The W3C Credentials Community Group

Verifiable Claims and Digital Verification

Go Back

Credentials CG Telecon

Minutes for 2020-10-27

Heather Vescent: We're going to do a report out from IIW today, and John Hoopes to talk about their work. [scribe assist by Manu Sporny]
Heather Vescent: SVIP Wallet competition having an event for wallet competition winners -- if you're interested, you can still register. [scribe assist by Manu Sporny]
Heather Vescent: IP Note: Anyone can participate, please make sure you are a member to contribute substantive stuff. [scribe assist by Manu Sporny]
Heather Vescent: You need to make sure you have a W3C account and contribute. These meetings are transcribed and archived. As we've been transitioning over to Jitsi, we've been rewiring things... some of meeting minutes for last couple of weeks are not at that site yet, however, you can find all meetingminutes in a raw form here. [scribe assist by Manu Sporny]
Heather Vescent: Once we have a solid transition to Jitsi or whatever we end up using, we'll clean up the minutes in retrospect, if you need specific minutes, please get in touch w/ the Chairs. [scribe assist by Manu Sporny]
Anil John: You can also join the SVIP Digital Wallet event via Webinar (right after this CCG Call)Webinar Link @ Passcode: 886204 Webinar ID: 161 559 8230
Heather Vescent: We use IRC to queue -- please use IRC to queue. [scribe assist by Manu Sporny]
Heather Vescent: You can "q+ to say something" [scribe assist by Manu Sporny]
Heather Vescent: When we call on you to speak, keep point/comment to one point/comment, keep it brief so we can allow time for everyone to respond. [scribe assist by Manu Sporny]
Heather Vescent: Let's do scribe selection. [scribe assist by Manu Sporny]
Charles E. Lehner is scribing.
Heather Vescent: Now we are on to introductions and re-introductions. Is there anyone on the call who would like to introduce themselves?
John IV: [...]
Heather Vescent: Reintroductions. Erica, are you on today?
Heather Vescent: Dead bernett, Orie
<kimhd> s/dead/Dan
Orie Steele: Transmute. global supply chain traceability
Heather Vescent: Manu, reintroduction
Manu Sporny: Manu Sporney, CEO of DIgital Bazaar, [..] Virginia
... part of community almost a decade, doing standards work
Heather Vescent: Thanks [...] jitsi
... moving to progress on action items
Heather Vescent: Start out with the jitsi status. Wayne, update
Wayne Chang: Jitsi is healing. no one's fault other than browser vendors changing theings up making it diffucult for some folks to listen. manu did investigation. fixed upstream, need to pull. takes time. why we are on zoom. work up and running, haven't had a crash in a while. if community wants to continue trialing jitsi, that is an option on the table. for the interim we are using zoom. thread on
... mailing list [...] thanks
Heather Vescent: We had plans to use Jitsi for todays meeting. had word there were issues that it would affect people we didn't want to affect. in last hour, switched over to zoom
... lot of discussions on the list very religious, technology fundamentalism. i shared my thoughts. but personal thoughts don't matter if will of the communtiy is different.
... chairs arae supporting move to jitsi, working overtime, accomodating. would like to see the community acknoledge that and positive work rather than have negative threads while we are dealing with on ongoing bugfixing issue.
... Let's talk about the next action item, documentation of CCG
Manu Sporny: Real quick on jitsi thing. we are waiting on... infrastruture upgrade. people being very aggressive firewalls - gov buildings, corp offices, bank-grade security - can't join calls. believe impact small number of people. but didn't want toopen bridge and have 10-20% of people say cannot hear audio - would reduce trust in jitsi infrastructure.
... didn't want to tell people to dial in . that is why switched on this call. not difficult to fix but takes time, need to figure out bug.
... because had it working before, expect to get back to i very quickly when resolved this bug
Heather Vescent: Chairs are working overhead at your benefit for your service. give us the benefit of the doubt rather than assuming the worst
... let's move on to the next time, a really big success we are excited to move forward on
... kim
Kim Hamilton Duffy: Thank you. one of the items that heather is referring to, that chairs have been listening on.
... part of it is the work item process. how to shepherd it through the draft process
... a lot of it was learning what we do, documenting it. painful meetings where you discussed
... final part converting it to respec, reducing complexity, the ramining confusing parts of the process
... this now not proposing we release as draft. makes sense to keep as ongoing community draft, a notion formalized in this process
Making the process more accessible for a broader range of work items
... investigating
... what we are used to vs what is required
... we make it clear we are open to innovation on that front
... think of this document as a work in progress
... thanks everyone. as an ongoing community draft its open to comments, PRs, any time
Heather Vescent: Question for community
<jeffo-stl> What is Zoom Link? Thx
<mprorock_mesur_io> I would like a walkthrough
Kim Hamilton Duffy: Talked about in past. don't want to necessarily expose people to the inner working of it. there are points - here is what happens when we propose a work item behind the scences
... in reality ... github. prompts people to go do the simple thing rather than understanding the whole document
... if people are interested in a summary based on this final revised version, we can go through that
Heather Vescent: That makes sense. what might make more sense is how to submit a new work item
... a reference document rather than the actual practical process
Kim Hamilton Duffy: We have been updating the github entry page
Kim Hamilton Duffy:
Kim Hamilton Duffy: We have been ensuring that things like using irc, proposing a work item, ... should be up to date
... any comments, let us know
... we want to get it so you have a clear launch point to get started
Manu Sporny: Love the new document. really appreciate the work that the chairs and veryone else put in it. it is clear as far as i can tell, being that it started many years ago
.. Need to help new members of community understand how things work here. don't need to take telecom time to do it. read through document, ask questions on the ML.
... how the process works, queueing works, scribing works, answering questions.
Manu Sporny: +1 To W3C CCG 101 :)
Heather Vescent: Idea for CCG 101 series to acclimate new folks
Mprorock_mesur_io: thanks. from our side, we have been tracking CCG for a number of years now. big difference from moving to a tracking mode to an engagement mode. want to make sure we are stepping through this the right way
<kimhd> This sounds great Mike
... being helpful, engaging. did work with gentoo. periodic onboarding sessions, over irc, a time. volunteer a while, a month. rotate through folks coming into the community
... causing an issue without meaning to
Heather Vescent: Love it. adding an issue
... really like. as the chairs have more open space on our plates, a really great thing for us to pick up
Kim Hamilton Duffy: +1 From me too
Wayne Chang: Big +1 to that. also great to run into fellow gentoo users. or sorry you had to go through that, depending on your experience
... platform to engage with work item authors. onboarding, how to keep people engaged. a skill set in itself to be able to wrangle a group of volunteers across companies to move a spec forward
... starting a mailing list thread
Heather Vescent: Final issue. kick of discussion, learning from th last co-chair election
Taylor Kendall: +1 Re: WI process. awesome work to all :)
... chair vacancy next year. kim a huge supporter. busy transferring knowledge
... we have been cleaning up to make it easy for a new chair
... election
... i'm a futurist, i like to plan. we are talking about succession planning in the chairs so we can have knowledge easily transferred
... kim's still going to be here, part of the community. we love her. we just want to give her a little of a break
... there were a variety of comments based on the last election. i was not privy to how it worked as i was running for it
... there is this issue open, want to have discussion, come up with an election process
... that we will be mostly comfortable with. make sure enough time for voting. clarity when we announce winners
... reached out to christopher allen but he was unable to join us today
Heather Vescent: Does anyone have thoughts on tracking this or addressing this issue?
Manu Sporny: Tried to put ben on the queue, he had a question in chat
Heather Vescent: Ben
Bengo: question about phone number on CCG mailing list
... i also try to track the community, see phone number, it never works. am i wrong to rely on it?
Heather Vescent: Are you talking about logging into zoom?
Bengo: ccg website does not say anything about zoom
Heather Vescent: Were you at the beginning of the meeting?
Bengo: no
Heather Vescent: We are in process of switching
... normally have call-in numbers
Bengo: managed to find it
... have before sent people to this url. hard to get on call if phone doesn't work
Heather Vescent: This is result of us changing, upgrading or meeting infrastructure, of which we are in the messy middle right now
.... goal is for us to switch over to jitsi which has call in numbers
... due to technical reasons this meeting is held on zoom
... info on mailing list. understand less than ideal for your team. unusual time right now. switching from old hard-coded audio-only irc version into more accessible meeting structure
... first choice is jitsi, but coming across, slowly fixing various bugs
... depending on state of jitsi system may make executive decision to fall back to zoom rather than ...
... suggest get on mailing list
... i personally send that link from twitter
... would like to get more organized
Bengo: if meeting normally going through jitsi, will number - digital bazar - normally work with jitsi?
Manu Sporny: We will update the number. there is a new number that will get you through the bridge. we will add a EU number. anyone that wants a number for their country, please ask
... adding number costs about $12/year
... goal is to support phone call in for members that need it
... it will be there with jitsi
Wayne Chang: We hear you. will do a better job, opening issue to better communicate where active info is
Heather Vescent: Volunteer
Kim Hamilton Duffy: I interpret bengo's question a different way
... one thing we haven't done in CCG is send out standing invites. i tend to interact with my life via calendar. if not on calendar, doesn't exist to me. if there is not a link in there, all messed up
... task force: send out invices, keep up to date. don't know why we haven't done it in CCG
... could do something to let people optionally add it to their calendar
... could be an easier way to coordinate
Heather Vescent: Same. i live and die by my calendar. manually add to my calendar.
... occasionally some people ask me to add them to it
... could add, perhaps for task forces as well
Heather Vescent: Onto the main event now, a little behind time, that's ok.
... today we want to talk about iiw (Internet Identity Workshop)
<wayne> q}+
... sessions you liked, what was interesting
... put yourself on queue to make a comment
Wayne Chang: Exciting discussion that has happened, across different standards organizations, interested groups, etc.
... seems to be opportunity for convergence. extreme overlap
... WebID, CHAPI. in the area of extending browser api towards these things
... openid psyop profile. user can be their own idp
... how does that relate to web browser api extensions, did, resolution thereof
... discussions happening in groups at DIF, several mailing lists
... if browser support, could have huge implications
Adrian Gropper: To add to that, there was an interesting session, mini face to face on authorization, secure data stores
... a lot of OGs on te oauth2 side, gnapps side, capabilities side, were there. some progress made. potentially a harmonization of how gnapp and zkaps work together. not sure if would work out, but was progress
Kim Hamilton Duffy: I had a session with orie and daryl ? on wallets
... building on wallet discussions had here. read through literature, concluded the way we define wallets is dumb but how in secure storage
... getting clarity. hope to write up results soon
<snorre> What was the name of this? Kim?
Heather Vescent: Let's move to the main event, John, are you ready to tell us about what you are doing
<kimhd> not-so-smart wallets
John IV: hello, my name is john. representing Actual DAO (?)
Snorre Lothar von Gohren Edwin: Thanks :D
... team on call
... sharing screen
Heather Vescent: Link to slides
Johnx25bd: here to talk today about Astral Protocol new DID method spec designing to identify spacial data assets
... our background. working with this team. intimidated by brainpower in the room. not experts in DIDs or VCs
... presenting work to validate our thinking, get feedback
Manu Sporny: Don't be intimidated, we're as scared of you as you are of us! :P
... at rebooting web of trust in prague in 2019. met few of you there, dabbling at the edges
... technical director. congestion zones on smart contracts
<by_caballero> oops did anyone get that deck link?
... problem: need data registry to represent borders on congestion zones
... thinking of how spatial ... web3
... joined kernel fellowship, met Jao and Jared
... smart contracts don't know where you are
... talking about potential of spatial based applications
... location is an intrinsic property of any (physical) individual.
... all of our (traditional) governance systems are based on where you are. walk across border, subject to different rules
... connected world, thinking of how to bring into web3
... govern objects based on web3 in privacy-preserving way
... spatial finance
... using satellite imagery to inform financial decision making process
... linked with world of DeFi. prototyping
... insurance, supply chains
... what kind of location-based dapps could be enabled by this
... robust land registries, AR, routing, fitness tracking
... location data, spatial data tech fundamental to how web is useful
... web3 not complete without it
... geo did
... paris 2019 project, tried to write a library of topological functions in solidity
... preserve privacy of sensors but check to see if they are in a particular location
... test to see if point is inside polygon, based on EVM
... spatial analytics library. terfJS
... apply policies to car based on whether inside or outside of zone
... possible, but gas costs balloon with size of polygon. looping through vertices
... not feasible on ethereum main net
... other ways. parallel, eth london. created project Geolocker, verifiable spatial data registry for self-soverign users
... zone administrators
... administer policies, but they would be self-sovereign
... register and upload vector geometries (geoJSON) to backend. 3box, also ArWeave
... hierarchical soverignty. register zone, need to get approval from government
Bengo: Hey Astral team. If ethereum main net isn’t working nicely for GIS applications, I’d love to learn if we can make this alternative work better.
Johnx25bd: topological overlap, want to detect border dispute, arbitrate.
... hierarchical approval question
... seems to be the point where VCs would come in. authority over jurisdiction issue credential that zone is valid
... fused to Hyperaware. spatial governance protocol for connected devices
... created system of smart contracts and distributed storage.
... have secure enclaves on devices. jurisdiction registry where they register
... self-soveriegn users. privacy for zone administrators. check to see if in polygon without revealing point or polygon
Device owners register DID on IoTeX
... zone owners register GeoDID
... validator in enclave tests if point in polygon
.. In validator, makes transaction in enclave, submit to smart contract transfering contract to zone administrator
... zone owner encrypt data with validator's public key. would not reveal details but could be tested in enclave
... pairwise DIDs for preserving privacy
... alpha implementation of GeoDID. register DID. in document, have reference to GeoJSON with outline of vector geometry
Juan Caballero: <-- The assumption that all sovereigns track their territory as a set of polygons and Cartesian coordinates reminds me of this book, which has a whole chapter about the exceptions (thanks to both Kaliya Young and Aragon Black's Danny Shavit for forcing me to eventual read it).
... zone registry interfaces. someone like greater london authority could come on and register zones
... we represent geometery in services array
... single DID, administrator could own multiple geometries
... service endpoint point to arweave geojson
... draft. service object could be valid geojson
... decentralized finance application
... bond issuance. 10 year bond. every year, structure of bond updatd based on input based on value derived from analysis of satellite imagery
... satellite image of air quality. submitted every year. updated what buyer have to pay
Taylor Kendall: @Manu polygonapocolypse -- my new band name, thx :)
... incentive to improve air quality. fork contract, linked to sustainability metrics
<mprorock_mesur_io> how would this differ from using a json-ld location object in a vc or did - and having a services layer with normal geospatial processing on the backend side of things for analysis, e.g. geopandas, etc? - or is this just a proposed standard for handling those kinds of work flows?
... the approaches we took that we realize how leads to DIDs
... a DID to identiyy spatial data assets. raster image, or sensor data
... modelling to be compliant to spatial temporal asset specification
... standardized way to search for raster data sets
... want to build on tools they have. amazing for collating spatial data assets
Vector: web-native way to represent vector spatial data. not absolutely necessary. could represent a shape file. store in service endpoints array
<tayken> Ha, wayne...but of course
... doing early research, alpha prototyping. one geoDID to control multiple spatial data assets
... looking into transferability, rights to access
Orie Steele: Very interesting work, please comment regarding the privacy implications of location data in service endpoints here:
... have specification in progress
... drafted reference implementation of the code
... prototype UI
... for registering. npm modules, client-side
<by_caballero> email address for feedback?
Taylor Kendall: Spatial data sans satellite -- similar to Foam?
... looking for feedback
Juan Caballero: Was actually asking about people working on similar problems :D
Heather Vescent: No time to go over time today
Johnx25bd: adoption, government. twitter @astraldao, gitcoin grant up
<kimhd> Thanks for scribing cel!
<wayne> thank you cel!!
<by_caballero> thanks cel
<by_caballero> be safe everyone
<matthew_basirico> Thanks for the invite Jessica and Melissa
<davidc> Is the Zoom working?
<guest1> Yes
<heathervescent> @DavidC yes, you should have a link from your email
<snorre> Is this the irc for the wallet event?
<wayne> yes, it is. welcome snorre!
<readdytop> Exit
<chews_> howdy heather it's the chew you know :-)
<chews_> hahaha, it has been too long miss
<chews_> good work here... and we should talk to a standards track for documents
<anil_john_> We will be opening up for Q&A after Sharon has provided her overview...
Heather Vescent: This is an example of queuing:
<heathervescent> Now I want to remove myself from the queue
<heathervescent> So if you have a question, please put q+ and then type in your question.
<hmajeed> What are the top 3 features that you were looking for in the digital wallet design?
<matthew_basirico> thank you!
<alfonso> How might we provide a demonstration and stress test for this audience? Currently we have a product that is being used and we believe we could have a 90% solution.
<milan> in the case of decentralized identity verifiable credentials - how do you see DHS or other business models being disrupted such? the model for decentrlaized identity is that an issuer issues credentials to a holder and the holder presents those credentials to a verifier without a verifier going back to an issuer. a lot of issuers make money on verifiers going back to them. how does this change from a business perspective?
<wayne> please use q+ prior to your question to be added to the queue, Milan! thanks
<milan> to make decentralized identity scalable and practical, there needs to be corresponding governance frameworks. what is the business and legal convening and governance framework definition happening to associated with tech exploration?
<hmajeed> Will you be using a third-part independent blockchain as the credentials registry or gov created blockchain?
<heathervescent> chews this is stuff that gets discussed at the CCG as well.
<chris_floersch> Question: What mechanisms are employed to achieve interoperability - ? ie - API's, or other tools?
Juan Caballero: @Milan: The short answer is that the governance work tends to happen in different places, where different experts gather and work under different charters/scopes. There is the Trust-over-IP foundation, Kantara Initiative, Sovrin Foundation, A New Governance, and MyData all working on SSI and SSI-related governance work of various kinds.
Adrian Gropper: Can you clarift this question "(to ask about the wallet interacting with oracles (that communicate VC directly with verifiers without a holder in-between))." [scribe assist by Kim Hamilton Duffy]
<kimhd> (clarify)
<agropper> Consent to present a VC directly to a verifier
Adrian Gropper: Ie. are you asking "will the wallet interact with oracles?" and "will the wallet communicate VC directly...?" we're having a hard time parsing the question [scribe assist by Kim Hamilton Duffy]
<agropper> yes - interact with issuers as oracles
<chews_> @heather, I'll show ya the demo later of using a passport to bootstrap blockchain id
<nav_> Question: How do we provide consumers/end users with a level of assurance that the wallet is safe and secure? What happens if they download a wallet built by a bad actor that steals their information?
Adrian Gropper: Sorry, I need it in the form of a question we can ask. I'm still struggling to see the question [scribe assist by Kim Hamilton Duffy]
<agropper> never mind
<sharonleu> Submit your project to the Dept of Ed's Blockchain Innovation Challenge by 10/30:
Wayne Chang: <- join the credentials community group here!!
<wayne> our mailing list is a lot of fun and we talk about privacy, data formats, anti-trust, etc. everyone is invited!
<anil_john_> Manu - What is your question?
<wayne> (these are spillover from the previous panel)
<wayne> Great questions everyone, my condolences for running out of time to ask them all!
<wayne> Please bring them to CCG, and we will make space for them. Post them to the mailing list and I bet you'll get some great answers
<kimhd> I'll take "do you consider key management/recovery as part of wallet design?"
Kim Hamilton Duffy: Question:
Juan Caballero: It's on DIF's events calendar if you'd like to subscribe to biweekly reminders about their meetings:
<kimhd> 1. While this forum is focused on wallet design, where can I find the security requirements for the digital wallet? Is anything published? Thank you.
<kimhd> 2. ow might we provide a demonstration and stress test for this audience? Currently we have a product that is being used and we believe we could have a 90% solution.
<kimhd> 3. (Will you be using a third-part independent blockchain as the credentials registry or gov created blockchain?
Adrian Gropper: I will ask my question again: Does the functionality exposed by a wallet include consenting for a verifier to connect and get a credential directly from an issuer or oracle?
Kim Hamilton Duffy: 4. I will ask my question again: Does the functionality exposed by a wallet include consenting for a verifier to connect and get a credential directly from an issuer or oracle?
<maarten> @by_caballero Link to calendar is broken
Juan Caballero: Haha thanks Maarten, not sure, seems to wrk here-- but you have to be auth'd to google, which is probably a non-starter for many people in this community :D
<by_caballero> the email list might be a better link anyways, since the chairs are good about emailing out agendas a day or two before each meeting
<matthew_basirico> This is awesome, I definitely want to talk to this company hereafter
<arshadnoor> Yes, it was from the previous session
<wayne> please add any questions to indicio to q+!
<wayne> for example,
<kimhd> thanks chews, good question
<wayne> clearing out the queue in preparation for the next round of questions for the third winner
<wayne> please ask your questions! i think we have a few minutes more
<wayne> thank you to folks who have asked questions already, you've contributed a lot to the discussion
<jonny> Not automating consent, but automating the construction of the package.
<nader> Will a recording of this event be made available after the fact?
Taylor Kendall: +1 Important to elevate "the art of the possible"
<matthew_basirico> YES, Jerry MacGuire, just saw that movie, "Help me, help you..."
<chris_majewski_ised> Will this recording be made available to the group?
<heathervescent> @Nader, I have asked the panelists.
<lrc> Thanks to All