See also: IRC log
<dezell> scribe: yaso
m4nu: the spec is called Identity
credentials spec, it's a working title
... some examples of credentials: driver's license, etc.. this
are all examples of credentials
... education orgs like universities and the job market wants
to make sure that someone can prove their education
... banking sector ensuring that you're regulatory compliant,
control substances, and things like certifications
... there even a group of certifications that you can get
around corrosion engineering
... the credentials CC have about 1 year
... 67 members, weekly telcos
... we' re going to pilot projects so it is not
theoretical
... we have been trying to get something started around this
work on w3c for about 1 year, we want to see Use Cases from
companies that they are spending money on
... the question that we ask is: what is the most compelling
use case that you company has
... and what types of technologies do you use today to
credentials, and what kind of things do you want from this
ecosystem
... what a ecosystem should be able to do?
... we have payments orgs, education orgs, healthcare,
government, NGO,
... all of this orgs are interested in the credentials
work
... the 1st question: what kind of capabilities want to see as
priority in the work,
... as you can see, just about everything was raising, we had
about 70% of the answers said that this items are important
<AxelPolleres> will notes/slides be made available?
m4nu: we asked if do existent
technologies address the user credential needs, what
technologies do you use today
... this is not automated for this organizations, we need to go
back and find out what they are using, I think that one of the
things that pops out here is that orgs still uses very manual
processes to do credentials
... next question: do these technologies meet your needs? 9
answered that don't know, many said they meet some of our
credential needs, but not all of them
... we (the Credentials CG) have this people called holders -
those who receive credentials, issuers - those who issue
credentials, identity providers - who store credentials and
credential consumers - those who request credentials
... what we're trying to do here is make sure that there is
going to be thousands of tools so these orgs can use to
communicate between each other
... we do have reference implementations
... we are at TPAC, we have a demo, if you want to see, come
find me
... part of the outcome of that meeting was "seems like the
orgs are interested in doing this job" - we have to answer
those question in a way that makes sense
... this is an open question to the room: "what else do we need
to get the work done at w3c"
kiyoung: payments instruments also could involve credentials in the use - is that in the scope?
m4nu: personally, yes. But we have to talk w/ w3c members
<kiyoung> I think instruments and credentials connected seamlessly.
<azaroth> +1 on the congratulations, seems like a very solid evidence basis for moving forwards
<Zakim> dezell, you wanted to ask about payment instruments
<AxelPolleres> How’s that related to eID … there are quite some efforts for integrating/standardizing eIDs e.g. in EU, https://www.eid-stork.eu/ … probably known here… I guess even if you say identity itself is out of scope, one should at least be interoperable with such efforts? Is that on the agenda?
<Zakim> AxelPolleres, you wanted to ask about identity
m4nu: identity is just a
collection of credentials
... that is how identity is in scope
dezell: we have some folks here w/interest at ietf
for me, one of the people who managers the app layers at ietf - I think this would definitely tie some other things at ietf
<Ian> @@: Start with credentials ; don't focus on identity; that's the right approach
m4nu: the work is getting problem
getting started, that's because there was so many fails, people
are shy to say "we're starting again"
... this is something that is still unsolved and it's an issue
that orgs are struggling with
ian: we did not have a chance to dive in
m4nu: the issue are the social structures around trust, and how do we map this to the web
<kodonog> to the scribe: the names from the IETF discussion are Barry Leiba (IETF), Karen O'Donoghue (ISOC), and Heather Flanagan (RFC Series Editor)
thanks kodonog
Ian: the challenges is not
creating attributes to credentials
... are there mechanism that will help establish meaning and
trust?
m4nu: the group is working in
linked data and other strategies so the organization can trace
from where the credential came from, other strategy: you submit
your credential to a institution and this institution can
verify
... educational orgs are very interested, this approaches seems
to work for them
AxelPolleres: this is an approach to establish trust frameworks
<jheuer> * Axel = Asel Nennker
thanks jheuer
sorry AxelPolleres is the "tab" autocomplete
I have one request
?: there was some discussion about credential management API
? = keiji
m4nu: the only thing that we are unsure now is where this is stored
<jheuer> Credential draft scope: an abstraction for verifiable attributes, includes payment instruments (bascially doing payment authorization), and it might be useful for identity use as well (though not prioritized)
m4nu: we are playing around with
the holder definition
... for example: you can hold a credential that talks about
someone else
AdrianHB: the other thing was: considering use cases where the subject is a thing
<azaroth> This software agent has the credentials to act on behalf of ... etc.
<azaroth> So +1
m4nu: in the format that we have right now, it's designed to represent any kind of thing
nick: other people at w3c could have some valuable inputs to the conversation
<Ian> (which charter?)
nick: it's not totally clear for me the scope, seems that there is a lot of things on the table, difficult to say what should not be there
<Ian> (Ian feels strongly that the "storage" question should be addressed by allowing different parties to store information...including the browser.)
nick: there is no browsers at the cc so far
m4nu: there is a spec, we tried
to narrow the scope down
... we believe that we can talk about a credential format
... and then we can talk about browser api
<m4nu> s/Discussion\/Discussion
This is scribe.perl Revision: 1.140 of Date: 2014-11-06 18:16:30 Check for newer version at http://dev.w3.org/cvsweb/~checkout~/2002/scribe/ Guessing input format: RRSAgent_Text_Format (score 1.00) Succeeded: s/xx/s/ Succeeded: i/scribe: yaso/Topic: A Path Toward A Credentials WG at W3C Succeeded: i/payments instruments also/Topic: Discussion FAILED: s/Discussion\/Discussion/ Found Scribe: yaso Inferring ScribeNick: yaso WARNING: No "Present: ... " found! Possibly Present: AdrianHB AxelPolleres BartvanLeeuwen Dezell_ Ian Jim Jmr Laurent MattPisut MattSaxon azaroth barryleiba credentials dezell inserted jheuer joined kiyoung kodonog kura left m4nu nick You can indicate people for the Present list like this: <dbooth> Present: dbooth jonathan mary <dbooth> Present+ amy Got date from IRC log name: 28 Oct 2015 Guessing minutes URL: http://www.w3.org/2015/10/28-credentials-minutes.html People with action items:[End of scribe.perl diagnostic output]