The W3C Credentials Community Group

Verifiable Claims and Digital Verification

Go Back

Credentials CG Telecon

Minutes for 2018-08-14

Agenda
https://lists.w3.org/Archives/Public/public-credentials/2018Aug/0056.html
Topics
  1. introductions and re-introductions
  2. announcements and reminders
  3. Progress on Current Action Items
  4. Progress on current action items
  5. Work items
  6. Jolocom
Action Items
  1. review Sovrin's PR
Organizer
Joe Andrieu, Kim Hamilton Duffy, Christopher Allen
Scribe
Markus Sabadello
Present
Christopher Allen, Markus Sabadello, Heather Vescent, Adrian Gropper, Chris Webber, Dave Longley, Ganesh Annan, Matt Stone, Chris Boscolo, Mike Lodder, Jeff Orgel, Kaliya Young, Kayode Ezike, Bohdan Andriyiv, Dan Burnett, Alberto Elias, Kim Hamilton Duffy, Manu Sporny, Joe Andrieu, Benjamin Young, Lucas Parker, Nate Otto
Audio Log
Chris Boscolo: Could we add a topic of switching to a more reliable audio solution for this call?
Markus Sabadello is scribing.
Cat: meow
Dan Burnett: VCWG has sent request for review
Introductions and re-introductions?
Matt stone: co-chair of VCWG, had hiatus from CCG, maybe a year

Topic: introductions and re-introductions

Alberto Elias: Hi

Topic: announcements and reminders

Alberto Elias: I am trying to connect to sip:ccg@96.89.14.196 without success, is that the correct address?
Kim Hamilton Duffy: This Friday is Scribe training, will be scribed and recorded; join if you're interested to learn how to scribe, or view recording later
Kim Hamilton Duffy: MyData in Helsinki end of August, RWoT end of September
Heather Vescent: RWOT Tickets: http://rwot7.eventbrite.com/
Kim Hamilton Duffy: http://iiw.idcommons.net
Kim Hamilton Duffy: TPAC in Lyon Oct 23-26, same time as IIW Oct 23-25 in Mountain View
Christopher Allen: (Note: #rwot topic papers due this month for early bird pricing)

Topic: Progress on Current Action Items

Topic: Progress on current action items

Manu Sporny: Do you or someone want to talk about multihash in action items [scribe assist by Kim Hamilton Duffy]
Dan Burnett: VCWG is producing VC data model spec. on july 20th request for review was sent, particularly groups listed in charter for liasion
Alberto Elias: I am trying to connect to sip:ccg@96.89.14.196 without success, is that the correct address?
Kim Hamilton Duffy: Can someone assist?
Dan Burnett: Asking for one or more people from CCG to review VC data model spec, preferably people who are not yet very familiar with it
Alberto Elias: The page closes on its own
Kim Hamilton Duffy: Anything to report for current action items?

Topic: Work items

Kim Hamilton Duffy: DID engagement spreadsheet is done
Christopher Allen: Regarding the Work items; leads for all of these should let the CCG know status.
Christopher Allen: When work is done on one of those, they can be published as a W3C "report" of the CCG
Kim Hamilton Duffy: What's the current status of the DID work item?
Christopher Allen: One of the things that happened was that a team from Sovrin did a PR on the DID spec
Christopher Allen: One problem was that that was a very large PR addressing many issues, some very small, some very significant; makes it hard to review
Christopher Allen: Encourage people who make PRs to break them up into small pieces
Mike Lodder: ChristopherA are you meaning the Verifiable Credentials PR?
ACTION: review Sovrin's PR
Kim Hamilton Duffy: Should take time for Sovrin team to explain reasons for the PR
Markus Sabadello: It's on the VC spec not DID spec [scribe assist by Kim Hamilton Duffy]
I believe ChristopherA was referring to this PR: https://github.com/w3c/vc-data-model/pull/208

Topic: Jolocom

Mike Lodder: But there are multiple PRs for the DID spec that have sat there for a few weeks including one of mine
(Trying to fix Eugeniu Rusu's connection problems)
Will try now. Sorry for the spam in the chat.
Kim Hamilton Duffy: Alberto are you on the line?
Mike Lodder: There are multiple PRs on the DID spec, put in requests for reviews, waiting for those reviews
Mike Lodder: What is the best way to push those forward?
Kim Hamilton Duffy: If you're tagged as reviewer, please review; if you don't have time, ask someone else to review in your stead. We can also remind people on the list.
Mike Lodder: Should i send emails to the list, or comment on Github
Kim Hamilton Duffy: If you get no reaction on Github, feel free to get broader participation by sending to the list
Christopher Allen: If it lags too long, do a CG action item, as it will be brought up each week
Lucas Parker: Yep
Kim Hamilton Duffy: Alberto will talk about Coconut, a threshold issuance selective disclosure scheme
Alberto Elias: Are people familiar with Coconut? should we start with general introduction?
Kim Hamilton Duffy: People are familiar with the concept of selective disclosure, but let's do intro do Coconut
Alberto Elias: Anonymous credentials: Blindness means user goes to authorities, provide blinded attributes on which they would like to have credential on
Alberto Elias: Authority would operate on the blinded attribute, would learn only what the user would like to reveal
Alberto Elias: 2Nd aspect of Anoncreds: Linkability
Alberto Elias: When you show credentials, or statement based on it, you can do it in a way that makes it not possible to link multiple showings
Alberto Elias: Novelty of Coconut: Not just one single issuer, but threshold number of authorities
Alberto Elias: Get credential from multiple authorities, then locally consolidate to single credential
Alberto Elias: Authorities don't need to communicate with each other when issuing
Alberto Elias: Big difference with other scheme is this threshold number of authorities without communicating
Alberto Elias: Efficiency properties: Credentials are short, and they don't increase with number of attributes, or with number of authorities
Alberto Elias: Size = only 2 elliptic curve points
Alberto Elias: Coconut is built on top of [?]
Alberto Elias: Pointcheval and Sanders and BLS Signatures
Alberto Elias: If you have a single issuance authority, it could be malicious. Support for threshold authorites addresses this problem.
Mike Lodder: @Alberto can this be used with any ledger/blockchain?
Alberto Elias: Imagine a permissioned system, every node on the system can be one of the Coconut authorities.
Alberto Elias: Applications enabled by Coconut. Example 1: E-Petitions
Alberto Elias: E.g. many regions in a country can be an authority. Citizen gets credentials from that authority, locally aggregates it, and uses it with a smart contract to sign petition.
Alberto Elias: Smart contract verifies the credential and allows the petition to be signed.
Alberto Elias: Example application 2: Privacy [?]
Alberto Elias: Pay coins, get credential in exchange for payment.
Alberto Elias: Implemented and tested by EU project Decode.
Alberto Elias: Verification time is very competitive with other credential types.
Christopher Allen: Very important to talk about this tech. We make assumptions that while we like decentrized technology, we often issue centrally.
Christopher Allen: With this, issuance can be done in a group. Could have impact on what we're working on.
Christopher Allen: Would love to see this team comment on the Data Minimization work item.
Christopher Allen: Got some comments from CL signature community, would like to get more feedback.
Christopher Allen: https://w3c-dvcg.github.io/
Christopher Allen: This can have consequences for VC data model, JSON-LD canonicalization, signature schemes.
Christopher Allen: This is pairing crypto? Are you using any other special cryptography requirements?
Alberto Elias: We need pairings.
Alberto Elias: This is a "pairing-friendly" curve, nothins special.
Kim Hamilton Duffy: In the pilot program, I was curious are the selective presentations being used in practice? What sort of tooling exists for this?
Christopher Allen: (This presentation is also interesting in combination with last week's "Proof of Personhood")
Kim Hamilton Duffy: How will receipients end up using this? Mobile wallet? What does the interaction look like? What challenges do you have in the pilot?
Alberto Elias: Decode project works with city council of Barcelona, they are implementing an E-Petition platform. There will be a JavaScript open-source implementation.
Alberto Elias: There will be a JS client, app, possibly a browser. Backend (authority signing) will also be in JS.
Alberto Elias: Will proably be published in Decode repo.
Chris Webber: Seems like you thought a lot about workflows. Gov may issue prescription drugs?
Alberto Elias: If you want to give doctor ability to sign prescription, then the doctor is the issuer.
Chris Webber: What are your thoughts related to government use of this? E.g. gov issues right to issue prescriptions. Do you have a mechanism for revocation?
Alberto Elias: Every doctor would act as a single authority, there is no need for group authority.
Alberto Elias: You can include expiration date in credentials.
(Jolocom still having trouble connecting)
Joe Andrieu: Prescription shopping
Kim Hamilton Duffy: Patient may try to get prescriptions from multiple doctors.
Alberto Elias: Not sure if this is a use case for group authority.
Chris Webber: That's the idea, but it also seems that there's also the credential for the doctor itself to issue a prescription
Alberto Elias: This is about unlinkability in the issuance process.
Chris Webber: And what if the doctor is abusing that power
Chris Webber: It's not important, was just curious
Chris Webber: Have thought about a workflows where one issuer is malicious
Chris Webber: Have you thought about a workflow where one issuer is malicious
Alberto Elias: Will think about it and get back to you
Mike Lodder: At Sovrin we've been experimenting with something like this.
Mike Lodder: You said this will work with any pairing-friendly curve?
Alberto Elias: Pairing type 3
Mike Lodder: License is BSD3, could this be changed to Apache2 so we could use it?
Alberto Elias: Absolutely, can change it right away
Mike Lodder: When you do the blind signature, do you do 2-party computation?
Alberto Elias: No, this would imply communication between authorities. We only do communication between authorities during issuance of keys, but not later during issuance process.
Christopher Allen: We invite you (Alberto) to join this group as a member.
Christopher Allen: Let's explore how proof-of-personhood could be combined with this.
Adrian Gropper: What is Alberto's email?
Christopher Allen: E.g. proof-of-personhood could be very relevant for e-petitions in the Barcelona project.
Christopher Allen: Would be good to discuss at RWoT
Chris_boscolo: For blockchain integration, what does this require?
Joe Andrieu: Note to all: next week, we'll be reviewing the submitted use cases we haven't yet taken time for. If you have a use case you'd like considered, please share with the group by email.
Alberto Elias: Each blockchain node would be a Coconut authority.
Alberto Elias: This can also work with a sharded system.
Christopher Allen: (It sounds like they are doing sybil resistance by using a permissioned blockchain — is that true? There may be other ways.)
Alberto Elias: With permissionless system, this is harder. Each time the number of nodes changes, you would have to re-generate keys.
Thanks!
Adrian Gropper: Can you apply the e-petition architecture to a reputation system?
Alberto Elias: This sounds like a valid use case, we may be able to apply these credentials to reputation. Not sure if this is covered in literature.
Christopher Allen: (How to do an anonymous reputation system that is sybil resistant is a big use case)
Kim Hamilton Duffy: Drabiv
Bohdan Andriyiv: Is this applicable only to blockchain? Why would authorities in the real world need to agree on what they issue?
Alberto Elias: Yes this uses zero-knowledge proofs.
Alberto Elias: Partial credential has the same structure as full credential. This also works in cases where there is only one authority. This is not limited to blockchain.
Christopher Allen: Thank you!
Joe Andrieu: Cheers!