The W3C Credentials Community Group

Meeting Transcriptions and Audio Recordings (2014-today)

Go Back


W3C CCG Weekly Teleconference

Transcript for 2023-03-14

Our Robot Overlords are scribing.
Harrison_Tang: So hi everyone thank you for joining this week's at w3c shiji call today our main agenda is that we actually had the honor to invite a robin from Pro collapse the creator of 50 coins and ipfs interplanetary file system to actually talk about what you're working on but before we get to the main agenda just want to do the em and stuff first.
Harrison_Tang: first so.
Harrison_Tang: First of all just a quick reminder about the call of ethics and professional conduct just want to make sure that we all respect and acknowledge each other's perspectives and we've been doing that for ages I don't recall the last time it was any fights or big arguments so the book that's continue to do that all right a quick IP know anyone can participate in these calls however all substantive.
Harrison_Tang: tribution to.
Harrison_Tang: You work items must be members of the ccg with for IPR agreement sign and make sure you have the w3c account and if you encounter any issues please feel free to reach out to me or any of the co-chairs all right quick call notes these meetings are recorded and we have a little transcription on and we will publish the minutes in a few days we used to teach at to Q speakers during the call.
Harrison_Tang: so just hacking Q + to add yourself to the key.
Harrison_Tang: Q- to remove it you can do Q question to see who is in the queue.
Harrison_Tang: All right introductions and reintroductions you are new to the community or you haven't been active and you want to re-engage with the community to please feel free to unmute yourself and you introduce yourself.
Harrison_Tang: Okay next announcement and reminders any announcements announcements were reminders Farm on the community.
<manu_sporny> ECDSA Cryptosuite support needed here: https://lists.w3.org/Archives/Public/public-vc-wg/2023Mar/0027.html
Manu Sporny: Yep couple the first one is a reminder to the community that the ecdsa crypto sweet in the verifiable credentials working group is up for a vote tomorrow I'll put a link to the announcement crypto sweet crib sweet support needed here.
Manu Sporny: This is as we've been saying there's a call for adoption for the ecdsa crypto Suite in the verifiable credentials working group tomorrow if your organization has a need for this like basically if you have a need for Hardware security modules when assigning verifiable credentials or when using decentralized identifiers then please sign the letter of support so we have plenty of support going.
Manu Sporny: In so that's announcement number one.
Manu Sporny: To is that we have another crypto sweet cold BBS that is going to go up for a call for adoption next week in this is cutting it really close because feature freeze happens after the vote so we get like one if we get one chance to get this in there hasn't been a letter to go out that you can sign to support it but BBS is really important for.
Manu Sporny: Corrective disclosure in verifiable.
<greg_bernstein> Just updated BBS IETF draft to version 2
Manu Sporny: In on linkable signatures so the ability to produce the same verifiable credential in a way that is privacy respecting it's one of those you know Cutting Edge privacy enhancing technologies that we're trying to also get on the standard Strachan w3c so very important for that one to be supported look out for that request on the mailing list this week please move immediately.
Manu Sporny: Italy to sign that.
Manu Sporny: Organization cares about selective disclosure on linkable signatures because it will be going up for a vote next Wednesday that's it the two announcements.
Harrison_Tang: Thank you man you.
Harrison_Tang: Any other announcements or reminders.
Harrison_Tang: It's a pretty quiet week probably a sound us are affected by the SCV or something people might be a little bit better now.
<orie> Reminder that VC-JWT supports ECDSA already.
Harrison_Tang: All right any comments on the work items.
Harrison_Tang: All right I will come back to know calling for introductions reintroductions toward the end if we have time all right let's get to the man jenda so this week as I shared earlier we're very glad to have Robin from a local labs are prolapse actually builds that develops the file coin that decentralized storage and ipfs interplanetary file system.
Harrison_Tang: and I know through.
Harrison_Tang: This community has been quite intrigued and actually they're having some community members who have expressed that they would like to learn more about ipfs so and actually I think we have someone from ceramic ceramic Network actually presenting about ceramic a few months back and ceramic is built on top of ipfs so very very intrigued about what protocol protocol labs are building and we're very very honored and pleased to have a.
Harrison_Tang: Share their latest development and works so Robin the floor is yours.
Robin: At thank you very much and the the honor is entirely mine thank you very much for the invitation I'm trying to make sure my screen is shared I'm not seeing it being.
Harrison_Tang: U.s. sure before but right now I cannot see it.
Robin: Shared I wish I was here before did you did you see the slide before when I was.
Robin: Okay so hang on that you do this again because it doesn't show for me it's the usual fun.
Robin: Speeding and we share.
Robin: Do you see a big googly spider.
Harrison_Tang: Yep we see the we see we see the background we don't see the screen the sorry we have we don't see that slides yeah.
Robin: That's a yeah sorry yeah that that makes it less interesting without the sides.
Robin: You just see the back that you still just see the background right.
Manu Sporny: See your mouse cursor and the background Robin if you wanted to throw it into a PDF and send it to the mailing list or one of us we could display while you talk through it as an option.
Robin: Yeah hang on just let me try one last thing and if that doesn't work I'll see you PDF I don't know why I didn't want to share.
Gregory_natran: It looks Robin like you have a Mac running two displays in your presentation is on the other display.
Robin: So I do have a Mac running to this place but if I share this play one here's what you're going to see and maybe that's the trick to making it work.
<phil_l_(p1)> consider mirroring
Robin: Let me share I'll now Jutsu won't even let me press the button but if I shared if I shared the other screen I just showed the Gypsy thing.
Harrison_Tang: Take your time don't worry about it.
Robin: Yeah I didn't try this one okay so now if I do this can you all see yourselves okay that's step one maybe now if I move this in front.
Manu Sporny: Now we just see the jitsi screen.
Robin: You still don't see preview do you it's weird it's as if like preview preview refused.
TallTed_//_Ted_Thibodeau_(he/him)_(OpenLinkSw.com): I think it's are like.
Robin: Okay I'll email it to hang up.
Harrison_Tang: Now you can email it to me and then.
Harrison_Tang: Can share the screen.
Manu Sporny: We see it see it.
Robin: Wait what happened I did nothing.
Harrison_Tang: It works now.
Robin: Oh you have it of course you have it wonderful.
Juan Caballero: I just screen sharing it to mess with you I have an old one though I have an old one if it changes substantially send me the do it in parallel.
Juan Caballero: To make it verbally and you'll have to say next slide please each time.
Harrison_Tang: Yeah that works like what I thought it's a magic I was like wait what's works.
Robin: So you're missing one joke but that's okay thank you thanks a lot one I will thank you very much thanks a lot of jumping on this so and it was weird because that was not the slide I was showing on my screen I was like whoa anyway let's get to it hi everyone it's a pleasure to be here thanks a lot for the invitation so very quick intro for.
Robin: for those.
Robin: Pleasure to make to meet yet I work on governance that stand standards at protocol Labs with that I was at the time she'll five years and I've spent way too much time over the past 20 25 years working on WT stuff popping on the tag still working on privacy principles and but you should check them out they're out to wide review now if you're interested in privacy I'm also on the WTC board but obviously I'm not speaking for the WPC board because they don't work on this.
Robin: kind of stuff.
Robin: And so yeah this is a pretty informal presentation it's basically in two parts first I'm going to go through pretty quickly you know a refresher about ipfs and you know just to make sure that everyone's on the same page and then I'll talk about the stuff that I've personally been been working on and so you know it's informal just like jump in any question anything you find outrageous.
Robin: you know Hollows.
Robin: Mm whatever so let's jump into ipfs so there's like four components of the I know it's a huge ecosystem but like the therefore components that we can think about this protocol Labs which is the company I'm working on that that this research and it's building protocols in this area is ipfs so ipfs is somewhat misunderstood in the in the community but it's best to think of it as a P2P version of HTTP it's.
Robin: not people.
Robin: Some kind of BitTorrent which isn't it's much more like if you think about HTTP version in which you don't need a you don't need a centralized server that's ipfs for you and in addition to ipfs the Falcone foundation and all coin itself provide a storage Network that integrates with ipfs in English that they will see afterwards next slide please so you know essentially the core the absolutely most.
Robin: we important Concept in ipfs is the concept of a see.
Robin: CID is an identifier that's generated from the content so it's content addressable just just those of you familiar with from from getting any number of similar systems and so instead of using a system of external Authority it uses intrinsic self-certifying Authority in order to to to find content for those of you who are interested in the history of the web I do encourage.
Robin: courage you to go read.
<manu_sporny> TimBL === Sir Tim Berners Lee
Robin: In temples design notes or the earlier work of the of the tag back in the in the early 2000s is very interesting to see just how how committed they were to this idea of having it Authority stemming from the scheme and getting stemming from DNS and and you can you can and then inside of that the idea was really that you would own this a strong notion of Federated ownership over.
Robin: that naming space to the point that when.
Robin: Robots.txt happened or you know dot well known and people people back then we're talking about expropriation is you what you were expropriating names from from what should I have been absolutely local ownership now of course you know what happened next we all know if you own something then then you can you can give it away and and and people lost actual authority over what they were doing over.
Robin: on the web so see how these really help and.
<manu_sporny> if you own something, seek rents! :P
Robin: Because I'm sure most of you are familiar with c8c IDs and pump ever dressing but I think it's really important to understand that how Central the archived events next slide please yes and so as I was saying you know really the the core value of C IDs is that they can reproduce by anyone and therefore they can be verified by anyone and it allows for for self-certifying Content distribution next slide please.
Robin: And really that's where yes that that.
Robin: That's where I'm repeating this because I think it's some it's a concept that's really key ipfs can feel a bit sprawling because once you start digging into how it works is the entire the P2P stack there's a whole there's a there's a whole slew of like somewhat novel acronyms that that people in the in the more HTTP world might not be familiar with but really if you want to think about what ipfs is it's the space of things that you can interact with using a CID and that's it.
Robin: but that's that's really.
Robin: To think about in that space and so you know maybe you're acquiring the content directly you know over a sort of traditional ipfs maybe you're getting it from a Gateway maybe it's local it doesn't matter so long as you're interacting with the resource using a CID your knife yet space next slide please and so you know this is this is not something that's entirely abstract ipfs is a a set of systems that has.
Robin: increasing deployment and an.
<bumblefudge1> @Manu: See https://github.com/everyname-xyz/Public/blob/main/Research.md - rent-seeking in the namespace space is booming lately!
Robin: Of the patient's right now we're going through the teething Pains of specifying and standardizing things up to that the the implementations are interoperable but I just wanted to show that that you know you can you can run you can access I'd give it's called and directly in some browsers here we have the brave browser and and there's this is this is a growing field there's work for a given particle handling in chromium so so this.
Robin: is a growing space and.
Robin: To see more ipfs formal normalized in at the intersection of webtoon web query in the coming months and years next slide please and so you know the key thing with ipfs is is you know if there's no node serving your content then that content just cannot be retrieved it might exist somewhere in the abstract but it won't be on the net there's several ways in which.
Robin: got it can be made available override.
Robin: The first and easiest one is of course just to run your notes and you can scale this right you can you can run a series of nodes that are maybe geographically distributed so that you can handle increasing increasing load or then you can start working with a company that might pin your content for you so this is basically what you do if you want to serve content over ipfs but tell you don't you don't have your own Hardware or you don't want to have your own Hardware.
Robin: or you want to distributed over multiple sources one thing is that that's.
Robin: Years that you can start working with you know 11 pinning service and if you don't like them if you want to just like transition to your own since it's all kind of the addressable any way that the content can easily move anywhere and no one's going to notice a long as it stays on and of course you get you get to the case where if if your content is particularly popular and people want to Cache it themselves and make it available themselves then this becomes that you can you can.
Robin: you can start benefiting from that.
Robin: That is not something that will happen automatically for you and next slide please.
Robin: And so you know part of part of part of that idea of hosting and storing data over the long term is why it's why file coin was built I'm not here to like sell you on file coin is just to explain how it builds on ipfs and so basically it says it's a massive decentralized storage network with huge capacity and a consensus system built to reward people for.
Robin: for storing and to.
Robin: Reliable overnight PFS system and next slide please and so you know it's pretty straightforwardly again I'm not going to go to integrate detail here is just to give a rough sense of what that what this is but you know it's actually it's a deal making system in which a client can make it can strike a deal for storage and then provide storage and then the system has a series of of ways of proving that the the.
Robin: data is properly stored.
Robin: Penalizing people who fail to store data storage as promised and then a retrieval Market to get the the data back out and and the idea here is to go fully cloudless and to enable infrastructural systems that can be shared at that at the level of the of the entire internet in a way that that's interoperable and and that can support any kind of any number of providers pretty next slide please and you know as part of that.
Robin: also one thing that I like to point people to.
Robin: In part because the stack can be unfamiliar to to web developers I find that it can be good to to get started using webview storage which is a really smooth and nice interface to to ipfs all file coin and basically integrates really well with JavaScript and they have some UI components that they're the shipping and you can basically drag and drop this arriving drop this into into into.
Robin: or your app and and easily.
Robin: With ipfs using the libraries and their components it's pretty neat next slide please and so that that was you know basically the very quick refresher on ipfs I hope it wasn't too fast or too confusing and of course feel free to ask questions and let so if you don't come in with questions right now you can also ask them later I'm going to switch to the stuff that I've been working on and how I'm trying to.
Robin: figure out ways you know.
Robin: The bunch of lovely colleagues that to to figure out how ipfs in the and the web work together yes but.
Manu Sporny: Yeah just wanted to connect a few dots for something the community that might not know that we're already using a number these Technologies when it comes to decentralized identifiers and verifiable credentials some of the lower-level things like multi base multi hash multi codec we're all things that were kind of built you know for ipfs to kind of achieve some of the technical things that that that Rob.
Manu Sporny: Has been you know.
Manu Sporny: Two ends so they're already Primitives that this community is using from from ipfs and then at a higher level and you're probably going to get into this Robin there's a desire I think among a number of people in the community that want to do more with content address storage like ipfs like if you have a verifiable credential and it links off to you know a set of pictures or proof or a document of some kind.
Manu Sporny: And what you really.
Dmitri Zagidulin: Did:key uses IPFS tech! :) (multiformat specifically)
Manu Sporny: To be able to do if that's at its large document is not necessarily point back to you know like centralized storage for that thing whatever it is picture evidence you want to be able to point to some kind of decentralized network that is storing these things in some cases for the good of society and other cases to make sure that you know it's highly available so I just wanted to clarify that like there's a lot of overlap in the work that you're doing.
Manu Sporny: In the work that you know protocol labs and the ipfs folks are doing.
Manu Sporny: Some of the needs you know of this community when it comes to verifiable credentials and decentralized identifiers.
<dmitri_zagidulin> similarly, the VC hashlink proposal (the digestMultibase mechanism) uses multiformats
<manu_sporny> yes, also that ^
Robin: Right yeah I completely agree yeah thanks that's it that's a very good call out and actually I've been wondering if if we seize might be used with the work that like starting lab has been doing about documenting war crimes and the such I think I think that there's a there's definitely is this definitely used for for I mean this is definitely many meeting points in there so yeah.
Robin: yeah thanks I think that that's very very.
Robin: Pulling out so jumping into to the web stuff next slide please I want to be I want to be like super super clear here that you know what I'm talking about is highly speculative when we say that we're in R&D lab it is certainly true I'm going to stay a high level a few of you had to have seen some of them bits of this.
Robin: work and know that.
Robin: The the basically ideation document its 15,000 words long already and that like already lacks details so I'm compacting a lot of that into into a tiny space and also this may contain traces of philosophy it's not purely engineering so let's jump in and if there are any things that that any specific aspects that you know call upon your fancy that don't hesitate jumping so as you know things are bad.
Robin: on the web next slide.
<manu_sporny> /me lols.
Robin: I don't think this will come as a surprise you know most of the web is highly centralized capture and and you know if we were getting some good products out of out of all this this centralization maybe we'd still be bothered but at least we get the product but the result is pretty unimpressive generally the tools were getting actually quite terrible certainly for the cost and and you know in that context time spent on the way.
Robin: web instead of apps keeps dropping despite the.
<bumblefudge1> at the very least a failed state machine ��
Robin: Being told that all this centralization and all this infrastructure is supposed to be helping keep the well the wet the web alive and then there's all these problems of like you know privacy and harassment and disinformation that you've heard about so in general we can say that the internet is a failed State and things are not a not currently working working great so the question is you know what can we do about it next slide please so you know we should we should be trying to figure out how to fix the web and and.
Robin: and you know what what how to drive the web forward and where the web should be.
Robin: But the thing is very funny one the thing is we can't see we don't actually have a definition of what web is a lot of people care you know those people who want like web to and web 3 and web 5 which is the joke that is not on the slide because it's like the old and the people who say there's only one web but we don't say what it is or that were leading the web to its full potential which is the booties motto but no one knows where that for what their full potential is and so we kind of need some.
Robin: alignment of you know what the web is in order for all of us to be moving in something that might.
Robin: Be the same direction.
<bumblefudge1> i know it when i see
Robin: At least roughly moves forward it's like this and so you know the question comes back and this is something that many groups have tried to address and fails to address over the years which is the question of like what actually is the web you'd sort of want to say well maybe it's all the stuff that's over HTTP but there's a lot of people doing doing things over HTTP that you wouldn't consider the web that just like API calls between various back-end system so it's not that some.
Robin: people would want to say.
<bumblefudge1> particularly when it's web-transferred obscenity
Robin: Runs in the browser but that also very limiting and also it includes things that we probably would like to extrude from the web like PDF and yeah there's the the classic vision of like I know I know it's the web when I see it but that doesn't help us figure out a way of moving forward so we don't really have a definition of what the web is and so you know I've decided to see if we could like figure out one and use that as you know North doctor too.
Robin: move towards.
Robin: That's like these and so the idea really is that you can find no constancy in the bundle of technologies that that we tend to agree is the web will have agreed is the web over the years and so instead the idea is really that the web is a project the web is a set of values and it's the set you know it's basically the set of digital Network Technologies that work to increase user agency now that might seem a bit Vegas but it actually backs off next slide please.
Robin: he's from a a.
Robin: From a pretty important philosophically Doctrine and that is the part where there's there's there's there's a little bit of philosophy I know that's not always popular in all circles but I do encourage people to pay attention to at least some of that philosophy simply because when we don't we just we just like doing it without without knowledge of it next slide.
Robin: I'm so that that philosophically Foundation that I think Matt's really well to the notion of user agency is the capabilities approach that that nice Bowman sin have developed over the past that we've got an essay 30 years or so and basically it's it's it's an idea of social ethics that was built for development and it's entirely centered on the idea of increasing what each person is able to do and able to be and really there are several days.
Robin: several advantages to this I'm not going to you know.
Robin: Like probably due to our course on this and I will spare you but you know fundamentally it's meant to be testable because it was meant to be used as a grounding rule for actual development and to solve like real real world problems like poverty it's a good match for for the kind of problems we have because a lot of Technologies tend to remove agency especially centralized.
Robin: apologies but if you.
Robin: All the efforts to drive in a machine running deep into search engines that that gives people less and less control over what they're searching for it's just like you know generating an answer and and that's it and the idea is to drive in a different direction that actually puts more power in the hands of people and this has all kinds of consequences it helps people organize better it helps people drive their systems around them better and and and it generally helps.
Robin: oops systems improve so.
Robin: And I'm not.
Robin: You tell but that is basically that the central Focus next slide please and so you know you might be thinking okay that's nice if you get all the philosophy and yes I do think it was it was important to start from figuring out where we wanted to go like go all the way back to to First principles but you know from there what do we want to what we want to build and so I can't cover everything that that that that we're thinking about I'll include the link to the longer thing but let's look at at least one of the basic Primitives that that's it.
Robin: their next IDs and so the Primitive that that will building.
Robin: Is based on the.
<bengo> ��
Robin: That you know we've been we've been caught in this browser Paradigm that's that's really good that document retrieval and we've been trying to take it Beyond document retrieval into app space and you know apps are kind of like pretty important if you want to put more power in the hands of people they need to be able to not just read things that do things and over the past 25 years we've tried a million things.
Robin: I'm just listing a few.
Robin: Hi Ben and and you know we've been doing we've been using pretty much everything we've had in our hands to try to do packaging and to try to ship app stuff to people and we've systematically failed it's B is almost like on the on the clock every four years the WC has a workshop that is on a variation of like how do we expose powerful capabilities and how do we package things up so that people can install them we've had widgets which.
Robin: binary XML packaging that which might sound funny but I was there.
<harrison_tang> haha
Robin: We've had a few successes like like it's funny the transcriber Redbone or XML that's actually better anyway I could go on but it's been a success it's been a succession of failures for 25 years and so you know if we can't solve it what is the problem next slide please and so instead of trying to it trying to basically in trying to re-approach the same set of problems.
Robin: We figured out that they might be a different way of doing a getting there and the idea is is to experiment and we're starting to hack on them with these things we've called professionally at least tiles and they answer to a few a few basic requirements one is that they're safe by default and by safe by default we're actually really strict pretty much all of these previous app like things they.
Robin: could all connect to the network right away with with.
Robin: No restrictions and so essentially any extra power you give to them they can use immediately in pretty bad ways at least in privacy violating ways and we know from you know having actually been on the web that that is something that people will abuse systematically and so the thing is since since people will abuse it the one of the founding ideas here is well let's just remove that let's let's make it impossible for these things to at least at first touch the network because they're safe by the.
Robin: fault it also means that.
Robin: By default and so that's an interesting thing instead of having all these endless discussions about permissions and and consent mechanic mechanic sins and security mechanisms that we know don't work because we haven't solved the problem of prompting people for permissions in a way that that they will meaningfully act on we just because because they're safe we just make them powerful by default any you know any functionality that you can't use to break or destroy.
Robin: boy data the breaker.
Robin: Or destroy data since you can't exfiltrated we just we just we just make it available and now on top of that in order for them to be safe by default the first time you load them you have to be able to load them in a way that's in direct and not necessarily from the source so they are location agnostic and this has like as a consequence that they have to be they have to be packaged because you can't do like back and forth as you would for for you know when you're loading in HTML document.
Robin: instance and it automatically makes them local first because since they can't addressable do you know.
<greg_bernstein> But what do they do?
<dmitri_zagidulin> I'm super curious how exfiltration is prevented. sounds like GETs over http must also be disabled?
<bengo> render stuff?
Robin: It'd scare quotes installing it just means having it there's no difference and so you know these are all things that might seem like unrelated to ipfs but actually ipfs if you use it with you know the IPL D which is the the data layer car which is a packaging format and also like a strict CSP this is this is the this allows you to create this packaging format that has the these problems and Greg asks but what do they do.
Robin: now that's a very good question.
Robin: Yes yes a gets over HTTP also disabled so you this is super strict you cannot touch the network once you've loaded the thing the thing is running what can they do well they can have like any arbitrary HTML JavaScript images svg's CSS you name it inside and they can run as like small contained web apps but they just can't touch the network you might be thinking well that is a pretty stringent limitation and.
Robin: it is and so.
<greg_bernstein> Cool!
Robin: If we keep going down the slides I'll explain some of the stuff we can do it and so again this is like super early days super speculative super experimental so you know it I'm not promising anything I'm just like explaining what we're working on and the approach we're taking the idea being that that you know maybe we'll find this doesn't work but I do think there's a way to make these interesting and so you know losing the ability to interact with the network.
Robin: loses a lot of what we tend to.
Robin: And you know what you needs to create a what do you need to create a web app well you kind of need to store data but you know because they are they safe by default we can also give them access to a lot of local information that that can be stored on the user's in the users agent and we can also make them composable with one another today you know we keep hitting that wall of cross-origin issues and we keep actually restricting the ability for web pages to to talk about.
Robin: across Origins you know like third-party cookies for instance are disappearing.
<bengo> oh yeah perhaps the tiles could do more but only after they request the capabilities they need to do so and end-user consents
Robin: Make it hard to maintain State across across origin and so here the idea is to like reinvigorate the idea of intense and activities which are basically a declarative way to connect pieces of code and so you can have multiple tiles any any one of which can handle any number of intense and you can use that to have them talk to one another and that means that you can start like you know for instance you could install the tile that manages your local image.
Robin: data store and can provide images to another.
Robin: The might want to I don't know establish a profile picture so those are things where you can think of these as units of functionality part of the idea here being that we've been trying to put apps on the web and apps already a bad idea of the web you can go back 40 Years of you I research with every time you are researchers coming back and saying like well actually these bundles of like functionality that we put inside apps I really not a great way of answering the needs that people.
Robin: people have but we keep getting stuck on them so instead of putting a.
<bumblefudge1> they are good for rent extraction tho
Robin: This is more about like making a web of apps or of like app functionality that can sort of like be built dynamic they by by people without them even having to think about and so of course you know you still need a Steely at some point to go back to yesterday apps are good for renters extraction that is true that's actually the whole purpose of the bundling and you know you do want to go back to the network sometimes yeah it's important to maybe be able to communicate with other people.
Robin: and so in order to.
Robin: You the idea is to restrict interactions to things that can be partially user mediated so you can't like arbitrarily open a request to something else but you can interact with the agents native support for a number of protocols and these can include social protocols like all the activity Pub stuff the idea is that they also have to include an idea of native search because you don't want to have searched run by websites that's a terrible idea and.
Robin: you know you also need to.
Robin: Able to make.
Robin: Money and so there's a series of native protocols that basically these these tiles can interact with but they can only interact with them in ways that are either user mediated or that can be reasoned about by the user agent so that it can it can prevent the exfiltration of data again you know I understand that this is very very Vapor weary but you know the idea is that.
Robin: that we're using ipfs to build this new.
Robin: Three of this new primitive and and and we're experimenting with ways of making it work.
Manu Sporny: That's it yeah it just a question about just a question about the the way you're intending it to be constructed and this may turn into like a requirement right so this this kind of community has this use case around this concept called the digital wallet and the idea is that it's kind of analogous to your physical wallet you have things in your physical wallet that you carry around with you so one example of this would be like a digital passport goes in your digital wallet in.
Manu Sporny: You would hope to have access to that digital passport on your mobile device and maybe on your.
Manu Sporny: In maybe on a desktop right so there's this concept of shared storage between your devices applying this tile concept which is you know fantastic like this is this is really interesting you know cool stuff one of the things we keep seeing over and over again is like ipfs as applied to public content or semi-public content I don't know if there's been I guess could you tell us kind of what thought has been put into.
Manu Sporny: Content meaning content that you really don't want replicated that you don't want exposed outside of your devices but at the same time you don't want centralized either so for example you would like to run a decentralized network between your mobile devices your family's mobile devices you know whatever to hold onto that that truly you know private content that you that you don't want replicated where do you see something like.
Manu Sporny: Like that fitting in in this architecture that.
Robin: Is it that that's a really interesting question so again nothing has been implemented but at that two things and I think they work in potential levels one is of course you can you could have encrypted content over ipfs which you know probably doesn't solve the what you're looking for to the degree that you that that that that you're seeking but the idea is that you can like encrypting.
Robin: and put.
Robin: On ipfs and someone could you know fetch the encrypted blob that's all they're going to be able to do with it and their systems like w NF s for instance that that that that use that so that's one option the other option is to go for things that that involve for instance more locals are at them Discovery or forms of private networking and so there's there's an implementation of a user agent that's.
Robin: experimenting with things.
<bumblefudge1> windows native file system
<bumblefudge1> from fission (https://fission.codes)
Robin: Of ipfs called Cappy loon by fibrous destroyed so it's really cool and one of the things that he does with that is that he discovers peers over emptiness and so he's able to he's able to to basically discover you know from his from his mobile device to his laptop as being due to initiate to way to a connections without going it over any kind of public network now these.
Robin: are just like two options that exist.
<bengo> browser could also do retrieve CIDs from EDV on same host as user-agent
Robin: Me that they're the only options like you could imagine you know completely private but like more distributed systems that that that with the same properties existing does that answer your question.
Manu Sporny: It does so I guess based on that I'm imagining like a tile that is it has some kind of you know native API to a more decentralized but private file storage so the two options you know the encrypt something on a public network probably not going to work for large corporations that don't want to do that necessarily right but still want some of the advantages of decentralization I certainly wouldn't want my encrypted passport being stored on.
Manu Sporny: GFS at.
<dmitri_zagidulin> decentralized but "location aware"
<dmitri_zagidulin> in datacenter terms
Manu Sporny: Right what I'd be hoping for is something that is still decentralized but within a group of you know nodes that I trust meaning like you can walk away from rent-seeking if you see it being used against you so I think with that approach that you're talking about it would be like a tile that or or the platform exposes a native API that allows you to do that kind of discovery of you know only the know.
Manu Sporny: Nodes that you.
<bengo> put zcaps in the CAR files and then you can express 'who is allowed to retrieve this'.
Manu Sporny: You store that very private data is that that's.
Robin: Correct yeah you can you can actually I mean nothing says that you have to be on the you know the global ipfs Network you can absolutely run a private version of it and so you could write it in an Enterprise System you know maybe behind a firewall or or whatnot and but you could also run it you know as some kind of like secret private version just for you and your friends but all of this is possible.
Robin: humble and yes.
Robin: It that's not specifically a problem that I've been working on to just solve right now but yes it's entirely feasible and so unless there are other questions I'll jump to the next slide please.
Robin: And so part of part of the difficulty in doing this and the reason I don't have much to show I mean this we're working like Fabrice has been doing stuff in Kappa Noone I'm doing I'm doing stuff to experiment with it as well but puzzle of the difficulty is that you cannot get to this new notion without also changing the UI so this is not something that's incremental in the browser at least not not running inside a tab because you can't really get to this notion of isolation with multiple tiles.
Robin: is cooperating and with a good with a good.
Robin: If you stuck inside this tap metaphor so you know with all the risks that that we absolutely know and have experience with in terms of going different routes this is something that has to be done outside not necessarily outside the browser but at least outside outside of tabs of the tab system is that that that is really holding us back next slide please and so yeah I'll share the the links in a more usable form or if you find this doing it right now but so you know for people who.
Robin: who are interested in ipfs I do recommend that that first.
<bumblefudge1> resnetlab-on-tour/
<bumblefudge1> HykU2_jws
Robin: Has a bunch of like tutorials that go into that going to a decent level of detail if people want to know more about this crazy tile thing there's a big messy draft if you're more patient and you don't need to read it like this week you can you can wait a little bit I'm in the process of turning that into a series of articles that will be spaced out over time as we figure these things out and as you know as a.
Robin: last one.
Robin: It's like this is purely a Shameless plug in case you're interested in the broader topics of governance that that were thinking about that that that is basically the right type that matches that and with that we can go to the last slide and thank you very much again for inviting me and having me here and for the questions and if there's anything else you want to ask about I'm more than happy to.
<bengo> ������
Robin: That's really I love that sound effect every time.
Harrison_Tang: All right Bumble fuck.
Juan Caballero: Nothing sorry I was just trying to make.
Harrison_Tang: I do have a kind of newbie question that the how how do you do I do like the sea IDs or update to a CID so when the content changes or update.
<orie> see also IPNS
<orie> which has mutability
<bumblefudge1> IPNS gives you mutable addressing
Robin: So so I mean you don't update a CID at all the CID being content addressable of the content changes then the CID changes what you want is so the a CID is purely a mutable now if you want mutability there's a layer called IPS which basically pairs a key to a CID or something else and so this this makes it possible to keep referring to to the same thing.
Robin: thing but with a with a.
<dmitri_zagidulin> and wins the worst name award?
Robin: Just over time it's mutable the dressing yes.
Harrison_Tang: Got it thank you.
<orie> but is bound to a single key... which means the mutability is GG, if the key is compromised.
Robin: And there are there there are other things that are people working on alternative naming system so like Dane Cook is going on something called the name name system this is number of like pet naming layers so I penis is one option and it's I would say it's the dominant option but there are there people looking at Alternatives as well.
<orie> IPNS needs to die, we can do better : )
Harrison_Tang: Thanks and the smart Janice you're on the your next on liquor.
<dmitri_zagidulin> 100%
<bumblefudge1> Blaine Cook , for the notes
<bumblefudge1> there is a write-up on the name nameservice on fission's docs site i believe
Steve Magennis: Sorry Stephen yeah so he immediately you know I'm just starting to get more into ipfs and super fascinated well one thing I notice is that there doesn't seem to be a lot of conversation around the notion that suddenly we really can't remove data once we've pinned it or post it out there which seems to be just kind of inherently problematic I just want to kind of get your thoughts on that if I'm looking at this the wrong way or it may be either folks are working on ways to get around that issue.
Robin: You're not at all looking at things the wrong way so they're said that this this is something that has been noticed and I agree with you that the conversations aren't in a haven't fully taken off yet but there's something that we recently launched which is this and actually on the want to join to say a word as the as our current.
Juan Caballero: Oh yeah sure yeah there there's the decentralized and compliance working group it's sort of exploratory and to be honest I think that most people in it are assuming there are there are like two or three layers of control between content and see IDs like it isn't like you just upload.
Juan Caballero: In regular CID on open ipfs and just say here is here are my baby photos of my child there's always presumed to be at least IPS or some sort of authorization layer what three storage and you know fission or both doing like z cap style authorization layer that would have a lot of different intermediate artifacts that can be deleted that are.
Juan Caballero: The retrieve ability of data.
Juan Caballero: What else can I say yeah I mean it's sort of it's sort of depends like what you call a platform or what you call a network because if it's you know ipfs Diego protocol you can make networks within it that are variably closed or bounded so.
Juan Caballero: Sorry Bobby of spa day.
Robin: I'm also paste also pasting a link we worked with new design Congress on problems that problems in that space right and and so they produce this report which I which I encourage you to read if you're interested in that topic and by all means like come and come and speak to us at the at the DDC working group if you have if you have issues I posted the link higher up as well.
Robin: you know we're trying to solve these issues.
Harrison_Tang: Bingo you're next in the queue.
Bengo: Robin my question is like do you have a point of view on how like in your vision of tiles if we have a CID and we wanted to make that a URI what you're like what might the URLs look like if anything gets given that Z ideas aren't.
Robin: I'm that so that's it that's a good question where with this is something that we're thinking about so one option would be to use the ipfs scheme and the OPF scheme uses the CID has the authority and then you can pass into it the issue with that is that it doesn't have clear semantics in terms of whether you can load other things what kind of context you load it into excetera Etc so for Bruce and I have been talking about using a tile.
Robin: scheme and the idea of the tiles.
<bumblefudge1> ^ related protocol design proposal for CID URIs
Robin: It's kind of similar it takes a CID as its Authority and it supports a path but it also enforces strict CSP Rules by default without without having to rely on anything else and so that that that that that that could be a good option but we haven't we haven't finalized that yet and so if you have if you have opinions that they're definitely well.
<bengo> web+tile:// could be registerProtocolHandlered by a PWA I think?
Harrison_Tang: I do have a question so my impression in my experience with some decentralized applications is that the Speed and Performance is slow and as we know like Speed and Performance is quite important for applications and you act so my question is if my Impressions correct like what are the works that's on going to kind of dress the Speed and Performance issue.
Robin: You mean of ipfs in general.
<bumblefudge1> yeah ipfs:// was >1sec for most blocks a year ago
Harrison_Tang: Yes like because the retrieval of the content can take even though it could be fast in the sense of like you know knows that like for applications where a building you know Mass direct to Consumer applications like Speed and Performance is Paramount right so so if my Impressions correct about the centralized technology being slower than the current Technologies like how are we going to address these issues.
<bumblefudge1> it's getting better incrementally
Robin: Right so I mean it's not intrinsically slow so there's a number of I think you know compared to say HTTP HTTP 3 it hasn't been optimized as much yet so for instance there's a prototype called happied that can currently do multiplexing not expecting and that can lead.
Robin: like that has like really.
<bumblefudge1> iroh
Robin: In performance properties there's work on indexing to make sure that that that that speed that this piece is up to you know is up to par and there's also the Next Generation iroh implementation is going to be focused it seems I can't speak for them but from what I what I heard is going is going to be focused on performance and they seem to believe that they can get they can get this to be really really fast so yeah it's certainly not.
Robin: Superfast just yet.
Robin: From what I've seen in terms of prototypes and and and and work that moves this forward I don't think it's intrinsically slow I haven't seen any evidence that it is.
Harrison_Tang: Got it thank you.
Robin: Yep thank you very much take care.
<robin> thanks a lot all!
Harrison_Tang: Right oh we're at time and thank you Robin thank you again for taking the time to present and be the discussion here if you don't mind like can you send the presentation to me and then I will include that yeah that would be great okay all right thanks thanks a lot this concludes yeah this concludes today's this week's meeting and you know you can see the upcoming meetings in the w3c calendar see w3c ccg calendar right thanks a lot have a good one bye.