See also: IRC log
<manu> scribe: manu
dchadwick: I'm an invited expert; I've been building VCs. I started over a year ago. a coiple of pilot applications the last one was the ??? ; we signed medical patients up using a mobile app; they were using VCs to sign up, get prescriptions, etc. and they found it easier than traditional methods. They said they loved it because they didn't have to use usernames and password and wished it would be offered officially
not being minuted, member only
<scribe> scribe: amigus
<manu> https://w3c.github.io/vc-data-model/
<manu> https://github.com/w3c/vc-data-model/pull/69
varn: PR69: we are sent requests for comments; looks like 2 of 4 are processed; manu is is done?
manu: yes, it's gtg and there are
no pending PRs
... so there is no active work going on the spec which is not
ideal
varn: we're focusing on PR69; it's in?
manu: yes, it's in
<manu> Here's the milestone: https://github.com/w3c/vc-data-model/issues?q=is%3Aopen+is%3Aissue+milestone%3A%22VCM1%3A+Basic+Issuer%2C+Claim%2C+and+Signature%22
varn: our first major milestone were to complete the documents as they relate to issuer and verify; so is there anyone here who wants to work on it? is it alreayd done?
burn: is it done already and if not please speak up to say it's not done and what you want to do
dchadwick: working on the security review; its WIP. the first version will likely have a set of limitations on it
jandrieu: two things:
... what's in the milestone
<stonematt> milestone is "basic issue and verify"
jandrieu: I'm offline and can't see it myself
<Zakim> manu, you wanted to say we are not done, not even close, test suite - issue discussion.
manu: we're not done with this
milestone we haven't completed a single of the 4 issues
... assumption is that the issues will be discussed offline but
I don't see any of that
... other option is disucssion in meeting but that hasn't
happened
... also, it has to survive a basic test from the testsuite
which is still WIP
... as such we're weeks away from being able to closeout the
milestone
<Zakim> nage, you wanted to say we are not done (cross matching issues, privacy issues, variants on signature scheme questions -- how many of these are called out as issues for later)
manu: we're not getting enough volunteers to work on it which is slowing us down
nage: question: we have a bunch
of issues with cross-matching, combining and privacy; are they
in scope?
... what about various in the different schemes like json vs.
json-ld and if we see issues related to the them when do we
bring it up?
<dlongley> let's stick with a "minimum viable milestone" ... i vote to defer matching issues and privacy for another milestone
<Zakim> manu, you wanted to note that it's all up to Evernym/Sovrin Foundation to bring these issues up and when... I suggest /after/ M1.
varn: is it advisable to set a date or should we just list the workitems and make progress
manu: setting a date and working backwards doesn't really work; chris and I are working on it but the primary blockers are lack of discussion of those 4 issues and tests in the testsuite
<dlongley> needs: 1. discussion on issues, 2. spec text to resolve them, 3. tests for them in the test suite.
manu: so specify the work that needs to be done and find folks to do it.
varn: (listed the 4 issues)
... the one with the most comments is the model mapping one;
second most is ???; either way, is there one that's easier to
work on?
<dlongley> https://github.com/w3c/vc-data-model/issues/33
manu: 33 is the easiest
... and then 66
<Zakim> manu, you wanted to answer nage
varn: OK, 33 and 66 should be worked on first
manu: nage: the issues you
mentioned are important but it's up to Sovrin/Everynm to push
for the issues that matter to you guys.
... so if you want something to get worked on sooner then lets
get it on the list for milestone too
... other issues have prerequites and so are dependent
nage: just wondering if we should raise PRs now or wait until the discussions are more timely related to other work
manu: raise the issues early so
everyone sees what's important and gets people thinking
... does that answer?
nage: well it doesn't make prioritization clear but we can action on it
<varn> ack dan who is only on phone
varn: you can also raise the issues even if it's too soon to be specific just so that we can assign them to milestone 2 or even 1
<manu> https://github.com/w3c/vc-data-model/issues/68
jandrieu: not sure whether issue
68 is for milestone 1 or 2 but we should issuer vs.
holder
... the whole question is not part of our conversation yet and
I wonder when it should be part of the it
<varn> s/ack david chadwick who is only on the phone//
dchadwick: reponse to jandrieu:
we need for milestone 1, to articulate the limitations on
holder vs. subject.
... so we may say the holder is the subject period.
jandrieu: so there's some clarification needed as to whats in scope. to my view there's VC for which the subject isn't the holder but ther different assumptions are a hinderance to consensus
dchadwick: most of the stuff implicity says the subject is the holder so we should be explicit
jandrieu: then we have to assure how/why the holder is the subject
varn: then issue 68 may need to
be worked on to get to the bottom of this
... and either there or elsewhere we need to unpack this issue
and state the assumptions that were made
... also the question is whether there's assurance of the
subject being the holder
jandrieu: i think that sounds right to me and issue 68 captures most of that
<dlongley> i think that M1 does not need to deal with authenticating the presenter of a profile, just authenticating the information within the profile
varn: dan, matt and I will take this offline to figure out how to get this into the agenda/discussion
<nage> The identity assurance seems like a schema-specific issues, not sure if it could acutally be addressed globally (without adding a lot of baggage to the data model)
<dlongley> profile/credential
ChristopherA: I'm fine with moving this to milestone 2 but it should be explicit assumption that subject = holder but also very explicit that we're exploring cases where they aren't, that may make it into milestone 2
<Zakim> manu, you wanted to note that this is a protocol discussion, so probably belongs in CG and then we feed that discussion back into the WG... and to request that we move issue 68 to
ChristopherA: it should be stated in 1 so there are no surprises in m2
manu: part of jandrieu's point is
important but not sure all of it is under the WG vs. the CG
because of the charter so probably should have it in the CG
then have the result feedback into the WG; thus put issue 68 on
M2
... lets not hold up milestone one while the CG resolves the
issue
... so put issue 68 in M2 and let the CG disucss it in the
meantime
varn: do we need to explicitly state the holder != subject exploration, in M1?
manu: no harm and i think we should
varn: is there a volunteer to document that in M1?
<varn> david chadwick volunteers
varn: dchadwick volunteers; anyone else?
<manu> ACTION: DavidChadwick and JoeAndrieu to write up issue marker for issue 68 for VC Data Model spec. [recorded in http://www.w3.org/2017/08/29-vcwg-minutes.html#action01]
jandrieu: i will help work on it too by extending what's there
varn: volunteers assigned
<Zakim> manu, you wanted to note advances in test suite
<manu> https://github.com/msporny/vc-test-suite
<manu> https://github.com/msporny/vc-test-suite/tree/gh-pages/bin
manu: I committed some new changes to the testsuite; either way it needs to be migrated to the w3c repo; Liam? where is that?
<varn> liam what is the status of the test suite
Liam: I think it's in your court now because you have to get the repository to me
manu: permission was granted to you so you just need to transfer it. Here's a link to how to do that:
<manu> liam needs to do a transfer at bottom of this page: https://github.com/msporny/vc-test-suite/settings
Liam: last time i checked there was no transfer button; we'll try again
varn: Liam and manu should work on it offline
maru: agreed
gkellogg: question: is this test manifest based on any existing one?
manu: no, it's not based on any
previous suite; we haven't decided what it will look like yet
just how the driver works and how a developer would develop
against it
... no decisions have been made so please help us!
gkelllogg: there's some advantage to stick with what was done in the JSON-LD one but we can take it offline
agenda item 2.3
varn: for those who did the
reviewing: anything to report? findings or suggestions either
here or did you put something elsewhere?
... anything wrong? left out? any changes needed?
... we have 10 minutes or so to cover it..
MattLarson: Not my area of
expertise but as an implementor: one of the things is storage
providers and privacy as it relates to them. what's the groups
feeling about storing the cred vs. generating it on
demand?
... there seems to be an assumption that it's static hence the
question; what does the group think?
... what about revocations lists
... everything else seemed reasonable to me.
... one more thing: a lot of credentials in the badging space
use email but that's correlatable. thoughts?
varn: good questions; my observation: the assumption that we're making is that a bundle is encrypted and passed around which would imply static vs. you're the only person who can generate it which seems at odds
<stonematt> +1 Acclaim represents the governing body of the credential - becomes a delegated issuer.
<TallTed> TallTed: note that email address can be problematic as agent identifier -- e.g., role addresses often lead to multiple people, both simultaneously and over time
mattLarson: the idea is that a user creates a claim which can then be distributed but it's not actually stored with us; only a memento that can be used to reference it
dlongley: the data model has no restrictions that would preclude any of the behavior we're talking about but it sounds like you're talking about an issuer who creates a claim then takes it somewhere. just listening it sounds like it fits in cleanly. issuer can issue claims using the data model then the generated claim/credential which is then stored in a repo which can then be used elsewhere. the claim can be signed in different ways so as to make it fit for
different uses
<Zakim> nage, you wanted to speak about identifiers (as part of protocols) and revocation
stonematt: echoing what dlongley said; having a claim works that way is fine; if someone wants to assemble various credentials and put them together as a portfolio which then itself becomes a claim that the platform issues. it's a new example of agency and delgation in which the acclaim is working on behalf of the issuer
<dlongley> Acclaim has been empowered to act as the "Issuer" and it fits nicely in the architecture this group has produced
<ChristopherA> (I have to leave to prepare for CG meeting)
nage: when we get into protocol in the CG it's important to be specific about this stuff but here we've making no assumptions so this is a CG issue right now but one that needs to be handled carefully WRT privacy
<liam> [vc-test-suite transfer in progress... done... now https://github.com/w3c/vc-test-suite]
nage: that said, some of this will have to be represented in the data model and/or will influence it
MatlLarson: my question was answered
varn: we need for folks reviewing the security and privacy section get that done so it'll be on the agenda next week.
<nage> identifier management and correlation is especially important to revocation design (revocation lists reveal too much information for many use cases)
This is scribe.perl Revision: 1.152 of Date: 2017/02/06 11:04:15 Check for newer version at http://dev.w3.org/cvsweb/~checkout~/2002/scribe/ Guessing input format: Irssi_ISO8601_Log_Text_Format (score 1.00) Succeeded: s/varn/burn/ Succeeded: s/dan is dan burnett// Succeeded: s/oops// Succeeded: s/ack joe andrieu who is also only on phone// FAILED: s/ack david chadwick who is only on the phone// Present: Nathan_George Chris_Webber David_Lehn Matt_Stone Gregg_Kellogg Adam_Migus Dave_Longley Manu_Sporny David_Chadwick Christopher_Allen David_Ezell Found Scribe: manu Inferring ScribeNick: manu Found Scribe: amigus Inferring ScribeNick: amigus Scribes: manu, amigus ScribeNicks: manu, amigus Agenda: https://lists.w3.org/Archives/Public/public-vc-wg/2017Aug/0014.html Got date from IRC log name: 29 Aug 2017 Guessing minutes URL: http://www.w3.org/2017/08/29-vcwg-minutes.html People with action items: davidchadwick joeandrieu[End of scribe.perl diagnostic output]