Dmitri Zagidulin: Hello hello welcome everyone to this week's VC Edu call going to give another minute for people to connect and we'll get started. ✪
Dmitri Zagidulin: All right it's three minutes past the hour let's get started so once again welcome everyone to the weekly VC edu call Quick IP note anyone can participate in these calls if you want to make a substantive contribution to any CG work item or spec you do need to be a member of the community group and you do need to sign the VIP our agreement so if you're not a member yet please let us know. ✪
Dmitri Zagidulin: I've notes the call is recorded notes an audio recording will be made available on ccg GitHub we use jitsi for queuing so just as well as IRC so either you can type Q Plus so letter q and plus in chat or just raise your hand and I'll put you on the cube. ✪
Dmitri Zagidulin: Next stop introductions and reintroductions. ✪
Dmitri Zagidulin: Does do we have anybody new here on the call that wants to introduce themselves. ✪
Christoph_Graf_(switch.ch): Now I'm on okay welcome so my name is Christoph I'm working for the national research and education network of Switzerland in Europe we are particularly interested in adding value to our universities and in particular support processes between them that's why we are working together with them for two decades now for federating identity systems and we regard SSI as the next big thing in identity world. ✪
Christoph_Graf_(switch.ch): that's why we are interested in SSI being rude. ✪
Christoph_Graf_(switch.ch): We are collaborating with our colleagues here in Europe and with the participation in d.c. at we want to get the picture of also outside of Europe that's it. ✪
Adrian Gropper: I'm Adrian proper I don't remember if I ever join VC edu it would have been many years ago and I don't attend regularly my particular interest is in protocols for handling verifiable credentials my use case is not education but it's close to it it's in health care and in particular I'm curious to see if. ✪
Adrian Gropper: Ietf standards and you ietf standards workgroup for delegated delegated access to credentials and delegation as a way of controlling access and use of credentials thank you. ✪
Dmitri Zagidulin: Welcome Adrian glad to have you here and there's definitely a lot of overlap between Healthcare and education in terms of use cases anybody else want to do introductions and reintroductions. ✪
Dmitri Zagidulin: All right on that case let's move on to announcements and reminders does anybody have announcements for upcoming events or any sort of community announcements Adam go ahead. ✪
Adam_(Tangle_Labs): Thank you Dimitri for those of you don't know I'm Adam I'm one of the founders over at Tango labs in Germany and I just want to let everybody know that we've just launched the public beta of our new identity wallet Vero we welcome anyone to give it a go we appreciate any feedback we've got a demo live the you can play about with its part of the UNESCO lifelong learning project the N NG D IL that we've been working on. ✪
Adam_(Tangle_Labs): and yeah I'll also drop links to the. ✪
Adam_(Tangle_Labs): Downloads for Apple test flight Google Play just so everybody knows where you we're kind of working towards the I'd us 2.0 regulations and the EU DIY Walla off so w 3C D ID and VC data model standards well-known didd open ID for VC and all that and we opted for d i d key as the method to keep it clean and simple at this stage but the backend does support multi-method so. ✪
Adam_(Tangle_Labs): in the future we're hoping to. ✪
<naomi> Hello, everyone - I have to be on mute today, but I would like to invite everyone to the upcoming Velocity Ed Cluster Launch Event (Part 1 & Part 2)... this is an open, free, online event -- pls join us! Please find your invitation here and register for the two webinars via these links:
Adam_(Tangle_Labs): Methods and blockchains but we'd appreciate any feedback we respect peer feedback that as much if not more then then I use a feedback so yeah please give it a go and rip it to pieces. ✪
Dmitri Zagidulin: I'm glad to have more entrants in the ecosystem yeah please please post a link in chat and and we'll check it out Naomi in chat. ✪
Dmitri Zagidulin: Says she has to be on mute today but would like to invite everyone to the upcoming velocity Ed cluster launch Event open free online event. ✪
Dmitri Zagidulin: And I think the invitation got the invitation is in chat so everyone feel free to sign up anyone else with announcements. ✪
<simone_ravaioli> The SkillsFWD RFP is published and responses due on Nov. 8th https://www.skillsfwd.org/
Dmitri Zagidulin: All right David let's move on to our next our main topic which is we wanted to see if anybody wanted to give report outs or share impressions of this past internet of Dandy Workshop in addition we had the jmf plugfest the third iteration of it the day before IW so we wanted to see if anybody wanted to share impressions of the plugfest. ✪
Dmitri Zagidulin: It's we also wanted to open up the floor to any other questions and discussions. ✪
Dmitri Zagidulin: So let's start let's start with the jmf plugfest since it was. ✪
Dmitri Zagidulin: First chronologically also this was for those not familiar jmf is jobs for the Future Foundation nonprofits in the area of education and this particular team led by Sharon Liu is charged with. ✪
Dmitri Zagidulin: Bridging and creating interoperability between learner wallets. ✪
<simone_ravaioli> For those who were not able to join PlugFest3, the recording of the day is available for viewing here:
Dmitri Zagidulin: In the verifiable credential ecosystem in education so the series of interoperability plugfest have been let's encourage the wallet Community to interoperate in these bite-sized steps so the first interrupt plugfest tested their fiber credential display the second tested issuing of credentials into a wallet. ✪
Dmitri Zagidulin: One focused on again on wallets but focused on verifiers and relying parties requesting credentials from wallets so the verifier had to request multiple credentials the wallet. ✪
Dmitri Zagidulin: Demonstrate user being able to acknowledging the request selecting the credentials and returning them to the the verifier to the relying party. ✪
Dmitri Zagidulin: So any questions about plugfest in general or does anybody want to share their thoughts and Impressions if they participated. ✪
Dmitri Zagidulin: While x amount of mentioned one of the great things that sort of resulted from from this series of interrupts is the development of these verifiable credential playgrounds and if anybody has the link handy please post them in chat but it's the VC playground which was originally the chappy playground and in addition matter developed a VC playgrounds and several other. ✪
Dmitri Zagidulin: Vendors develop them as well and the nice thing about these. ✪
Dmitri Zagidulin: The vendor that is compliant with either the VC API specification credential Handler API or the open ID for verifiable presentation. ✪
Dmitri Zagidulin: As I think a lot of you are aware currently in the community we have at least three different camps of or families of apis that while it implementers are implementing one being VC edu which is incubated here in the ccg the second one being open ID for family of specs that are committed in open ID foundation and the third one being. ✪
Dmitri Zagidulin: From the hyper legendaries community and so these playgrounds allow anybody who's an issuer or verifier to essentially add themselves to a list and then a wallet user can come to the site and either issue credentials or request credentials using any one of those issues are very fires so so similar to the your wish has already come true it is already available as. ✪
Dmitri Zagidulin: The standard apis there is a manual step to get added to the list right you do have to email the the maintainers but aside from that it is already plug and play and anybody can use it. ✪
Dmitri Zagidulin: Let's see Adrian go ahead I'll wait I'm sorry sorry one second I think Sal was first so that's out. ✪
Dmitri Zagidulin: Yes are you little bit quiet but we can hear you. ✪
Charles E. Lehner: Okay I just wanted to mention the other there's also discussion of DIDComm for a playground use this was mentioned in the VC API work item call and I think Patrick and Brian were discussing this with Manu that's it. ✪
Dmitri Zagidulin: Oh that's really exciting yeah it would be really great to see DIDComm to the third API family to participate to be able to work with those playgrounds thanks thanks Charles. ✪
Adrian Gropper: So are you mentioned three or four alternatives for dealing with wallets and I'm curious since I don't participate in that in those things directly how do any of them consider the separation between a personal agent in the cloud as a wallet and a mobile biometric. ✪
Adrian Gropper: As a wallet and how these two would would both be accommodated. ✪
Dmitri Zagidulin: Thanks Adrian a great question so there's a couple thoughts there so both yes and no no in the sense of the API to request the credential or API to issue credential is slightly on a different level of abstraction it's a different layer sorry then. ✪
Dmitri Zagidulin: Difference between a wallet or a user agent however we so as well Community we've definitely had some challenges. ✪
Dmitri Zagidulin: Handling both mobile wallets interoperability and web-based wallet and so at this point in time what we've seen evolved is so the credential Handler API is now able to handle both native wallets and web wallets right so if I'm if I'm browsing on my mobile device in a mobile browser and I hit a credential Handler API compatible site. ✪
Dmitri Zagidulin: Site I can push a button and it actually. ✪
Dmitri Zagidulin: I've registered wallet app specifically registered by the user so the user is said I'm going to use this app by default or in general just add this one to the list of my wallets so that the browser does know how to communicate with the mobile apps same thing with the browser to web wallet that's in VC API land in OpenID connect lands there is again. ✪
Dmitri Zagidulin: Support for both mobile and web wallets mobile via either QR codes or the custom open ID protocol and web wallets used via the usual redirect and I believe that come has similar mechanisms that I'm not as familiar with those so does that answer your question so both are supported. ✪
Adrian Gropper: Well it it answers the question to some extent when when the transaction has the user directly involved but it doesn't sound like it can deal with the user's agent as being semi-autonomous or delegated to some other entity or both is that a correct conclusion on my. ✪
Dmitri Zagidulin: So not quite that's that's interesting so there's been some discussion on the mailing list about. ✪
Dmitri Zagidulin: What we've termed headless wallets which I think is the closest thing to the delegated agents that you're describing right so the idea being. ✪
Dmitri Zagidulin: User delegates some subset of permissions or abilities to the wall and then the wallet can act on the user's behalf sort of unattended is that right is that what you're asking. ✪
Adrian Gropper: Yeah it's in the wallet is basically an authorization server so it's a policy it has a policy component and potentially even a machine learning component for those policies and there and it is able to send you know in certain cases based on Policy Act on the on behalf of the subject. ✪
Dmitri Zagidulin: Got it got it yeah so while the main API families do support that mode we haven't seen a lot of that in the interoperability plugfest so far people have focused on "attended" workflows right wherever the user is actively driving it we haven't we haven't really focused on the automated or headless. ✪
Dmitri Zagidulin: One interactions though I'm sure they're important use case. ✪
Adrian Gropper: Well I'll I'll speak more about this agent thing at later on if there's time. ✪
Dmitri Zagidulin: Okay sounds good yeah anybody else have thoughts and comments on the plugfest. ✪
Dmitri Zagidulin: All right so let's move on to iwi for those not familiar with it that stands for the internet identity Workshop which is held twice a year in Mountain View California at the Computer History Museum it is an unconference which means each morning people gather and propose session ideas and then hold the sessions so the VC edu team myself Simone and. ✪
Dmitri Zagidulin: And did convene sessions about. ✪
Dmitri Zagidulin: About VC EDU you about Simone, what what was your session on. ✪
Dmitri Zagidulin: A fantastic and I convened a couple of sessions on one on linking credentials together meaning using hash digests and URLs to cryptographically bind one verifiable credential to another credential or one credential to an external arbitrary resource for example binding to an external PDF file or image. ✪
Dmitri Zagidulin: So that sort of thing so that that. ✪
Dmitri Zagidulin: Discussion about use cases limitations. ✪
Dmitri Zagidulin: Yeah so that's that's the linked claims that fail is mentioned is referring to in chat in the other session was on verifiable credential display so we have this render method term reserved in the verifiable credential data model which can be used to provide issuer hints on how a credential could be displayed either on usual devices or across modalities. ✪
Dmitri Zagidulin: For accessibility so how could a credential. ✪
Dmitri Zagidulin: An audio or Braille or constrained devices to lots of love or printed to PDF so lots of good use cases there again really great discussion we look forward to collaborating with everyone on the specification I can put links in chat. ✪
Dmitri Zagidulin: Anybody else who was at IIW and would like to share Impressions questions that sort of thing. ✪
Dmitri Zagidulin: We can yeah thank go ahead Phil. ✪
PL/T3-ASU: Dmitri I don't know if you can hear me but yeah I just wanted to comment that there was a session I think Adrian and yourself was also in participated in that was presented by Sophia and I can't remember her last name frankly well on on the medical implications in the healthcare industry of transparency in the like associated with SSI and. ✪
PL/T3-ASU: City and the consequences are wrapping ramification that has and I'm wondering I'm curious Adrian if you have some comments on that because I know you quite active in that discussion thank you. ✪
Adrian Gropper: Yes I mean this is partly my comments and and the whole topic that Sophia did such an excellent job of I mean somebody should describe maybe the new tree but in me what her master's thesis research is about because it's definitely a service through the community and was the top of two of the sessions that IW. ✪
Adrian Gropper: They're only one of them so maybe you should do that first or about this but my comment here about this is that in the healthcare use case and possibly in the edu use case there are not familiar at all with the edge were you scared well a little bit familiar the issue of how credentials move around how their shared how health records move around and how. ✪
Adrian Gropper: And accessed can happen in two different ways one of them is institutionally controlled in healthcare that called health information exchanges I believe in edu there are some equivalent businesses that do this for money they front end the issue I would say of credentials or the verification of credentials for educational institutions and the alternative which is only. ✪
Adrian Gropper: When the form of Apple Health at any scale and it's a very small scale is to have patient-centered information sharing which is the domain that I've worked in for you know 10 years or more and this is what will bring us to the question of what does a personal digital agent look like if it is to behave as a. ✪
Adrian Gropper: An alternative to institutionalization. ✪
Adrian Gropper: Controlled sharing of health records or some aspects of digital credentials that the ones like were mentioned a little bit ago that might look like linked linked claims or in other words they don't their streams that they don't really or images They Don't Really lend themselves to inclusion in in a VC directly so let me let me stop there again if this time. ✪
Adrian Gropper: I can talk about this personal digital. ✪
Dmitri Zagidulin: Thanks Adrian I will definitely open up the floor for that in a bit I'm glad Phil and Adrienne brought up Sophia's presentations because they were for me for example they were definitely a highlight of of the conference they're fantastic what Sofia was doing is doing as as part of her master's thesis is essentially putting together a question. ✪
Dmitri Zagidulin: Health Organization Health institution considering doing a verifiable credentials pilot or a decentralized identity pilot it's a questionnaire and an assessment framework but the institution should go through and it was it had to do with those a really intelligent essentially Excel spreadsheets in multiple parts so there was a set of questions that was asked of the. ✪
Dmitri Zagidulin: So that the engineering and then another set of questions for the policy citing team right and it was part of the reason why I think everybody was excited about it it was a focus on not just what do we need for a pilot but as an organization should we are we ready to have that pilot in the first place so the notion was we want verifiable credential decentralized identifier. ✪
Dmitri Zagidulin: System to get the best possible. ✪
Dmitri Zagidulin: Which means we want to encourage only the organizations that that are ready that had the internal discussion that had answered those questions that have identified use cases identified pain points and frictions put in policies and and teams and so absolutely wonderful questionnaire and assessment framework for health care which I believe she'll. ✪
Dmitri Zagidulin: As soon as she finishes her master's degree in addition where several projects are underway one involving Phil Long and and myself and some other folks to put together a similar questionnaire or resource guide. ✪
Dmitri Zagidulin: Question are more resource guide in the field of verifiable credentials for Education I'll let Phil add more details to that but in general it was yeah it was a really helpful presentation and I think that pattern of putting together resource guides and questionnaires in any vertical would be really helpful especially for success of this ecosystem. ✪
PL/T3-ASU: Now you said it well the the project you just described is an attempt to really to provide individuals who are knowledgeable about VCS and lers particularly in the context of skills based hiring and advancement work clothes and who are building I guess the current buzzword is end-to-end systems by in by that what is meant is systems that involve all of the stakeholders. ✪
<colin_reynolds,_ed_design_lab> End-to-End ecosystems. So hot right now.
<dmitri_zagidulin> @Colin - definitely!
PL/T3-ASU: Participants in An Education and Training Program to the institutions that turn around an issue credentials in recognition of completion of those things and and then the management of those credentials by the holder and subsequent presentation via vp's to an end point that pertains to either a job opportunity where the like could be also continuing education continuing professional education graduate school or what have you and then finally the. ✪
<colin_reynolds,_ed_design_lab> I think the "LER" acronym is causing an unnecessary block in some of the conversations we're having with employer + HR Tech groups.
PL/T3-ASU: Shows by that third party as they evaluate the credentials as part of the decision about whether the person is an appropriate applicant and so that's that's the work that we're trying to do now which is to provide a set of resources a guideline for those interested in doing that kind of work and a or a guidebook if you will and also a set of relevant resources some of those already exists out there this particular focus is on that particular job transition Edge. ✪
PL/T3-ASU: occation training transition to work framework. ✪
Dmitri Zagidulin: One of the exciting conclusion things that I've learned from that presentation is the term minimal viable ecosystem mve which is this notion and I think we've all sort of keep it in mind it was just interesting to put a word to it it's this notion of okay if you're going to do a pilot at any institution education or Healthcare identify the minimal viable equal system meaning identify at least some issuers right where you're going to get those credentials identify. ✪
Dmitri Zagidulin: Buy some verifiers who's going to consume the credentials. ✪
Dmitri Zagidulin: Identify a Target population of credential subjects and credential holders before doing right because there's no there's little sense in launching a pilot without identifying all three sort of populations I thought that was a very cool let's see Mahesh go ahead your next up on the queue. ✪
Mahesh_Balan_-_pocketcred_com: Yes can you guys hear me okay yeah one of the nice things about the unconference that Dmitri talked about is the fact that there was a lot of discussion just around the round table and we had an interesting one which touches upon the topic that Adrian has brought about about this idea of Agents holding either a health or educational credential and we discussed the possible. ✪
Mahesh_Balan_-_pocketcred_com: use of decentralized ✪
Mahesh_Balan_-_pocketcred_com: web nodes and I forget the name of the gentleman from block who's also spearheading a lot of this work in the open source and so it was a good discussion because it offers some of the things that Adrian has touched which is some fine grained authorizations the ability for agents to kind of work headless on behalf of holder so I think that's another active area from the. ✪
Mahesh_Balan_-_pocketcred_com: I'm sure is going to be discussed more actively as in the coming months and another iaw so I just need to add that image thank you. ✪
<pl/t3-asu> @Colin - it's a challenge and I agree that it's a bit frustrating additional term that pertains to VCs that simply focus on the transition to work use cases. I won't go into the origin of it, but it's now 'out there' and we need to navigate the terminology.
Dmitri Zagidulin: Thanks my hash Adrian go ahead. ✪
Adrian Gropper: The person you're talking about is Daniel Buckner and with regard to decentralized web nodes and your yes DWNs and digital agents are twins separated at Birth to some extent and that's been an ongoing discussion between the folks at Microsoft and myself from the early days of DWNs ✪
Adrian Gropper: Was still at Microsoft the one other the reason I put myself on the Queue though is there was one other interesting to me a couple of sessions where somebody on the first day asked if dudes are so great why don't I have one yet I didn't attend that session I did a session the next day. ✪
Adrian Gropper: That is how titled people don't want a digital identity they want an address you know for notifications or whatever they want to reputation they want a credential they want anonymity they want freedom of Association and assembly they want to be left alone and and we had a session that I think was you know somewhat unusual in the IDW context to the point where Doc mentioned that later on. ✪
Adrian Gropper: Where as was just said in the context of Pilots it's not enough to work on these plugfest sand these standards these protocols standards in you know in for their own sake you need to be looking at the ecosystem and the value to the ecosystem at least in some of our opinion is not digital identity per se and you have to approach the ecosystem. ✪
Adrian Gropper: From some other characteristic like the ones I mentioned some of the service. ✪
Dmitri Zagidulin: Absolutely thanks Adrian anybody else thought some comments on IW before we move on to wallet delegation and headless agents. ✪
PL/T3-ASU: Dimitri you might want to recap to the extent that you can the discussion that was Guided by Google about about so the wallet selection problem. ✪
Dmitri Zagidulin: Yes okay great idea so one of. ✪
Dmitri Zagidulin: One of the other sort of central highlights for me at IIW was a series of session I think there are five or six different sessions on that topic. ✪
Dmitri Zagidulin: Google Android and chrome teams as well as some folks from Microsoft and Fido for for passkeys and so on this notion of. ✪
Dmitri Zagidulin: OS assisted or browser assisted wallet selection or credential selection so what do we mean by that so a lot of you probably have encountered one of the main challenges in the credential ecosystem if we want an interoperable ecosystem of wallets is this notion of wallet selection so what is wallet selection it's if I come to a website and it's going to issue me a credential or if I come too. ✪
Dmitri Zagidulin: A credential for example please give me a proof of attendance at the University so I can give you a discount or admit you to some resource. ✪
Dmitri Zagidulin: He the website issuer verifier how has no constraint or no preferences about which wallets. ✪
Dmitri Zagidulin: The the user is going to use meaning how do I how do we enable these to bring their own wallet and give an appropriate accreditation they were able to put their credentials into it have that wallet intercept credential request right so basically how do we make sure that there's an interoperable ecosystem how do we make it so that. ✪
Dmitri Zagidulin: When I press give me a credential button the some sort of UI pops up that says okay you have the following wallets which one would you like to use or on the request side when I press the button to for the site to ask for the credentials some sort of UI that says okay you have this appropriate credential in such and such a wallet. ✪
Dmitri Zagidulin: Or several of these which ones would you like to present right. ✪
Dmitri Zagidulin: This this notion of wallet selection I is handled slightly differently in several communities so for example we have this credential Handler API which is a data model and API agnostic way of wallets to register themselves to a browser so that it presents such a UI so you could say here are the users mobile and web wallets that they use that speak either VC API or. ✪
Dmitri Zagidulin: Which one user which one of them do you want to use so all of this is background to the series of discussions at IIW right so. ✪
Dmitri Zagidulin: However the challenge with credential Handler API is that at the moment is a polyfill meaning it's intended to be implemented by the browser vendors it was intended to be implemented by the browser vendors I think I forget how long ago it was the project will start at least five years and now finally due to various political events and pressures from the industry the. ✪
Dmitri Zagidulin: System and browser vendors are finally like sitting up and taking notice and have been working on this user interface for for about a year now partly it's relevant now because of mobile driver's licenses and. ✪
Dmitri Zagidulin: A model and then corresponding apis that for example apple is using to. ✪
Dmitri Zagidulin: To carry the digital driver's license in a lot of u.s. states and the development definitely raised Notions of Monopoly vendor lock-in interoperability like hey do we really want all of our identity and credentials to be controlled by Apple essentially. ✪
Dmitri Zagidulin: And the UI that this wallet selection is credential selection was partly kicked off to handle this mobile driver's license workflow however. ✪
Dmitri Zagidulin: The workflow is the same for verifiable credentials as well so so Google and Microsoft and and the teams also want the same user interface the same old selection to to work with verifiable credentials in addition to MDOC so that's where it came from we. ✪
Dmitri Zagidulin: There's a lot of good discussion about it the browser teams had questions to the community for for example. ✪
Dmitri Zagidulin: Which which query language should this. ✪
Dmitri Zagidulin: Wallet selection or credential selection you I support right do do we want do we want this browser to standardize a query language and only support that for maximum interoperability or do we want the browser to be agnostic and supports the verifiable credential request presentation exchange the present DIDComm's presentation exchange right so all of these. ✪
Dmitri Zagidulin: Is that the community currently uses right so that was one major topic of discussion and as you can probably guess the community very strongly argued for. ✪
Dmitri Zagidulin: Let the browser UI be agnostic and support Amy any query language. ✪
Dmitri Zagidulin: Another another topic was on the granularity of this user interface does does the browser 12 only present wallets right is it going to be on the wallet selection level or should it be on the credential selection level. ✪
Dmitri Zagidulin: So here's an example come to a website it requests by student ID. ✪
Dmitri Zagidulin: And assume that I've already picked up a student ID that was issued to me by the university and is now in one of my wallets. ✪
Dmitri Zagidulin: Which would be preferable to the community which would be better for interoperability and which would be more user-friendly that the wallet selector popped up inside okay an unfiltered list of wallets like here are all the wallets that you have you the user now try to remember where you put that user ID okay as you probably imagine that's that's very user unfriendly that's that's a non-starter. ✪
<cel> ... not to mention at the granularity of claims (mentioned at plugfest demo day)
Dmitri Zagidulin: It's more finer grained was a pre-filtered side of wallets meaning the the OS knows because the wallets have registered with the OS that my student ID lives in the following two wallets or in the following one wallet right well when it's when it's one wallet and that's less of a concern but let's assume that the credential lives in a couple of wallets. ✪
Dmitri Zagidulin: Does the you I just just display the walls themselves and then lastly on the finer grained side is he's just don't care about wallets they care about credentials so instead why wouldn't the you I just say okay yeah here are the credentials available that fulfill that query so here's a student I do at wallet a and here's a similar student ID at while it be. ✪
Dmitri Zagidulin: And the user yeah the the location of the wallets is labeled but it's D emphasized its so it's credentials first credential selection is most of all its election and lots a lot of heated and interesting discussion about that I believe where it settled was on credential selection because the browser team and then several others argued that. ✪
Dmitri Zagidulin: Central's as very much easier on friendly user shouldn't have to remember which while they put what right the the browser and the operating system should should be able to remember that for them so anyways fantastic series of discussions that that is really kind of going to influence our Fates as wallet implementers as credential users as issuers is verifiers we're all going to have to go through that UI and so. ✪
Dmitri Zagidulin: It's definitely important for it to be. ✪
Dmitri Zagidulin: Be friendly data model and API agnostic vendor agnostic all those things the first iteration of that UI is already in Chrome Canary for those that are curious so and I believe a new working group is being chartered with the Sinister name of I think identity credentials a w3c. ✪
Dmitri Zagidulin: But that working group is about that credential selection you I. ✪
Topic: Headless Wallets, Delegation
Dmitri Zagidulin: Let's see so we're getting close towards the end of the hour I do want to touch on it so let's open the floor to general questions and specifically let's talk about headless wallets while it delegation and so on so let me sort of set the stage and then Adrian's on the queue you can go ahead one of the. ✪
Dmitri Zagidulin: Challenges at least in in this vertical or in the discussion so far with. ✪
Dmitri Zagidulin: Delegated headless wallet interactions is what's the use case right all of the use cases that we've dealt with needed a user to approve. ✪
Dmitri Zagidulin: A given credential request or a given credential issuance right so such website is asking wants to give you a credential do you consent such as such website is asking for your student ID do you consent. ✪
Dmitri Zagidulin: How what's the use case what's the workflow. ✪
Dmitri Zagidulin: Where that that set of interactions would be headless would be pre-approved from the user so go ahead Adrian. ✪
Adrian Gropper: Okay thank you I don't want to take too much time before we leave time for discussion so let me just I put in a link off the slides from the session at IIW into the chat what the problem that we're trying to address in a new ietf workgroup that is yet to be named. ✪
Adrian Gropper: And charted even the beginning of a charter but I'm out soliciting potential implementers which is why I'm here today the the issue just talked about in the credential selection thing gets even more complicated when you have selective disclosure for example and or relatively expensive process has like zero knowledge proofs - which are extremely useful of course. ✪
<colin_reynolds,_ed_design_lab> ZKPs FTW
Adrian Gropper: The one way to handle this kind of complication of choosing amongst wallets amongst credentials and then amongst disclosures within a credential would be to delegate that function to an expert and so we. ✪
Adrian Gropper: A new ietf work group built on top of the grant negotiation and authorization protocol organ app ietf standard which is brand-new actually you'll be presented tomorrow at the ccg called noon Eastern by Justin Richer and on top of this credential which isn't explicitly designed to manage a. ✪
Adrian Gropper: The question I'm posing to the community in order to begin to Charter a stand like this is what else needs to be in scope Beyond GNAP in order to deal with this problem and I'm posing the question not in the context of privacy that drives a lot of the conversation at in terms of data models and protocols but in terms of the human right of freedom of Association and assembly which is. ✪
Adrian Gropper: Of a workgroup paper from ietf about line of seven six seven years ago and so I'm trying to approach this almost as an absolute in other words a universal human right rather than a choice of privacy things and saying be able to delegate to an expert things that relate to your credentials is something that we consider. ✪
Adrian Gropper: How are a human right just like we. ✪
Adrian Gropper: Expert lawyers or doctors or family members or trusted family members act as our agents if the situation arises and let me stop there and like I say anybody that looks at these slides and wants to contact me should directly or there's a link in the slides to a signal group that's very small that again I'm just looking for a potential interested parties and implementers. ✪
Adrian Gropper: Chilly start this ietf standard thank you. ✪
Dmitri Zagidulin: Thanks Adrian and feel free to put in a way for people to contact you if they want to continue the conversation about this potential working group. ✪
Dmitri Zagidulin: So we've got eight minutes til the top of the hour though we're always happy to conclude earlier and give people time between calls does anybody have any last moment question either about headless wallet workflows or anything else that we discussed. ✪
Dmitri Zagidulin: All right so sounds like a lot of good topics for future discussion on while a delegation wallet selection display and we encourage the community to propose new call topics and to ask questions on the mailing list say hey can we have a discussion about this and. ✪
Dmitri Zagidulin: Oh about that will help inform topics for future calls a reminder that our very own Kerri Lemoie has stepped down as VC edu co-chair to focus on being a VC edu member and attendance to focus on all the great work in verifiable credentials that she's doing which means we'll be holding co-chair. ✪
Dmitri Zagidulin: What but that means we need candidates so start thinking about whether you yourself want to volunteer as a co-chair if you know good candidates talk to them talk to the chairs and so on so we'll have another call dedicated to. ✪
Dmitri Zagidulin: The clarification of what a co-chair means or if we have candidates at that point the candidates can tell talk about themselves and we'll go through the voting procedure. ✪
<simone_ravaioli> Thank you Dmitri !
Dmitri Zagidulin: All right and with that let's let's include the call thank you everyone great questions as always and please take the discussion to the list. ✪