The W3C Credentials Community Group

Verifiable Claims and Digital Verification

Go Back

Credentials CG Telecon

Minutes for 2017-06-13

Kim Hamilton Duffy is scribing.
Christopher Allen: Reviewing agenda
Christopher Allen: Add separate discussion item about meeting in Burlingame?
Dave Longley: Add item about what to do with DID spec, what is desired outcome?
Christopher Allen: We'll discuss after results

Topic: Introductions

Glen Braun: Working with local company called RChain, helping with ID work, studying Sovrin. Studying Open Badges
David I. Lehn: With Digital Bazaar, helping with implementations

Topic: Action Items

Manu permissions work item complete
Christopher Allen: Please fill out group work item priorities poll here:
Poll deadline target next week
Christopher Allen: Ideally 1 per org
Christopher Allen: Naming goals constraints and pitfalls -- in progress, will talk about later. new name and mission stmt -- should be done end of month
Christopher Allen: Meetings with Digital Verification groups, how does this work
Kim Hamilton Duffy: We haven't gotten that many new votes on the poll, we have around 13-15 votes so far... support on lifecycle, browser APIs, DIDs, are in the lead. [scribe assist by Manu Sporny]
Kim Hamilton Duffy: Privacy and security requirements are also supported - get your votes in as soon as possible. [scribe assist by Manu Sporny]
Drummond Reed: How will things proceed?
Drummond Reed: BTW, I just joined the IRC. Can someone post the link to the poll again?
Christopher Allen: 2 More of discussions about work items, tally which were highest, who will be champion and actually work on poll items
Christopher Allen: Want items that are doable and shippable, won't take too long

Topic: Community Group Naming

Christopher Allen: Naming status "Self Sovereign CG". concern: makes it difficult to speak to banks. Feeling at an impasse
Christopher Allen: OTOH everyone know what "Credentials CG" means. questions/comments?
Kim Hamilton Duffy: I was wondering - what's the concern w/ the banks - it might imply that we're working toward too much of a decentralized solution? [scribe assist by Manu Sporny]
Christopher Allen: Manu will follow up on kimhd's question
Drummond Reed: +1 For SS CG. Industry buying into that term
Drummond Reed: SS speaks strongly to paradigm shift; individual control of their data
Drummond Reed: Has become a technology category
Adrian Gropper: +1 For SS CG for the same reasons as Drummond
Kim Hamilton Duffy: +1 To Drummond's statement
Matt Stone: Concern with SST -- is it too implementation focused? Credentials is narrower in scope, people will pick up on more quickly
Manu Sporny: Presentation to 80-100 bank execs. Tried all, they reacted positively to (1) Credentials, (2) VC, (3) SST
Manu Sporny: They did not grok SST. Perhaps this use has not hit this audienc
Sean Bohan: Anyone have a URL for that paper?
Manu Sporny: Of people who were aware, different connotation. Swedish context from 80s?
Drummond Reed: Ironically, Manu's point is one of the reasons I am in favor of "self-sovereign" is that it is a new technology category, and that means it can gain meaning as the use of the term grows.
Manu Sporny: In general, SST term is taking off. Google search on term top results are DID spec, etc
Drummond Reed: +1 To SSI being highly aligned with GDPR
Manu Sporny: We will have to educate certain audiences, which is not a great marketing approach
Drummond Reed: The term is gaining great traction in the EU because of that alignment.
Manu Sporny: SST or SSCG are fine choices
Christopher Allen: Is torn. Has seen poor uses of term "SS" in the wild, beginning to be coopted. So may be preferable to reclaim the narrative and mission/goals.
Adam Lake: What about "Self Sovereign Credentials"?
Christopher Allen: Would forming a separate CG cause political problems with w3c?
Dave Longley: -1 To creating new groups
Drummond Reed: -1 To creating a new group
Manu Sporny: Should focus on group we have rather than diffuse energy
Kim Hamilton Duffy: Also -1 to new group
Adrian Gropper: Also -1 to new group
Manu Sporny: I like Self Sovereign Credentials more than Self Sovereign Technology
Manu Sporny: It has continuity w/ the "old" group
Christopher Allen: Close agenda item for now. We need more ppl who care about this here. e.g. Christian Lundkvist, other RWoT members
Drummond Reed: "Self-Sovereign Technology CG" is a broader term and a bigger tent
Nathan George: I also prefer keeping credentials in the title
Manu Sporny: It introduces the "new thing" we want to go with...
Matt Stone: Also -1 on new group - let's keep this energy consolidated. I could rally around Self-Sovereign Credentials.

Topic: Interaction with Banking/Finance Industry

Adrian Gropper: I prefer SST for the same reason as Drummond
Christopher Allen: Read Manu's banking presentation and feedback
Manu Sporny: Will clean up email with his summary and send to group

Topic: Planning for W3C TPAC

Christopher Allen: Should we have our own meeting during that?
Christopher Allen: Could be good opportunity to get message out about new name.
Drummond Reed: Note that this meeting will come shortly after the next IIW Oct 17-19 in Mountain View
Manu Sporny: Suggests creating pitches. Weds is plenary (?) day...introduce new work that's experimental. 468 companies in W3C ; would be good to do a presentation on DID, signature schemes, ... that this group is working on. Suggest this group does those sort of pitches rather than face to face meeting
Manu Sporny: May not get a lot more ppl joining CG as an outcome. But we should pitch the specs we're working on to W3C group on weds. This is separate from CG having F2F meeting
Drummond Reed: Manu, when is the VC WG F2F meeting?
Manu Sporny: Last 2 days of W3C TPAC... Nov 9th/10th, I think? Will have to check schedule. It's on the Thu/Fri.
ACTION: Chairs to work on technologies pitch for TPAC
Manu Sporny: Drummond, Burlingame, CA ...
Manu Sporny: Drummond, Nov 6-10.

Topic: Work Item Review

Dave Longley: DID spec is listed as doc in DIF. Does this mean that WG is iterating on the spec? What is that group doing with the spec? Implementations of spec?
Dave Longley: Desired outcome -- this group takes on specs, work on it in open community; other groups can work on implementations. His understanding is Drummond agrees
Drummond Reed: Dave is absolutely right - DIF is focused on implementations, and in the Identifiers, Names, and Discovery WG, specifically a community DID resolver. The DID spec should, if the members of this CG agree, come to this group.
Christopher Allen: Meeting with D. Buchner to discuss later this week
Drummond Reed: Strongly agree. Natural home for spec is this CG. Enthusiastic about taking on in this group
Drummond Reed: Standards in standards orgs, implementations in implementation orgs
Manu Sporny: +1 To what Drummond said, very supportive of that direction.

Topic: RDF Dataset Canonicalization

Dave Longley: Domain champions are he and manu
Dave Longley: Work item primarily about how we express claims
Dave Longley: Esp. data format for claims about someone
Dave Longley: Concern is that multiple ways to express graph
Dave Longley: To check and verify, we need to ensure canonical representation
Dave Longley: Problem how to determine claim has not changed, which representation was signed
Dave Longley: RDF dataset canon. is a solution. produces unique form of graph
Dave Longley: Output of alg can be compared, hashed and digitally signed. outcome is same no matter which input rep.
Dave Longley: Can ensure same claim
Drummond Reed: +1 To renaming spec to RDF Data Canonicalizaton
Dave Longley: Canonicalization is more accurate term. should rename. spec needs review, clarification (why useful), and should have rigorous proof of correctness
Dave Longley: There are multiple implementations of this. 1st version was in 2012 and iterations since. Mature.
Dave Longley: is location of current spec. would like to work on in this group
Nathan George: One area of disconnect. Selective disclosure schemes (uproof etc) need a rigorous def of which slots are available for signing. role of norm. is filled by signature scheme itself. normalization from RDF ends up being redundant. There is overlap between sel. dis. and RDF canon that should be addressed
Drummond Reed: Don't different signature schemes need to support different canonicalization algorithms?
Manu Sporny: Drummond - that's it!
Dave Longley: Yes
Drummond Reed: Coming from the XDI graph world, I can guarantee you that canonicalization of the graph is every bit as important as Dave is saying.
Christopher Allen: Impressed with effort to create canon that works across formats. Working in multiple implementation. Concerns with how it connects to others? Propose get rid of "RDF" in title and instead focus on value proposition
Drummond Reed: But Nathan is also correct that the CL sig scheme uses a totally different approach.
Manu Sporny: Drummond, yes, but as Nathan was mentioning - CamLys signatures don't need to normalize, because they already have a template.
Drummond Reed: And that's goodness too.
Christopher Allen: Second suggestion: being to make open to other things like selective disclosure
Manu Sporny: Drummond, in short - Linked Data Signatures is designed to support both... CL-Signatures wouldn't use RDF Dataset Normalization.
Manu Sporny: Drummond, they'd use something more like this -
Drummond Reed: +1 To robust support for selective disclosure - there are multiple ways to do it
Manu Sporny: Note the 3.3 Examples section
Christopher Allen: Instead of hash for entire dataset, break down into hash tree. provide hash of things that are not disclosed
Nathan George: There are several signature schemes that are important (and useful) for ledger-like use cases of Verifiable claims that I think are worth making space for (even if we don't address them head on)
Nathan George: We should clear room for tree-like signatures, group signature and a few others to help project ledger consensus outside of a DLT (but that may or may not be in scope for this group)
Manu Sporny: Nage, absolutely agree - hopefully we've done that... happy to explain how.
Dave Longley: This is just canon piece, does not talk about signature schemes
Dave Longley: RDF work addresses ordering part. can discuss how to make that work with selective disclosure. This only addresses getting a graph in canonical order
Dave Longley: Flexible in what we can do with output
Noah Thorp: Nothing urgent from me
Kim Hamilton Duffy: +1 To adding to the work item scope some investigation, narrative around how it can work with other schemes

Topic: Privacy and Security Requirements

David Chadwick: See outline in "Privacy & Security Requirements for Credentials Ecosystem" of
Christopher Allen: (BTW, if folks who done presentations can you make sure their link is added to the work items document?)
David Chadwick: "Except in cases of abuse" -- issuer and inspector should have recourse in case of user abuse
Christopher Allen: Where is line between VC and SST groups in terms of scope?
Manu Sporny: Some items DavidC covered may belong in VC WG. Some requirements of SS are stricter than the general case.
Manu Sporny: One way to approach: state a principle, see where it belong
Nathan George: +1 To the "big tent" approach to keep the generalizations as adoptable as possible
Manu Sporny: For each item DavidC mentioned, ensure weaker version is listed in VC group, but stronger version is available in this group
David Chadwick: Concept of high security credentials that should not be released to anyone outside the org. Nothing in the technology would stop stepping outside restrictions of employer (kimhd: not sure I captured this statement correctly)
Christopher Allen: Focus on differences between groups
Kim Hamilton Duffy: We have Jan Camenisch signed up two weeks from now... [scribe assist by Manu Sporny]
Drummond Reed: FYI, I will not be able to attend next week's meeting - I have an all day meeting with BYU Internet Security Research Labs
Joe Andrieu: I gotta run. See you next week.
Christopher Allen: Let's make sure to invite more folks to these meetings and build our community! [scribe assist by Manu Sporny]