The W3C Credentials Community Group

Verifiable Claims and Digital Verification

Go Back

Credentials CG Telecon

Minutes for 2017-11-14

Lionel Wolberger is scribing.
Agenda review
1. Agenda Review (2 minutes) 2. Introductions & Re-Introduction (3 minutes) 3. Status of Current Action Items (5 minutes) 4. Review and discussion of status of DID spec 0.7, post #RebootingWebOfTrust, #IIW & #TPAC, with goal to advance the specification to 0.8 by end of year. (50 minutes)

Topic: Introduction to Mark Miller (Google)

Mark Miller: Google research in ECMA script. Advancing object capabilities security model
... at RWoT went through a revolution of reorienting a lot of stuff with the object model
... made a lot of progress
Drummond Reed: Mark was able to attend the Rebooting the Web of Trust #5 conference and gave us fantastic guidance about using the object capabilities security model there.
Drummond Reed: Very glad to have him here.
Frederico Sportini: Hi, Frederico Sportini
... CTO of ____
... developing an app on the Android Store implementing spidchain.
Skipping action items for today. Need to improve this and make it more easily available.
Frederico Sportini: It's a late alpha more than a beta :D
Frederico Sportini: Still lots of features missing
Spidchain app description: Spidchain is a next generation identity system. It protects your privacy because you are the owner of all the data that identifies you. With spidchain you can login with one click to websites that requires certified information.
Spidchain implements btcr, bitcoin testnet

Topic: DID Spec Review

... move spec number back to conform with W3C conventions.
... 0.7 was update from RWoT and other
... Discuss TPAC and other discussions, to move the spec up to a revision and become v0.8
Manu Sporny: DID spec link above
... Before W3C TPAC got approval to pull in the changeset of all changes discussed, about 30 decent sized modifications
Christopher Allen: Section 1, 2, 3.1, 3.2 have changed
Manu Sporny: Discussion re:hardening. Drummond leading.
... JoeA wants to update spec, instead of "identity" speak of "identifiers"
... some other changes still to make post-RWoT and IIW
... aiming for 1st/2nd week December
Drummond Reed: I can give a short report on the DID spec hardening proposal
ACTION: Manu to complete #RWoT changes to DID spec
Chris Webber: Does this version incorporate the MarkM learnings?
Manu Sporny: VCWG decided to ask CCG to pick kup object capabilities
... two places where object capabilities can be put into the system we have
... 1 layer- DID spec layer.
... Got push back on this.
... Direction- we state we strongly advise putting object capabilities on the ___
Drummond Reed: +1 To the DID spec saying that DID method specs SHOULD use object capabilities.
... In VC work, we say object capabilities should be the primary mechanism for authorization to do things
... Propose doing object cap. in the verifiable claims layer
Drummond Reed: I know that Daniel Hardman, Evernym VP Engineering, also agrees with that approach, i.e., object capabilities in verifiable credentials.
Mark Miller: The DID spec presented had a section attempting to do a capbility-based authorization
... we realized by end of RWoT this text was broken, and it was better to just remove it
Chris Webber: There are aspects to putting it in the DID spec v the methods spec
ACTION: Manu to complete Veres One DID Method spec by January.
Joe Andrieu: Plans to dive into the identity stuff in section 1
ACTION: Joe to submit language edits to section 1, to sync with Manu's release 2nd december.
Manu Sporny: Move from talking about identity to talking about decentralized identifiers and how they enable identity
Drummond Reed: +1 To JoeAndrieu making his editorial changes.
Joe Andrieu: A OK
Christopher Allen: Question, you said two weeks ago the best way to move forward on hardening was to complete the RWoT draft.
... can you update on IIW discussions
Drummond Reed: IIW discussion resulted in a Google Doc that has collected comments
... some additional discussion at TPAC (not that much)
... suggest to have closure calls next week
... in Utah this week
... this thursday people are narrowing in on hardening that they wish to discuss
... start scheduling dedicated calls, in addition to this weekly CCG call;
... propose one per week
Christopher Allen: DIF or CCG?
Christopher Allen: Drummond to have hardening decisions by Sat.
Drummond Reed: Susan Bradford to take task to propose schedule of calls starting a week from now
ACTION: Drummond to have list of of hardening decisions to list next week, weekly separate calls to follow.
Drummond Reed: Will coordinate with Manu to avoid 'stepping on each other'
Drummond Reed: Apologies, must go now, thanks

Topic: Capabilities in Verifiable Credentials

Chris Webber: Recap of VCWG end of W3C TPAC
... reviewed, if we do not go down the capabilities route, we will reproduce the problems we had with ACLs
... group was unanymous except for one observer
... does CCG agree to take up the credentials work? Do we need a proper vote/poll here?
Christopher Allen: Let's wait, we're not gated on the ocap stuff.
... propose, the day Manu ships the next set of PR requests + some days to accept those PRs
... then after that 7 more days
... leaving time for Thanksgiving celebrations in all of this...
... cwebber is there anything else you need to move your things forward?
Chris Webber: A bit swamped now.
... Next month I can draft what Mark and I have written, then resubmit it
... contingent on a consensus that this is worth doing
Manu Sporny: We should try to explore this path... +1
Christopher Allen: +1
Joe Andrieu: +1
Manu Sporny: +1
Christopher Allen: Polling the crowd
Nate Otto: We should explore this path. +1
... no one against, many +1's
Adrian Gropper: +1
Christopher Allen: Explanation of OCAP.. ?
Chris Webber: We have a good angle on producing training materials re: object capabilities
Christopher Allen: Would like to publish general capabilities material
... enable them with DID and specify them in the method specs
... IIW people were not at RWoT, so we need some more discussion
Manu Sporny: Hardening spec goes back to keys
... suggests a single array of keys
... and the services array
... before RWoT we had keys and services. At RWoT the consensus was to move away from keys and more towards authorization credentials
... and move services up
... hardening spec undoes those two changes
... in other words, IIW discussion kind of un-does the RWoT discussions
... how we describe keys
... path dereferencing, services, serialization formats
... from the DID side we are getting key management material: how keys are used
... discussion around cryptographic algorithms and their application
... key issues now
... how we are listing keys and services (discussion re-opened)
Christopher Allen: In BTCR we will have our own proofs, ...

Topic: W3C TPAC 2017 Update

Manu Sporny: TPAC updates
... sent an email out to the mailing list, report on how the DID discussion went
... had good turnout from enterprise, Google, BBC
... about 45 people
... spent more time than planned due to interest
... Tim Berners Lee joined us for the DID discussion and invited us to submit to the W3C architecture group for review
... this group reviews architecture for the web at large, the highest group at the W3C who make a final determination
... they only review things they are very interested in
... was said (a W3C personage) "DNS is the achilles heel of the web, any solution that ensures a better alternative is welcome to consideration"
... were warned, DID is not a web fork
... DID is an alternative identifier that lives beside the DNS system
... lives alongside
... and has its own applications
... a W3C staff member suggested some changes in how we approach it
... so we have "problems of success"
... we have to fix up all the specs and do tag review
... if the TAC says it is important technology this is a big upvote and results in less fighting and a smoother onramp into W3C
Christopher Allen: Credentials group approve
... formalkly charter a WG?
... or is this part of rechartering ?
Manu Sporny: Easier to use an existing group
... same argument for linked data signature stuff
... recharter VC group in the following way:
... we did it, got data models done, but since we find these DIDs with signatures,
... we put those specs through the W3C standarsd process
Christopher Allen: A number of people here who are not members
... community allows anyone to participate
... example Evernym is a member
... others are not
Manu Sporny: Two implementers are not enough to make it, the group will collapse
... need UCorp, blockstack, ++ folks
... does not look good with just two implementers.
... how can we defend such a low number of implementers?
... need IPFS, blockstack on implementation
... when we have demonstrable implementations that is the exit criteria
... need 4 or 5
... 460 members at W3C. Minimum in favor is 25 companies
... example: VC had 58 members in support, but there were only about 20 people really there doing work
... we need to match those numbers
... 50 people supporting DIDs with 20 showing up
... not enough right now (!)
... bottom line: need commitments from more companies
... warning: if the WG is shut down it stays dark for 5 years
Christopher Allen: DID spec, DID document, ...
... plan a new hackathon for January via KimH
Frederico Sportini: Hackaton would be great
Frederico Sportini: +1
... AFAIK Blockstack's latest release has an identifier at the root,
... AFAIK no effort towards DID docs or Verifiable claims
... UPORT:
... Christian, where are you guys?
Christian Lundkvist: Uport has the method spec
... at IIW we implemented the plugin for the universal resolver
... next on our roadmap:
... we have been doing some verifiable claims stuff
... an issue, it is a fair amount of work moving over from JSON token VCs to JSON LD signatures
Christopher Allen: The BTCR from the last hackathon
... there was a python library released (no C or C++)
Manu Sporny: The crypto is implemented, and JSONLD should have reference implementation in JScript
... when you have issues ping Dave, Manu, for examples
Christian Lundkvist: The DID spec itself is a work in progress
... this is another challenge
Dave Longley: Btw, rdf canonicalization has a native implementation now (that is currently integrated as a node.js module):
... we have an implementation in a resolver that returns an older version of a DID document
Dave Longley: This could be split out into a C library at some point.
... that needs to be updated when we setetle
Christopher Allen: +1 On c lib
Christopher Allen: +1 For Uport stepping up
... move to JSON-LD is key
... bitcoin curves
Adrian Gropper: +1 UPort for stepping up -
Christopher Allen: Remember! No meeting next week!
Nate Otto: Bye all; it was nice to be back in this group today! See you again soon.