BCDM and you put that in the evidence field.
All of that seems highly related and it might be better served in the same
all in the confidence method spec showing you…
Joe Andrieu: Hey man.
Dave Longley: how to use all those things as opposed to splitting it out
and putting it into these different places and hoping someone can bring it
all together.
Dave Longley: So to me it seems like it all makes sense to go in the
confidence method spec anyway.
Ivan Herman: So to be very pragmatic isn't it a possibility that we gently
change the title of the spec…
Ivan Herman: which is now related to confidence method which is very very
specific to an object in RDF so to instead of that we talk about verifiable
credential confidence gen in general or you come up with a better word and
I look at the line which describes the abstract of the document suddenly it
becomes much more general and we can put all these things into the same
spec without too much trouble.
Ivan Herman: we are not bound to the title of the document as it is now. we
are in a way…
Ivan Herman: because we have a first hurricane draft published but that can
be handled.
Joe Andrieu: Thanks Ivon.
Joe Andrieu: I was similarly thinking the description here definitely it
might benefit from being plural i.e a specification defines mechanisms. but
otherwise the evidence property does increase the confidence of a verifiers
that a particular subject is the right person. So it definitely fits the
current description.
Joe Andrieu: I'm wondering how do people feel about just getting rid of the
word method in the title. So the document is just verifiable credential
confidence and…
Ivan Herman: work Joe,…
Joe Andrieu: we talk about how you have confidence that what's in there is
true or real or associated with the right person. I'm seeing some thumbs
Anyone opposed to that? Seems like a rallying bit of support.
Joe Andrieu: Excellent.
Ivan Herman: on a very practical level, it looks better if you put in a
pull request to the charter rather than I going to go and change out of the
blue things. So, can you do that?
Joe Andrieu: Yes, I would be happy to do that. So, let me just note that's
what we're going to do.
Joe Andrieu: Any other thoughts on that before I hit comment? I think we're
good. All right. So, that was 16 17. They can you open this to add some
more confidence method types based on different kinds of MFA.
00:40:00
Joe Andrieu: Okay.
Denken Chen: Yeah, I would like to know the community's opinions about
adding some email, phone numbers and biometric for the confidence
previously methods. That's and is there any objection to this and reasons
and I don't quite get what has been said in that case is Ted available for
speak a little bit about this thank
Ted Thibodeau Jr: Unavailable.
Ted Thibodeau Jr: It's not top of mind. Let me see if I can quickly read it
over again.
Joe Andrieu: So the parent issue had linked to this comment on 16.
Joe Andrieu: So the parent issue, you just had a short C number 16. And so
I'm sharing number 16.
Ted Thibodeau Jr: Right. what you were just saying, Joe, actually made a
lot of sense to me about attaching these to claim sets rather than to the
credential.
Joe Andrieu: my goodness. I want to jump on the queue. is there this is a
crazy idea and I feel it breaks some things, but I want to get it out of my
head before I filter it too much more, which can't we have a confidence
method that is expressing that the issuer did something. because we have
this structural quandry. to what Tall Ted just said which is that evidence
is not bound to subjects it's bound to the credential.
Joe Andrieu: So if I wanted to say, hey, I satisfied IAL3, which subject
would that apply to? And so, that was my comment earlier that, if we want
to get rid of the evidence property in VCDM, that may be a class 4 change
to the VCDM. but maybe if it's all just in the confidence method in a
single property,…
Joe Andrieu: then the type could tell you, is this something that the
issuer did or is this something for the verifier? But maybe that's breaking
some other simplicities we had. Go ahead, Ted.
Ted Thibodeau Jr: yes.
Ted Thibodeau Jr: So, I've always been concerned about this idea that
either of these properties meant anything to the verifier. My understanding
of them as when they were introduced, my understanding of them were that
they contributed to the issuers what they put in, right? And then the
verifier might see, the issuer whom I trust in some way, and trust is a
terrible word, but I'm going to use it anyway.
Ted Thibodeau Jr: The issuer whom I trust to issue useful credentials used
this evidence or this method to confirm that the thing that they said about
the subject is accurate and I trust that the verifier did sorry as the
verifier trust that the issuer did this and that gives me more confidence
in the credential But I'm not doing anything about confidence. I'm not
doing anything about assurance. I'm relying on stuff that the verifier says
that they did. Does that make sense?
Manu Sporny: I think you meant the issuer said that they did in the last
sale. Mhm.
Ted Thibodeau Jr: So yes. Yes, you're correct.
Joe Andrieu: So I think that does make sense. I want to nuance and that I
think there are two different things we're talking about here. One of which
is what did the issuer do to have their confidence that they gave this
credential to the right person like that they digitally gave that object to
the correct person because they could have been intercepted or whatever.
and so they might say hey I satisfied however my mental model of the
confidence level is mechanisms that the verifier may use to increase their
confidence. For example, if you have a public key as a confidence method,
then someone who could satisfy a challenge against that confidence method
increases the verifier's confidence that person is that party, whether or
not the issuer did that same check.
00:45:00
Joe Andrieu: so I see those as sort of in fact two different bookends of an
identity assurance conversation where the issuer is talking about what do
they do and they are not likely to provide all the evidence when you state
that you satisfied you don't give all the evidence for it like you don't
literally discourage the evidence you just say I did it and then on the
verifier side you're like hey issuer what did you tell me that they could
use here's a picture if they look like this guy you should look at that
here's an email if you verify the email we actually knew that they had that
email at one time. but of course any of those particular confidence methods
only give you the confidence that method would give you. an email loop only
convinces you that somehow the email correctly transferred the token. It
doesn't mean that emails was securely read by only the person you wanted it
to be read by.
Joe Andrieu: And so I think as long as the verifier understands the
implications of a particular confidence method then they can go through
that exercise whatever it is to add the confidence to their belief that the
issuer did the right thing and…
Joe Andrieu: we've got a credential from a person that we think is the
right person it was given to go ahead you were next on
Ted Thibodeau Jr: I think that's sideways again.
Ted Thibodeau Jr: The issuer is saying things about one or more entities
and those are the things that I'm expecting I'm not necessarily expecting
the issuer to pay attention to the first holder that they are issuing the
certificate That they can give me a credential about my dog. There is no
assurance that they have issued it to my dog, nor even to my dog's owner.
That's not part of the puzzle in my visioning things. All right.
Ted Thibodeau Jr: The issuer is saying things about an entity and therefore
it needs to have some confidence that entity is the one they're talking
about and that the statements that they're issuing here are accurate which
may be based on some number of pieces of evidence. And as the verifier, I'm
concerned with they were talking about the entity that I care about and
that the evidence that they used to make the statements about the entity
that I care about is good evidence. I'm not going to see the rabies
vaccination document. I'm just going to see they're vaccinated against
rabies.
Ted Thibodeau Jr: And I think that there's a lot of fuzziness that creeps
in unstoppably as far as I can tell about things that I don't think are
part of the puzzle. We've got three parties to this. We've got an issuer, a
holder, and a verifier. And that's it. The holder may or may not be any of
the entities discussed in The issuer the verifier probably is not any of
the entities discussed by the credential. It's just that the credential was
issued by that issuer whom I trust to do the right thing and to tell me the
truth.
Ted Thibodeau Jr: And the holder or holders have done nothing but relay the
thing without corruption and that corruption is going to be detected if
there is any. Hopefully that's clearer than what we've been going through.
I'll also throw in the last bit of this comment that I made in October that
what's going on here, the process that's going on at this point is the
verifier is deciding whether they will accept the claims made by this
credential and whether they satisfy the verifier's business logic about
whatever transaction this crime
00:50:00
Ted Thibodeau Jr: trying to go through between them and the holder about
the entities that are discussed in the credential. And it seems like we're
trying to wedge some more functionality in here that I don't think exists.
Joe Andrieu: All right,…
Ted Thibodeau Jr: Or maybe I'm completely wrong. It does at the moment.
Joe Andrieu: Ted, does that conclude your thoughts? Can we go to Brent? All
right,…
Joe Andrieu: thanks. Go ahead, Brent.
Brent Zundel: Thanks Joe.
Brent Zundel: So I've been lurking and listening and had to spend half the
call on another call at the same time and so I apologize if this isn't
quite as pertinent as I would I hope it is. if I remember correctly, we
ended up calling this spec the confidence method spec because we didn't
want to use the word binding and it came out of the desire to do some sort
of holder or subject binding in the credential without using that horrific
term binding. and so the confidence method specification, okay, we'll call
it that.
Brent Zundel: We got a, agreement on that as a title for it. But it's all
about is this subject from the verifier's perspective. Is the subject that
I'm aware of is the same as the one that the issuer was talking about? It's
that connection and approvable connection ideally in some cryptographic
means. all of the other stuff that has been talked about as means of
increasing confidence in the VC I think is important. it was evidence and
folding the evidence into the confidence method is kind of what we're
talking about.
Brent Zundel: I'm not sure if merging them is the right thing because a
clean separation of goals is I think very useful to make specifications as
implementable as possible. And while it's tempting to create kind of a
grabag of everything confidence related in one thing because there are some
conceptual similarities there is tempting. I'm not sure that it would serve
our users to do that. at the same time, if that's what the group ends up
wanting to do, I'm not going to, object. I am concerned if we try to do
this before moving to a new charter.
Brent Zundel: If the group decides they really want all of the evidence
stuff and whatever else inside the confidence spec, then I think we would
have to do that under a new charter rather than under the existing one
because it really is a kind of a fundamental change to what was meant by
the confidence methods back when we said yes,… we're going to work on that.
just some idle thoughts and wanted to get them out so they stopped
percolating in my head.
Brent Zundel:
Joe Andrieu: Cool. Thanks,…
Joe Andrieu: Brent. I want to note the time. I do want to, have a habit of
getting done at five before the hour. so, I just want to quickly say two
things, then Ted, I'll give you a chance to have the last comment here, or
actually Dankin after you, in case you had anything, one I wanted to say I
think we're not just talking about the subject that in fact what we are
trying to figure out is if the presenter at this point in time the person
who is interactively saying this is my credential is that the person in any
way whatsoever. So all the use cases they're totally valid that you have a
credential that isn't about whoever's presenting. those are fine but not
what we're talking about.
Joe Andrieu: We're talking about mechanisms whereby the verifier could say,
if I do this other mechanism, then I could have more confidence that the
person in front of me is one of the people mentioned in the thing." to your
notion that we were creating something new or more complications that
weren't here. To me, this was always part of how the did off pattern
worked. and this is sort of tribal knowledge that I think confidence method
is trying to bring out of the tribality so that it's better and more common
practice that before you issue a VC to a given DID verify that they do a
DID off before you give it to them that expectation was absolutely there
and then in the VP you're signing over potentially with the same identifier
that the VC was issued to and those two together are the book ends that
said hey the issuer did something before they gave it to him so that gives
me confidence that it went to the right person and then I'm doing something
when
00:55:00
Joe Andrieu: I got it. And that's giving me confidence that that same
person it was given to is involved in this transaction.
Joe Andrieu: And with that, I'll hand it to you, Ted. Yeah.
Ted Thibodeau Jr: H yeah,…
Ted Thibodeau Jr: we're overloading some things and I don't think that the
process that you just described, Joe, is written out in any of our
documents about these things. it's trying to put a number of fields to a
secondary use which might be okay but again that falls into the verifiers
business logic from a technical perspective I don't believe that that
follows from the use cases and user stories that we've got and I don't
think it follows from any of
Ted Thibodeau Jr: the documents that we've got thus far and…
Ted Thibodeau Jr: that troubles me a great deal. I'll leave it at that for
now.
Joe Andrieu: Okay. Thanks,…
Joe Andrieu: Thank you. Did you want to say anything before we wrap?
Denken Chen: Yeah I really appreciate the conversations here particularly
from Ted and Brent and I apologize that probably it's me have a fuzzy brand
because it's in midnight in my time zone and I need some time to digest And
I believe we can continue the discussion in the next call on this one.
Denken Chen: Yeah, I don't have other feedbacks for now.
Joe Andrieu: Very good.
Joe Andrieu: Thanks, And thank you all for the contributions and the
conversation. we are taking a couple of weeks off and I think the render
method is going to take the first open Wednesday in the year which is I
think the 10th and then we will follow after the render method. So that
should go out via the BCWG email channels I hope.
Ted Thibodeau Jr: C.
Joe Andrieu: Have a good holiday. Thank you all for your contributions and
we'll continue the work in the new year. Cheers all.
Meeting ended after 00:57:41 👋
*This editable transcript was computer generated and might contain errors.
People can also change the text after it was created.*
Received on Sunday, 4 January 2026 17:29:32 UTC