14:39:45 <RRSAgent> RRSAgent has joined #vcwg
14:39:49 <RRSAgent> logging to https://www.w3.org/2023/08/23-vcwg-irc
14:39:49 <Zakim> RRSAgent, make logs Public
14:39:50 <Zakim> please title this meeting ("meeting: ..."), ivan
14:39:56 <ivan> Meeting: Verifiable Credentials Working Group Telco
14:39:56 <ivan> Date: 2023-08-23
14:39:56 <ivan> Agenda: https://www.w3.org/events/meetings/ae05a21b-c065-4e69-8d5e-352a0d391513/20230823T110000/
14:39:56 <ivan> chair: brent
14:39:56 <ivan> ivan has changed the topic to: Meeting Agenda 2023-08-23: https://www.w3.org/events/meetings/ae05a21b-c065-4e69-8d5e-352a0d391513/20230823T110000/
14:46:02 <brent> brent has joined #vcwg
14:59:42 <brent> present+
14:59:43 <decentralgabe> decentralgabe has joined #vcwg
14:59:44 <ivan> present+
14:59:52 <ivan> present+ pauld
14:59:58 <ivan> present+ seabass
15:00:22 <hsano> hsano has joined #vcwg
15:01:13 <ivan> present+ gregb, benjamin, manu
15:01:33 <GregB> GregB has joined #vcwg
15:01:37 <GregB> present+
15:01:52 <ivan> present+ hsano, shigeya, gabe, davidc
15:02:04 <DavidC> DavidC has joined #vcwg
15:02:34 <hsano> present+
15:02:41 <DavidC> present+
15:02:46 <TallTed> TallTed has joined #vcwg
15:03:23 <pauld_gs1> pauld_gs1 has joined #vcwg
15:04:03 <pl-asu> pl-asu has joined #vcwg
15:04:08 <pl-asu> present+
15:04:10 <dlongley> present+
15:04:48 <ivan> present+ andres
15:04:56 <seabass> scribe+
15:05:59 <ivan> present+ orie
15:06:05 <Orie> Orie has joined #vcwg
15:06:07 <Orie> present+
15:06:31 <brent> https://docs.google.com/spreadsheets/d/1OXEEkZ-ffd4PBdGVJ2c0vjfcnqoGXeOO0RvC5eMEx7M/edit#gid=179611341
15:07:04 <dmitriz> dmitriz has joined #vcwg
15:07:25 <dmitriz> dmitriz has joined #vcwg
15:07:26 <brent> Topic: Work Item status updates/PRs
15:07:34 <decentralgabe> q+ vcjsonschema test suite
15:07:57 <brent> https://docs.google.com/spreadsheets/d/1OXEEkZ-ffd4PBdGVJ2c0vjfcnqoGXeOO0RvC5eMEx7M/edit#gid=179611341
15:08:04 <JoeAndrieu> JoeAndrieu has joined #vcwg
15:08:40 <ivan> present+ JoeAndrieu
15:09:02 <manu> q+
15:09:04 <seabass> gabe: I am working on the VC-JSON test suite and work is going well.
15:09:10 <brent> ack manu
15:09:11 <decentralgabe> https://github.com/TBD54566975/vc-json-schema-test-suite
15:09:14 <TallTed> present+
15:09:17 <manu> subtopic: https://github.com/w3c/vc-data-integrity/pull/99
15:09:44 <Orie> q+
15:09:58 <brent> ack Orie
15:09:58 <seabass> manu: Orie raised the PR; it has had a number of reviews which are approximately 50-50 for and against. It doesn't seem like there will be consensus.
15:10:05 <cabernet> cabernet has joined #vcwg
15:10:08 <cabernet> present+
15:10:52 <manu> q+
15:11:01 <seabass> Orie: I think we should copy the content into VC JOSE/COSE, and we should live the vc-data-integrity PR open until that or another strategy is completed. I agree that the vc-data-integrity PR is unlikely to gain consensus.
15:11:13 <manu> q-
15:11:13 <brent> ack manu
15:11:59 <Orie> q+
15:12:45 <seabass> manu: I wonder if we should convert it to an issue in the VC JOSE/COSE specification. I also think that copying-and-pasting is a risky strategy for spec text.
15:12:45 <ivan> present+ Przemek
15:12:45 <brent> ack Orie
15:12:45 <kgriffin> kgriffin has joined #vcwg
15:12:45 <ivan> present+ griffin
15:13:03 <seabass> Orie: We could promote the use of Multibase, and not mention JWK at all.
15:13:22 <przemek> przemek has joined #vcwg
15:13:44 <manu> q+
15:13:47 <seabass> Orie: I don't feel that the content of VC data integrity is acceptable.
15:14:20 <manu> q+ to -1 on "picking a side"
15:14:21 <brent> ack manu
15:14:21 <Zakim> manu, you wanted to -1 on "picking a side"
15:14:24 <seabass> Orie: I think there is an opportunity to reduce market confusion by 'picking a side' between Multibase and JWK.
15:15:46 <seabass> manu: I don't want to 'pick a side'; that's not what I think the specification is trying to do. We shouldn't force things on markets, because it would split communities of implementers.
15:15:56 <Orie> I don't agree, and I believe we are perpetuating a major reason that we don't see market adoption of these specifications.
15:16:16 <seabass> q+
15:16:39 <dlongley> scribe+
15:16:41 <manu> scribe+
15:16:44 <brent> ack seabass
15:17:03 <dmitriz> @Orie - and you think it'll help adoption to say, in the spec, "Oh, people who implemented Multibase, go ahead and re-do everything in JWK"?
15:17:13 <manu> seabass: There is a philosophical issue, which Manu alluded to... whether or not VCs should force a specific technology in order to facilitate the entire ecosystem... or let ecosystem of implementers decide.
15:17:14 <dlongley> seabass: I think there is a philosophical issue and Manu alluded to that. There's the issue of whether or not VCs should essentially force a specific technology to facilitate the whole working of the ecosystem or if it's better to let the implementers decide.
15:17:22 <dlongley> seabass: There's also the technical merits of the different key formats.
15:17:30 <manu> scribe-
15:18:03 <dlongley> seabass: I think those debates are tangential, I think we can talk about those merits separately and I recommend creating an issue to document the differences in a collaborative way that can guide those decisions later on.
15:18:15 <seabass> scribe+
15:18:16 <dlongley> scribe-
15:18:29 <Orie> q+
15:18:37 <brent> ack Orie
15:18:58 <seabass> Orie: I don't believe there has been any further progress on the BBS work.
15:19:47 <manu> q+
15:19:53 <dlongley> +1 to let what Orie said happen -- let the work progress and if it makes it further along it does, otherwise it doesn't
15:19:53 <Orie> See https://github.com/w3c/vc-di-bbs
15:19:54 <brent> Topic: BBS
15:19:56 <ivan> subtopic: fate of BBS
15:19:58 <brent> ack manu
15:20:17 <Orie> q+
15:20:26 <seabass> manu: I agree that there is not adequate work on BBS. Have you heard, Orie, whether Matter is continuing to work on it?
15:20:46 <GregB> q+
15:21:18 <seabass> manu: Digital Bazaar would be happy to contribute to the specification if Matter will be working on it.
15:22:21 <dlongley> s/Matter/MATTR
15:22:31 <brent> ack Orie
15:22:45 <seabass> manu: We could extend the VCWG's charter in order to get BBS published, and Digital Bazaar has an interest in unlinkable signatures. Digital Bazaar doesn't think that is too big of an issue.
15:23:58 <seabass> Orie: I don't want to speculate about MATTR, but Transmute isn't planning to support eddsa-sd.
15:24:46 <brent> ack GregB
15:24:51 <seabass> Orie: I don't think we should extend the charter.
15:25:30 <seabass> GregB: I've been working on BBS in the IETF.
15:26:22 <seabass> GregB: RDF Blank Nodes can be handled correctly. Although it's not my speciality, ecdsa-sd seems to do exactly what we want.
15:27:16 <seabass> GregB: I have a BBS implementation that I intend to experiment with. I am optimistic that the basics are adequate to support BBS in VCs.
15:27:32 <GregB> q-
15:28:00 <Orie> I suggest we start looking for an editor to replace me, we don't plan to implement it, and I don't think I have the cycles to manage it.
15:28:05 <brent> Topic: Issue Triage
15:28:10 <brent> https://github.com/w3c/vc-data-model/issues?q=is%3Aopen+is%3Aissue+-label%3Abefore-CR+-label%3Apost-CR
15:28:22 <manu> q+
15:29:29 <manu> q-
15:29:40 <seabass> brent: As a chair, I'm comfortable with postponing a decision about BBS until the other securing methods are through CR.
15:29:51 <brent> subtopic: https://github.com/w3c/vc-data-model/issues/1254
15:30:15 <seabass> q+
15:30:21 <brent> ack seabass
15:30:54 <dlongley> scribe+
15:31:06 <manu> q+
15:31:24 <dlongley> seabass: Is this considered important enough to be its own bullet point in security considerations or is it best practice to just know it?
15:31:34 <brent> ack manu
15:31:50 <dlongley> scribe-
15:32:03 <seabass> manu: I would suggest 'Post-CR' for this issue. I don't think we should add normative text to the specification about this issue.
15:32:17 <seabass> q+
15:32:22 <brent> ack seabass
15:32:25 <dlongley> scribe+
15:32:51 <dlongley> seabass: I would like to agree with Manu and have the extra justification for post-PR is that this can be said about anything in RDF; we can put any content anywhere and it's up to implementers to be careful in what they pass in what security context they want to.
15:32:53 <dlongley> scribe-
15:33:25 <brent> subtopic: https://github.com/w3c/vc-data-model/issues/1248
15:33:28 <manu> q+
15:33:40 <brent> ack manu
15:34:07 <Orie> present-
15:34:41 <seabass> manu: This has to do with the 'verifiable credential graph' language that some would like, and also relates to the diagrams. I think Henry got it right, and suggested some post-CR modifications we could make/
15:35:00 <seabass> brent: I'm not hearing any objections to this being post-CR.
15:35:27 <manu> q+
15:35:32 <brent> ack manu
15:35:52 <seabass> brent: I believe all the horizontal reviews are before CR.
15:36:05 <brent> subtopic: https://github.com/w3c/vc-data-model/issues/1247
15:36:09 <seabass> manu: I think we can pick-and-choose, as not all of them are requesting normative changes.
15:36:51 <manu> q+
15:36:57 <brent> ack manu
15:37:06 <manu> q-
15:37:06 <dlongley> +1 to not ask for review until issues addressed
15:37:06 <seabass> brent: Once we go to CR, we'll be asking PING for another review, so not having addressed those would be awkward.
15:37:21 <seabass> manu: We can avoid asking for another review until we're ready.
15:37:25 <manu> q+
15:37:26 <seabass> brent: Yes, that will work.
15:37:49 <brent> ack manu
15:38:01 <seabass> manu: I think this is post-CR.
15:38:02 <seabass> q+
15:38:36 <brent> ack seabass
15:38:36 <dlongley> scribe+
15:39:27 <manu> q+ to -1 normative requirements :(
15:39:34 <dlongley> seabass: Thank you. So, my gut feeling is that this is Pre-CR, there are a lot of situations where privacy and security is left up to implementers. The general record is that implementers don't address those adequately. Since VCs have at heart security and privacy, I think we should have a go at including statements like "you should not keep PII in this manner for this amount of time" as that might take a while to resolve.
15:39:34 <brent> ack manu
15:39:34 <Zakim> manu, you wanted to -1 normative requirements :(
15:40:08 <seabass> manu: I am very concerned about having that discussion in this group. This is because it's not testable, and that there are use-cases where retention may be required by law.
15:40:46 <seabass> q+
15:40:49 <seabass> manu: The timeline is too tight in my opinion.
15:40:55 <brent> ack seabass
15:41:10 <GregB> +1 to post CR
15:41:47 <dlongley> seabass: I'm not suggesting in response to Manu. I'm not suggesting we add normative statements, but I'm suggesting we prioritize discussion about that issue to see if there are any normative statements that are effectively statements. Like what you said, Manu, about requiring something in one context and not others. We should prioritize figuring these things out that we've been notified of.
15:42:16 <dlongley> seabass: Given what I've just said, I think I should be assigned and I'll see what I can do.
15:42:20 <brent> subtopic: https://github.com/w3c/vc-data-model/issues/1246
15:43:04 <seabass> brent: I am not sure what we could say about the topic considering our own charter.
15:43:19 <dmitriz> +1 to post-cr on 1246
15:43:21 <manu> +1 to handling this during CR
15:43:25 <seabass> brent: I don't believe we are qualified as a WG to make this Pre-CR.
15:43:50 <brent> subtopic: https://github.com/w3c/vc-data-model/issues/1245
15:44:34 <manu> +1 to this being a security consideration, post CR
15:44:35 <seabass> brent: This is a security consideration. This is less of a data model aspect; maybe this is Post-CR.
15:44:39 <GregB> +1 1245 post CR
15:44:39 <seabass> q+
15:44:48 <brent> ack seabass
15:45:13 <dlongley> seabass: Essentially my comments regarding the previous issue apply to all of the ones from PING. We don't have to have normative statements, but Post-CR could just be undesirable given how critical these things are.
15:46:11 <manu> q+ to suggest special topic call
15:46:23 <brent> ack manu
15:46:23 <Zakim> manu, you wanted to suggest special topic call
15:46:51 <seabass> manu: To address Sebastian's concerned, maybe we should add a topic specifically for discussing the PING review in general.
15:46:58 <GregB> Post CR I may have more time to help with PING items...
15:47:08 <brent> subtopic: https://github.com/w3c/vc-data-model/issues/1244
15:47:15 <decentralgabe> sorry - I can take 1245
15:47:52 <manu> q+
15:48:00 <brent> ack manu
15:48:12 <seabass> manu: I don't know what normative language we could add to address the issue.
15:48:57 <seabass> manu: I think it's good advice, but I don't think a normative statement is appropriate.
15:49:10 <TallTed> Privacy considerations aren't necessarily about normative language. They're *considerations*.
15:49:21 <griffin-again-again> griffin-again-again has joined #vcwg
15:49:50 <brent> Topic: Issue Discussion
15:49:50 <gkellogg> gkellogg has joined #vcwg
15:49:57 <brent> https://github.com/w3c/vc-data-model/issues?q=is%3Aopen+is%3Aissue+label%3Abefore-CR+sort%3Aupdated-asc
15:50:19 <brent> subtopic: https://github.com/w3c/vc-data-model/issues?q=is%3Aopen+is%3Aissue+label%3Abefore-CR+sort%3Aupdated-asc
15:50:34 <brent> subtopic: https://github.com/w3c/vc-data-model/issues?q=is%3Aopen+is%3Aissue+label%3Abefore-CR+sort%3Aupdated-asc
15:50:45 <brent> subtopic: https://github.com/w3c/vc-data-model/issues/1027
15:51:24 <seabass> brent: Kristina was assigned, but is not present. Orie has left the meeting.
15:51:49 <seabass> q+
15:52:04 <brent> ack seabass
15:52:23 <dlongley> seabass: Generally, when people say "optional fields" are they referring to fields that are absent from the RDF or simply have a `null` value?
15:52:23 <DavidC> q+
15:52:47 <brent> ack DavidC
15:52:56 <dlongley> brent: The issue should tell you that.
15:52:58 <dlongley> seabass: I'll take a look.
15:53:42 <dlongley> DavidC: What happens if an optional field is present -- can you ignore it?
15:53:43 <brent> subtopic: https://github.com/w3c/vc-data-model/issues/938
15:53:44 <seabass> DavidC: an important issue is whether optional fields cans be ignored by processors even if they are present.
15:53:47 <dlongley> scribe-
15:54:41 <seabass> DavidC: We wanted this feature in a project I was working on last year. I don't work on that any longer, so we can drop the issue now.
15:54:42 <manu> q+
15:54:46 <brent> ack manu
15:55:11 <seabass> manu: There is some interest in it.
15:56:00 <ivan> rrsagent, draft minutes
15:56:02 <RRSAgent> I have made the request to generate https://www.w3.org/2023/08/23-vcwg-minutes.html ivan
15:56:28 <ivan> zakim, end meeting
15:56:28 <Zakim> As of this point the attendees have been brent, ivan, pauld, seabass, gregb, benjamin, manu, hsano, shigeya, gabe, davidc, pl-asu, dlongley, andres, orie, JoeAndrieu, TallTed,
15:56:31 <Zakim> ... cabernet, Przemek, griffin
15:56:31 <Zakim> RRSAgent, please draft minutes
15:56:33 <RRSAgent> I have made the request to generate https://www.w3.org/2023/08/23-vcwg-minutes.html Zakim
15:56:39 <Zakim> I am happy to have been of service, ivan; please remember to excuse RRSAgent.  Goodbye
15:56:39 <Zakim> Zakim has left #vcwg
17:05:07 <gkellogg_> gkellogg_ has joined #vcwg
17:15:16 <gkellogg> gkellogg has joined #vcwg
17:16:56 <gkellogg> gkellogg has joined #vcwg
17:40:36 <gkellogg> gkellogg has joined #vcwg
17:45:14 <ivan_> ivan_ has joined #vcwg
17:49:04 <gkellogg> gkellogg has joined #vcwg
18:18:19 <gkellogg> gkellogg has joined #vcwg
18:36:37 <gkellogg> gkellogg has joined #vcwg
19:03:25 <ivan> ivan has joined #vcwg
19:08:48 <gkellogg> gkellogg has joined #vcwg
19:45:15 <gkellogg> gkellogg has joined #vcwg
19:50:49 <gkellogg> gkellogg has joined #vcwg
20:01:57 <gkellogg_> gkellogg_ has joined #vcwg
20:05:14 <gkellog__> gkellog__ has joined #vcwg
20:06:06 <gkello___> gkello___ has joined #vcwg
20:10:53 <gkellogg> gkellogg has joined #vcwg
20:11:33 <gkellogg_> gkellogg_ has joined #vcwg
20:42:00 <ivan> ivan has joined #vcwg
21:00:02 <gkellogg> gkellogg has joined #vcwg
21:01:42 <gkellogg> gkellogg has joined #vcwg
21:24:13 <gkellogg> gkellogg has joined #vcwg
21:35:21 <dlehn1> dlehn1 has joined #vcwg
21:53:21 <gkellogg> gkellogg has joined #vcwg
21:53:29 <gkellogg_> gkellogg_ has joined #vcwg
21:54:14 <gkellogg> gkellogg has joined #vcwg
21:54:38 <gkellogg> gkellogg has joined #vcwg
21:55:27 <cel> cel has joined #vcwg
22:18:16 <gkellogg_> gkellogg_ has joined #vcwg
22:19:43 <gkellogg> gkellogg has joined #vcwg
22:21:36 <gkellogg_> gkellogg_ has joined #vcwg
22:22:40 <gkellog__> gkellog__ has joined #vcwg
22:23:48 <gkello___> gkello___ has joined #vcwg
22:28:26 <gkellogg> gkellogg has joined #vcwg
22:46:09 <gkellogg> gkellogg has joined #vcwg
23:00:50 <gkellogg> gkellogg has joined #vcwg
23:18:49 <gkellogg> gkellogg has joined #vcwg
23:35:43 <gkellogg> gkellogg has joined #vcwg