The W3C Credentials Community Group

Verifiable Claims and Digital Verification

Go Back

CCG Verifiable Credentials for Education Task Force Telecon

Minutes for 2020-02-10

Dmitri Zagidulin: Kimhd — I have did:web related slides, if time permits.
Juan Caballero: If there's an alias that's hard to spell or remember, you can type 2 or 3 letters and hit tab
Juan Caballero: It'll even put the colon after it for you. try it!
Juan Caballero: I think safari doesn't show that panel
Juan Caballero: By default
Juan Caballero: Names
James Chartrand is scribing.

Topic: Introductions and Re-introductions

David Mason: Work for Government of Canada
Juan Caballero: David Mason! we met at IIW, glad to cross paths again
David Chadwick: Introduces himself, member of VC working group
Kim Hamilton Duffy: DavidC is David Chadwick
David Chadwick: Implementation ready. back to participating in group
Kerri Lemoie: Works with OpenBadges, technology researcher

Topic: Survey of emerging standards

Kim Hamilton Duffy: Will be working on draft of data standards, e.g., openbadges as VC, work with credential engine registry, taxonomies
Kim Hamilton Duffy: Start with emerging standards, today some from credentials community group
Kim Hamilton Duffy: Also talk about future work from DID group. would like to incorporate european work
Kim Hamilton Duffy: First of series talking about emerging standards.
Kim Hamilton Duffy: Will talk about credential apis.
Kim Hamilton Duffy: Will help to share notes about related efforts
Kim Hamilton Duffy: Greg Nadeau could talk about broward
Want to hear about european work.
Kim Hamilton Duffy: Start with slide 3
Kim Hamilton Duffy: DID: uri from which DID doc can be retrieved
Kim Hamilton Duffy: Explaining DID identifier and what it looks like
Kim Hamilton Duffy: DID string can be resolved to verify key ownership
Kim Hamilton Duffy: Like issuer id in openbadges, or email for subject
Kim Hamilton Duffy: OpenBadges 2.1 will support DIDs
Kim Hamilton Duffy: Go to slide 4
Kim Hamilton Duffy: Did:web uses domain name for verification
Dimitriz: author of did:web
Dimitriz: motivation for did:method, context, where it fits in, challenges
Dimitiz: DIDs uniquely identify issuer and the entity being issued to
Kim Hamilton Duffy: Slide 4 is super helpful
Dimitriz: helps disambiguate
Dmitri Zagidulin: Did can be reused
Dmitri Zagidulin: Go to slide 5
James Anderson: During the slides, feel free to be very brief in scribing. The slide link is part of the minutes [scribe assist by Kim Hamilton Duffy]
Dmitri Zagidulin: Govs don't want to be responsible for managing identities
Dmitri Zagidulin: Explains slide 6
Dmitri Zagidulin: Identifiers should be reusable across contexts
Dmitri Zagidulin: Identifiers should provide info about entity
Dmitri Zagidulin: Skip to slide 16
Dmitri Zagidulin: Some dids are ephemeral
Dmitri Zagidulin: Explains different implementations of dids
Dmitri Zagidulin: Blockchain based: coin based, non-coin based, ledgers internal like hyperledger
Dmitri Zagidulin: Jump to slide 19
Dmitri Zagidulin: Key management and building wallets is hard
Dmitri Zagidulin: Same problems with all dids, how to manage private keys
Dmitri Zagidulin: Problem with DIDs, how do we know issuer key belongs to issuer
Dmitri Zagidulin: Go to slide 20
Dmitri Zagidulin: Trying to solve problem of trust anchors
Dmitri Zagidulin: So why not reuse infrastructure around domain names
Dmitri Zagidulin: Slide 21
Dmitri Zagidulin: Stick did:web in front of url and you get a did
Dmitri Zagidulin: Did document you get back is same as any other
Dmitri Zagidulin: Explains how to bind did to domain
Dmitri Zagidulin: Slide 23 - benefits of did:web
Dmitri Zagidulin: Did:web provides bridge step until dids solidify
Dmitri Zagidulin: How do we protect integrity - blockchain provides some
Dmitri Zagidulin: How do we make sure document doesn't change
Dmitri Zagidulin: Hashlinks can lock down contents of did document so it can't be changed
Dmitri Zagidulin: Hashlinks also allows specifying backup links
Dmitri Zagidulin: Certificate authorities can get hijacked - ca transparency can help - fairly robust
Dmitri Zagidulin: Ledger solutions will look like ca transparency
Kim Hamilton Duffy: Some certificate transparency references:
Dmitri Zagidulin: Did:web with hashlinks - how to add key, revoke or rotate - breaks hashlink - confident of solution because precedents like keybase
Juan Caballero:
Juan Caballero: Ipfs and ipld
Juan Caballero: KERI
Juan Caballero: You mean?
Kim Hamilton Duffy: KERI yes
Juan Caballero: Or the SCIDs piece?
Juan Caballero: (Two different way of certifying through rotation :D)
Juan Caballero: (Both by sam smith - hard day to be the scribe!)
Dmitri Zagidulin: Did working group is working on ability to reuse service enpoints to chain dids
Kim Hamilton Duffy: Push credential issuer discussion to next week
Chris Winczewski: Slide 21,22 - is key material separate from domain structure?
James Chartrand is scribing.
Dmitri Zagidulin: Could reuse public key in ca, but don't have to
Durga Prasad: Durgaprasad814 call me Durga
Durga Prasad: Using openattestation - similar to did:web?
Durga Prasad: Explains how text field of dns record is used
Durga Prasad: How do we deal with lesser known domains?
Dimitriz: answer: partner with better known institution
Kerri Lemoie: What happens if domain changes hands
Juan Caballero: Or if all .org TLD management changes hands :_(
Dimitriz: hashlinks prevent changes to past dids with hashlinks
Dimitriz: but is a problem in general - cert transparency may help
Tzviya Siegman:
Tzviya Siegman: Mentions credible web - considering using VC. and are talking about domain names changing hands
Tzviya Siegman: Credweb is addressing question of what is a credible web site
Kim Hamilton Duffy: Thanks dmitri
Dmitri Zagidulin: (Thank you tzviya, I definitely think the CCG should collaborate with the Credible Web CG