The W3C Credentials Community Group

Meeting Transcriptions and Audio Recordings (2014-today)

Go Back


W3C CCG Weekly Teleconference

Transcript for 2024-08-13

<kerri_lemoie> Hello all
Our Robot Overlords are scribing.
Harrison_Tang: All right so welcome everyone to this week's w3c today we're going to hold uh open uh session uh for the work item updates as well as open discussions and uh core 3 2024 review so uh data will open up the floor for everyone to kind of uh speak uh comment on what we're doing well uh room for improvements and growth and things like that so that's the main agenda uh before we.
Harrison_Tang: I just want to quickly do a a reminder on the code of ethics and professional conduct I just want to make sure that we continue to uh hold constructive and respectful conversations.
Harrison_Tang: Uh next a quick uh note on the intellectual property anyone can participate in these calls however all substantive contributions to any ccg work items must be member of the ccg with 4 IP agreements signed.
Harrison_Tang: So if you have any questions in regards to uh the agreements or the w3c account uh please just let any of the cultures know.
Harrison_Tang: Uh next uh these uh meetings are automatically recorded and transcribed as people can tell um and uh we will try to record uh we'll try to publish uh the recordings and the transcriptions and the video recordings uh in the next uh 1 or 2 days.
Harrison_Tang: We use a DC chat to kill the speakers during the call uh as well as to take minutes so you can type in Q Plus to add yourself to the queue or cue minus to remove.
Harrison_Tang: And type in a queue question mark uh to see uh who is in the queue.
Harrison_Tang: Alright so next uh.
Harrison_Tang: Let's take a quick moment uh for the introductions and reintroduction so if you're new to the community or you haven't been active and want to re-engage uh please feel free to uh you'll need to do a Q Plus thing just.
Harrison_Tang: And introduce yourself.
Harrison_Tang: I think it's mostly familiar faces um.
Harrison_Tang: Uh Amy announcements and reminders.
<simone__onofri_(w3c)> Identity Report https://www.w3.org/reports/identity-web-impact/
Harrison_Tang: Thanks a lot by the way uh just a quick aside like can you speak a little bit more into the Federated identity working group proposal like uh it sounds quite relevant and so what what is that working group supposed to work on.
Harrison_Tang: Sounds good thank you thanks for the clarification I'll probably want to reach out to you and invite some of those experts to uh present here at w3c at some point so thanks a lot.
Harrison_Tang: All right Clea.
Kaliya Young: Um hey um I just wanted to share um we have Internet identity Workshop coming up in October October 29 to 31 bring your best Halloween costumes uh.
Kaliya Young: The last day.
Kaliya Young: It's in Mountain View California.
Kaliya Young: Billie bird pricing is up until I believe the 29th.
Kaliya Young: We're also really committed to accessibility so if you want to be there um and can't afford tickets please reach out and we'll work with you.
Kaliya Young: Uh the did unconference Africa is happening in South Africa.
Kaliya Young: In september september it's primarily going to be just 2 days of open space the 26th and 27th with like a reception on the 25th.
Kaliya Young: So if you are.
Kaliya Young: Working with folks in southern Africa and countries in any way related to this technology please let them know about the event and um encourage them to join us it's it's going to be I think really good and.
Kaliya Young: Bonus on my way there I'm going to Taiwan for 2 days so if anybody knows anyone in Taiwan in this space that I should connect with uh.
Kaliya Young: Let me know I'll be there september 19th and 20th.
Kaliya Young: And that's all from me thank you.
Manu Sporny: Uh thanks Harrison um.
Manu Sporny: We are uh continuing our slow walk towards verifiable credential 20 uh being done uh we're doing uh basically the final editorial pass on the specification now um we have been asked by a number of organizations if uh you know they're they're planning on using verifiable credential 1 1 and they're asking us if they should use 2 0 uh I think we're at a point now where um anyone that is considering the use of 1 1st at this point so we're gently nudging people to consider using version 2 0 over version 1 1 um for pilot and production deployment uh we are expecting it to be a global standard.
<kaliya_identity_woman> My e-mail. Will be in Taiwan September 19-20 and looking for people to meet/ things to do there related to our community work. kaliya@identitywoman.net
Manu Sporny: The end of.
Manu Sporny: Uh get through the process and all that kind of stuff um so just a heads up if you know of people like we had the the government of Spain reach out and ask recently we've had a number of uh European um countries uh uh reach out and ask um and we're suggesting that everyone start the process of of upgrading the 200 uh that's it.
Harrison_Tang: Thank you man.
Harrison_Tang: And now their announcements and reminders.
Andrea_D'Intino_|_Forkbomb_BV: Thank you good uh morning to all of you in the US uh today uh nist finalized.
<manu_sporny> PQ-woo hoo!
Andrea_D'Intino_|_Forkbomb_BV: The standardization of the 3 alright selected to be post-quantum that corresponds to fips 2003204 205 it was published a few days ago following a report from the White House about the path to uh towards post-quantum cryptography.
Harrison_Tang: Thanks for the heads up and update.
Harrison_Tang: Right so 1 1 more thing uh so w3c has sent out the community survey for 2024 I think this is the first time they sent it out uh I actually uh.
<harrison_tang> W3C Groups Community Survey 2024
Harrison_Tang: Announcements uh to the public list but I'll uh paste it here so you got time uh please uh take a few minutes uh to to just provide some feedback to the w3c in regards to how we can further uh.
Harrison_Tang: Grow and uh the engagement is in our communities.
Harrison_Tang: Right so last calls for introductions reintroductions an announcements and reminders.
Harrison_Tang: Right so I will uh share the screen and we will provide some will ask uh.
Harrison_Tang: Experts to provide uh updates uh to the different work items of the ccg and then afterwards I will also uh invite Kim to actually provide some updates in regards to the Tif decentralized identity Foundation uh relevant to the w3c ccg work.
Harrison_Tang: Give me a second.
Harrison_Tang: All right so.
Harrison_Tang: Well first of all I just want to uh give a quick shout out to will uh he actually had the helped put together this presentation so uh big thank you to Will.
Harrison_Tang: So just uh I was just quickly.
Harrison_Tang: Go down the list uh and then the invite the different uh experts to different work items to kind of quickly provide some updates and uh these are the different work items uh relevant to the ccg so the VC API VC 2.0 Quantum safe di uh signature Suite uh.
Harrison_Tang: we don't.
Harrison_Tang: Anyone to provide the update on the VCU but if other people can speak to it that would be great or VC tribe but we will later have updates on random methods barcodes uh I think we have uh.
Harrison_Tang: Kind of a dedicated sessions.
Harrison_Tang: uh uh.
Harrison_Tang: Weeks already but we can quickly provide some updates on that as well and lastly the did I think resources.
<will_abramson> Thanks, I am on the call and able to participate. Fully networked now!
Harrison_Tang: All right so uh we have 5 more credentials API um.
Harrison_Tang: Money or someone can you provide an update on that on this particular work item.
Manu Sporny: Yes I can do that um thanks Harrison uh so uh for those of you that uh uh haven't heard of what this thing is uh the verifiable credential API um is a way of like managing the movement of verifiable credentials around the web and the internet um so uh it does life cycle management what we call life cycle management which is uh you know how do you do issuance how do you move a credential from the issuer to the digital wallet uh the holder uh how do you move it from the holder to the verifier how do you present stuff how do you modify status on a credential that's been issued um so the verifiable credential API uh does those things um it is an http-based API uh it also has a a query language uh called verifiable presentation request um as a part of it um and today it supports um of uh.
Manu Sporny: Is over like open up.
Manu Sporny: Id4 so a lot of people seem to think that oid 4 is completely competitive with the VC API um even though that's not the case you can actually run oid for over the VC API um uh the VC API also does have its own workflows and exchanges uh you know presentations mechanism um so the VC API is used to do a lot of like back office management of credentials um in the reason we do that um is to make sure that um people don't get locked into vendors like customers don't get locked into vendors there's no open API for doing life cycle management.
Manu Sporny: Um and it.
Manu Sporny: Can also do.
Manu Sporny: Do kind of.
Manu Sporny: From the front.
Manu Sporny: And credential uh delivery stuff.
Manu Sporny: Um we've got 11 Implement of the API today.
Manu Sporny: That's more than enough to take it through the standardization process uh but they're varying levels of interop right so like issue and verify those are pretty solid uh you know status changing those those are pretty solid in there um uh but some of the more complex workflow stuff um they're less implementers of those but well beyond uh to at this point um we use the VC API extensively in the verifiable credential working group for all the test Suites uh there's also a can I vc.com website that shows you how each implementer is doing all of those implementers implement the VC API um and of course their production deployments of this today so true age which launched last year 18 months ago uses the VC API to move all the verifiable credentials around the ecosystem um in the open cred platform uh deployed by California DMV in production uh also uses the verifiable credential API uh both to Rono id4 as well.
Manu Sporny: As well as.
Manu Sporny: Do some uh back-end uh uh management uh of the credentials that it's uh that they're issuing um we have a uh a GitHub repo it's got issues in it the working group meets or sorry the the community group meets um every week uh and we have been regularly processing issues to the point that we're out of issues um we have resolutions on the issues but um uh PRS like pull requests on updating the specification.
Manu Sporny: Are lagging because many of us are just so busy with the verifiable credential to our work once that work is a little further along we expect VC API to catch up and uh get all those uh backlog of uh PRS uh done um we are well enough along now where we have enough like production experience both running oid 4 over the VC API and using the VC API to like manage production deployments where we feel pretty pretty uh uh uh comfortable with proposing it to go on the standards track soon um once it goes on standards track we expect it to move pretty quickly only because we have like 11 Implement already like normally you have to you have zero when you start but we've got test Suites we've got implementations you know the thing has been used for you know 2 to 3 years at this point um and so the plan is to take it uh standards track.
Manu Sporny: Later this year.
Manu Sporny: And that's it.
Manu Sporny: The update there we we meet every uh every Tuesday at 3 pm Eastern we're meeting again uh this week um.
Manu Sporny: And that's.
Harrison_Tang: Thank you Patrick I think I have a question.
Patrick St-Louis: Yeah well I just wanted to add uh something to this um what I'm personally very interested to get feedback from people and it's something that I'm um sort of exploring at the moment is the whole process of verifying a credential uh especially when a credential has many features included you know features could be something like a status uh maybe terms of use or any of the feature.
Patrick St-Louis: These checking these features fit and the process that we called verifying a credential because when designing tests with this is something that can or.
Patrick St-Louis: Can't be easy to test based on a verification call and there's different opinions like the VC API is 1 way to do these operations but the the verifiable credential data mod model specification as a verification algorithm section which outlines.
Patrick St-Louis: Process that um implementers should go through when they verify credential same thing for the data Integrity specifications got its own verification algorithm bit string status list so I'm interested in.
Patrick St-Louis: No hearing from people's experience maybe if they have solution out there how do they handle verifying credentials um and uh checking all these features all together.
Patrick St-Louis: So if if someone wants to discuss this I'd be very interested to hear.
Harrison_Tang: Thank you thanks Patrick.
Harrison_Tang: Any other uh questions or comments.
Harrison_Tang: Any uh comments on Patrick's comment.
Harrison_Tang: All right we'll go to uh the next uh work item uh the test Suite the VC test Suite so Benjamin do you mind providing an update on that.
Benjamin Young: Yeah happy to.
Benjamin Young: Um hello everybody I'm Benjamin Yuen with digital bizarre I've been working on the verifiable credentials working group and ccg test Suites.
Benjamin Young: For about the last year.
Benjamin Young: And um as the working group nears the completion of its work the specifications are becoming increasingly more stable which makes uh finishing up the test suite's possibility.
Benjamin Young: The vcd data model specification is you know the Crown Jewel that specification is as monu mentioned earlier uh pretty pretty nearly all done and uh so is the test Suite there's a couple updates that have happened in the last couple weeks mostly just language changes.
Benjamin Young: Getting in um and then that 1 is already ready for implementation but we'll have full coverage uh.
Benjamin Young: Hopefully by.
Benjamin Young: By the end of this.
Benjamin Young: Um the rest of the most of the rest of the test Suites from the working group are related to data integrity and the related crypto Suites.
Benjamin Young: Those build on some shared libraries to test the core of the data Integrity uh proof mechanism and.
Benjamin Young: Components of the Json LD there.
Benjamin Young: And then each crypto Suite has its own um test Suite.
Benjamin Young: Where buy the the proofs themselves are tested and things like that.
Benjamin Young: Um all of these links are in this deck which I think Harrison will share later.
Benjamin Young: And in addition to those we also have the bit string status list which became part of the raft of specifications um brought over from the ccg just in the last few months as previously known as status list 2020 and um since been renamed so that test Suite is is 1 of the newer ones but it's um it's well on its way.
Benjamin Young: And then the remaining 2 on this list are the Josie cozy test suite and the VC Json schema test Suite those are spearheaded uh by Gabe from block and uh Gabe if Gabe is here is welcome to say more I didn't have time to sync up to get more details from Gabe.
Benjamin Young: Right now you can click through to those test Suites to see how those are going and those have their own implementation uh configuration process.
Benjamin Young: Um I'll go to the next slide and then I I do have 1 sort of call to action at the end um this is the list of implementers as of uh Monday that we have.
Benjamin Young: Integrated with the test Suites um we we know of others um that are working on it um but have yet to send us the Json that connects their implementation with.
Benjamin Young: Test Suite reporter.
Benjamin Young: The um tests we reporter is Manu mentioned actually Builds on BC API and is it's a basically a very minimal version of that that just allows you to wire in your implementation through an issuance request or a verify request or whatever so you can um.
Benjamin Young: There are some publicly available open source minimal implementations of just the required endpoints for the test Suites and then you can wire that into either your um public or private implementation or your SDK or whatever uh so the implementers you see here have all all done that.
Benjamin Young: Um we have great coverage on the vcd and most of the crypto Suites are are also well covered.
Benjamin Young: 1 Of the.
Benjamin Young: Key things to know is that in the w3c specification process um implementers per specification is great but ultimately we're also watching for.
Benjamin Young: All the musts and the specification to know that each of those must have good coverage and I think with very very few exceptions all the must statements are are well covered at this point for the ones um at the top of the list you see bit string because it's newer only has 2 and then um I was not able to find any cozy cozy implementations uh.
Benjamin Young: To the public reporter so if you have 1 of those please reach out to Gabe um Gabe goes by decentralized Gabe on IRC if you're on there and then the VC Json schema 1 also only had 1 publicly listed implementer but again there's also a continued drum beat of please bring your implementations um and relatedly we've started running a test Suite office hours weekly headed up to TPAC so if you are in the process of building out your implementation it'd be great to have you pop into those their weekly at um 10:00 am Eastern Time on Thursdays.
Benjamin Young: If you come we'll help you get your um implementation wired up or if you just have.
Benjamin Young: Sort of.
Benjamin Young: Or if you just want to say hi and let us know that you're working on it and and would love help or camaraderie that's what these office hours are for so uh we'd love to have you join and if you have questions please reach out.
Harrison_Tang: Thank you Benjamin.
Harrison_Tang: Questions or comments in regards to the VC test Suites.
Harrison_Tang: Yes I just uh thanks uh Benjamin for the reminder I forgot to send the link uh to the presentation I'll do that after the meeting.
Harrison_Tang: All right next uh we have content save the I signature Suite so Andrea do you mind providing some updates thank you.
Andrea_D'Intino_|_Forkbomb_BV: Absolutely uh thank you for being here everybody uh there is no substantial update from the last time that it showed is to some of you so I'll just recap uh the current situation with the post-quantum signatures so just today the.
Andrea_D'Intino_|_Forkbomb_BV: 2 or 32425 corresponding to uh fips 203 is a key exchange mechanism.
Andrea_D'Intino_|_Forkbomb_BV: Which we previously discussed that probably we can't see use in the digital identity in the Republic credential world but 204 and 205 are 2 signatures 2 signature schemes uh corresponding to the old the lithium as Sphinx from the nist post Quantum cryptography competition where standardized the I linked the.
Andrea_D'Intino_|_Forkbomb_BV: Well uh you shouldn't you shouldn't clap your hands to me because we don't do much in uh in that regards uh anyway I posted a link to the white house uh report about post contract photography and it's it appears that uh they are accelerating on um on the adoption of this and uh well there there there is more that will be spent on postcard cryptography.
Andrea_D'Intino_|_Forkbomb_BV: Uh we have started start working group a couple of months ago we did we haven't done uh much since then.
Andrea_D'Intino_|_Forkbomb_BV: From our side we were primarily waiting for the algorithms to be standardized because it didn't really make make much sense to work on the cryptography part until that happened but that happened today so if if anyone is interested in collaborating on that would be very happy to work on that together so what we have so far is mlds 44.
Andrea_D'Intino_|_Forkbomb_BV: Uh which is the standardized version of the lithium 2.
Andrea_D'Intino_|_Forkbomb_BV: In the standard diet we checked the documents today of the so for the final the final version of fips 204 and there seemed to be some minor differences with the version that we implemented so we'll look at in the next days.
Andrea_D'Intino_|_Forkbomb_BV: Uh then also in line with that uh a while ago we implemented the.
Andrea_D'Intino_|_Forkbomb_BV: Post-quantum public keys in our method uh we have uh put together prototype of W3 CVC issuer.
Andrea_D'Intino_|_Forkbomb_BV: Um we we also trying to put together some microservices to to run that for that other people can try then uh easily.
Andrea_D'Intino_|_Forkbomb_BV: Parts that we're missing for sure because I'm I'm aware of those are the multi support so we don't yet encode public Keys uh in a way that uh.
Andrea_D'Intino_|_Forkbomb_BV: Uh well in the in the way that is indicated in document uh we haven't done any work on that integrity at all.
Andrea_D'Intino_|_Forkbomb_BV: I think that those are missing from the testing Suites as well.
Andrea_D'Intino_|_Forkbomb_BV: So yes so long story short not much moved from last time we spoke but it could be a good moment to restart the conversation.
Andrea_D'Intino_|_Forkbomb_BV: if there is any.
Andrea_D'Intino_|_Forkbomb_BV: Uh will I'm sorry but your your voice came through a bit jumpy is then anybody that could.
Andrea_D'Intino_|_Forkbomb_BV: Yes it is.
Manu Sporny: Yeah this is a a great uh thank you Andrea um we continue digital bizarre continues to be very supportive of this work um we definitely want to be another implementer uh of the specification uh we are just underwater with all the vc20 stuff in the test Suites and the.
Manu Sporny: Um and just getting those specifications out the door um but we you know it's great news today that um you know the the ml uh uh DSA algorithms have been standardized by nist that will give us a very firm um Foundation to build off of um so yes we're definitely interested I can't I still can't you know commit to a timeline but um we definitely want to see this work uh progress that's it.
Andrea_D'Intino_|_Forkbomb_BV: Thank you so uh to-do list for me I'm gonna turn this missing points into issues uh the multi supports I guess that's something we can solve ourselves implementing it in our virtual machine uh that Integrity uh I'll need some help and API testing Suite as well.
Harrison_Tang: Any other questions uh for India.
Harrison_Tang: All right thanks a lot um next Patrick please.
Patrick St-Louis: Yeah I have a question if you could just go back to the previous slides so it mentioned that there's a prototype of WGC VC issuer um sorry is there like a playground or somewhere we can uh.
Patrick St-Louis: Have this.
Patrick St-Louis: We need to to run at the moment.
Andrea_D'Intino_|_Forkbomb_BV: Uh you're asking if we have a rest API hosted.
Patrick St-Louis: So something like that yeah.
Andrea_D'Intino_|_Forkbomb_BV: We actually do.
Andrea_D'Intino_|_Forkbomb_BV: We actually do um I'll I'll post I'll post something in the in the chat here.
Andrea_D'Intino_|_Forkbomb_BV: But you you you're most welcome to reach out to me if.
Andrea_D'Intino_|_Forkbomb_BV: Want to have a look at that deep look at that.
Patrick St-Louis: That sounds good I'm interested thank you.
Harrison_Tang: Any other questions in regards to content safe EI signature Suite.
Harrison_Tang: All right next uh anyone uh can provide an update on VCU otherwise we can skip this and I'll try to we will we will try to uh connect with the VCU folks uh to provide us.
Harrison_Tang: Work items uh in the next few weeks.
Harrison_Tang: But anyone can speak to this right now.
Harrison_Tang: Sounds good thanks well.
Harrison_Tang: All right next VC traceability anybody can speak to this or we can skip this right now.
Patrick St-Louis: I I've been attending these calls for a while I'm currently warning on on behalf of government of BC to do some work with the energies and Minds uh supply chain work and we were looking at the traceability specification.
Patrick St-Louis: Uh I believe their current state so they are realigning with the uh latest.
Patrick St-Louis: Set of.
Patrick St-Louis: Technical recommendations from the DHS which is to use the verifiable credential data model 2.0 bitstring status list.
Patrick St-Louis: Uh the latest work item that was worked on was to well realign the the sort of test Suites that they have so they have tests with based on.
Patrick St-Louis: Uh Postman so they have a few collections which were running really well uh so it's just about um.
Patrick St-Louis: Making them up to date with the latest set of recommendations.
Patrick St-Louis: And so that's pretty much how how I could contribute to say on there.
<andrea_d'intino_|_forkbomb_bv> Patrick_ST:
Harrison_Tang: You actually that's a great great update thanks a lot.
Harrison_Tang: All right next uh VC render method.
Manu Sporny: I can do this 1 um so we've had a number of I think presentations over the past um.
Manu Sporny: A couple of uh weeks to months on uh different render methods so government of Singapore has this really uh neat render method uh we call the open out of station uh render method um uh we also have uh render method examples now finally built into the VC playground so if you go to the VC playground today um a number of the cards come with um a render method so what our render methods it's basically a way for the issuer to in the credential itself so when they issue a verifiable credential they can say this is exactly how I want this credential to be rendered now the wallet can ignore them and the wallet can provide a bunch of other different ways to render the credential but at least the issue gets to say like if you if you if you put this on the screen this is 1 of the things I would like the um the individual to see um the other important part about that is that that like how it shows up.
Manu Sporny: How it's.
Manu Sporny: Displayed is included in the digital signature so the digital signature protects it so you know that you know when it's rendered this is exactly how the issuer wanted it to be seen um uh Harrison I don't know if it's possible to go full screen on this or not but um I wanted to try to get into um 1 of the uh some of the there we go great thank you um so you know as you can see each 1 of these is a is a scalable vector graphics file like you could blow this up to like a giant 4 foot size you know driver's license or certificate of naturalization uh or first responder credential um the data that you see on the card is taken directly from the digitally signed data um in the verifiable credential um and as you can see there are all kinds of different like shapes and sizes that you can make these things if you wanted a a circular credential you can do that if you want you know a really long 1 uh you can do that.
Manu Sporny: Uh in in.
Manu Sporny: Um anyway they're like they look really nice uh uh mad props Benjamin who did a lot of the graphics work uh for this stuff along with the rest of the team um.
Manu Sporny: James and um uh Tyler and and and the others for kind of integrating this into the digital Wallet work and the and the playground um we do have multiple implementations of this stuff there's not really a whole lot of interoperability yet we're still kind of experimenting like SVG has its limits and so we're also looking at PDF and we're also looking at other Tech space template formats we're probably going to change um we probably going to generalize the mechanisms so that it is not specific to SVG or PDF to just make it so that any text based visual template would work um uh as I mentioned we do have this stuff deployed to the playground so you can play around with this today like if you can go get like a a free demo there so wallet and then go to the playground and pick these things up and then once the credentials are in your wallet you can like look at them zoom into them make them like gigantic and full screen view them on your mobile phone view them on your tablet desktop.
Manu Sporny: You know it works.
Manu Sporny: Form factors um we think we could probably get this stuff on the standards track in 6 to 12 months we're not really rushing it all that much um it is something that a lot of people are interested in uh but we want to make sure that we you know get it right so there's not a super big rush to push it uh to standards track uh just yet.
Manu Sporny: That's it for render method.
Patrick St-Louis: Yeah um I just wanted to also put on the radar another vendor method that uh I'm working on with some other folks there was also the the the Swiss government that was interested in that and is overly capture architecture render methods or overly capture architecture is uh mechanism to provide these overly bundles that carry information about the credential um we're currently looking to implement this in bcgov for many use case um it's not I wouldn't say it's a render method per se but it will had a lot of information that rendering software could then use so if you want to if you have a web interface that want to display the verifiable credential with overlay capture architecture you can provide a lot of different overly bundles for um internationalization um adding description labels.
Patrick St-Louis: And so on in a way that's cryptographically safe and another very interesting byproduct that we found for this currently is to provide mappings uh based on Json path so you can provide mappings um if you have a system uh not already existing system and you want to implement verifiable credential uh it could provide you a path to map fields and verifiable credential that your system requires for indexing or searching verifiable credentials so that's uh a very nice feature that we found um that we are using right now.
Patrick St-Louis: Um and yeah so overlay capture bundle is something else I Look to bring to the VC render method eventually.
Harrison_Tang: Sounds good thank you.
Patrick St-Louis: Sorry I missed my.
Harrison_Tang: Next we have verifiable credential barcodes so uh I think we already have a presentation uh last week but any other updates in regards to the VC power codes.
Sam Smith: Uh yeah would you like me to still give a quick overview today obviously I won't go into depth since we just have the presentation or nothing sure okay yeah so verifiable credential barcodes um this is an effort that is a neat application of the kind of Base VC technology and that is using VCS to cryptographically secure physical credentials uh things like driver's licenses or employment authorization documents.
Sam Smith: We do.
Sam Smith: Coding VCS into a barcode that gets printed on the document.
Sam Smith: Such as a pea 417 which is the barcode you see on the back of the driver's license or a QR code on the front of the employment authorization document.
Sam Smith: And what these uh what these VCS do is they digitally sign not only over the VCS themselves but they also digitally sign over the other machine readable data that's on the card so you get cryptographic security for both your VC and the data that's already on the card to make it tamper resistant uh so there are multiple implementations of the verifiable credential barcode spec in progress and that spec now contains test vectors with step-by-step instructions for how to implement.
Sam Smith: Uh so we encourage if you're somebody that's interested in this technology please take a look at those test vectors and maybe um get an implementation going there are production deployments for the VCB work in progress with California DMV and Department of Homeland Security uh and the plan is that we propose this tech for standards track soon.
Harrison_Tang: Thank you that's that's great great summary.
Harrison_Tang: so I'm.
Harrison_Tang: Hurry up a little bit because I want to leave the last 10 minutes for Kim's uh presentation on the dif and ccg so uh I'll go over to the next topic.
Harrison_Tang: Yeah I have what issues and verifiers uh anyone have any updates on this particular work item.
Harrison_Tang: Lastly did link resources uh we have a session next week uh to go in depth on this particular work item but uh anyone want to provide an overview in regards to the did link resources.
Harrison_Tang: All right so we'll go over this uh.
Harrison_Tang: in more.
Harrison_Tang: More details next week.
Harrison_Tang: So any questions on the work items before we get to the the if updates from Kim.
Harrison_Tang: All right Ken uh the floor is yours do you want me to share your presentation or you can share.
Geun-Hyung Kim: Uh I can share it thank you.
Geun-Hyung Kim: Let me figure this out okay looks like.
Geun-Hyung Kim: I'm here I see it okay thank you um I'll try to keep this under time for uh Q&A at the very end um just contacts at the beginning 1 thing we've clarified in 2024 is this life cycle so for a long time we've been incubating standards and we work with other orgs to promote or graduate out draft specifications reports Etc to other orgs um we don't have to graduate out uh standards can continue to live and if but the third leg of this that we're focusing on a lot is this apply and grow now this has been happening in different for a while but we're making it more of a first class citizen so um part of this is clarifying how decentralized identity standards and Tech can be used in production for real world use cases and a lot of these discussions have been happening through our special interest groups like travel and hospitality.
Geun-Hyung Kim: And Regional um uh sigs.
Geun-Hyung Kim: Um the other aspect that we're clarifying this year is that we don't necessarily have to pull from standards that exist in just in div we um you know can when people are Building Solutions They Don't Really Care where the standard lives they just want to find the best standard combine everything together and make it work so some most of our upcoming efforts are really focus on demonstrating that you can use a diff standard like a identity Hub with a w3c standard Etc and so you'll see that theme throughout.
Geun-Hyung Kim: Quick updates that we've grouped into sort of our diff themes community and Outreach is 1 we've been rolling out things to lemari dip coffee breaks so that's a casual uh method that we use to describe what's happening at diff or from our members on Twitter or X and so you can follow our handle to see updates about that we're um a little bit on hold with that because we have a lot of other efforts coming on but um we should be resuming that soon um D hack along so we have our first 1 happening now and it's actually Spanish language hackathon hack along which were extremely excited about uh you can find the link here we had our first session there's 5 sessions total um and we're co-hosting these with the div member extre.
Geun-Hyung Kim: It's a good way to learn the basics of SSI in Spanish language so um we're really hoping to expand inclusivity and access to everyone the languages that they're comfortable with so we have a lot of plans like this in the future um China Sig is operating in in Chinese is is it probably should be and um you know so we're expanding out more multi-language efforts.
Geun-Hyung Kim: At very soon we had our first uh diff hosted hackathon last year and so we're continuing that it will be an October there's a little more details coming on that.
Geun-Hyung Kim: Um advocacy so we have been working to advocate for use of decentralized identifiers in um regulatory Frameworks including the EU digital wallet and we've also been working with other orgs including the ccg and did working group on an effort to promote did methods standardization you'll be hearing a lot more about that coming up soon.
Geun-Hyung Kim: Theme of what we call diff for Developers.
Geun-Hyung Kim: We're continuing to roll out and host educational and informational infrastructure so not for production use but Universal resolver is something that we've hosted for a while thanks to Daniel Tech it is a way of resolving did methods acids across data methods so you can experiment with that I didn't include the link it's uni resolver.io and in July we just announced this uh hosted dwn.
Geun-Hyung Kim: Community service you can look at this link for how to use it and interact with it we have a little sample here but that was a result of Google Cloud if and TBD partnering to offer this.
Geun-Hyung Kim: Coming soon we have diff Labs that is focused on end user applications protocols and demonstrations you'll be hearing a lot more about that um it'll be time with the hackathon.
Geun-Hyung Kim: Uh quick survey of the working group sort of the core work so we are relaunching the Apex through uh excitement that came out of some um Africa decentralized identity efforts so this existed before but there's Renewed Energy for it um so it's coming off of hold and relaunching we have a credential scheme as work item that is part of the claims and credentials W uh working group and that's focused on reusable kyc age verification proof of humanity and a a range of other efforts um this 1's very exciting getting a lot of attention it was mentioned in the recent Gartner report covering decentralized identity as something that they're following so um that's a good opportunity to get in on these very interesting use cases uh proof of humanity you'll be hearing a lot more about in the coming weeks so stay tuned on that um did traits.
Geun-Hyung Kim: As of this morning so that will be part of the ID Discovery group you can think of it as a related to did rubric in um will actually that's worth a whole additional session from um um from the uh ID Discovery group who's behind that so uh but you can read more about that through uh the the identity Discovery group.
Geun-Hyung Kim: Very exciting and relevant um where we will be launching with the ccg a did method um working group soon so that comes out of this letter of intent that was uh recently released so a lot more details coming up on that um I'm going to shut it down in just a second so uh um recently promoted specs credential trust establishment and linked VP.
Geun-Hyung Kim: Lastly um we have a our hackathons coming up we're looking for uh almost at the limit but we're still accepting sponsorships and if you would like to participate on it um announcements will be coming out soon the major tracks will be education which is actually education and Workforce and um this 1's really exciting for this group touching on VC for edu we're working closely with the folks in VC edu to make sure that it builds off of the jmf plug Fest work so it's a good way to extend the great work done there and also allow participants to like get involved very quickly in reuse that infrastructure that was built there so that's a great example of diff embracing standards from a broad range of organizations travel hospitality and reasonable identity of course are important efforts in our um sigs and and working groups and to learn more here's our web.
Geun-Hyung Kim: Website or just read.
Geun-Hyung Kim: Out anytime you know.
Geun-Hyung Kim: In order to find.
Geun-Hyung Kim: Uh any questions.
Manu Sporny: Uh yeah can this is all awesome stuff um uh really need to see like the the different work streams um for the credential schemas thing are you thinking like or is that basically like um like you know we've got like a citizenship vocabulary that we're working on in ccg um there's a driver's license 1 as well are you thinking it's it's like work that's kind of a similar to that I mean it it'd be great if that it would be great if if that's the case because you know we are spending a lot of time on kind of the fundamental technology and not necessarily as much on the application layer space like the business you know level um what what are your thoughts there what are you what's what's kind of the goal for those um items.
Geun-Hyung Kim: That's a great call out so in in this working group most of the early effort is getting a very crisp use case so a lot of this comes from my experience trying to you know sort of deploy Solutions around reusable kyc reusable identity it's very important to get the semantics right and to get the business you know get all of the stakeholders compliance official or experts all of this in the room and so what we're focusing on in the early stages is exactly what do we mean by you know like what use cases will these schemas fit in and so expect to see a lot of documentation around um how each of these schemas it's used which which um use cases is appropriate so proof of humanity for example not.
Geun-Hyung Kim: Not trivial like does it mean proof of unique personhood you know what does it mean what are its use cases.
Geun-Hyung Kim: So so yes a lot of the work happening in ccg seems to be coming out more the group of participants have come to consensus in some manner about how they're using it um so it's it's really great to get everything um you know like to bootstrap people who know exactly what they're doing or the use cases quite crisp so I think a lot of what we're doing is the stuff leading up to it and so I see a lot of intersection in terms of when we actually know what we're talking about right so the the mented uh taxonomies and um schemas and all of that and that will be really exciting use case to or example to figure out like how we improve the discoverability um discoverability is a huge problem for people who are getting started in decentralized identity uh do you have to just create your own schema so that's something I'd love to work closely with ccg on as we.
Geun-Hyung Kim: Mature our work.
Harrison_Tang: Any other questions okay.
Harrison_Tang: Bye wait can I I will probably want to reach out to you later to uh find out who can actually present about proof of humanity and some of these works like the ID traits at the ccg because I'm very curious to learn more.
Geun-Hyung Kim: Fantastic yes uh I will we'll we'll get in touch right after this.
Andrea_D'Intino_|_Forkbomb_BV: Uh I might be slightly off topic but uh we're interested in uh building a kyc capabilities into our identity solution.
Andrea_D'Intino_|_Forkbomb_BV: So anybody that has a is working on that has good hints would be very happy to hear.
Harrison_Tang: I'm just curious when you say kyc capabilities uh what are you referring to are you referring to using third-party verification data or are you oh got it okay.
Andrea_D'Intino_|_Forkbomb_BV: No no verification data uh uh I'm referring to a mobile app.
Andrea_D'Intino_|_Forkbomb_BV: Uh I'm thinking about uh Biometrics and document OCR.
Harrison_Tang: Ah got it are you looking for.
Andrea_D'Intino_|_Forkbomb_BV: Am I am I am I a topic completely.
Harrison_Tang: No no it's fine I think this is a open discussion so are you looking for a vendor or are you looking to because if you're looking for a vendor on Biometrics and OCR I can refer you and connect you with those vendors.
Andrea_D'Intino_|_Forkbomb_BV: Would have been nice yes.
<tallted_//_ted_thibodeau_(he/him)_(openlinksw.com)> "KYC" expansion? Acronyms are the devil!
Harrison_Tang: Okay all right I I will put that in my calendar I will I will try to connect you with the vendors like this week or next week.
Andrea_D'Intino_|_Forkbomb_BV: And this came to mind because I read a reusable kyc.
Andrea_D'Intino_|_Forkbomb_BV: On the PowerPoint on the presentation here so.
Harrison_Tang: Got it yeah I know I know those folks quite well so I will I will uh make some introductions uh.
Andrea_D'Intino_|_Forkbomb_BV: Sounds good thank you.
Harrison_Tang: Uh we are at time but any last thoughts or comments or.
TallTed_//_Ted_Thibodeau_(he/him)_(OpenLinkSw.com): Just a quick 1 KY is a 3-letter acronym and could mean many things we should avoid those.
<kerri_lemoie> Excellent work all. Thank you for the updates.
Harrison_Tang: Got it yeah it's a it's a know your customer right know your customer compliance it's a 1 of the part of the financial crime compliance uh uh especially uh I think it started from the bank secrecy act uh in United States back in the early 2000s.
<kim_duffy> Thank you all!
Harrison_Tang: All right so we're at time uh just want to give a quick shout out again for will for organizing all this and putting this together and then want to give a big thanks to Kim Manu Andrea uh Benjamin Patrick for actually giving us a updates on all these work items uh we will try to do not try to we'll commit to do this every quarter so the next 1 is scheduled to be uh the end of October the beginning of November all right.
Harrison_Tang: Thank you thanks a lot have a good 1 bye.