14:41:26 <RRSAgent> RRSAgent has joined #did
14:41:26 <RRSAgent> logging to https://www.w3.org/2020/11/02-did-irc
14:41:29 <Zakim> RRSAgent, make logs Public
14:41:30 <Zakim> please title this meeting ("meeting: ..."), ivan
14:41:44 <ivan> Meeting: DID WG (Virtual) F2F Meeting, 1st Day
14:41:44 <ivan> Chair: burn, brent
14:41:44 <ivan> Date: 2010-11-02
14:41:44 <ivan> Agenda: https://tinyurl.com/yydapmu3
14:41:44 <ivan> ivan has changed the topic to: Meeting Agenda 2020-11-02: https://tinyurl.com/yydapmu3
14:46:40 <ivan> present+
14:49:25 <burn> burn has joined #did
14:49:33 <burn> present+
14:53:48 <shigeya> present+
14:58:56 <jeff> jeff has joined #did
14:59:02 <jeff> present+
14:59:55 <ivan> scribejs, set jeff Jeff Jaffe
15:00:47 <brent> brent has joined #did
15:00:52 <brent> present+
15:01:27 <dlongley> present+
15:01:28 <markus_sabadello> markus_sabadello has joined #did
15:01:37 <Mizushima> Mizushima has joined #did
15:01:46 <kristina> kristina has joined #did
15:01:51 <justin_r> justin_r has joined #did
15:01:57 <justin_r> present+
15:02:14 <selfissued> selfissued has joined #did
15:02:19 <selfissued> present+
15:02:33 <rhiaro> present+
15:02:39 <identitywoman> identitywoman has joined #did
15:02:44 <identitywoman> present+
15:02:54 <Tetsuya> Tetsuya has joined #did
15:02:55 <kristina> present+
15:02:58 <markus_sabadello> present+
15:03:02 <fujimura> fujimura has joined #did
15:03:09 <GeunHyung_Kim> GeunHyung_Kim has joined #did
15:03:17 <dmitriz_> present+
15:03:30 <GeunHyung_Kim> present+ Geunhyung_Kim
15:03:58 <phila_> phila_ has joined #did
15:04:17 <manu> present+
15:04:20 <Mizushima> present+ Tomoaki_Mizushima
15:04:24 <ivan> Slide deck: https://tinyurl.com/yyc5fu63
15:04:49 <ivan> guests+ Mizushima
15:05:14 <by_caballero__juan_> by_caballero__juan_ has joined #did
15:05:18 <ivan> scribejs set Mizushima  Tomoaki Mizushima
15:07:36 <manu> scribe+
15:07:53 <JoeAndrieu> JoeAndrieu has joined #did
15:07:55 <manu> brent: For the agenda today... we're going to start out w/ going over CR
15:08:04 <manu> brent: or rather the process to CR and the process overall
15:08:11 <JoeAndrieu> present+
15:08:27 <manu> brent: Then we're going to dive into preventing privacy violating properties... discussion around type and more.
15:08:38 <manu> brent: Please volunteer to scribe, we need scribes.
15:08:50 <dmitriz_> dmitriz_ has joined #did
15:08:50 <markus_sabadello> scribe+
15:09:21 <manu> brent: The goal of the DID WG is to standardize the DID URI scheme, data model, syntax, and information related to DIDs.
15:09:22 <markus_sabadello> brent: The goal of the DID WG is to standardize the DID URI scheme, data model, syntax of DID documents
15:09:56 <markus_sabadello> brent: DID Core is our recommendation-track specification
15:10:03 <markus_sabadello> brent: we're hoping to get through big issues this week
15:10:40 <markus_sabadello> brent: We also have Notes as deliverables (DID Use Cases, Decentralized Characteristics Rubric)
15:10:45 <dmitriz_> dmitriz_ has joined #did
15:10:49 <agropper> agropper has joined #did
15:10:54 <markus_sabadello> brent: Other deliverables are the registries, test suites
15:11:03 <markus_sabadello> brent: Reminder: WD do not imply consensus
15:11:03 <agropper> present+
15:11:22 <dmitriz_> dmitriz_ has joined #did
15:11:27 <jonathan_holt> jonathan_holt has joined #did
15:11:34 <jonathan_holt> present+ jonathan_holt
15:11:42 <markus_sabadello> brent: A Candidate Recommendation needs to be feature-complete, wide review, and it needs to specify implementation requirements for exiting CR
15:11:49 <dmitriz_> present+ dmitriz
15:12:01 <markus_sabadello> brent: To exit CR, there must not have been substantive changes
15:12:33 <markus_sabadello> brent: A Proposed Recommendation (PR) is a sanity check where hopefully nothing major happens
15:12:48 <markus_sabadello> brent: Then W3C votes on making it a Recommendation
15:13:18 <markus_sabadello> brent: We entered FPWD, we are working toward CR. Original goal for first CR was November this year.
15:13:38 <markus_sabadello> brent: At this point it's highly unlikely we will achieve that goal. We will discuss reconfiguring our timeline
15:13:54 <markus_sabadello> brent: We're not in trouble, but let's work hard.
15:14:00 <identitywoman> identitywoman has joined #did
15:14:20 <markus_sabadello> brent: We entered "feature freeze" in July (rather than May)
15:14:46 <markus_sabadello> brent: We wrote December 2020 for CR1. This will give us enough time for implementation, and to see if we need a second CR by March.
15:15:04 <brent> q?
15:15:12 <markus_sabadello> brent: If we can hit this timeline, then we have the time we need for implementation, review, and to reach Recommendation.
15:15:21 <drummond> drummond has joined #did
15:15:30 <drummond> present+
15:16:06 <markus_sabadello> brent: This meeting has 3 primary goals: 1. Get everyone on the same page what work remains for CR, 2. Resolve major outstanding issues (topics from the last few months - Abstract Data Model, and privacy concerns)
15:16:14 <markus_sabadello> brent: These are the topics we really want to resolve
15:16:38 <markus_sabadello> brent: We also have around 60 open issues, this is way too many. We want to resolve 25% during this F2F.
15:16:50 <ivan> Topic: introductions
15:17:00 <markus_sabadello> brent: I'd like to open up for introductions
15:17:36 <ivan> q+
15:17:43 <markus_sabadello> brent: Everybody please introduce themselves, say something about yourself
15:18:06 <markus_sabadello> ivan: When you are a guest, please write your name in IRC!
15:18:07 <brent> ack ivan
15:18:09 <by_caballero__juan_> present+
15:18:21 <markus_sabadello> brent: ivan please introduce.
15:18:31 <markus_sabadello> ivan: I am staff contact for this Working Group, it's my job to be interested.
15:18:36 <markus_sabadello> brent: burn  please introduce.
15:19:08 <markus_sabadello> burn: I am co-chair with Brent of this Working Group, I am ED of the Enterprise Ethereum Alliance. Started working in W3C in 1999.
15:19:21 <ivan> scribejs, set by_caballero__juan Juan Caballero
15:19:24 <markus_sabadello> burn: Started working on DID in the early days, it's a real joy to see things move forward.
15:19:28 <by_caballero__juan_> self-introduction: i am juan caballero, researcher, here on behalf of Spruce ID. not active on github so will try to take up as little time as possible.
15:19:35 <markus_sabadello> brent: jeff please introduce.
15:19:43 <ivan> guests+ by_caballero__juan_
15:19:50 <jyrossi> jyrossi has joined #did
15:19:59 <phila_> present+
15:20:00 <jyrossi> present+
15:20:04 <markus_sabadello> jeff: I am CEO at W3C. I'm just here to observe.
15:20:17 <markus_sabadello> by_caballero__juan_: I'm just here as a guest se well, just observing.
15:20:54 <markus_sabadello> phila_: Phil Archer from GS1, we do the barcodes, very involved in supply chain industries. We're very interested in DIDs and VCs to support this process.
15:22:06 <markus_sabadello> agropper: Adrian Gropper, invited expert on privacy. I am very excited to be working on use cases as they relate to the DID spec. Working on HIE of one to be standard compliant.
15:22:23 <ivan> guests+ daisuke
15:22:33 <markus_sabadello> daisuke: I am working at Japanese broadcasting (?) corporation. I am interested in decentralized architecture, including DIDs and VCs.
15:23:01 <markus_sabadello> dlongley: I am CTO of Digital Bazaar. I have been working on DIDs and other standards for a decades, these power our technologies at Digital Bazaar.
15:23:12 <Orie> Orie has joined #did
15:23:16 <Orie> present+
15:23:37 <markus_sabadello> dmitriz_: Software engineer at Digital Bazaar. Secure Data Store Working Group. Co-editor of did:web and did:key methods.
15:23:38 <ivan> guests+ fujia
15:23:49 <markus_sabadello> fujiia: It's my first time joining this meeting for research purposes.
15:23:53 <drummond> @Dmitri - can you say more about the renaming of SDS?
15:23:54 <ivan> s/fujia/fujiia/
15:24:58 <markus_sabadello> GeunHyung_Kim: I am Geun Hyung Kim, I represent a company in South Korea, I am for the first time in this meeting. I am interested in DID specifications. I want to apply them in several applications that require decentralized identity.
15:25:22 <ivan> Guests+ Jay_Kishigami
15:25:38 <markus_sabadello> Jay_Kishigami: I am interested in DID and VC, I expect a good discussion here. In Japan it's midnight so I can't promise to stay up until the end of the meeting.
15:26:29 <markus_sabadello> JoeAndrieu: President of Legendary Requirements, Invited expert, leadership of RWoT, former co-char of CCG. I am interested in greater freedom and more privacy for individuals.
15:27:37 <markus_sabadello> Jonathan_Holt: Certified physician, at Standford. I was involved in standards for a long time. Involved in DID and VCs in the last 3 years as inivited expert, and CMO of Consensys Health. I have worked on the CBOR section and CDDL.
15:28:37 <markus_sabadello> justin_r: I'm involved in DIDs on behalf of one of my clients. I worked on OpenID Connect and OAuth, UMA, various extensions. Looking at next-generation protocols such as GNAP. I'm here in the DID space because there are some interesting problems and technologies. I keep an eye on how things fit together.
15:29:08 <markus_sabadello> drummond: One of the co-editors of the specification. Chief Trust Officer at Evernym, also at Sovrin and Trust-over-IP. From Seattle.
15:29:14 <justin_r> and I had a fantastic egg sandwich on a biscuit this morning, my daughter and I made the buscuits by hand last night
15:29:35 <ivan> guests+ jyr
15:29:59 <Orie> I will have to drop for a quick call, but I'm Orie, I'm co-editor of the did spec registries, and I work on DIDs and VCs in the context of global supply chains.
15:30:08 <markus_sabadello> jyrossi: Happy to meet again friends from W3C, even if it's only online. Very happy to come back to the discussion on DIDs. We have invested time in ID management, we are now associated members of FIDO Alliance. We are very happy to be back in this process.
15:31:00 <markus_sabadello> identitywoman: My name is Kaliya Young, my handle is identitywoman . I am an expert in this field and co-founded the Internet Identity Workshop 15 years ago. One problem in the beginning was how do people own their own identifiers? In this WG I work part-time for a startup called Wireline.
15:31:20 <ivan> scribejs set jyrossi Jean-Yves Rossi
15:31:20 <ivan> geusts+ jyrossi
15:31:21 <ivan> guests+ jyrossi
15:32:36 <ivan> present+ kristina
15:33:08 <markus_sabadello> kristina: My name is Kristina, I work at the identity standards team at Microsoft. I am based in Tokyo so usually read notes. I'm excited to join this virtual F2F. It's nice to see many people from Japan, there are many interesting use cases here.
15:33:21 <ivan> present+ tan
15:33:52 <markus_sabadello> Leonard_Tan: We work on a key management solution. We are mostly known for cryptocurrency wallets. We are interested in how we can implement DIDs.
15:33:56 <Kazuaki> Kazuaki has joined #did
15:34:25 <markus_sabadello> luu: In my company there is a project with OpenID, I am here to learn about DID.
15:34:31 <lentan> lentan has joined #did
15:35:20 <markus_sabadello> manu: I am Manu Sporny, CEO of Digital Bazaar, co-editor in this specification as well as other specs in W3C. I am involved for many of the same reasons as others, to do great good in the world, as long as we get it right. I appreciate everyone being here.
15:35:32 <jyrossi> scribejs set dtluu Duy-Tung LUU
15:35:47 <jyrossi> present+ Duy-Tung LUU
15:36:02 <dmitriz_> present+ Dmitri Zagidulin
15:36:03 <ivan> guests+ dtluu
15:36:14 <markus_sabadello> markus_sabadello: markus_sabadello from Vienna, Danube Tech, co-editor of the spec.
15:36:25 <markus_sabadello> Masa: We are very keen on the use cases of DIDs in the financial industries.
15:36:51 <Kazuaki_Arai> Kazuaki_Arai has joined #did
15:37:12 <markus_sabadello> selfissued: I am Mike Jones, I work on identity standards at Microsoft, I have worked on JWT, OAuth, FIDO, etc. I try to keep things simple enough so that developers actually implement them.
15:37:15 <rhiaro> In-browser Zoom and my mic do not get along. I'm Amy Guy, working with Digital Bazaar. Previous history with decentralised social web stuff. Preferred breakfast is last night's leftovers, especially if spicy.
15:37:21 <ivan> guests+ Masa_Mashita
15:38:10 <ivan> guests+ Shigeru_Fujimura
15:38:17 <markus_sabadello> Shigeru: I am observer of this meeting. I am a representative of a Japanese telecommunication company. I am interested in collaboration between DID and Web of Things.
15:38:41 <manu> On a side note... I feel like we have a massive blind spot wrt. Asia-Pacific interest in the space and probably need to figure out what just happened!?
15:39:03 <markus_sabadello> shigeya: I am an alumni of W3C, I'm associate director of a blockchain lab. I see there is a possibility for DIDs as a global identity standard, I look forward to the discussion.
15:39:18 <ivan> scribejs, set shigeru Shigeru Fujimura
15:39:33 <ivan> guests+ Takashi_Minamii
15:39:33 <burn> indeed, Manu.  Surprising but pleasant (and important to understand)
15:39:35 <markus_sabadello> Takashi_Minamii: From a Japanese credit card company. In W3C I was in Web Payment, now I join as an observer to catch up on DID and VC.
15:39:41 <Kazuaki_Arai> Sorry for the sound problem. I'm Kazuaki from Japanese payment company called JCB. I'm working on the area of digital identity and security. This is my first time in TPAC, and happy to be here!
15:39:50 <manu> Agreed -- thrilled to have all the APAC folks here.
15:39:55 <markus_sabadello> Tetsuya_Kono: It's my first time to attend the WG, I'm very excited, thank you.
15:39:56 <ivan> guests+ Tetsuya_Kono
15:40:24 <markus_sabadello> Tomoyaki_Mizushima: I am observer at these meeting. I usually join WoT Working Group, so now I decide to join these meetings.
15:41:29 <markus_sabadello> Wang_Haiguang: I am a senior researcher in Huawei, my office is in Singapore, I do research on trust, I am a newcomer in this group. I have contributed to IEEE. I have been following the discussions in the DID spec since last year.
15:41:46 <markus_sabadello> brent: Kazuaki try one more time to introduce?
15:42:02 <markus_sabadello> burn: Kazuaki introduced herself in IRC above
15:42:39 <markus_sabadello> brent: I am Brent Zundel, I work with Evernym, we have been heavily involved with DIDs and VCs from the beginning. My day job is crypto engineer, I play with math. I am also co-chair of the DID WG.
15:42:59 <markus_sabadello> brent: Thank you all for being here. Over to my co-chair to walk through steps to CR.
15:43:20 <ivan> Topic: steps to CR
15:43:20 <markus_sabadello> burn: Thank you everyone for joining. We are pleasantly surprised by the substantial attendance from Asia.
15:43:24 <jonathan_holt> jonathan_holt has joined #did
15:43:35 <markus_sabadello> burn: Let's find out if we can find better ways to accommodate you.
15:43:42 <jonathan_holt> present+ jonathan_holt
15:43:53 <markus_sabadello> burn: This will be interesting for many of you, maybe challenging. We are in deep deep details.
15:44:01 <ivan> present+ Wang_Haiguang
15:44:30 <markus_sabadello> burn: The group would like to get to CR, this is a target for most groups when they get close.
15:44:46 <markus_sabadello> burn: We were hoping to get to it in this meeting, but we still have a number of issues we need to get through.
15:44:57 <markus_sabadello> burn: It's very important to understand what it means to get to CR.
15:45:11 <markus_sabadello> burn: Now it's appropriate to go over the complete list of requirements.
15:45:25 <markus_sabadello> burn: The official document is the process document (Process 2020)
15:45:42 <markus_sabadello> burn: There is often additional information and detail in other places (Pubrules, and W3C Guide).
15:46:32 <markus_sabadello> burn: Editors used to have to check list of requirements for the spec manually. But a number of years ago W3C folks wrote the automated Pubrules checker which goes through your proposed document.
15:46:43 <markus_sabadello> burn: brent and I went over those documents and listed all the requirements.
15:47:39 <markus_sabadello> burn: The two general requirements are on the current slide (14): 1. The document is considered complete and fit for purpose, no further refinement to the text is expected. A CR is well-written, detailed, self-consistent.
15:47:58 <markus_sabadello> burn: The key point here is: The document is "complete". It is "ready" to become a Recommendation.
15:48:25 <markus_sabadello> burn: Of course without implementation experience, the standard is useless. The purpose of the CR phase is to gather implementation experience, which can result in changes to the spec
15:48:44 <markus_sabadello> burn: The group may have misunderstood something, there may be gaps; this may require another CR.
15:49:10 <markus_sabadello> burn: We tried to allow time in the schedule for two CRs. This doesn't mean we want this one to be a "trial", but the reality is don't get everything right the first time.
15:49:44 <jeff> q+ to talk about the process document
15:50:12 <burn> q?
15:50:14 <markus_sabadello> burn: The first CR publication after approval of a Transition Request is a CR Snapshot.
15:50:20 <burn> ack jeff
15:50:20 <Zakim> jeff, you wanted to talk about the process document
15:50:56 <markus_sabadello> jeff: I agree that the Process document can be confusing, it's meant to cover all details. We also have a document "Process for busy people" which 1/4 the size.
15:51:06 <markus_sabadello> jeff: It's a simplied version of Process 2020.
15:51:26 <markus_sabadello> burn: The process can be tricky when you make significant changes.
15:52:02 <markus_sabadello> burn: Here is a list of of requirements (showing Slide 15)
15:52:27 <markus_sabadello> burn: The two most important items have asterisks *
15:54:05 <manu> It's important to also mention that many of the people at DIF and the CCG are *also* in this group on a regular basis.
15:54:20 <markus_sabadello> burn: * Complete Wide Review, this is not very precisely defined, the intent is to ensure that a broad section of potential stakeholders have an opportunity (are encouraged) to review the specification and give feedback.
15:54:23 <markus_sabadello> burn: This happens in your domain, e.g. we asked the W3C CCG and DIF, who are the groups that are most closely connected to this work.
15:54:25 <markus_sabadello> burn: Wide Review also includes something called Horizontal review (review by groups within W3C).
15:55:14 <markus_sabadello> burn: After workin on many specs, I can say that W3C's Horizontal Review is one of those things that make specifications as good as they are.
15:55:53 <markus_sabadello> burn: E.g. Accessibility reviews made HTML really good.
15:56:18 <jonathan_holt> q+ to ask about horizontal review for privacy/security
15:56:30 <burn> q?
15:56:32 <markus_sabadello> burn: We are expecting someone from the TAG to join us during this F2F.
15:56:33 <burn> ack jonathan_holt
15:56:33 <Zakim> jonathan_holt, you wanted to ask about horizontal review for privacy/security
15:57:19 <manu> q+ to note security audits happening elsewhere.
15:57:36 <markus_sabadello> jonathan_holt: Wayne and I were working on a security review. If we don't get any feedback, does it actually mean there are no security and privacy concerns? Given the nature of our document, is there a formal process for doing a security audit of our document. We had a bunch of ethical and moral dilemmas about the use of our document in the futures.
15:58:14 <markus_sabadello> burn: W3C does not require and does not have a process for formal reviews. However, individual groups (either by own initiative, or encouragement) may decide to do that. It depends on the specifics of the specs, and the checks the group and W3C think are needed.
15:58:34 <markus_sabadello> burn: When the Security and Privacy review document is complete and sent to the groups, we will see where it goes from there.
15:59:00 <markus_sabadello> burn: With regard to our spec.. Those of you who are observing, we have spent substantial time discussing privacy, many of use care deeply about this time.
15:59:20 <burn> q?
15:59:23 <burn> ack manu
15:59:23 <Zakim> manu, you wanted to note security audits happening elsewhere.
15:59:23 <markus_sabadello> burn: We have spent very significant time on privacy. Our next topic is a privacy topic. We will continue spending time on it as needed.
16:00:25 <jonathan_holt> s/Wayne and I/Wayne, Adrian and I/
16:00:48 <markus_sabadello> manu: Agree with everything. In addition, a number of companies that are building solutions are actively undergoing reviews with regard to privacy. E.g. it's known that the U.S. DHS Privacy Office is looking into this.
16:01:25 <markus_sabadello> manu: Privacy and security is deeply of interest of the group. We are getting multiple reviews from multiple angles, even though not everone in the group may have visibility into this occurring.
16:02:02 <markus_sabadello> burn: ivan , can you monitor the unknown caller..
16:02:59 <markus_sabadello> burn: * The major item for CR is to complete the work. We need to formally address all issues raised about the document. This doesn't necessarily mean that all issues must be accepted or agreed with. We need to seriously review and respond to issues.
16:03:40 <markus_sabadello> burn: This is another thing that makes W3C specifications good. We are not allowed to ignore issues. It's a requirement that we officially address and mark every issue.
16:03:49 <markus_sabadello> burn: manu did this work for the VC spec.
16:04:21 <markus_sabadello> burn: That's why during this F2F we want to address 25% of the issues, to "unstick" ourselves
16:04:30 <gannan> gannan has joined #did
16:04:46 <markus_sabadello> burn: We're also required to document all new features since the previous publication. There are class 3 and class 4 changes.
16:05:05 <markus_sabadello> burn: We need to publicly document such changes. It's optional to document editorial changes.
16:05:23 <markus_sabadello> burn: We use ECHIDNA to publish. Every time with commit, a new Working Draft is published.
16:05:34 <markus_sabadello> burn: We will likely join a diff document since the FPWD.
16:05:50 <markus_sabadello> burn: We also have an opportunity to identity features in the spec as "at-risk".
16:05:59 <drummond> Does anyone have links to definitions of "class 3" and "class 4" changes?
16:06:38 <markus_sabadello> burn: If there is lack of sufficient implementation experience, we may have to remove a feature. This is a substantive change that requires a new CR. If we believe there is a risk that a feature gets removed because of that, then those features can be marked "as risk".
16:06:51 <dlongley> drummond, https://www.w3.org/2020/Process-20200915/#correction-classes
16:06:56 <markus_sabadello> burn: This is how we can let the world know that this is a substantive change that could occur.
16:07:11 <jonathan_holt> q+ can you define what defines/composes a 'feature'?
16:07:20 <markus_sabadello> burn: We have to document what it means to have "sufficient implementation experience". A common approach is to require two independent implementations.
16:07:27 <markus_sabadello> burn: We usually try to get the strongest result we can.
16:08:02 <markus_sabadello> burn: If you cannot get two demonstrate implementation, you can't call it a "standard". The goal is that independent parties can read the spec and implement it in an interoperable way.
16:08:27 <markus_sabadello> burn: We need to specify a deadline for comments, must be at least 28 days after publication.
16:08:37 <burn> q?
16:08:46 <jonathan_holt> q+ to ask: can you define what defines/composes a 'feature'? can you provide an example?
16:08:49 <markus_sabadello> burn: It's a really short time for implementations.
16:08:59 <markus_sabadello> burn: All this needs to be done before we can request publication.
16:09:18 <burn> ack jonathan_holt
16:09:18 <Zakim> jonathan_holt, you wanted to ask: can you define what defines/composes a 'feature'? can you provide an example?
16:09:29 <markus_sabadello> jonathan_holt: What's a "feature"?
16:09:42 <markus_sabadello> burn: This can be defined differently by different groups.
16:09:55 <manu> q+
16:09:58 <manu> q-
16:10:02 <markus_sabadello> burn: Most groups define this as something that can be implemented in a way that's independent of other pieces.
16:10:12 <markus_sabadello> burn: E.g. You remove it, and the rest of the spec still "works".
16:11:02 <markus_sabadello> burn: We do a formal Transition Request for the CR. We must document any formal objections.
16:11:26 <markus_sabadello> burn: We are expected to document what has changes since the previous step.
16:12:03 <markus_sabadello> burn: We report on the requirements and how they have been met.
16:12:21 <markus_sabadello> burn: We report on changes in dependencies with other groups, and information about implementations
16:12:54 <markus_sabadello> burn: It is common to require a formal review meeting with the Director, to ensure we meet all publication requirements.
16:13:13 <markus_sabadello> burn: Once we have approval, it's 1-2 weeks to publication. It's reasonable to assume a month, since the Transition Request.
16:13:30 <markus_sabadello> burn: Any questions about this walk-through of the requirements for CR?
16:13:31 <manu> q+
16:13:34 <burn> ack manu
16:13:49 <brent> q+
16:13:56 <ivan> q+
16:14:10 <markus_sabadello> manu: Process question on CR.. I was not aware of the CR Snapshot thing. My expectation is that everything else is still in place. E.g. we need to go through another CR if we have a substantial change.
16:14:33 <manu> q+ to on 'mark at risk, expecting changes in implementation'
16:14:44 <manu> q- to on
16:14:47 <manu> q- to
16:14:56 <markus_sabadello> burn: We were told about this in an Advisory Committee meeting. This process is backwards compatible. If we want we can do the same traditional process. The problem is that this is not what the Process document says.
16:14:58 <manu> q+ to ask 'mark at risk, expecting changes in implementation'
16:15:07 <burn> ack brent
16:15:59 <burn> ack ivan
16:16:02 <burn> q+
16:16:11 <markus_sabadello> brent: I second what burn said. We were told that we are all on Process 2020 since it's all backwards compatible. The brief summary is that we can go the CR Draft route (what we anticipated)... If we go the Snapshot route, it enables us to do the IPR step in CR rather than PR (that's the primary difference).
16:16:58 <markus_sabadello> ivan: Let's put IPR aside for a moment, then the difference is only in names. We can update the CR via ECHIDNA except when the changes are relatively significant (judgement call). We can go back to the Director when we want a "well-announced CR to the world".
16:17:33 <markus_sabadello> ivan: Aside from the the new process, there is also a new IPR policy. At the moment, this WG is still in the old IPR regime. The biggest change is whether we think that we want to have IPR protection on CRs or not.
16:17:39 <markus_sabadello> ivan: The WG has to decide this
16:18:21 <markus_sabadello> ivan: If the IPR in this WG is not a major point of discussion, then this is not relevant to us. If we want IPR protection for CR already, then we need to move to the new IPR policy.
16:18:35 <burn> ack manu
16:18:35 <Zakim> manu, you wanted to ask 'mark at risk, expecting changes in implementation'
16:18:40 <markus_sabadello> burn: We do have time scheduled specifically for the new IPR in our agenda.
16:18:54 <markus_sabadello> manu: burn you had mentioned marking sections as "at-risk".
16:19:32 <markus_sabadello> manu: Can we mark those sections as "this section may change", so that we don't have to go through CR again if it changes?
16:19:52 <jonathan_holt> q+
16:19:53 <markus_sabadello> manu: Does this language allow us to not move through CR again if the change is substantive?
16:20:31 <markus_sabadello> burn: My reading is that the process regarding such changes hasn't changed. I think it's likely to be okay as long as you are precise enough about the nature of the change.
16:21:41 <markus_sabadello> burn: I agree with what brent said. We should be able to do this our normal way, unless we want a CR Snapshot for IPR reasons. I don't think we need to concern ourselves with this right now. We will talk about it. This is largely going to be something the Editors and Chairs will have to do. The process is basically the same.
16:21:51 <burn> ack burn
16:21:55 <burn> ack jonathan_holt
16:21:57 <markus_sabadello> burn: We will continue to learn as W3C refines its descriptions
16:22:21 <manu> If that happens, we're toast :P
16:22:34 <manu> or rather, we won't go into CR if we're in that position :)
16:22:43 <markus_sabadello> jonathan_holt: What is a feature... What if that feature is e.g. the Abstract Data Model. If we can't get agreement on this, will we drop such a core fundamental piece?
16:23:04 <markus_sabadello> burn: Agree with manu, we won't go into CR if we're in that position.
16:23:52 <markus_sabadello> burn: There is a director, but there isn't a king. The Working Group decides what counts as a sufficient specification. If there is no Abstract Data Model and nothing to replace it, then there specification is not sufficient and we will keep working on it.
16:23:56 <burn> q?
16:24:21 <ivan> rrsagent, draft minutes
16:24:21 <RRSAgent> I have made the request to generate https://www.w3.org/2020/11/02-did-minutes.html ivan
16:24:46 <markus_sabadello> burn: After the break we will talk about privacy violating properties. (This used to be the "type" topic).
16:25:24 <markus_sabadello> burn: We will leave this Zoom room open. We will show a slide that will have a link to a breakout room. Please be back here, ready to begin, at the top of the hour.
16:25:25 <drummond> Very very fun!
16:25:41 <markus_sabadello> burn: Thanks everyone, enjoy your break, we will talk in about 34 min
16:35:27 <fujiia_> fujiia_ has joined #did
16:37:29 <sekine_> sekine_ has left #did
16:37:51 <t_> t_ has joined #did
16:37:57 <t_> t_ has left #did
16:40:49 <fujiia_> fujiia_ has joined #did
16:58:28 <ivan> Topic: Avoiding Privacy-Violating Properties
16:58:33 <ivan> Slides: https://docs.google.com/presentation/d/1RoE8E4y8S1j65EJaXZ8oihkduNbjTXXvdwtkzw961Xw/edit#slide=id.p21
16:58:41 <rhiaro> scribe+
17:03:23 <rhiaro> drummond: welcome back everyone
17:03:39 <rhiaro> ... this session was originally two sessions and we decided to devote both to this outstanding privacy related issues
17:03:50 <rhiaro> ... it may not take us 90 mins, but it may.. we have several important decisions to make
17:04:03 <rhiaro> ... as we go through this I have specific text, either in the spec now or proposed, I think it would be valuable for us to look at together
17:04:07 <rhiaro> ... nothing very long
17:04:15 <rhiaro> ... hopefully we'll make some decisions
17:04:27 <Kazuaki_Arai> Kazuaki_Arai has joined #did
17:04:33 <rhiaro> ... This session si motivated because we believe after the last few meetings that there is strong consensus that privacy is a paramount consideration for our spec
17:05:01 <rhiaro> ... and that we are proposing a general principle that we can apply throughout which is that DID method specifications and DID controllers that control what goes into a DID doc should not use privacy violating properties in publicly available DID docs
17:05:08 <rhiaro> ... cook on that for a second.
17:05:20 <rhiaro> ... The proposed structure for this session is to discuss this overall privacy stance
17:05:35 <rhiaro> ... and then if we have general agreement on that, seek consensus on proposed wording of a PR that amy submitted that would capture that clearly
17:05:41 <rhiaro> ... and then decide on the action items for completing that
17:05:45 <rhiaro> ... and getting it in for CR
17:05:53 <rhiaro> ... That's the assignment for this section. That's a very important decision
17:06:05 <rhiaro> ... will close the discussion around the type property because we're now saying this involves any property in this area
17:06:13 <rhiaro> ... Since we're on the topic, let's talk about the other open privacy issues, there are several
17:06:24 <rhiaro> ... if there's time we'll look at wording we have in the spec or proposed wording and see if we can decide on that
17:06:31 <rhiaro> ... if we get all that done in 90 mins I'll be very happy
17:06:38 <rhiaro> ... That's how we propose to move forward
17:06:46 <rhiaro> ... Now part one: privacy violating properties
17:07:00 <rhiaro> ... let's be specific about what we propose this means for the open issue around the proposed type property
17:07:08 <rhiaro> ... First it means we would not specify a type property in did core
17:07:19 <rhiaro> ... or for that matter any other property that could be a privacy violating property
17:07:30 <rhiaro> ... the second point we discussed on our last wg call, DID docs use an open world data model
17:07:42 <rhiaro> ... which means a DID method spec or a DID controller that controls what goes into the DID doc
17:07:46 <rhiaro> ... they can add other properties as they desire
17:08:00 <rhiaro> ... this motivated us to say the issue we're addressing is larger than just the type property
17:08:06 <rhiaro> ... it applies to any privacy violating property
17:08:10 <rhiaro> ... that's a strong term, "privacy violating"
17:08:27 <rhiaro> ... we're using that to call out that properties that might seem innocent can still turn into privacy violations if used in certain ways, and thus are best avoided
17:08:40 <rhiaro> ... so the last point is that amy has proposed language in PR #444
17:08:56 <rhiaro> ... we'll see on the next slide, it includes some enhancements by brent and wordsmithing I added on the next slide, not exactly what's in that PR
17:09:01 <rhiaro> ... this is what i suggest we review
17:09:04 <agropper> q+ to ask about whether we expect that govs or other verifiers
17:09:12 <brent> ack agropper
17:09:12 <Zakim> agropper, you wanted to ask about whether we expect that govs or other verifiers
17:09:29 <rhiaro> agropper: a very quick question - in the context of what we're doing here, are we assuming governments for example or other verifiers will simply keep or publish a white list of acceptable did methods
17:09:48 <rhiaro> ... the fact that the open world model will be dealt with in terms of privacy and accessibility, in this way, want to get a sense from the group whether that's our assumption going forward?
17:09:55 <rhiaro> drummond: that's a very interesting question
17:10:05 <rhiaro> ... if I may, i want others to volunteer their answers, I'd like to break mine into two parts
17:10:12 <rhiaro> ... one.. will governments publish whitelists of acceptable DID methods?
17:10:24 <rhiaro> ... i believe they either will or they will point to industry defined or consortia defined lists
17:10:41 <rhiaro> ... there will be a distinction.. those allow lists may not just be about privacy, but about security, reliability considerations
17:10:46 <rhiaro> ... whatever might determine DID methos are okay
17:10:58 <rhiaro> ... part two is that doens't by itself constrain a DID controller from adding properties to a DID doc
17:11:09 <dlongley> yes, consumers of DIDs will absolutely make choices around which DID methods they accept
17:11:16 <rhiaro> ... depending on.. a DID method may not allow that but if a DID method does allow that you have a second consideration of what a DID controller would do not constrained by the DID method
17:11:22 <brent> q?
17:11:22 <dlongley> q+
17:11:30 <brent> ack dlongley
17:11:40 <rhiaro> dlongley: In short we should expect consumers of DIDs to make choices around which DID methods they accept, that's really the only way it can work
17:11:42 <rhiaro> drummond: agreed
17:11:50 <jonathan_holt> q+
17:12:16 <rhiaro> drummond: I'll pause for 60 seconds [so you can read this]
17:12:33 <rhiaro> ... this is proposed text in a PR from amy, I was not clear where... was this proposed for the privacy considerations section?
17:12:37 <rhiaro> yes privacy considerations section
17:12:54 <brent> ack jonathan_holt
17:13:13 <rhiaro> jonathan_holt: to raise the push back as far as a allow/deny list for DID methods... I think there are DID methods out there such as IPID which don't rely on a specific verifiable data registry
17:13:23 <rhiaro> ... all about how you implement that representation of the DID doc, not necessarily the underlying VDR
17:13:27 <rhiaro> ... I'd be careful about choice of words
17:13:44 <rhiaro> ... this goes back to the early days of the internet... [he] described this mentatiliy of people thought they could own parts of the internet
17:13:56 <rhiaro> ... here theres' going to be a grey area of what is a DID method, what is a particular VDR of a blockchain technology
17:14:00 <rhiaro> ... to delineate that, it's too early
17:14:46 <ivan> Proposal for the privacy consideration section: https://docs.google.com/presentation/d/1RoE8E4y8S1j65EJaXZ8oihkduNbjTXXvdwtkzw961Xw/edit#slide=id.ga6aa7427ae_1_42
17:14:48 <burn> q+
17:15:01 <manu> q+
17:15:03 <rhiaro> drummond: are there any questions about what this is saying or clarifications anyone would need?
17:15:09 <dmitriz_> q+ to point out that serviceEndpoints can essentially type the DID subject
17:15:18 <brent> ack dan
17:15:37 <rhiaro> burn: comment that would be invalidated... in the last sentence I think you mean SHOULD *only* be used for expressing cryptographic material.. not just should
17:15:39 <JoeAndrieu> q+ to ask about defining "public DID Documents"
17:15:47 <burn> ack burn
17:15:49 <brent> ack burn
17:15:50 <rhiaro> ... but amy made the comment that this is a non normative section so it's quesitonable whether the SHOULD is appropriate
17:16:00 <rhiaro> drummond: my reaction is we should add only and the should can become a lowercase should
17:16:01 <brent> ack manu
17:16:06 <dlongley> "To minimize these risks, all properties in a DID document ought to only be for expressing cryptographic material, endpoints, or verification methods related to using the DID."
17:16:11 <rhiaro> manu: along those lines, "is expected to be"
17:16:14 <rhiaro> ... overall great text
17:16:21 <rhiaro> ... I think it captures the discussion we've been having for months fairly well
17:16:24 <burn> yes, +1 from me for the text as well
17:16:36 <rhiaro> ... I did read ahead a bit and there are multiple times that normative language is in this guidence, but tha'ts the only thing, that's easy we can change it
17:16:44 <dlongley> +1 to the text
17:16:45 <by_caballero__juan_> For the purposes of the record, the "he" describing the early days of the internet in Jonathon Holt's comment is Robert Khan: https://en.wikipedia.org/wiki/Bob_Kahn
17:16:45 <rhiaro> ... assume the shoulds and musts are going to go away but the guidence will be there
17:16:51 <rhiaro> ... this is the expectation of what implementers will do
17:16:52 <brent> ack dmitriz_
17:16:52 <Zakim> dmitriz_, you wanted to point out that serviceEndpoints can essentially type the DID subject
17:17:16 <rhiaro> dmitriz_: I want to add that, I like the language proposed, want to highlight the cryptographic material, services, verification methods part - and claim that service endpoints can and will fingerprint
17:17:19 <rhiaro> ... and identify the DID subject
17:17:31 <manu>  /some/ service endpoints
17:17:31 <rhiaro> ... so we have a DID, it has a single service endpoint that says smartfridgegateway over here
17:17:44 <rhiaro> ... fingerprints it as an iot device and not a person
17:17:46 <dlongley> yes, service endpoints are tricky and could identify the type of subject/be intrinsically privacy violating -- as we have been discussing in numerous places
17:17:51 <rhiaro> ... and there will be certain service endpoints that are clearly for people
17:17:56 <rhiaro> ... the service endpoints discussion is kind of bound to this
17:17:58 <dlongley> whereas cryptographic material is necessarily random
17:18:03 <rhiaro> drummond: we will get to that
17:18:08 <brent> +1 to additional language for services
17:18:12 <rhiaro> ... there is another privacy considerations subsection we'll get to that talks about that
17:18:25 <brent> ack JoeAndrieu
17:18:25 <Zakim> JoeAndrieu, you wanted to ask about defining "public DID Documents"
17:18:26 <rhiaro> ... when we're done with this whole discsusion we'll probably end up with input that we'll use to modify or add to several privacy sections
17:18:29 <agropper> @Dmitri that's why mediaitors will exist
17:18:40 <rhiaro> JoeAndrieu: I love the work, thank you drummond and chairs fo rputting this together
17:18:43 <rhiaro> ... I want to second what dmitri said
17:18:52 <rhiaro> ... do we have any further definition planned for what it means to be a public DID document?
17:18:52 <dmitriz_> @agropper - I agree. in which case, we may want to call out mediators explicitly, in that language
17:18:57 <rhiaro> ... public and private are not really absolutes
17:19:01 <rhiaro> drummond: great question
17:19:10 <rhiaro> ... I don't know as we have defined it explicitly, should we do that?
17:19:11 <brent> q+
17:19:20 <rhiaro> JoeAndrieu: just note it'll be tricky and we should put some time in it
17:19:21 <dlongley> could base a definition on a lack/presence of access control
17:19:23 <rhiaro> ... we should put a stake in the ground
17:19:27 <rhiaro> drummond: I agree to help with that
17:19:30 <manu> q+ to get to agreement that "public/private" definition is editorial.
17:19:55 <agropper> @dmitriz That's why I think some specific service endpoints should be discussed in the core spec in some way
17:20:06 <brent> ack brent
17:20:07 <rhiaro> brent: I recall during the service endpoint conversations, we had a resolution for describing the span of possible privacy.. there's a span of possible privacy values from public to private.. we had already agreed that language should go in
17:20:10 <brent> ack manu
17:20:10 <Zakim> manu, you wanted to get to agreement that "public/private" definition is editorial.
17:20:31 <rhiaro> manu: lookinga head to make sure this doens't block us, we should have general greement that defining what public and private is is an editorial rather than normative issues and shouldn't hold things up
17:20:35 <rhiaro> ... does anyone disagree with that?
17:20:46 <rhiaro> ... if this is the only thing we need to define and we say it's editorial then we have a clean path forward for this section
17:21:05 <rhiaro> drummond: wonderful
17:21:17 <jonathan_holt> q+
17:21:18 <yoshiaki> yoshiaki has joined #DID
17:21:20 <dmitriz_> @manu - what does that mean for this slide / this 10.x Avoid ... Properties section?
17:21:26 <rhiaro> ... anyone else have any questions or concerns around this text?
17:21:27 <manu> Note - no one objectioned that public/private definition is normative.
17:21:47 <manu> s/definition is normative/definition is editorial/
17:21:53 <ivan> q+
17:22:33 <brent> pertinent resolutions here: https://www.w3.org/2019/did-wg/Meetings/Minutes/2020-09-24-did-topic
17:22:47 <rhiaro> drummond: the action item is... for amy to update the PR , there were some besides brents some wording suggestions we may want after this session to look at together
17:22:53 <rhiaro> ... I'll help
17:22:57 <rhiaro> ... then that PR iwll be ready
17:23:01 <rhiaro> ... that's all I have, anything else?
17:23:01 <brent> ack jonathan_holt
17:23:26 <rhiaro> jonathan_holt: we can pat ourselves on the back and say we've added strong language in the nonnormative section of the DID core spec saying you shouldn't be adding this nformation into the DId document but that doesn't stop people from doing
17:23:43 <rhiaro> ... what's the worst case scenario? have we thought through potential harm of people using this information or inferring the type of thing?
17:23:43 <agropper> q+
17:24:07 <brent> ack ivan
17:24:11 <manu> q+ to remind everyone that we can't stop anyone from abusing the technology.
17:24:23 <rhiaro> ivan: my comment is purly administrative, this is the result of a month long discussion so I think we should take a formal resolution on record that this is the way we go
17:24:32 <rhiaro> brent: thanks ivan I agree
17:25:20 <ivan> -> https://docs.google.com/presentation/d/1RoE8E4y8S1j65EJaXZ8oihkduNbjTXXvdwtkzw961Xw/edit#slide=id.ga6aa7427ae_1_42 resolution slide
17:25:23 <brent> ack agropper
17:25:30 <rhiaro> agropper: I want to build on jonathan's most recent comment
17:25:42 <rhiaro> ... my comment about allowlisting by government verifiers for example
17:26:01 <rhiaro> ... can we, might we, say something about the fact that a method could enforce certain things that an individual controller might want to do
17:26:16 <rhiaro> ... is that, because jonathan and others raised the issue that wide world model, the method may not be in control of what individual controllers add to a DID doc
17:26:37 <jonathan_holt> +1 thank you!
17:26:38 <rhiaro> ... so again.. I'm not so well versed on the mechanics of how this works, but it seems jonathan's point could be addressed as part of this action item, this suggestion in DID core
17:26:47 <brent> ack manu
17:26:47 <Zakim> manu, you wanted to remind everyone that we can't stop anyone from abusing the technology.
17:26:54 <JoeAndrieu> q+
17:27:03 <brent> ack JoeAndrieu
17:27:10 <rhiaro> JoeAndrieu: why not add this as a normative section?
17:27:18 <rhiaro> ivan: how do we test?
17:27:25 <jonathan_holt> q+
17:27:32 <rhiaro> manu: normative sections need to be testable, we'd have to express it in code and I believe we don't think we can express this in code
17:27:34 <rhiaro> JoeAndrieu: good answer
17:27:52 <ivan> q+
17:28:11 <jonathan_holt> q+ to ask "what if it is testable?"
17:28:23 <ivan> q-
17:28:42 <agropper> +1
17:28:43 <drummond> +1
17:28:44 <manu> PROPOSAL: Adopt the language on slide 23 to add a section on "Avoiding Privacy-Violating Properties in Public DID Documents" to DID Core. URL here https://docs.google.com/presentation/d/1RoE8E4y8S1j65EJaXZ8oihkduNbjTXXvdwtkzw961Xw/edit#slide=id.ga6aa7427ae_1_42
17:28:49 <ivan> +1
17:28:49 <drummond> +1
17:28:49 <manu> +1
17:28:51 <dmitriz_> +1 (although I think Slide 23 is not strong enough about warning about service endpoints)
17:28:52 <dlongley> +1
17:28:52 <rhiaro> +1
17:28:52 <shigeya> +1
17:28:56 <burn> +1
17:28:57 <markus_sabadello> +1
17:28:59 <brent> +1
17:29:00 <dlongley> (agree with dmitri)
17:29:08 <jyrossi> +1
17:29:08 <jonathan_holt> 0, don't think it hits at the potential harm
17:29:14 <JoeAndrieu> +1 (w/ service endpoint and public doc desiridata)
17:29:32 <identitywoman> +1
17:29:37 <rhiaro> drummond: we're going to add other text about service endpoints. In favour of making sure the service endpoint point is made very clearly
17:29:43 <dmitriz_> @jonathan_holt - I agree that it doesn't hit at the potential harm. It's better than the current state, though.
17:29:58 <rhiaro> brent: if anyone has a -1 now's the time to get it in
17:30:00 <by_caballero__juan_> +1 (curious to hear more about this public doc desiridata)
17:30:05 <brent> (I also agree with Dmitri, but we already have resolutions that I think address service endpoints)
17:30:21 <manu> RESOLVED: Adopt the language on slide 23 to add a section on "Avoiding Privacy-Violating Properties in Public DID Documents" to DID Core. URL here https://docs.google.com/presentation/d/1RoE8E4y8S1j65EJaXZ8oihkduNbjTXXvdwtkzw961Xw/edit#slide=id.ga6aa7427ae_1_42
17:30:37 <rhiaro> brent: reminder when proposals are put forward only WG participants should be responding
17:30:38 <dlongley> q+ to say that DID methods are able to restrict properties in DID Documents (e.g., to verification methods only) such that no intrinsically personal data can be expressed
17:30:43 <brent> ack jonathan_holt
17:30:43 <Zakim> jonathan_holt, you wanted to ask "what if it is testable?"
17:30:53 <rhiaro> jonathan_holt: about how to implement this in the question I have is if it is testable
17:30:58 <rhiaro> ... that this is absent from the DID doc
17:31:11 <rhiaro> ... if there's a way of testing the DID doc to check type is not present. Does that change things? Could that be normative?
17:31:17 <brent> ack dlongley
17:31:17 <Zakim> dlongley, you wanted to say that DID methods are able to restrict properties in DID Documents (e.g., to verification methods only) such that no intrinsically personal data can be
17:31:19 <manu> q+ to note 'test that type isn't there'
17:31:20 <Zakim> ... expressed
17:31:21 <ivan> q+
17:31:31 <rhiaro> dlongley: something else related to this, covered a bit in the spec, we talk about how DID methods can palce additional restrictions on what can be present in a DID doc, what the DID method would accept
17:31:50 <rhiaro> ... we could mention that DID methods are able to restrict properties in DID docs to support only verification methods so that no intrinsically personal data would be expressed
17:31:51 <markus_sabadello> +1 to dlongley
17:31:52 <brent> q+ to address testable if others haven't already
17:31:56 <brent> ack manu
17:31:56 <Zakim> manu, you wanted to note 'test that type isn't there'
17:31:59 <rhiaro> ... so DID consumers oculd make a choice about methods they prefer for a use case
17:32:01 <agropper> @jonathan_holt that would require a way to examine how a controller specifies a service endpoint
17:32:20 <rhiaro> manu: about the testable question - we're not saying it's completely and utterly illegal to use type, but thatit's dangerous and you should be careful, there are some use cases that are okay
17:32:28 <jonathan_holt> q+
17:32:32 <rhiaro> ... if the test suite threw an error for the existence of type we would get a number of objections
17:32:36 <rhiaro> ... it's a should not, not a must not
17:32:46 <rhiaro> ... I think that's what our consensus is, everyone agrees it's dangerous
17:32:56 <rhiaro> ... and we can't really talk about other properties we don't know about yet, specifically only type
17:32:58 <brent> ack ivan
17:33:10 <drummond> +1 to Manu's points
17:33:15 <rhiaro> ivan: there is what manu said, but beyond that, it's not only the type property. it's on property x which in certain contexts may be problematic
17:33:21 <drummond> q+
17:33:25 <rhiaro> ... so we can't create a test without having the whole context of the specific property
17:33:29 <agropper> +1 @ivan
17:33:33 <drummond> q-
17:33:34 <brent> ack brent
17:33:34 <Zakim> brent, you wanted to address testable if others haven't already
17:34:02 <rhiaro> brent: we could test for a type property but then it's possible someone might use humanType or... there are we would never be able to normatively reject every possible property that could b eused to identify people or types of people or stuff like that
17:34:06 <rhiaro> ... for that reaosn it's not quite testable
17:34:07 <brent> ack jonathan_holt
17:34:16 <rhiaro> jonathan_holt: in the verifiable credentials WG we talke dabout this idea of a policy with the credential
17:34:21 <rhiaro> ... we might want to explore this
17:34:32 <rhiaro> ... yes it may be present but then it allows you to have a rubric of assessing the did document for presenc e or absence
17:34:44 <rhiaro> ... in my policy it says you must be a type and that type has to be human. In other situations i explicitly do not want to kno wthe type
17:35:02 <brent> q?
17:35:03 <rhiaro> ... satoshi nakomoto may be a person or a nation state, that was the power that enabled bitcoin blockchain to be successful..
17:35:22 <rhiaro> drummond: I declare us done with part 1
17:35:45 <rhiaro> ... good discussion, thank you everyone
17:35:58 <rhiaro> ... part two is other privacy issues
17:36:12 <rhiaro> ... I read all of the text in privacy considerations section
17:36:18 <rhiaro> ... I believe these are the three others we need to talk about
17:36:26 <rhiaro> ... I have slides prepared for discussions and wording on at least two of the three
17:36:40 <jonathan_holt> q+
17:36:48 <brent> ack jonathan_holt
17:36:49 <rhiaro> ... I want to stop and ask is there anyone on the WG who clearly knows of another privacy related issue that we havne't covered that's not on this list we should talk about in the next 54 minutes?
17:37:05 <rhiaro> jonathan_holt: maybe under the PII.. biometrics is still in the did spec as a verification method. maybe sufficient to place it in its own category
17:37:10 <agropper> Notarization might be a separate category
17:37:17 <rhiaro> drummond: adding it..
17:37:30 <agropper> q+
17:37:39 <by_caballero__juan_> ^
17:37:45 <brent> ack agropper
17:38:14 <rhiaro> agropper: I have raised the issue of notarisation, namely the [??] principle, that some DIDs will want to have some kind of backdoor or a way of introducing a court order
17:38:30 <rhiaro> ... or moving from an anonymous identifier or pseudonymous identifier
17:38:33 <rhiaro> ... that's a first order privacy issue
17:38:44 <brent> q?
17:38:49 <jonathan_holt> q+
17:38:52 <rhiaro> drummond: let's see if we can get to these
17:38:56 <rhiaro> ... good to have a list. Any others?
17:39:02 <brent> ack jonathan_holt
17:39:17 <rhiaro> jonathan_holt: to build off, we had fleshed out this idea of a publicly discoverable DID doc and what data allows that to be identifiable
17:39:25 <rhiaro> ... the correlation risk of those verifiable credentails
17:39:30 <rhiaro> ... the examples I've used before is VCs for vaccinations
17:39:57 <rhiaro> ... if a doctor signs my vaccination no big deal, but I have to present it to my kid's kindergarten, but who it was signed by you can see I was stationed at a particular airforce base, that has the potential for correlation in a publicly discoverable DID doc
17:40:28 <rhiaro> drummond: what i have prepared is discussions around these first three, very important to have
17:40:32 <rhiaro> ... let's see if we can get through those
17:40:46 <rhiaro> ... the first one is PII in DID docs
17:40:49 <rhiaro> ... we already have text
17:41:01 <rhiaro> ... I reviewed this text, is it still accurate and does it need to be revised based on what we're discussing?
17:41:08 <rhiaro> ... I highlighted one thing we will be discussion in the next issue
17:41:21 <rhiaro> ... I'll pause here for a minute. This is copied text out of section 10.1 of Privacy Considerations
17:41:58 <rhiaro> ... Comments on the highlighted final sentence, please hold off on those
17:42:02 <rhiaro> ... [GDPR related]
17:42:04 <dmitriz_> q+ to mention service type
17:42:12 <manu> +1, language in 10.1 is good, still relevant.
17:42:25 <ivan> q+ on under the control of the did subject
17:42:32 <rhiaro> ... this is the guidence that exists currently about service endpoints and possible fingerprinting
17:42:38 <rhiaro> ... what is the feedback about the adequacy of this text
17:42:42 <rhiaro> ... does it need revisions?
17:42:48 <JoeAndrieu> q+ to say the elements in the first sentence are too limiting
17:43:46 <kristina> having this text would not guarantee European institutions would agree 'no personal data is written to an immutable distributed ledger'
17:43:46 <agropper> q+ Do we need to mention mediators explicitly in 10.1?
17:43:59 <brent> ack dmitriz_
17:43:59 <Zakim> dmitriz_, you wanted to mention service type
17:44:05 <rhiaro> dmitriz_: I wanted to bring up the point of service endpoint types
17:44:15 <jyrossi> q+ about the (legal) meaning 'personal data'
17:44:20 <rhiaro> ... I think the current language warns about URLs but not the types which are even more likely to type the subject as a human etc
17:44:26 <agropper> q+to ask Do we need to mention mediators explicitly in 10.1?
17:44:45 <rhiaro> drummond: taking notes
17:45:06 <rhiaro> ... is that a PR you're willing to help with text on?
17:45:14 <rhiaro> dmitriz_: depends on the outcome of this discussion and service endpoints
17:45:35 <rhiaro> ... maybe the PR should be abandoning service endpoints, or requiring only one anonymous one. I'd want to help but what specifically depends on the conversation
17:45:45 <brent> FYI previous service endpoint resolutions:
17:45:48 <brent> Resolution #1: The ability for a controller to optionally state at least one service endpoint in the DID Document increases their control and agency Resolution #2: Add concrete examples to the Privacy Considerations section to demonstrate how service endpoints might account for varying levels of privacy requirements. Resolution #3: Add privacy guidance that establishes that there is a privacy spectrum and publication strategies along that privacy spec[CUT]
17:45:50 <rhiaro> drummond: I belive there was a separate resolution already taken about serviec endpoints
17:45:57 <drummond> q?
17:45:58 <brent> q?
17:46:03 <brent> ack ivan
17:46:03 <Zakim> ivan, you wanted to comment on under the control of the did subject
17:46:17 <rhiaro> ivan: possibly minor... the slide says "service endpoints under the control of the DID subject" - should it be subject or controller?
17:46:20 <manu> q- about
17:46:22 <manu> q- the
17:46:24 <manu> q- (legal)
17:46:26 <manu> q- meaning
17:46:27 <rhiaro> drummond: I think it should be the DID controller
17:46:30 <manu> q- 'personal
17:46:33 <manu> q- data'
17:46:34 <brent> ack JoeAndrieu
17:46:35 <Zakim> JoeAndrieu, you wanted to say the elements in the first sentence are too limiting
17:46:39 <rhiaro> JoeAndrieu: good catch by ivan
17:46:48 <rhiaro> ... That's also true for the second DID subject should be controller
17:46:49 <dlongley> q+ jyrossi
17:47:05 <rhiaro> ... you could have a DID method where not all DIDs or all DID documents are publicly available, but it's still critical that those that *are* contain no personal data
17:47:16 <rhiaro> ... It's a common pattern now to implement off-chain DIDs that can somehow migrate on chain
17:47:22 <rhiaro> ... would like to clear up that language to apply to those cases
17:47:30 <rhiaro> drummond: that might be a pattern we want to separately call out in privacy considerations
17:47:35 <rhiaro> JoeAndrieu: all for that
17:47:46 <rhiaro> drummond: text we should update on this and we should add a separate thing about migration of DID docs
17:47:47 <brent> ack agropper
17:47:47 <Zakim> agropper, you wanted to ask Do we need to mention mediators explicitly in 10.1?
17:47:48 <rhiaro> JoeAndrieu: sure
17:48:13 <rhiaro> agropper: this was already mentioned in passing.. we need to do the serivce endpoints at least how we're going to deal normatively described service endpoints before we use the term service endpoints in this way
17:48:30 <rhiaro> ... for instance, a differnet term for mediator swas used, I would suggest we need to do the service endpoints first and then we can come back to the wording of this
17:48:41 <brent> ack jyrossi
17:49:09 <rhiaro> jyrossi: I'd like to underline the meaning and implications of the words 'personal data' under the interpretaitno of the european [??] justice which is important in the EU
17:49:16 <rhiaro> ... any data that can be linked with somebody is personal data
17:49:26 <rhiaro> ... the number on your plastic payment card is personal
17:49:35 <rhiaro> ... any payment you make with this will be considered as personal data
17:49:35 <JoeAndrieu> +1 to shift from "PII" to "personal data"
17:49:47 <rhiaro> ... even if this number can be only linked with your name through the bank who is under constraints of provisional secret
17:49:47 <drummond> Note: there is a definition on the next slide
17:49:57 <rhiaro> ... so if there is any technical mean to make a link between somebody and some data it is personal data
17:50:06 <agropper> +1 to shift to personal data
17:50:17 <rhiaro> ... so I think that reading the slide it's not really relevant to think about getting rid of personal data because everything in the DID will be personal data
17:50:25 <rhiaro> ... I think that what iwll be the most relevant is not having or not personal data
17:50:28 <rhiaro> ... everything is personal data
17:50:53 <rhiaro> ... but giving control to the entity to be able to check data and to ask for data to be deleted or erased and being ensured that the purpose with which data is managed is accurate
17:51:06 <rhiaro> ... is proportional to the goal and so on
17:51:14 <kristina> +1 to jyrossi's warning
17:51:20 <rhiaro> ... I want to give this warning about the idea that we can get rid of GDPR constraints just blurring the name of the people behind
17:51:35 <rhiaro> ... if there is any technical way to make a link between data and an entity then it's personal data under GDPR interpretation
17:51:42 <rhiaro> drummond: that's an important point and one we are about to go deeply into
17:51:50 <brent> +1 to jyrossi
17:52:00 <rhiaro> ... I have the complete definition of personal data here
17:52:17 <rhiaro> ... I'd like to hold off directly talking about that, we have a very specific issue to talk about
17:52:29 <rhiaro> ... This larger point, the definition of personal data
17:52:34 <rhiaro> ... from the GDPR
17:53:01 <rhiaro> ... w3c specs are global, they're not written for any specific jurisdiction, but they need to take into account the requirements and regulations for jurisdictions all over the world
17:53:11 <rhiaro> ... GDPR is one of th elading data protection regulations in the world, applies to all european citizens
17:53:16 <rhiaro> ... it is a very broad definition of personal data
17:53:32 <rhiaro> ... governance work that I've been involved with we spent a year working on issues related to DIDs and this definition of personal data
17:54:15 <agropper> Any DID can be anonymous by default as long as a notary or mediator is used when pseudonimity is needed. Is this so?
17:54:20 <rhiaro> ... The larger question is it can be very difficult to, if our definition is to say ah no personal data in a did document, does that logically take us to th epoint of saying individuals cannot have publicly available DID documents? Must there be some requirement that if it's public and for an individual they must be the DID controller?
17:54:26 <rhiaro> ... this is before we even get into immutable ledgers
17:54:29 <brent> q?
17:54:32 <agropper> q+
17:54:35 <markus_sabadello> q+
17:54:50 <brent> ack agropper
17:55:00 <rhiaro> agropper: is it testable to look at a DID as being presumably anonymous? in the same way that a bitcoin address is anonymous?
17:55:12 <by_caballero__juan_> pseudonymous?
17:55:26 <rhiaro> ... as long as there is nothing in the DID document other than mention of a mediator or a notary both of which would then need to be used in order to correlate or turn it into a pseudonymous or other identifier
17:55:37 <rhiaro> ... is that a true statement and a reasonable way to deal with the GDPR issue?
17:56:13 <rhiaro> jyrossi: if you have secret files by some secret nation state actor and it would comply with what you require because nobody but them has access to such data
17:56:22 <rhiaro> ... but in the EU it is under control of GDPR and you have a right ot get information about this
17:56:41 <rhiaro> ... you have a right that no decision about you could be decided through for instance automatic treatmeent withotu allowing you to get access to such data
17:56:54 <rhiaro> ... it's not only if you make things anonymous to public that you comply with GDPR
17:56:57 <rhiaro> ... GPDR is about data management
17:57:09 <rhiaro> ... you have to manage data, personal data, and the meaning of personal data is as large as possible
17:57:16 <rhiaro> ... any time you can make a link between data and somebody it is personal data
17:57:21 <rhiaro> ... GDPR is about personal data management and control
17:57:31 <rhiaro> ... it's not about making personal data deeply not personal
17:57:36 <kristina> +1 to user control rather than defining what is personal data and what is not - if DID controller is same with DID subject and chooses to put PII into a publicly available DID that is not a privacy violation I assume?
17:57:39 <rhiaro> ... pseudonymity is not a way to get rid of compliance with GDPR
17:58:15 <rhiaro> drummond: heard from multiple attorneys, the fact that a DID is pseudonymous or the DID doc doesn't contain.. if it contains a public key associated with the individual it is personal data under GDPR
17:58:18 <brent> ack markus_sabadello
17:58:35 <rhiaro> markus_sabadello: two aspects that are sometimes mentioned regarding GDPR and privacy
17:58:42 <rhiaro> ... one aspect is encrypted data in DID docs, we have a section about that in the core spec
17:58:51 <rhiaro> ... but it is a warning saying don't do that because encryption is not safe in the long term
17:59:01 <rhiaro> ... especially when we want persistence and immutability, not adivsed to have encrypted data
17:59:11 <brent> with that definition, isn't any DID Document for a human DID Subject PII, regardless of its properties?
17:59:13 <rhiaro> ... the second aspect is that of authorization in DID resolution comes up rarely but sometimes
17:59:23 <identitywoman> so how do people actually do something in digital space as independent actors. So much of GDPR and privacy law is coming from a frame where the indivdual has no agency in anything (because it the OECD privacy principles arose origianlly out of US context in the early 1970's when people were being subscribed to catalogues with out their awarness or consent - none of it was written with the idea people would have computers and agency lik[CUT]
17:59:25 <rhiaro> ... when you resolve a DId to a DID document, not aware of anyone implementing that
17:59:28 <rhiaro> ... very complex topic
17:59:33 <brent> q?
18:00:38 <rhiaro> drummond: before we go onto the larger deeper issue of GDPR, any other comments or feedback or key thoughts that folks have about the text here we currently have?
18:00:43 <brent> q+
18:00:49 <brent> ack brent
18:01:10 <rhiaro> brent: [chair hat off] based on the conversation we've just had it seems as though at least according to GDPR that any DID with a human DID subject is PII
18:01:16 <rhiaro> ... any DID doc for a human DID subject is PII
18:01:26 <rhiaro> ... it's not just DID method specs written for public VDRs
18:01:32 <rhiaro> ... it's all DID docs with human subjects contain personal data
18:01:33 <dlongley> q+ to say if you can't identity a person, directly or indirectly, via the content in the DID Document, it is not personal data
18:01:41 <rhiaro> ... and therefore shouldn't be written to VDRs or immutable storage
18:01:42 <ivan> -> https://docs.google.com/presentation/d/1RoE8E4y8S1j65EJaXZ8oihkduNbjTXXvdwtkzw961Xw/edit#slide=id.ga6aa7427ae_1_19 Slide on PII
18:01:54 <rhiaro> drummond: that last piece about writing them to immutable data storage that is the highlighted issue at the end
18:02:30 <rhiaro> ... I don't think it's an issue, for a person and the information in there like public key being personal, as long as it's treated as personal data under GDPR or PII under other data protection regulations, the knot is in the written to immutable ledger
18:02:31 <brent> ack dlongley
18:02:31 <Zakim> dlongley, you wanted to say if you can't identity a person, directly or indirectly, via the content in the DID Document, it is not personal data
18:02:55 <rhiaro> dlongley: not to be super pedantic but if you can't identify a person directly or indirectly it's not personal data. Doesn't necessarily make for useful DID docs
18:03:02 <rhiaro> ... but the 'therefore' in brent's sentence does not necessarily apply
18:03:13 <rhiaro> ... just because it MAY be personal data that it cannot be written to a ledger, that's an unsolved legal question
18:03:17 <rhiaro> ... we don't know what the consequences of that are
18:03:29 <drummond> It is true that if the DID and DID document cannot be associated with a natural person.
18:03:37 <rhiaro> drummond: the point being made is if the DID and DID document cannot be associated with a natural person then your'e correct it does not meet the definition of personal data under GDPR
18:03:46 <jonathan_holt> q+
18:03:49 <agropper> q+
18:04:08 <brent> ack jonathan_holt
18:04:09 <rhiaro> ... there are ways, cryptographic and otherwise, that you could have a person with a DID doc that is maintaining tha tseparation such that it's not technically feasible, there is atest for how hard you have to work, if it's reaosnably hard then it's considered not associated and therefore not personal data
18:04:15 <by_caballero__juan_> but it's like encryption--- just because someone can't be correlated today... doesn't mean you aren't liable if it becomes retroactively possible later :D
18:04:46 <rhiaro> jonathan_holt: reading the slide, personal data etc an identification number etc etc cultural or identiy of a natural person... using type associates taht identifier to a natural person and that's an issue of GDPR
18:04:47 <brent> ack agropper
18:05:11 <rhiaro> agropper: I'd like to propose potentail solution - DID documents which are linked to public ledgers need to be dealt with the same way we deal with bitcoin or ethereum as public ledgers
18:05:35 <rhiaro> ... it is out of scope for us to make an implication as to what is associated with a particular key address in bitcoin or a particular DID when that DID is linked to a public ledger
18:06:14 <rhiaro> ... and ask therefore whether being that strict, because you can't be any stricter, it's a very stric tinterpretation of self sovereign identity relative to the way bitcoin is self sovereign, we all know that correlation systems exist and are being used by law enforcement to decode bitcoin addresses into personal information
18:06:27 <rhiaro> ... I propse could we adopt this linkeage or this analogy to solve the GDPR problem?
18:06:31 <rhiaro> ... and others
18:06:33 <drummond> q?
18:06:34 <rhiaro> drummond: great question
18:06:45 <rhiaro> ... on that note let's move to that specific problem
18:07:03 <rhiaro> ... what you heard from adrian is a potential solution, there are a copule of others
18:07:33 <JoeAndrieu> q+ to challenge the sacred cow of DID Subject
18:07:36 <rhiaro> ... the final sentence really triggers, when I read it we have to discuss this, because of this question of if the DId and DID doc is associated with a natural person and it's written to an immutable ledger then there is a very well known tension
18:07:41 <rhiaro> ... there are papers about this issue
18:07:49 <rhiaro> ... what do you do about the right of erasure?
18:07:55 <rhiaro> ... can that actually be affected
18:08:09 <dlongley> q+ to say there are also exceptions to "the right of erasure" around public interest -- is the ability to have a DID that cannot be taken away from you in the public interest?
18:08:09 <rhiaro> ... if that's the heart of that, I want to make sure we have a good discussion of the different options
18:08:19 <brent> ack JoeAndrieu
18:08:19 <Zakim> JoeAndrieu, you wanted to challenge the sacred cow of DID Subject
18:08:21 <rhiaro> ... we should capture what adrian was suggestion to resolve this
18:08:34 <rhiaro> JoeAndrieu: I think the term DID subjec tiself is part of the problem here
18:08:37 <rhiaro> ... I don't know if we can fix it
18:08:44 <rhiaro> ... I've voiced this perspective to several members of our community
18:08:49 <manu> Looking at the options on slide 32 -- -1 for #1, -1 for #2, +1 to #3.
18:08:55 <rhiaro> ... what DIDs really do is provide proof of control, a way to independnetly verify that someone has access to a secret
18:09:01 <rhiaro> ... it may not be persistent with any given DID subject
18:09:08 <rhiaro> ... the illusion we have painted that a DID refers to someone is part of the problem
18:09:13 <manu> q+ to agree with Joe
18:09:15 <identitywoman> +1
18:09:16 <rhiaro> ... although that's useful in a given context to have a consistent name
18:09:24 <brent> +1
18:09:26 <rhiaro> ... doesn't mean the name is the same person in different context
18:09:28 <brent> q?
18:09:35 <rhiaro> ... we have a fallacy around the DID subject I want to poke some holes at
18:09:50 <rhiaro> drummond: it is the next topic and it is specifically because it could be a potential solution. It's a whole topic unto itself
18:10:44 <rhiaro> ... it's important.. in order for that DID to be disassociated frm that individual... they would need to be the DID controller.. or as long as they could affect the right of erasure.. that would be one option
18:10:49 <brent> ack dlongley
18:10:49 <Zakim> dlongley, you wanted to say there are also exceptions to "the right of erasure" around public interest -- is the ability to have a DID that cannot be taken away from you in the
18:10:52 <Zakim> ... public interest?
18:11:01 <rhiaro> dlongley: there are also exceptions to that around public interest for example
18:11:11 <rhiaro> ... the ability to have a DID that cannot be taken away from you could be in the public interest
18:11:13 <rhiaro> drummond: super good point
18:11:17 <rhiaro> ivan: that's something GDPR allows?
18:11:18 <rhiaro> dlongley: yes
18:11:30 <rhiaro> drummond: there are exceptions to the differnet rights
18:11:47 <rhiaro> ... there's a paper that discusses exceptions that could be argued apply to the Sovrin blockchain that is immutable
18:11:49 <brent> ack manu
18:11:49 <Zakim> manu, you wanted to agree with Joe
18:11:58 <dlongley> +1 to Joe as well
18:11:59 <rhiaro> manu: very strong +1 to what Joe said
18:12:05 <rhiaro> ... taking a step back a bit and looking at this holisticly
18:12:11 <rhiaro> ... the law takes time to catch up to what we're doing right now
18:12:19 <rhiaro> ... GDPR was written in a world that did not necessarily conceive the tech that we're working on
18:12:20 <drummond> Link to the Sovrin Foundation white paper on the question of DIDs and immutable ledgers: https://sovrin.org/data-protection/
18:12:25 <dlongley> +1 to manu -- law has to catch up to this technology
18:12:41 <rhiaro> ... while there have been each one of us has legal council that have been looking at this in fundamentally the narrative back from them is look there has been no definitive ruling on any of this stuff
18:12:49 <rhiaro> ... it's uncharted territory, we can guess but not say for sure
18:12:57 <rhiaro> ... what we say in the spec will have an effect on future interpretations
18:13:01 <rhiaro> ... that is why what Joe is saying is very important
18:13:08 <dlongley> it wasn't written to address this tech -- this tech is intended to help with self-sovereignty in a way that wasn't conceived of in the law (which is also intended to help with self-sovereignty)
18:13:18 <rhiaro> ... there have been this misundersatnding with the spec that once you create a DID it is always bound to the same individual over the lifetime of that individual
18:13:22 <rhiaro> ... it's simply not true
18:13:33 <rhiaro> ... Just like you can say 'mom'  it does not mean the same thing in different contexts
18:13:42 <rhiaro> ... a DID cna be handed off between differnet individuals, private corp to public corp
18:13:52 <rhiaro> ... you can't say definitively that a DID applies to an individual
18:13:57 <rhiaro> ... it maybe true at a point in time
18:14:01 <rhiaro> ... but that can change very quickly
18:14:16 <rhiaro> ... we should say something about this in the DId spec, that we did understand the ramifcations of GDPR and we did design the spec to be as privacy protecting as possible
18:14:17 <drummond> q+ to explain about control over the private keys is an means of "effective erasure"
18:14:21 <rhiaro> ... and took GDPR into full account
18:14:42 <rhiaro> ... and make the point that these things are not identifying a single individual, they can be transient things and can be usedin a way that fundamentally supports GDPR
18:14:51 <rhiaro> ... the whole reason GDPR is out there is to give people mroe control over their data
18:14:55 <rhiaro> ... we're building technologies to do that
18:15:08 <rhiaro> ... it would be terrible for GPDR ot be used to prevent one of the fundamental goals of GDPR, to have more control over their data
18:15:10 <by_caballero__juan_> Fun fact: by some measures, GDPR turns 10 years old on wednesday https://ofthewedge.com/2020/11/01/the-gdpr-was-the-most-lobbied-law-in-eu-history-dsa-hold-my-beer/
18:15:41 <rhiaro> drummond: persistence is something we're discussing, ther's a specific proposal Id love to get feedback on
18:15:47 <brent> ack drummond
18:15:47 <Zakim> drummond, you wanted to explain about control over the private keys is an means of "effective erasure"
18:16:01 <rhiaro> ... I agree with man, we can and should craft a specific subsection of the privacy considerations section addressing this issue
18:16:12 <rhiaro> ... I'd be happy to get experts that I've worked with on this to help us craft that text
18:16:22 <rhiaro> ... I believe manu is correct, we will actually be able to influence regulatory decisions about this
18:16:50 <rhiaro> ... the one point I want to make that's madein that paper is that if the DID subject is an individual and they're the DID controller they effectively by control of the keys for the DID doc have an effective right of erasure
18:17:11 <agropper> q+
18:17:11 <JoeAndrieu> q+ for proof of control as erasure
18:17:12 <rhiaro> ... they can essentially terminate the DID doc and in doing so declare the dissociation and that is an effective right of erasure
18:17:22 <rhiaro> ... that combined with the fact that it supports the core goals of GDPR is a very powerful stance
18:17:29 <brent> ack agropper
18:17:58 <rhiaro> agropper: I want to disagree with drummond there. if  a DID doc is publicly indexed by crawlers of the internet the fact that you as a controller can delete it makes no difference at all. it has already been crawled
18:18:02 <rhiaro> ... and is now out of your control
18:18:10 <rhiaro> ... I don't think what drummond just said is useful, regardless of what the lawyers say
18:18:12 <brent> ack JoeAndrieu
18:18:12 <Zakim> JoeAndrieu, you wanted to discuss proof of control as erasure
18:18:46 <rhiaro> JoeAndrieu: it may help if we had stronger language specifically aroudn the pattern with VCs. Proof of control is the only way you can identify that the subject is part of the interaction
18:18:59 <manu> That's an excellent point as well Joe -- we should make that point too
18:19:00 <rhiaro> ... removing that proof of control by changing yoru keys is effectively a redaction, including on public ledgers
18:19:13 <dlongley> +1
18:19:40 <rhiaro> drummond: In my head i had associated DIDs as these are effectively URNs
18:19:52 <JoeAndrieu> q+ to suggest "can't be taken away"
18:19:55 <manu> +1 to rewording persistence in this way
18:19:57 <rhiaro> ... a persistence identifier that is assigned once and never changes ever
18:19:58 <brent> +1 to revising the language around persistence.
18:20:01 <rhiaro> ... I had put DIDs in that bucket
18:20:23 <rhiaro> ... and Joe pointed out the very nature and design of DIDs is the DID controller controls what the DID identifies and therefore in practice a DID is only as persistence as a controller chooses
18:20:28 <rhiaro> ... and the underlying DID method is able to support
18:20:32 <rhiaro> ... so joe changed my mind
18:20:41 <rhiaro> ... I found the language about persistence, in section 3.1
18:20:45 <rhiaro> ... it is a note
18:21:02 <rhiaro> ... please take a second to read it. I'm going to propose completely different text, except for the last sentence
18:21:11 <manu> Yep, text on slide 33 is wrong :)
18:21:27 <dlongley> -1 to the text on that slide, happy to see new language
18:21:28 <manu> it's not meant to be bound exclusively and permanently to on and only one subject
18:21:37 <manu> it can be repurposed
18:21:49 <burn> Agree Manu
18:21:54 <burn> Bad Drummond
18:21:56 <rhiaro> drummond: if i was responsible for this text it was probably 3 years ago
18:22:01 <ivan> -> https://docs.google.com/presentation/d/1RoE8E4y8S1j65EJaXZ8oihkduNbjTXXvdwtkzw961Xw/edit#slide=id.ga6aa7427ae_1_61 new proposed language on persistence
18:22:04 <rhiaro> ... now let's look at new language
18:22:22 <JoeAndrieu> q+ to mention the name of the rubric
18:22:34 <manu> We should remove the normative stuff -- not testable.
18:22:35 <brent> ack JoeAndrieu
18:22:35 <Zakim> JoeAndrieu, you wanted to suggest "can't be taken away" and to mention the name of the rubric
18:22:46 <manu> but other than that, great text!
18:22:55 <rhiaro> JoeAndrieu: one language that came out of conversations with christopher allen and trying to disect what we mean by this
18:23:00 <rhiaro> ... we came up with the phrase "cant' be taken away"
18:23:05 <rhiaro> ... I don't know if it's the right language, but the intent
18:23:10 <dlongley> +1 that's the original intent "can't be taken away" (and the very very original language)
18:23:13 <rhiaro> ... less important that the DID is persistent, but that your provider can't take it away
18:23:19 <brent> +1 to Joe
18:23:19 <rhiaro> ... which in some context feels like persistence
18:23:19 <by_caballero__juan_> If a controller deactivates a DID, can the ledger still be queried historically? Doesn't that kind of undercut the effectiveness of that erasure?
18:23:23 <rhiaro> ... We need to figure out the name of the rubric
18:23:37 <rhiaro> ... because the current editors don't call it that and we'v emoved beyond decentralisation, so that's another conversation
18:23:44 <drummond> q?
18:23:45 <burn> "Control cannot be taken away from the DID controller without the controller's permissionz'
18:23:51 <burn> (minus the z)
18:24:14 <rhiaro> drummond: I wanted to get something that captures the key points
18:24:22 <rhiaro> ... the technical accuracy that it is the DID controller
18:24:30 <rhiaro> ... I love the point of can't be taken away, like that phrase
18:24:39 <JoeAndrieu> q+ to say that I think "context" may also be a useful term
18:24:48 <rhiaro> ... DID architecture designed to support the ability for it to be permantently bound, the DID controller.. we can make that language closer to can't be taken away or add language
18:24:58 <brent> +1 to "can't be taken away" over "permanently bound"
18:25:03 <rhiaro> ... I'd love to get a simple proposal out of this that this language is approximately, that we agree there should be a PR to revise the language
18:25:06 <rhiaro> ... along these lines
18:25:10 <agropper> +1 to this new language
18:25:16 <brent> ack JoeAndrieu
18:25:16 <Zakim> JoeAndrieu, you wanted to say that I think "context" may also be a useful term
18:25:35 <rhiaro> JoeAndrieu: I'm not a fan of the term persistnece. There' ssomething here about identifiers being specific to context
18:25:55 <rhiaro> ... with techniques such as VCs you can accumulate contexts with which you can convince yourself there's a consistent set of properties
18:25:59 <rhiaro> ... it's that contextuality I'm not seeing here
18:26:40 <rhiaro> brent: anyone have recommendations for changes to manu's proposal?
18:26:54 <drummond> +1
18:26:54 <manu> PROPOSAL: Adopt the language on slide 34 as a starting point for a PR that establishes new language around Persistence. URL is here: https://docs.google.com/presentation/d/1RoE8E4y8S1j65EJaXZ8oihkduNbjTXXvdwtkzw961Xw/edit#slide=id.ga6aa7427ae_1_61
18:26:55 <agropper> +1
18:26:58 <ivan> +1
18:27:00 <drummond> 1
18:27:01 <shigeya> +1
18:27:02 <burn> +1
18:27:02 <JoeAndrieu> +1
18:27:02 <brent> +1
18:27:04 <manu> +1
18:27:05 <dlongley> +1
18:27:08 <dmitriz_> +1
18:27:09 <jyrossi> +1
18:27:10 <rhiaro> +1
18:27:12 <jonathan_holt> 0
18:27:16 <markus_sabadello> +1
18:27:49 <by_caballero__juan_> *1
18:28:28 <by_caballero__juan_> != 1
18:28:41 <rhiaro> brent: not seeing any objections
18:28:42 <manu> RESOLVED: Adopt the language on slide 34 as a starting point for a PR that establishes new language around Persistence. URL is here: https://docs.google.com/presentation/d/1RoE8E4y8S1j65EJaXZ8oihkduNbjTXXvdwtkzw961Xw/edit#slide=id.ga6aa7427ae_1_61
18:28:54 <ivan> rrsagent, draft minutes
18:28:54 <RRSAgent> I have made the request to generate https://www.w3.org/2020/11/02-did-minutes.html ivan
18:29:03 <rhiaro> drummond: we got as far as I could have hoped to with these issues
18:29:10 <rhiaro> ... I've been noting action items
18:29:27 <rhiaro> ... I'd say the important part of completing our work around privacy, besides the PRs, is then attending to the other ones that got brought up
18:29:45 <rhiaro> ... around biometrics, notarization
18:29:55 <rhiaro> ... we'll take that as action tiems to keep working on those
18:30:00 <rhiaro> ... thanks, we made a lot of progress here
18:30:07 <manu> +1, yes, thank you Drummond - very helpful!
18:30:16 <burn> Thank you, thank you
18:30:16 <rhiaro> brent: I think we do have a lot of consensus in the group around privacy, we all care deeply about it
18:30:21 <rhiaro> ... this was a great first meeting
18:30:25 <rhiaro> ... especially those of you up so late!
18:30:32 <jonathan_holt> q+
18:30:35 <rhiaro> ... we will be meeting again tomorrow, two hours later than the start time was today
18:30:51 <rhiaro> ... noon eastern time
18:30:55 <rhiaro> ... see you tomorrow!
18:30:57 <ivan> zakim, end meeting
18:30:57 <Zakim> As of this point the attendees have been ivan, burn, shigeya, jeff, brent, dlongley, justin_r, selfissued, rhiaro, identitywoman, kristina, markus_sabadello, dmitriz_,
18:31:01 <Zakim> ... Geunhyung_Kim, manu, Tomoaki_Mizushima, JoeAndrieu, agropper, jonathan_holt, drummond, by_caballero__juan_, phila_, jyrossi, Orie, tan, Duy-Tung, LUU, Zagidulin, Wang_Haiguang
18:31:01 <Zakim> RRSAgent, please draft minutes
18:31:01 <RRSAgent> I have made the request to generate https://www.w3.org/2020/11/02-did-minutes.html Zakim
18:31:03 <Zakim> I am happy to have been of service, ivan; please remember to excuse RRSAgent.  Goodbye
18:31:07 <Zakim> Zakim has left #did
18:31:08 <burn> Yes, thank you, Amy
19:02:41 <JoeAndrieu> present+
19:02:43 <JoeAndrieu> hmph
20:21:49 <yoshiaki> yoshiaki has joined #did
21:23:37 <yoshiaki> yoshiaki has joined #DID
21:31:05 <yoshiaki_> yoshiaki_ has joined #did
22:26:48 <keiko> keiko has joined #did
22:53:16 <yoshiaki> yoshiaki has joined #DID