DID WG Telco — Minutes

Date: 2020-09-29

See also the Agenda and the IRC Log

Attendees

Present: Daniel Burnett, Ivan Herman, Phil Archer, Amy Guy, Brent Zundel, Manu Sporny, Markus Sabadello, Jonathan Holt, Tobias Looker, Kyle Den Hartog

Regrets:

Guests:

Chair: Daniel Burnett

Scribe(s): Phil Archer, Kyle Den Hartog

Content:

1. Agenda Review, Introductions, Re-introductions

Daniel Burnett: Agenda is to review the WoT joint meeting that we’re having in a couple of weeks
… Then the chairs would like suggestions for the TPAC f2f
… Remaining time will be on topics of interest - any issues that people would like to cover
… a change from usual walk through of issues. So open to suggestions for topics

Jonathan Holt: I’d like to discuss the CBOR section

Daniel Burnett: First opportunity is to people for whom this is the ideal time. Will discuss CBOR if there is time
… Non one here for the first time
… This crew has been together for a long time so no need for re-introductions

2. WoT joint meeting time/agenda review

Daniel Burnett: https://github.com/w3c/wot/issues/932

Daniel Burnett: That’s an issue we have for that meeting
… WoT WG requested a joint meeting around TPAC. Time selected is 13 Oct, during normal call time
… So that’s the agenda in 2 weeks
… There are links to some issues that they proposed. Question is: are there agenda items that people in our group would like discussed

Manu Sporny: It looks like their issues have a strong overlap with DIDs. Feels like we need to do some pre-work, to see how interested that group would be in using DIDs
… If it’s a handful, that’s one thing. If the IoT community wants DIDs/VCs, that’s a different matter
… We need to look at what this community can offer WoT

Tobias Looker: And LD-Proofs in general by the looks of some of their issues

Manu Sporny: I don’t think we go in with an agenda, other than ‘how can we help you’
… An example of a VC, applied to the Thing Description spec, and an e.g. of a DID used to identify a Thing would be the approach

Daniel Burnett: The links in that issue take you to a list of things they want to discuss. Some pre-processing on our part would be good. Who s ‘we’?

Markus Sabadello: An additional topic tends to come up, usually have to deal with constrained environments.
… Can’t operate a full BitCoin node on an IoT

Manu Sporny: +1 to markus_sabadello — perspectives on resolution mechanisms for constrained environments.

Daniel Burnett: There are 2 ways we can go… would someone like to volunteer to put that together

Manu Sporny: I’m volunteering as I’ve interacted with that group many times
… happy to take the lead with markus_sabadello’s help

Markus Sabadello: We can split is up, sure

Action #1: pre-process the WoT issue list with Manu at https://github.com/w3c/wot/issues/932 (Markus Sabadello)

Daniel Burnett: We could dedicate a special topic to that - next week

Manu Sporny: Maybe have a draft slide deck for next week’s topic call
… So then the Wg can see if they want to add any more

Daniel Burnett: Group can go through the deck and offer improvements - good, thank you
… That also helps the WG members prepare for the joint call
… I’d also suggest that our WG looks at the specific issues that WoT has highlighted
… Anything else on the WoT call?

3. Next special topic call

Daniel Burnett: This week’s special topic call is in ca 14 hours from now. On un-registered properties.

Kyle Den Hartog: regrets I’m likely to only make about half of that meeting. I had something else conflicting with that time.

4. F2F Meeting topic requests

Daniel Burnett: Our TPAC meeting is not long from now.
… Brent and I have started putting the agenda together
… What other topics should we cover?
… We have the goal of reaching CR in November. Plan for TPAC remains trying to get ready for that at TPAC so we can goto CR straight after that
… Working on the test suite is one thing. That doesn’t have to be ready to enter, but does need to be ready to exit CR
… Can’t prove compatibility without a test suite
… We do not want any new topics and features
… Who would like to suggest topics for the F2F

Jonathan Holt: One thing that jumped out at me recently - the redundancy in verification methods. Because all the key types are basically the same
… There may be a parallel JWK to handle this. Leveraging a property like ‘use’ for sig etc.
… Could look for simplification

Daniel Burnett: We can look at that when we get there in today’s agenda

Manu Sporny: There’s a section on IANA registration for the MIME types at the end of the doc. We’ve been kicking that can down the road but we’re going to need to make a decision about that
… Amy is working on an RFC
… There are two bad paths - we need to choose which one
… We will need to decide before we enter CR

Ivan Herman: +1 to manu

Ivan Herman: FYI - which RFC is Amy working on?

Manu Sporny: IETF asked us to write the RFC for the double plus
… They suggested what we write, Amy has the action (an update to 6838)
… Once we do that, is the WG going to be OK with that, or does the WG want to do something that provides an outcome that isn’t ideal. Like creating a new MIME type for did+CBOR, did+Json-ld etc.
… So we’ll either be creating 2 or 4 new MIME types

Daniel Burnett: And that assumes that they approve it

Ivan Herman: I think it’s a dream that they would approve this within a year or two
… but that’s for the f2f

Kyle Den Hartog: Clearing up the Jose discrepancies might be an easy win. Might be able to do it before TPAC
… There are 4 issues related that JOSe tag

Ivan Herman: It may be discussed before, but TPAC at the latest - but the whole issue around the vocab, SHACL, how we incorporate it into the spec

Daniel Burnett: I’ve not reviewed that one. It sounds like a good deal of work for someone

Ivan Herman: An intro to what’s going on? I can do that

Kyle Den Hartog: Do we think that 373, Drummond’s appendix stuff and the PR 410 will be ready?
… That’s had a lot of discussion recently. Might we come to a conclusion

Daniel Burnett: That’s a good question
… I hope it’s ready

Amy Guy: (PR 410 is the type property)

Daniel Burnett: For me it falls into the same category as the implementation guide, which needs a lot of work
… Lots of informational work that hasn’t been done yet
… The implementation guide is ‘other stuff we need to write down;

Kyle Den Hartog: +1 to normative statement priorities

Manu Sporny: AS far as priorities - I’d like to focus on normative statements
… The appendix session is large and could generate a lot of discussion. But given a choice—spending time on normative statements cf appendix—normative wins in my view
… The other thing… normative items… we had requested that the Wg review the normative statements and provide feedback. I believe Kyle was the only person who did that
… Amy has looked at then, I need to make another pass

Amy Guy: normative statements comments doc: https://docs.google.com/spreadsheets/d/1oVFYZdK65C6f4ErF5zfoGv1c57M5Em75YKCtRdAF-yg/edit#gid=0

Manu Sporny: We gave people time to provide input, I’m afraid that the F2F will see lots of discussion. That cold eat up a large chunk of the discussion time
… Is there a plan on how to deal with tons of objections to the normative text during the F2F

Kyle Den Hartog: Based on my reading, many of the normative statements end up being untestable as they talk about writing a DID method
… I’d like a DID method authorship guide as a significant part of the imp guide

Ivan Herman: I agree with Kyle. In some senses the Google doc is a derivative of the spec and there is a need to look at MUSTS/SHOULDs - it’s there that the thing has to be reviewed
… I did review the doc, there are comments, including what Kyle said
… The fuzziness of what’s in the core voc … how the constraints are described… When the core doc is finalised, then we can finalise the list. We need to do things in the right order

Daniel Burnett: I think Manu did that to give people a heads up about what might change
… And I agree with you, Ivan. Discussion about items in a spreadsheet is a new experience (paraphrase)
… Amy is pointing out that human testable are OK. But statements that are truly untestable we need to do something about
… May need proposals

Manu Sporny: Ivan raises a good point, There’s a ‘settle time’ for spec text. We have PRs… the easy ones usually go in within a week, some take a month
… PRs that don’t make it into the spec are rare
… It may be good to discuss a work mode that allows us to get changes into the spec that’s faster than we have now
… We need a clear understanding that either things will go faster during the F2F or not, in which case expectations for the spec might have to change,

Daniel Burnett: A work mode change to move faster always means less review time
… I think it’s fine for the WG to discuss that… the thing to do Manu… we should talk about that specific work mode and present it to the WG for feedback and opinion
… I do have one other comment. It’s always that change proposals don’t come in during the F2F meeting when we’re trying to finish up.
… They should come in before
… Any remaining time is allocated to working through issues

5. Topics of Interest

Daniel Burnett: I’d like to offer an opportunity to Kyle and Tobias primarily… any issues in any of the repos that you think are important and have not been discussed properly

Kyle Den Hartog: I’m satisfied with where things are at the moment
… In terms of looking at the spec, I think we’re addressing the areas that need to be addressed.

Tobias Looker: No special topics of interest for me at the moment

Phil Archer: trying to get the use case documents finished and looking for review from other WG members to get it through the process

Daniel Burnett: we’ll convey to the relevant WG members that they should take a look at these documents

Phil Archer: I’m fairly confident that the use case document is ready to go

Daniel Burnett: I’d like to remind people … there’s a group working on the Rubric doc. It wold be good to see progress on that before the F2F
… If there’s anyone on the call who participated in the work to get it to the state where it can be adopted by the WG, that would be helpful to chime in

Manu Sporny: When the WG started, the rubric started like the critical item. It wold be good if the WG published it, but we’re in a different place than we were then

Justin Richer: Not every document that’s useful to the working group should be a deliverable of the working group

Manu Sporny: The WG has a lot of tribal knowledge that hasn’t been written down. I don’t think it would be critical if the rubric doc weren’t completed
… I regard it as medium to low priority

Ivan Herman: Yes and no. Maybe the rubric doc as it’s planned today isn’t a high priority, but if we want this tech to be adopted widely, there is a huge amount of work to do.
… Docs that go out to the public about why you might use this tech. I’m not really part of the tribe, and if I look at the number of registered DID methods
… the documentation isn’t great. I look at that table and think it’s way too much and I’ll do something else
… Something along those lines I’d say is absolutely necessary

Daniel Burnett: This is a great discussion topic for the F2F. We’re talking about a non-normative note.
… What’s most useful to the community. We have a lot of flexibility in non-normative Notes

Phil Archer: this resonates with what we spend our time at gs1 trying to do. We spend lots of time trying to explain the technology, so trying to explain what the tech is. Once I’m done with the use case doc I may be able to spend the time to help with the rubrics document

6. CBOR

Jonathan Holt: I put 2 PRs, one for the registry and one for DID core
… Authentication in constrained environments. Where JOSE, CBOR mix etc mix.
… Conclusion is that vanilla CBOR is the way to go
… can represent in JSON with hex, padding/no padding
… but things like Base58 representation not clear

Phil Archer: [conscious that scribing not great here]

Jonathan Holt: https://github.com/w3c/did-core/pull/420

Jonathan Holt: https://github.com/w3c/did-spec-registries/pull/138

Jonathan Holt: https://www.youtube.com/watch?v=y46dARLUmmI

Jonathan Holt: Vanilla CBOR with clear representations in the syntax is best
… The two PRs are about making this explicit

Phil Archer: [‘conclusion’ made by number of CS experts]

Jonathan Holt: Shows DID doc as CBOR
… Shows PR. Shows CDDL representation in PR
… Explains that all features are supported
… CDDL is a general data definition language that is mostly focused on CBOR, but as it’s an extension of JSON, it validates CBOR as well as JSON
… Shows validation
… My recommendation is:

  1. vanilla CBOR
  2. As I did in the PR, refer to the CBOR spec

… as well as the CDDL RFC that describes this as a data definition language
… There’s a lot of overlap, so I conclude that lots of verification methods are the same
… A topic of conversation might be to modify the verification methods … simplify
… I’m not a cryptographer, but the public key JWK would need some additional time to make sure it’s sufficiently robust
… Things like the KID from the spec is optional, we might want to be more explicit - SHA256 in Base64 for example
… The Ethereum address - might want to say that the address has to be 42 characters long beginning 0x etc.

Justin Richer: I’m not on audio, but from the chat log it seems like this will be relevant to the representations discussion later today

Jonathan Holt: Shows more examples from the DID registry in CBOR and JSON using CDDL
… [Shows more detail]

Daniel Burnett: We’re out of time

Manu Sporny: I have a lot of thoughts and feedback, but no time for it today. Thanks you Jonathan - looking forward to discuss it later today

Daniel Burnett: +1 on the work.

Ivan Herman: First reaction was, OK, I need to dive into CDDL
… What you did, much more detailed than I did with SHACL. But this showas that we need some sort of formal spec of the terms and constraints in the core voc. It’s not clearly stated. We need a formalism and this might be it.

Daniel Burnett: I want to say thank you jonathan_holt too. That concrete work makes it easier to discuss. It’s very helpful
… Out of time for today
… Look forward to speaking some of you in 13 hours
… Thanks the scribe

7. Action Items