The W3C Credentials Community Group

Verifiable Claims and Digital Verification

Go Back

Credentials CG Telecon

Minutes for 2019-08-13

William Claxton: Voip 7dc is wmclaxton
Sumita Jonak: Kim sounds garbled
Please be advised, my connection is spotty today, so I likely will be on mute mostly
Brent Zundel is scribing.
Kim Hamilton Duffy: Introductions. any new participants?
Kim Hamilton Duffy: Danmcg would you like to introduce yourself? Or Karen ?
Kim Hamilton Duffy: Sumita ?
Sumita Jonak: This is Sumita from USAA
Kim Hamilton Duffy: Reintroductions, Ryan Grant?
Ryan Grant: My name is Ryan Grant, I run a company called Digital Contract Design. I am interested in btcr.
... I worked on the bitcoin reference implementation for DIDs
Kim Hamilton Duffy: Next week we'll report on the btcr hackathon

Topic: Announcements and Reminders

... the announcements are at the link. Are we still having decicated DID calls?
Kim Hamilton Duffy:, 1-2:30PM PT / 20:00-21:30 UTC
Markus Sabadello: Yes, we will probably be shifting to DID resolver now that the DID spec has been published.
Kim Hamilton Duffy: Thursdays
Kim Hamilton Duffy: September 1st, Vienna meetup right before RWoT in Prague
Kim Hamilton Duffy:
... we can take the train afterwards to prague.
Kim Hamilton Duffy:
... Sept 3-6 it RWoT 9 in Prague
... then september 7-8 is an activity pub conference in prague
Kim Hamilton Duffy:
... TPAC is sept ??? in Fukuoka Japan
Daniel Hardman: I can't get onto SIP. sip:ccg@ doesn't connect for me in linphone, and US phone: +1.540.274.1034 x6306 (the number given in github page instructions) makes me the only participant in the call.
Daniel Hardman: How is everybody else dialing in?
... Then MyData in Helsinki, more info at the link
Joe Andrieu: Two things: the deadline for the RWoT discount is this friday.
... please get you paper in to get the discount.
... the other item is a holochain hackathon in prague following our event at the same venue

Topic: DID WG Charter and outreach

Manu Sporny: The DID WG charter is open for review by the public
... anyone can provide comments
... if you are not a W3C company, but want to support the work, you can send a supportive email.
... companies and universities are the main focus, especially large, multi-billion dollar companies.
... but everyone should respond and say they are supportive.
... please abstain from making "anti" statements
... be positive
... please reach out to your networks and have them respond.
... the actual vote (for W3C members) can be made by following the other link
... we are looking for 22 members to vote positively, but hoping to get much more than that.
... don't wait
... we've got two weeks to drum up support
Manu Sporny: I am personally going to send out the link to other W3C AC members
Kim Hamilton Duffy: A question, I'm no longer a W3C member. What can a multi-university consortium do? does the W3C care about them?
Manu Sporny: Yes, they would like new members, so they are interested in ensuring the success of the recommendations and technology.
Manu Sporny: Mail actions: [ respond to this message ]
Kim Hamilton Duffy: Even if it isn't a company
Manu Sporny: Yes, follow the link to directly respond to the message.
... at the bottom is the link to respond.
Joe Andrieu: What is the next step for the DID spec?
... markus_sabadello did some work to publish
Manu Sporny: Markus_sabadello did a fantastic job getting the spec published. the chairs need to call for approval of the community group to hand over the spec to the working group.
... asking for objections to making this the community group final report.
Manu Sporny: Chairs should use the button on this page:
... after a week or so without objections, that will carry. then the chairs should use the
Manu Sporny: Can the chairs check that on the call?
... "publish report" button
... only the chairs have the power to publish the report.
... at that point it will give you a link
... you put the URL markus_sabadello provided, but only after the 7 day vote.
Manu Sporny: To distill: chairs ask for a 7 day review, then publish, then ask everyone to make IPR commitments.
... that enables the DIDWG to pick it up and move forward.
Joe Andrieu: Do we need help from staff to publish to a W3C domain name? I can follow up
Dan Burnett: If someone made a contribution, but don't agree. It doesn't mean the WG can't use the document, but the group may need to remove the content that hasn't been agreed to
... that's why it is so important to make thies IPR commitment
Markus Sabadello: People can continue to raise PRs and Issues, they will be carried over to the WG
Dan Burnett: People may find this useful as background:
... so if you see needed changes, you don't need to object.
Manu Sporny: These are the people who need to be chased down: manu, dave, daniel hardman, amy guy, drummond, etc.
Kim Hamilton Duffy: To reiterate: Christopher already sent out the DID WG charter for review.
... we have maybe 5 days left. If no objections are filed by the CCG my then , it will be accepted by the group.

Topic: Agents, Hubs, and More

Dan Burnett: To clarify on GitHub issues, the WG will make a decision about how it wants to proceed. We will (strongly) encourage the WG to copy all existing issues to the new WG.
Kim Hamilton Duffy: No need to scribe, because the presentation has the contents
... this has been discussed many places, but not here yet. So this is an informational session.
... please add yourself to the queue if I mess up :)
Kim Hamilton Duffy: Slide 3: we will invite experts to give deep dives on each method
Kim Hamilton Duffy: Slide 6, the medium post is a really good starting point
Kim Hamilton Duffy: Slide 7 - sometimes it is unclear what is meant by the terminology e.g., storage, wallets, protocols
Kim Hamilton Duffy: Slide 8 has secure data hubs added in
... the callout markers are not intended to have anything to do with positioning in the venn diagram
Manu Sporny: I really like this additive approach. I'm wondering if there is a progression where we'll see Solid Pods added in.
Kim Hamilton Duffy: I would be interested in that informally.
Dmitri Zagidulin: I'd certainly be interested in helping fit Solid Pods into that venn diagram
... Solid profiles have a lot of interesting characteristics. Similar to DIDs
... pods are meant for self sovereign dat storage. picking apart the terminology will be important
Christopher Allen: I wanted to add. there are a number of other parties who may want to contribute their stacks. IPFS Agorics, the solid folk. a few others from the DWeb camp
... these three in the slides may be just the beginning.
Kim Hamilton Duffy: We have a few folk, they have experience in these various other things.
Jonathan Holt: Aries agents - are there other agents?
Kim Hamilton Duffy: I've only encountered that in the informal sense
Adrian Gropper: Quick comment. it would be nice in this overview to introduce aspects of privacy or privacy engineering across the different aspects
Manu Sporny: Agents is such a broad thing, a lot of things could fall underneath. the credential-handler-api is it an agent? It is dumb, but can be used as a conduit for credential exchange
... I'm also concerned we're going to run out of time
Joe Andrieu: +1 For holding the queue
Manu Sporny: +1 For holding the queue
Kim Hamilton Duffy: What I'm inclined to do is to keep the current queue, and plow through the slides.
Justin Richer: Sorry I forgot to open the chat, can someone point me to the slide deck?
Justin Richer: @Manu thanks
Kim Hamilton Duffy: I encourage you to take a look at that
Kim Hamilton Duffy: Slide 11 -
... I need to understand more about Authorization Method agnostic
Kim Hamilton Duffy: Query/search of encrypted documents feels maybe out of place for a base-level spec
Kim Hamilton Duffy: I feel like I've done the least justice to agents - slide 12
Kim Hamilton Duffy: The interesting thing (referring to slide 7) the data oriented vs the action oriented makes a lot of sense.
... there seems to be a clear set of things that agents are doing that makes sense.
... there are clear things happening elsewhere
Kim Hamilton Duffy: I want to set up a straw man: identity hubs/secure data hubs are both storage level
... we need to tease apart the goals and responsibilities of both.
Daniel Buchner: I was originally on the queue to say at microsoft, we are working on an enterprise agent to hold keys
... on the hubs/agents slide. Hubs does describe actions.
... we recognized that task-based flows follow the same paradigm. It generalizes the process so you don't need a bunch of protocols for different events.
Joe Andrieu: I want to throw holochain into the mix, how does it fit in this conversation?
... also, we haven't sent out the email for review of the final did spec.
Manu Sporny: One of the things we may be missing is the use cases that led to the current designs. for example,
... secure data hubs is I have a wallet with things I feel are mine. the spec came from the desire to prevent a digital storage provider from being able to snoop
... also portability, I don't want to be locked into my data provider
... the third thing: what is the minimal set of features other communities could use to build on top of
... secure data hubs are agnostic to authorization mechanisms so they can be used by many different organizations.
Dave Longley: I think "strawman 2" is probably pretty close ... secure data hubs are more fundamental and only focused on storage that is encrypted/decrypted client-side ... vs. identity hubs seem to do more and have more relaxed characteristics but need a storage backend ... and agents clearly have different responsibilities
Kim Hamilton Duffy: I can answer that kezike -- no there is no dedicated presentation for each, but we do give a brief overview in groups
... the secure/encrypted search is important because otherwise the server will be able to peek inside your data. avoiding surveillance capitalism
Joe Andrieu: Gotta run. thanks, all.
Kim Hamilton Duffy: We are at time
Kim Hamilton Duffy: Sorry kezike, did that answer your question? I wanted to give Daniel a chance to respond
Daniel Buchner: When we talk about low level things. hubs allow search tags that are not encrypted because when we look at methods for doing this are really expensive.
... is it really possible for this to scale?
Manu Sporny: We spent a lot of time making sure the design is compute-efficient. we can go into that in more detail in the future.
Daniel Buchner: So you're pushing indexes from the client to the server that are hash keyed?
Kim Hamilton Duffy: That can be a follow up session
Manu Sporny: Daniel, effectively,yes... with some handwaving :)
Kim Hamilton Duffy: I have a lot of questions about how that happens
Ryan Grant: I'd like to understand the encryption/search design better as well.
Daniel Buchner: Just trying to figure this out, because we looked at multiple ways to do this, and all sort of break when you take it out of cottage industry/hobbyist realm
Daniel Buchner: We think we have something that works at the enterprise level :) [scribe assist by Manu Sporny]
Manu Sporny: But would love feedback on it, happy to share our solution in this group.