The Verifiable Claims Task Force

A Task Force of the Web Payments Interest Group

Verifiable Claims Telecon

Minutes for 2016-03-29

Agenda
https://lists.w3.org/Archives/Public/public-webpayments-ig/2016Mar/0059.html
Topics
  1. Introduction to Todd Albers
  2. W3C Advisory Committee Summary
  3. Next Steps (in the next 4-6 weeks)
  4. Spec Ops
Action Items
  1. Manu to contact interviewees and survey respondents with charter and use cases and questionnaire.
  2. Shane to update use cases to make them broader than payments (based on feedback at W3C AC Meeting)
  3. Matt Stone to review use cases.
  4. Richard Varn to review use cases.
  5. Eric Korb to review use cases.
  6. Carla Casilli to review use cases.
  7. Todd Albers to review use cases.
Organizer
Manu Sporny
Scribe
Gregg Kellogg
Present
Gregg Kellogg, Manu Sporny, Todd Albers, Shane McCarron, Carla Casilli, Richard Varn, Dave Longley, Matt Stone, David I. Lehn, Daniel C. Burnett, Rob Trainer, Andy Dale, Colleen Kennedy
Audio Log
Gregg Kellogg is scribing.
Manu Sporny: Talking about W3C meeting and SpecOps.

Topic: Introduction to Todd Albers

Todd Albers: I’m Todd Albers, work for US Federal Reserve Bank. I’m interested in the different use cases as it relates to credentials.
… My background is in web apps and have worked in SaaS with credit cards.

Topic: W3C Advisory Committee Summary

Manu Sporny: We started circulating a draft charter for VCWG. We tried to paint a picture of what the WG would look like based on 42 respnoses to survey, and the 12+ people we interviewed around the charter.
… We also showed use cases.
… We focused primarily around credentials uses for payments. Initial feedback is that they would like to see it broader (e.g., Healthcare and Education). The discussions last week at the Advisory Committee reinforced that.
… We did a number of interviews to see what they thought about the work. A number of respondents were very cautious, due to previous failures in the space (OpenID Connect, SAML, …).
… There was some pushback questioning why this work was different. We were able to sit down with them (Dan Applequist). He’d like to see more general language at the beginning of the doc to make it clear what problem we’re trying to solve.
… We spoke with the AC Rep from Apple (David Singer) who was also cautious.
… We also spoke with Harry Halpin, who has been most strongly opposed to the work. We indicated that the charter was modified due to his input. He thought this was a positive step, but had not reviewed the charter. He raised an issue on our claim of consensus to create a charter. I went through the list of people, and he had no response to that. (He’d like to see the list).
… We brought up VC, and I didn’t hear any strong objection to the work. There are upwards of 400 members, and we would need to respond if we get any formal objections.
Shane McCarron: I didn’t hear anything negative. I did hear was intereset from quarters I hadn’t expected, where there are uses we hadn’t expected.
Manu Sporny: Web Annotations would like something like this to not who author is, also RIAA and MPAA for noting artists and royalties.
… All in all, it was really good; it didn’t seem like anyone was surprized or came out of left field. We talked with W3CM (Jeff Jaffe) who wanted to see how it was going, and to see who would be Staff contact for this work.
… I mentioned that gkellogg is a front-runner as far as being a staff contact, but we need to find funding, but others may come up too.
Carla Casilli: Feels like a good time to say Yay!

Topic: Next Steps (in the next 4-6 weeks)

Manu Sporny: It’s up to us now, and there doesn’t seem to be anyone standing in the way. We could bring it in front of the W3C Membership for a formal vote sooner or later. We need to be sure it’s structured to have a very good chance of success. What comes next is getting people who are going to show up every week, engage, and get the hard work done over the next 2 years.
Shane McCarron: We did say we would circle back with the interviewees. Has that been done?
… We’re going to ask people for committments, show up, join W3C, etc. If we don’t get at least 20 W3C members voting for it, and at least 15 people who show up regularly. Good news is that we’ve had that engagement so far, but people need to commit to join the W3C.
… We need to hire a W3C Fellow, make test suites, and so forth, and that takes money. We’re at the point where it needs funding for us to start. If we start without that in place, the work could falter.
… We haven’t yet circled back with interviewees, and survey respondents this week. There’s a question of if we should create a committment questionaire.
Richard Varn: Can you summarize the to dos?
Shane McCarron: We said we would formally circle back.
Carla Casilli: What's the minimum number of required participants?
Manu Sporny: You missed that, we haven’t yet done that and need to do it this week. I’m wondering if we should have a questionaire to see if people would participate, object or something else.
Manu Sporny: Richard asked about ToDo’s. The first thing is to notify interviewees that we have a charter and want to forge ahead. Do they see any issues. Then we need to get back with Survey respondents (23 or so).
Richard Varn: Don't forget Lumina
Manu Sporny: Then we need to push key organizations for informal reviews of the charter (Bloomberg, Fed Reserve, B&M Gates Foundations, EMS, Pearson, …) need to get them on the record.
… The faster we get to 20 commitments, the better, but we should shoot for 50 organizations supporting the work.
… It takes 20-25 yes votes to start. There must be at least 10 participants on each call.
Carla Casilli: Great, thanks.
Manu Sporny: Those are low bars. The Web Payments IG has 47 organizations and 112 participants; I’d like to do at least as well.
… Once we get to that point, the charter will go up for formal review. There’s 1-2 months for review and voting. W3C will review votes and handle objections, and hopefully, we’ll have a WG after that. Timeline is still end of July to start the WG.
Richard Varn: Are we reasonably sure the vested interests and browser makers will not object?
Manu Sporny: We don’t see any objections on the horizon.
Richard Varn: Cool
Manu Sporny: We’re predicting 18-24 months to do the work. We could do in 12 months if everything goes according to plan (but it never does).
… We’re releasing a blog post about our experiences with the Web Payments group so far: things have not gone well, at least when it came to our group creating a bunch of specs and putting it into a WG. We tried to get browser vendors on board, but bad things happened.
Richard Varn: Understood
Dave Longley: But hopefully a lot will be mitigated by starting small
… Even though we’ve asked and giving notification, and we’re not doing protocol, which they care about, there are no guarantees. The WPIG is an example of how things can fall apart. That’s one of the biggest concerns we have, how to mitigate risks of powerful groups coming in and disrupting the process.
Dave Longley: Some of that vision will have started to actualize, so it can be seen/understood by new players more easily.
Dave Longley: If we have implementations out there.
… As dlongley says, starting small and getting deployments is key. Having deployments in an industry before it comes into W3C is a good thing, as it validates the vision, and shows that it can’t be easily moved. Its a risk we need to understand
ACTION: Manu to contact interviewees and survey respondents with charter and use cases and questionnaire.
ACTION: Shane to update use cases to make them broader than payments (based on feedback at W3C AC Meeting)
Manu Sporny: I’ll also create the survey and put it out to the group.
Shane McCarron: +1 To reviewing the use case document
… We need to take a closer look at the use cases document to make sure everyone understands it. Particularly as people think it’s too focused on payments.
Shane McCarron: I would also like to start (again) working on the extended use cases
ACTION: Matt Stone to review use cases.
ACTION: Richard Varn to review use cases.
ACTION: Eric Korb to review use cases.
Shane McCarron: We talked about an extended use-case document (the “vision” thing). Where should it live, in CG or as adjunct document within VCTF?)
Manu Sporny: I’d suggest in CG for now. I’m concerned about handing a document over to a group that won’t tend to it long term.
Matt Stone: I was going to ask where we are going to manage other workspaces and have a sand-box to flesh it out. Do we have a vision for how to bring in other industries? We could add example uses cases for each flow in each industry.
Manu Sporny: We don’t have anything solid in mind right now. Just repeating the use case for each industry isn’t useful, but spreading around the use case descriptions among 5-6 industries would be useful.
Matt Stone: Would it make sense to have a meta-use case to show creating, issuing, verifying across different use cases?
Carla Casilli: What's the timeframe for review and editing?
Manu Sporny: I think the editors have worked on some of these already. You might point out flows which are missing. Adding 2-3 more flows would be useful.
Carla Casilli: Okay, just wanted to know if it was by 12pm ET. ;)
ACTION: Carla Casilli to review use cases.
… Realistically, we need another month to do this work. But, really ASAP. Reviews should be in by the end of this week so we can review it.
Todd Albers: I can help with the review as well
ACTION: Todd Albers to review use cases.
Manu Sporny: Shanem and other editors are in charge of getting use cases cross-industrty.
… Next week, we’ll try and see how we’re doing with commitments; we’re going to need everyone’s help to get commitments for this work.
… Then we need to be sure the work is well-funded, so we don’t languish.

Topic: Spec Ops

Matt Stone: This is the first W3C I’ve participated in so actively. You’ve mentioned funding; can you briefly tell us how that works?
Manu Sporny: We’re doing something a bit different than the way W3C groups typically run. VC and Credentials is a “charged” topic; there have been failures in the past and people are nervous about it. We’ve done a good job in making something achievable.
… Typically, you create a charter, and companies join. But, when the work starts, they typically send people to do the work that are stretched too thin. A number of WG’s I’ve participating in, the vast amount of work is done by Volunteers (Invited Experts). This is a skill that people acquire over years, which can slow down the work.
… The question is, do we depend on companies to do the work, or do we hire people to support us through the process, that’s what Spec Ops is about (Specification Operations). It was set up to accellerate the process of doing standards work, so we don’t hit the typical snags.
… We need folks like ShaneM, he’s the projects manager at SpecOps; same with Gregg and Dan. It’s highly unlikelly that W3C will staff the work.
… We don’t have a good response, as no current W3C staff member has jumped at it; a failed effort reflects badly on the staff, and noone has an appitite for the work, and they’re swamped. We’re going to have to bring in someone from the outside.
… A company can fund a “W3C Fellow” to do such work. A number of us have been through this process before, which helps us out.
Shane McCarron: It’s also not clear to me who at W3C would staff this; picking a Fellow to staff is probably the best way to make it happen. I don’t want anyone to think that SpecOps is strong-arming the group to go in a particular direction.
… We’re not saying you need to buy a standard, but work like this needs dedicated people doing the work. There’s a lot of cross-group coordination needed, which is something the staff contact makes happen. SpecOps is about finding such experts and getting them into the work.
Shane McCarron: https://spec-ops.io
Matt Stone: Is it fair to thing about SpecOps as staff augmentation for W3C?
Manu Sporny: Yes. To be clear, this is not about paying SpecOps to get the standard through the door, but there is stuff that needs to be done that large organizations don’t know how to do. This causes the standard to slow or stop.
… If a number of organizations join and staff with good technologists, that’s great! (This rarely happens). Because of the high risk of people pointing to this and saying “I told you so”, I’m particularly concerned.
… If it starts out and it turns out there’s a large number of qualified people, then we won’t need SpecOps, but I’ve rarely seen that happen (maybe once).
Shane McCarron: Its my job as Projects Manager for SpecOps to answer such questions, so please contact me.
Manu Sporny: Spec editing is hard to staff, as is test-suite generation. There are a number of technologies we depend on that need to be created, WebDHT, RDF Normalization, … A new group needs to be started to make this stuff work.
Matt Stone: +1 (Empathy) to ShaneM
… when we start a WG we need an idea about how this work is going to happen. Right now, we don’t have a solid plan for RDF Normalization, LD Signatures, WebDHT or decentralized identifier work. Without those technologies, we don’t have portable credentials.
Shane McCarron: For example, the Web Annotation WG asked me to attend last week. They’ve done a lot of work on a JSON-LD-based mechnisms for annotation, but got to the end without realizing they had no testing infrastructure.
Manu Sporny: As dlongley says, SpecOps creates technology that is broadly available.
Manu Sporny: We’ll focus on use cases, responses and survey for the rest of the week.
Carla Casilli: Thanks, all! bye