The W3C Credentials Community Group

Verifiable Claims and Digital Verification

Go Back

Credentials CG Telecon

Minutes for 2017-08-08

Agenda
https://lists.w3.org/Archives/Public/public-credentials/2017Aug/0013.html
Topics
  1. Introductions and Reintroductions
  2. Agenda Review
  3. Digital Verification Community Group
  4. Mission Statement
Action Items
  1. KimHD to send out proposal for how CCG and DVCG work together.
  2. KimHD to add subscribe button on our page, like "Join" on https://www.w3.org/community/credentials/. Make sure patent policy, etc is respected
Organizer
Kim Hamilton Duffy, Christopher Allen
Scribe
Lionel Wolberger
Present
Kim Hamilton Duffy, Lionel Wolberger, Christopher Allen, Drummond Reed, Abbas Ali, Dave Longley, Nathan George, Manu Sporny, Moses Ma, Adam Lake, Frederico Sportini, Adrian Gropper, David I. Lehn, David Chadwick, Ryan Grant, Dan Burnett
Audio Log
Kim Hamilton Duffy: IRC Cheat Sheet for those that need it: https://github.com/w3c-ccg/w3c-ccg.github.io/blob/master/irc_ref.md
Lionel Wolberger is scribing.

Topic: Introductions and Reintroductions

Christopher Allen: Anybody new? Or re-introductions?
Drummond Reed: Chief trust officer at evernym, leading role at Sovrin foundation, working on the DID specification with many people on this call
Abbas Ali: Me
... verifiable claims with DIDs and all the infrastructure that it will require.
Drummond Reed: Abbas, welcome
Abbas Ali: Works at R3, joined the group looking at verifiable claims for the purpose of onboarding at banks.
... interested in partnerships with identity service providers
Christopher Allen: That ends introductions, thanks.

Topic: Agenda Review

Christopher Allen: Due to approve the new name mission statement
... completed a first draft
Christopher Allen: For those participating in the Face2Face at rebooting Web of Trust, there is an early bird discount ending this Thursday.
... receiving topic proposals in the topics dir of the repo
... Manu submitted a primer on verifiable claims, Drummond working on one for DID
Kim Hamilton Duffy: New CCG site: https://w3c-ccg.github.io/
Christopher Allen: https://w3c-ccg.github.io/
Christopher Allen: The URL https://w3c-ccg.github.io/ is our primary github.
... If it seems to be missing stuff, contact kim, chris or manu
... This secondary page https://www.w3.org/community/credentials/ has better visibility in Google
... but due to its less flexible UX/UI, is more limited in the info that is there.
... Issue: add a "call to join the group" to the w3.org homepage.
Kim Hamilton Duffy: We have a "Weekly Meeting Information" in the sidebar of the W3C site
... this group inherits various meetings groups and efforts going back bast 2013.
Kim Hamilton Duffy: Let me know if we need a better link name to make that more actionable. I can reorder these items as well
Dave Longley: CCG was part of the Web Payments CG prior to 2014 (it split out from that group in 2014)
Lionel Wolberger: Definite improvement over the past 3 weeks or so [scribe assist by Manu Sporny]
Kim Hamilton Duffy: Committed to continuing to improve the sites, open to any and all suggestions.

Topic: Digital Verification Community Group

Christopher Allen: Digital verification community group had crossover with Credentials Community Group.
... Chris and Kimh co-chaired both
... Digital Verification Group has value having its own repo and separate meetings devoted to certain issues such as selective disclosure and data minimization
... This DVG is "under" this CCG
Nathan George: +1 To a task force meeting to introduce Sovrin/Hyperledger Indy's CL-sig implementation (and try to get our crypto folks more involved)
... Chris open to thoughts on whether DVG is a group, or task force, etc.
Manu Sporny: +1 That DVG be subtaskforce to the CCG
... one motivation for having it separate was quasi-political, due to strong pushback from W3C regarding crypto
... strong opinion there, that a security/crypto group needs to be mostly 'insiders' from those security/crypto groups
... the web crypto group both invited DVG in (you should be here) and then did not prioritize its agenda (...we don't want to talk about that stuff here...)
... so DVG remains with its crypto focus
... CCG should probably AVOID pulling DVCG work items onto its agenda.
... that said, we have people now who understand crypto (chris, lionel, yan, sovrin people)
Christopher Allen: More motivation to go to task force language: gives us scope to mention these more technical things on the master page for the community
... Prioritization of these technical items should be done by the CCG first and go forward from there
ACTION: KimHD to send out proposal for how CCG and DVCG work together.

Topic: Mission Statement

ACTION: KimHD to add subscribe button on our page, like "Join" on https://www.w3.org/community/credentials/. Make sure patent policy, etc is respected
Christopher Allen: Walking through the items on the Google doc.
... Discussion focusing on "creation, storage, presentation, and verification"
... no objections.
Christopher Allen: Focus on the unique nature of credentials or identity-bearing instruments, and the proofs involved, should be called out
Kim Hamilton Duffy: +1
Drummond Reed: I agree that having the term "verifiable claims" in the mission statement would be good
Drummond Reed: I agree that "verifiable claims" has become a term of art
... verifiable claims is a term of art that has caught on (though verifiable credentials does seem more cogent)
Manu Sporny: Subtle point, a claim is not verifiable.
... a credential is verifiable
Moses Ma: Is there a distinction between verified vs authenticated?
Drummond Reed: Leave self-sovereign identity in
Manu Sporny: Moses, yes, there is a distinction... you must verify someone before they're authenticated (but even this definition is arguable)
Manu Sporny: (And highly technical)
Moses Ma: Manu, should claims be authenticated as well as verified?
Christopher Allen: After word by word discussion, we converge on:
The mission of the Credentials Community Group is to explore the creation, storage, presentation, and verification of credentials. We focus on a verifiable credential (a set of claims) created by an issuer about a subject—a person, group, or thing—and seek solutions inclusive of approaches such as: self-sovereign identity; presentation of proofs by the bearer; data minimization; and centralized, federated, and decentralized registry and identity systems. Our tasks include drafting and incubating Internet specifications for further standardization and prototyping and testing reference implementations.
Drummond Reed: This draft is good.
Manu Sporny: Moses, no - authentication is separate... it happens later
Manu Sporny: (Or rather, it's complicated and we shouldn't muddy the waters by bringing "authentication" into all of this.
Christopher Allen: Issue of long-lived credentials. The challenge is significant due to expiration or lost keys.
Drummond Reed: I agree that long-lived credentials are important
... Other longue duree challenges: the school changed its name
... Some related solutions include discovering proofs that were valid at time X etc,
... Refugees for example are forced to present claims that were true in the past but are difficult to verify
... This group has access to very effective methods to address these issues that other groups just do not have.
Moses Ma: Thanks, gotta bail!