The W3C Credentials Community Group

Verifiable Claims and Digital Verification

Go Back

Credentials CG Telecon

Minutes for 2018-01-09

Nate Otto is scribing.
Christopher Allen: Thank you everybody for joining.
Christopher Allen: We have our regular standing items, our introductions/reindroductions, progress, etc. We were scheduled today to discuss the upcoming year's plans with Joe, but Joe is not able to join due to family emergency. We decided to focus on the results from the DID reconciliation.
Christopher Allen: If there's time at the end, we want to take on some outreach questions, like how to get started.
Christopher Allen: Any other agenda items?
Manu Sporny: We upgraded the VOIPbot with features we might want to tell others about. 5min.
Drummond Reed: +1 To learning about new voicebot features
Christopher Allen: Is there anybody where today is their first meeting or haven't been on for a long time?

Topic: Reintroduction for Kerri Lemoie

Kerri Lemoie: I'm Kerri Lemoie, I've been working on Open Badges for about 7 years. I helped join this group to work out some original use cases. Rejoining to do some work on educational credentials.
Many in group saying "Welcome back, Kerri!"
Kerri Lemoie: Thanks! :)

Topic: Announcements

Kim Hamilton Duffy: @Christophera if we have time I'd like to give a quick overview of our edu verifiable claims (soon-to-be) proposed work item.
Christopher Allen: Next agenda item Announcements. We will be talking about DIDs.
Christopher Allen: The other thing in progress is we talked about having a virtual hackathon Jan 15-19th, meeting in the morning for standups. It's been argued that might be premature. On the other hand time is marching forward. We will discuss if we wanted to change the dates or proceed.
Subtopic - Publishing minutes and new voipbot commands
Manu Sporny: Publishing minutes has always fallen on my shoulders because of technical limitations and limited people knowing the commands. Now everybody can share in the wonderful ceremony of publishing minutes. I updated the IRC Reference to include every command for the voice bot and for publishing minutes.
Kerri Lemoie: +1
Manu Sporny: We added a couple new VOIP commands. The first one is "voip: number?" This will work across any of the community groups that is using the voip bot
Manu Sporny: The next command is "voip: noise". If somebody is making noise and you can't figure out who it is, you can ask who needs to put themselves on mute.
Adrian Gropper: 345 Is me
Manu Sporny: The last new one I'm not going to run is the publish command, which will take the log and publish it to an S3-like server. This will publish the raw IRC log and the raw .wav files. This is the critical piece that allows others to go in and clean up the audio and the minutes. We hope that in the future we have a live-scribing utility and webpage to correct the minutes as we go. We don't have that yet, but we have the core bits in place where manu doesn't have to be a bottleneck on publishing minutes. We'll probably do a bit more work through the week, but fundamentally publishing minutes is done. I spent total of 80 hours last year doing that.
Drummond Reed: +1 To Manu not spending 80 hours publishing minutes this year!!!
Manu Sporny: If you want to help figure out how to clean up the minutes and publish them, contact me (manu) to learn how to contribute.
Nate Otto: Great job, manu
Subtopic -- Open Badges
Kim Hamilton Duffy: Nate and Kerri and I who are on the call have been working on Open Badges for many years. We have some new work upcoming to bring together Verifiable Claims, Open Badges, and Blockcerts
Kim Hamilton Duffy: Here are some links to proposals and drafts we have been developing. I just wanted to let people know this is in the pipeline as a tentative item for this year. I need to propose it as an official work item to start working on.
Kim Hamilton Duffy: I think this is a great community to work on these issues in, and looking forward to it.

Topic: Progress on current action items

Christopher Allen: Manu are you ready to go with veres one for January?
Manu Sporny: Many pressures to get it done, but it's not there yet
Christopher Allen: Ok, we'll move it to February
Christopher Allen: There are many other items... VC API and polyfill. kimhd were you going to provide feedback?
Kim Hamilton Duffy: That item can be closed
Christopher Allen: David, you were going to review the spec to make sure there were some loose ends documented.
David Chadwick: I reviewed the current text as it stands and sent out an email on 21 Dec documenting the few errors in the current text. I felt that was what the request was, to review the current text. If you're suggesting something wider, like suggesting new text, re-action it in the minutes and I'm happy to go back.
Christopher Allen: Ok, the next work item is that the lifecycle model had a bunch of things that belonged elsewhere. We should move these things to issues or to other appropriate documents.
David Chadwick: Ok task is to review the lifecycle document and document any issues to make sure problems are reviewed and discussed.
Christopher Allen: I would like to close the lifecycle document as a work item in the next couple months or so.
Christopher Allen: We have a lot of work items. We want to focus on just 3-5 per week. We selected DIDs, registries, and data minimization. Let's skip over DIDs for now since we'll talk about that in a few minutes. On registries, Manu what's next?
Manu Sporny: Next is GitHub magic to set up all the repositories. Then it's just into our normal edit cycle. People suggest pull requests, we discuss them, then merge, rinse and repeat forever.
Christopher Allen: Can you make a document about the process?
Manu Sporny: Thinking about where that needs to go. Chairs might need to do that. I can work offline with the chairs to do that.
Christopher Allen: Next item is data minimization and selective disclosure. Lionel?
Lionel Wolberger: First of all we have a draft that can be read. Andrew spent a two-hour session with me. We are in GitHub, thanks to kimhd.
Kim Hamilton Duffy:
Kim Hamilton Duffy: ^^ Data min and selective disclosure docs
Markus Sabadello: Sorry all I have to leave early today.. I sent some comments about the DID Key Management Harmonization Proposal #1 to the list, and I'm looking forward to the virtual hackathon next week.
Lionel Wolberger: Kimhd I want to discuss what's written there. There are two git links that seem relevant. First, "Data Minimization" announced intentions prior to Rebooting. Next we need readers, because we want to pull this together. We might be looking at two different papers. Let's decide what we want to achieve together on this call.
Kim Hamilton Duffy: Adding permissions for Lionel now
Christopher Allen: Moving this to the CCG means we need to put something in the CCG GitHub; kimhd can get you started. We need to make sure all contributors are members of the CCG or do the appropriate IPR License. We can then plan a walkthrough for a future event. Sound good?
Lionel Wolberger: Action items to move docs to CCG, Make sure all contributors are members, Schedule a walkthrough. Should I do that with kimhd ?
Kim Hamilton Duffy: Yes I can help though I'm not sure I understand all the steps.
Christopher Allen: We should also move this into ReSpec format
Kim Hamilton Duffy: Let's create an action item for the share permissions, and we'll figure out how to do the rest.
Lionel Wolberger: We're not doing content at the moment, we'll do this admin stuff, and then once we're in CCG, we'll get more perspectives on the content.
Christopher Allen: +1
Frederico Sportini: +1
Christopher Allen: Next agenda item is regarding the hackathon. How many people were scheduling time to do the hackathon/standups?
Manu Sporny: Digital Bazaar will have one or more people there.
Nate Otto: +1 But flexible except week of the 22ndish
ACTION: Chairs to figure out how to move data min and sel disc to ccg, convert to respec make sure all contributors are members of the CCG, do the appropriate IPR License.
Ryan Grant: +1
Ryan Grant: BTCR, for me
Kim Hamilton Duffy: +1 But don't have much free time that week :(
Christopher Allen: The plan for the hackathon was to have standup meetings in the morning. Any other thoughts on what we should focus on next week? Since we have 5 or so, that's enough to say it's worth having the standups.
Manu Sporny: We'll be focused on Veres One...
Manu Sporny: And maybe some test suite stuff?
Kim Hamilton Duffy: I'll also be working on BTCR with @rgrant
Christopher Allen: I will send a note to the list with details. We'll standup at noon EST each day in a zoom room I'll send the link to
Christopher Allen: Moving onto the DID reconciliation proposal
Christopher Allen: Manu proposed an interesting compromise, and I haven't heard any violent rejections. Manu do you want to share?
Manu Sporny: Here's a link to the proposal

Topic: DID Harmonization Proposal #1

Manu Sporny: Here's an email with the proposal. In the DID task force, we've been talking the last couple weeks what a minimum viable DID document looks like, what's the structure etc. What came out of this discussion was a bunch of requirements.
Manu Sporny: I tried to detail what many of these requirements are. Tried to collect all the requirements from all the DID ledgers, because whatever we end up settling on has to meet every one of those requirements. There was general consensus that we do have some kind of key based use cases that are pretty high on everyone's priority list, so we should be focusing on keys, but there was a desire to not over-focus.
Manu Sporny: We should keep our eye on other use cases like smart contracts, biometrics....
Manu Sporny: There were a lot of requirements that went into discussion. We wanted to meet those requirements with a concrete technical proposal.
Manu Sporny: This tries to propose a particular data structure and provide justification for why that structure was selected. This proposal probably contains bits... no single one of us was happy with all of it, but it does address all of the requirements as far as I can tell. drummond has weighed in with his thoughts as has marcus (sp?).
Manu Sporny: Drummond, maybe you can elaborate more on that and give us your thoughts?
Drummond Reed: First, I think it was quite a comprehensive proposal. Manu saved me the work of coming up with the same thing. Manu saved me a bunch of work coming up with a very good writeup of the requirements and the proposal. I and Marcus responded to it on the mailing list last night and have had a chance to get feedback from decentralized identity foundation. Feedback is positive.
Drummond Reed: Next thing is to basically determine for the main folks who have been around the table is if this is an acceptable strawman to start working with to dive into the details. We have a 90 minute call Thursday this week focused on this topic. From that call, I'd like to get down to a issues list and start working those issues to start preparing the next draft of the spec based on this proposal.
Christopher Allen: I have a question for both of you. How many people do you think this quarter are prepared if we have these things resolved to start implementing it so we can see if it functions properly.
Nate Otto: +1 Concentric Sky could start prototyping in the next 3 months
Manu Sporny: I think Veres One, Sovrin, BTCR, and uPort would be ready.=?
Christopher Allen: Manu is saying Veres One, Sovrin, BTCR and uPort would be ready. kimhd on the queue?
Christian Lundkvist: UPort is pretty much ready to implement the new DID spec whenever we reach agreement.
Drummond Reed: Yes, I agree with Manu. Sovrin is eager to implement, and plans to follow with a Sovrin DID Method spec as soon as possible after the DID spec is hardened.
Kim Hamilton Duffy: I had a question about whether we're addressing concerns about algorithmic agility. Does publicKeyJWK have a type matching type PublicSigningKey2017 so other key definitions could not be provided there.
Manu Sporny: I'm waving my hands, because there are details that matter. But fundamentally that's right, we're trying to constrain the number of keys there to JWK
Christopher Allen: It sounds like we could incorporate these changes into the spec in February? manu, reasonable?
Manu Sporny: Yes, we could likely do it by February. There's some economic pressure on all of us to do it quickly.
Manu Sporny: Speaking for Digital Bazaar, we're trying to get it done as soon as possible, and the same is true for uPort, Sovrin, BTCR, but when it's ready it's ready. Spec readiness by mid-February, as long as we don't discover nasty bits or objections with harmonization, we could probably have it up and have some implementation work started soon after.
Manu Sporny: Then dig into nittygritty details at next Rebooting Web of Trust
Drummond Reed: Who is planning to be at the next RWOT? March 6-8 in Santa Barbara
Kim Hamilton Duffy: I'll be there
Manu Sporny: I'll be there...
Ryan Grant: +1
Christopher Allen: To put into everybody's heads, the 19th of Feb is Presidents' Day, so maybe that week we should try to talk with each other and dive into our implementation of stuff, which might give us opportunity to have some code together by Rebooting Web of Trust. Reasonable?
Manu Sporny: Yes
Drummond Reed: +1
Manu Sporny: +1 Seems reasonable...
Christopher Allen: Recognizing there might be delayed. Anybody on core group of DID people have conferences or other events 20th-23rd that would preclude them doing something that week?
No objections raised.
Christian Lundkvist: Hmm, I'll be in Portugal in end of Feb
Drummond Reed: I think we want a sovereignty method spec as soon as we have the DID spec hardened up. This is a deliverable due in March
Christian Lundkvist: There may be a scheduling challenge for me.
Christopher Allen: It may be the BTCR people who may be lagging a little here, because we are a little less coordinated with them.
Christian Lundkvist: From the 18th onward, busy. ChristopherA: Let us know as it firms up. We can make something work.

Topic: Outreach

Christopher Allen: Who should we be evangelizing for this next round of DIDs, Rebooting, VC activities? What are the kinds of claims we'll be making [with Verifiable Credentials]? Any thoughts on how to get the right people to come to these meetings? What do we need to do to give people a better entre to getting started.
Lionel Wolberger: Does anyone have contact with the thought leaders in SCORM/xAPI/Tin Can API ADL community, highly driven by US Defense.
Heather Vescent: I have these contacts.
Lionel Wolberger: I know some people from TinCan API, I think we can go in from that direction
Heather Vescent: I know pretty well people from ADL, finished a year-long project with them. Can't find relevant docs right now but can look it up.
Heather Vescent: Here is the link to their projects:
Christopher Allen: Yes, try to connect to find the right person to evangelize and take a look at our work
Manu Sporny: We might want to circle back around to some of the folks who helped us start this work. We've been kind of lacking commerce use cases for a while. There's some interest in digital coupons, identification mechanisms, payments. If anybody has any commerce people, we should try to bring them in.
Manu Sporny: Government use cases. UK gov, NZ gov said they really want to participate in this work, but not much follow-up from them. Might want to follow up with them to see if they can find some overlaps internally.
Heather Vescent: This is one of the interesting military credentialing projects through the lab. I've seen a demo and it is interesting.
Manu Sporny: Last one is one we discussed briefly with ChristopherA and Joe. We keep talking about refugee use cases but don't do something to get deeply involved. We continue to be fairly detached from understanding the situations in refugee camps and when traveling as refugees. The action there could be to get more actively involved; do some information discovery scouting to fold back into use cases for this group. Or reengage with ID2020 or other refugee NGOs and try to get someone more involved directly.
Christopher Allen: I wanted to point people to this thread from Andrew MIller, cryptographer wanting solutions for storing biometric informations that address some of the concerns and criticisms here. This keeps on coming back to haunt us that we're not thinking carefully enough about the biometric side of things. His take was, "hey let's not have biometrics run by a government" I would love to try to figure out how to get Andrew and others to puzzle through the issues. If anybody has any thoughts
Christopher Allen:
Nate Otto: IEEE has started ICYCLE. Had yearly kickoff last week. Low attendance so far, but there are industry players not here [scribe assist by Kim Hamilton Duffy]
Kim Hamilton Duffy: ...He can take an action item to give them a heads up
Kim Hamilton Duffy: To note on some low-level solutions to this.
Kim Hamilton Duffy: One thing that's frustrating is that our information is very scattered. It's a chairs responsibility to figure out, but in order to encourage ongoing involvement it's important to have our information more organized. One aspect of that is to work on the roadmap and to try to schedule meetings with focus to allow people to get more value out of the roadmap and schedule once they are engaged.
Kim Hamilton Duffy: We have our Github-pages website, but we need an exhaustive cleanup/update of the information that is there. That's critical co keeping ongoing engagement.
David Chadwick: I wanted to come back about the refugee case... Is it actually refugees that you are interested in, or also asylum seekers... all slightly different categories of people. I have some knowledge about some of these, but want to know what the use cases are.
Drummond Reed: I have to leave the call right at the top of the hour, but on the refugee question, I just wanted to say that the Sovrin Foundation has formed the Identity for All Council that will be a group of experts focused entirely on using Sovrin DIDs and verifiable claims for identity for displaced and at-risk populations.
Manu Sporny: It's an open question, DavidC. There's a desire to have a large impact, as large as possible with technologies that we have, so focusing on a group that we could help the fastest would be good, but there's even a questions of whether we can help at all. A number of these refugees can't be solved by technologies, as the problems are more political in nature. I was thinking more along the lines of supporting people preflight, in-flight, and after. Those of us who met through the ID2020 initiative saw what happens to people mostly in flight, but that's only one aspect of it. We don't have enough exposure to this issue. If we want to deal with it, we either need to get more exposure, do research, or bring in new people who have the experience.
Drummond Reed: Sovrin Foundation Trustee Peter Simpson is currently implementing this in Thailand with 80,000 fishing fleet worker already registered.
Drummond Reed: His effort is iRespond,
Christopher Allen: How do we find out who are doing national identity systems seriously and be able to advise on architectures? (e.g. Mexico)
Drummond Reed: I have to drop now. Bye all.
Manu Sporny: No cross-pollination that I'm aware of... which is a shame, we should really do more collaboration w/ them.
Kerri Lemoie: Real quick, I'm not sure people are aware there's a W3C community group for educational and occupational credentials, getting vocabulary built in This comes out of Credential Engine.
Manu Sporny: Not aware of people doing location-based credentials...
Lionel Wolberger: The simple word location. I think location credentials are needed. They're a little more time-bound than other credentials, but people want them for know-your-customer. Anybody aware of people bringing location use cases into our work? If not, I'd be interested in motivating that.
Christopher Allen: There are always privacy questions (I was mentioning biometrics earlier), and we've been kind of lacking on the privacy side of some of our credentials technologies... We have it in our charter and our goals, but actually demonstrating how to do the right level of privacy is what we need to do more of.
Dave Longley: Only seen location verifiable credentials as a simple proof of concept/demo of ideas (e.g. to get access to certain media).
Lionel Wolberger: I've been working on the privacy-enhancing technologies. I think location is amenable to selective disclosure etc. If anybody knows ways to plug this use case, let me know.
Christopher Allen: It sounds like we need to spend some time developing our outreach lists. We'll be talking about it more in our topic led by Joe. If you have any more ideas on what you'd like to see accomplished by the end of the year, Joe sent out an email to collect your thoughts.
Christopher Allen: Any last announcements or next week agenda items?
Hearing none....
David Chadwick: Bye
Frederico Sportini: Bye
Christopher Allen: We'll call that a wrap for today's first call of 2018, which I expect will be a very productive year for the community group.. Thank you everybody for participation, and see you next week.