14:14:02 RRSAgent has joined #did 14:14:02 logging to https://www.w3.org/2021/05/18-did-irc 14:14:04 RRSAgent, make logs Public 14:14:06 please title this meeting ("meeting: ..."), ivan 14:14:10 Meeting: DID WG Telco 14:14:10 Chair: burn 14:14:10 Date: 2021-05-18 14:14:10 Agenda: https://lists.w3.org/Archives/Public/public-did-wg/2021May/0013.html 14:14:10 ivan has changed the topic to: Meeting Agenda 2021-05-18: https://lists.w3.org/Archives/Public/public-did-wg/2021May/0013.html 14:35:07 dmitriz has joined #did 14:46:15 burn has joined #did 14:52:39 present+ 14:56:59 regrets+ 14:59:47 present+ 14:59:59 present+ shigeya 15:01:06 justin_r has joined #did 15:01:19 present+ 15:01:23 present+ markus 15:01:28 chriswinc has joined #did 15:01:29 present+ manu 15:01:33 Geun-Hyung has joined #did 15:01:42 Present+ 15:01:44 present+ 15:01:59 present+ dmitriz 15:02:41 Topic: Agenda Review, Introductions, Re-introductions 15:03:11 burn: we're gonna talk about the Special Call, Brent will mention our communication with ITU, then status of implementations 15:03:13 markus_sabadello has joined #did 15:03:19 present+ 15:03:25 ... then registries, then DID Core issues & PRs 15:03:35 scribe+ 15:03:37 present+ 15:03:40 agropper has joined #did 15:03:58 present+ 15:04:09 burn: any requests for changes/additions to the Agenda? 15:04:10 Topic: No Special Topic Call 15:04:35 burn: summary - no special topic call this week. We're going to be switching to some other work, but at the moment, no particular items 15:04:41 ... what we need is for people to get their implementations in 15:04:52 ... so, in case you missed it - no special topic call this week. 15:04:53 Topic: ITU and DID 15:05:10 ... Ivan, can you give us a summary? 15:05:25 ivan: so, we've got contacted by the ITU Working Group 15:05:36 ... they collect references to a number of identity-related standards all over the world 15:05:39 TallTed has joined #did 15:05:45 ... not only formal standards, but also other various groups like FIDO 15:05:55 ... Brent was invited to go to one of their calls 15:06:08 ... to give a presentation about DIDs, which he did, brialliantly 15:06:37 ... and now they have contacted us. If we understand their request -- if we would be ok with them listing the DID spec on their list of identity standards 15:06:49 brent has joined #did 15:06:55 ... the only thing they need is a 1-2 paragraph description (of what this group does, wants to do) 15:06:55 present+ 15:07:04 q+ 15:07:13 ... and of course reference to the standard. And an authorization/blessing from us to include our spec on the list. 15:07:20 drummond has joined #did 15:07:26 present+ 15:07:32 ... I think the right time to do that would be in a few weeks or months, when we begin to discuss the future of this WG 15:07:47 ... what's our longer-term plan for spec maintenance, etc. 15:07:53 ... Brent - anything I'm missing? 15:08:03 brent: no, +1 to what you said 15:08:18 ... it was fascinating how much they already knew about DIDs, and are planning to use the tech (and encourage their members) 15:08:23 ... (which are telcos) 15:08:35 ... so, I encourage us to look at this positively. 15:08:45 ack markus_sabadello 15:09:10 markus_sabadello: personally, I think it would be great if they reference our work. one question - if I remember correctly, we were contacted about a year ago, by ITU Study Group 17 (?) 15:09:27 ... which was about security aspects for distributed ledger tech. (and they asked for a liaison?). Was that the same group? 15:09:34 ivan: I don't remember. 15:09:43 brent: 17 is the Study Group for Identity management 15:09:56 ivan: ah ok, so.. seems like the same group, but not exclusively about ledgers 15:10:12 burn: Ivan, do we need a decision by the group? Or just, hear if there are any objections? 15:10:19 ivan: let's do a resolution 15:10:38 burn: ok, I'll put a draft proposal. 15:10:59 Question back to them about whether this will be a static list, once published, or we can be listed later? 15:11:07 q+ 15:11:20 ack TallTed 15:11:36 tallted: is this something they'll publish in stone at the end of the week? Or something that can be listed in later? (once we're done) 15:11:42 Do we really need to approve someone else referencing our specs? 15:11:43 ... so that it can just be part of the PR when we publish 15:11:59 btw, SG17 is their Security Study Group -- https://www.itu.int/en/ITU-T/studygroups/2017-2020/17/Pages/default.aspx 15:12:22 ivan: good question. My proposal is - let's tell them we'll give them information about our longer-term plans; it'll be a combination of a reference to the current WG, plus an idea of the longer term plans 15:12:31 ... so, we can send them something in 1-1.5 months 15:12:33 ... and here's what they're publishing: https://www.itu.int/md/T17-SG17-R 15:12:43 brent: that sounds like half-agreement with what Ted said? 15:12:44 ivan: yeah 15:13:06 q+ 15:13:14 ack drummond 15:13:28 drummond: do we really have to approve someone else referencing our spec? 15:13:44 ivan: that was my question too. our legal advisory ppl said - institutions like ITU are 10x as cautious about this kind of thing; they always ask for authorization 15:13:52 I think we should also use W3 labels for these things -- e.g., not "specification", but CR (or PR or TR) 15:13:56 drummond: sure, but like.. that's the whole point of a public spec :) 15:14:17 burn: how about - instead of 1-2 months, we can just say "when the spec is complete" 15:14:41 Looks good 15:14:51 tallted: we should use W3 labels for the specs. (CR/TR etc) 15:15:43 q+ to suggest TR 15:15:59 q+ 15:16:02 q- 15:16:23 looks good 15:16:33 PROPOSED: We approve ITU SG 17 referencing our DID Core Technical Report in their report on identity standards when it is completed. 15:16:35 +1 15:16:37 +1 15:16:37 +1 15:16:38 +1 15:16:40 +1 15:16:41 +1 15:16:42 +1 15:16:42 +1 15:16:45 +1 15:16:48 +1 15:16:49 +1 15:16:54 +1 15:16:59 RESOLVED: We approve ITU SG 17 referencing our DID Core Technical Report in their report on identity standards when it is completed. 15:17:18 brent: drummond, that was my first question too, re approval :) (but, these large orgs seem to like that) 15:17:19 drummond: yep, got it 15:17:26 Topic: Status of Implementation Feedback 15:17:32 q+ 15:17:34 burn: how are we doing on implementations? 15:17:36 ack ivan 15:17:38 ack manu 15:17:43 manu: (sharing screen) 15:17:48 q- 15:18:03 manu: ok, implementations! we have a ton of them in, which is great 15:18:14 ... we have a ton of Resolver implementations. (unfortunately, it's all the Universal Resolver :) ) 15:18:17 ... but still, that's great 15:18:24 ... we have 3Box and Consensys resolvers, as well 15:18:30 ... only one de-referencer still. (so, problematic) 15:18:36 ... and a number of DID Method submissions. 15:18:43 ... now, this is only after a week, so, that's still good. 15:18:54 ... and we have another week to take implementation reports, to determine whether we have enough to exit CR 15:19:06 ... for us to know that, we need to generate a report (that tells us if there's at least 2 independent impls, for each feature) 15:19:18 ... there's upwards of a 150 normative statements 15:19:35 ... we needed an automated way to do that. Shigeya started on an automatic report generator (in this PR), made great progress 15:19:44 ... here's a preview of the Test Suite report 15:19:47 actually, just finished working on it (besides matrix) 15:19:49 ... organized by sub-suites 15:20:08 ... layout is - here's the normative statement being tested, then every single DID Method & thing that conforms to it 15:20:16 ... we don't have anything checked in that is failing yet. 15:20:27 q+ 15:20:38 ... the idea is, we're going to go down through the report, and look for things that only have one implementation. 15:20:42 ... for example - JSON Production 15:20:59 ... for that, we don't have anything, other than an example, generating a Number, a Null Value, a Double, that sort of thing 15:21:23 ... we may choose to overlook this, because - it may be obvious to the WG, that clearly we want to support integers in the data model, etc. 15:21:29 ... but it's just an example of implementation 15:21:34 https://github.com/w3c/did-test-suite/pull/105 15:21:37 https://pr-preview.s3.amazonaws.com/shigeya/did-test-suite/pull/105.html#conformance-by-test-suites-3 15:21:57 manu: so, basically, thanks a ton to Shigeya for fixing this mechanism 15:22:08 ... there's a couple more things we need to add to it that are being tracked 15:22:17 ... shigeya, would you like to add anything? 15:22:25 shigeya: basically, I just funished 15:22:35 ... and it statically generates the HTML 15:22:53 ... I still need to do/figure out - how to create an NxN matrix 15:23:04 ... we have several test suites here, but it doesn't match to the section number, for example 15:23:40 ... I've seen the VC test suite using the matrix structure, for the tests 15:23:51 q+ 15:24:02 ack ivan 15:24:02 ... I'm not sure how to structure this - thoughts from the WG? 15:24:48 is it possible to have each test linked, within, e.g., https://pr-preview.s3.amazonaws.com/shigeya/did-test-suite/pull/105.html#conformance-by-test-suites-1 15:25:07 q+ 15:25:09 ivan: (question about the right column, the Parameters). whether this will be a useful info to the W3C Director 15:25:25 ivan: also, there has to be some sort of back-link to what these implementations are 15:25:46 ... just some metadata on implementations, so one can see that easily 15:26:04 ... for the matrix, what I would expect to see is a big table which says "these are the tests, and you can categorize that, one per row" 15:26:12 ... and for each row, every implementation that does implement that item 15:26:21 ... I realize that I don't know how many implementations we'll have in that list 15:26:23 ack manu 15:26:51 manu: couple of things. first, this report won't be too useful to the Director; this is just for our reference 15:27:03 +1 to ivan's question about need to include parameters column ... tho I now see it containing media types (and 2 such for 1 implementation) 15:27:03 ... shigeya - I don't think we should do a full table/matrix, will be too large 15:27:17 q+ 15:27:18 ... what the Director is more likely to want to see is - which features DIDN'T make it 15:27:49 ... so, being able to generate that programmatically (the features that didn't make it) - that would be super useful 15:28:05 ... and then if you really wanted to dig down into the details, you can view the full implementation tables 15:28:26 ... also, this is still very much experimental; some of the output requires explanation. A lot of this has to do with the complexity of the spec 15:28:39 ... since we're testing all kinds of things - syntax, data model, resolution, dereferencing, metadata structs, etc 15:28:44 47 test inputs (files in implementation directory). 32 of them are universal resolver based test 15:28:51 ... and that just results in a very complex report 15:28:52 (some of them are examples) 15:29:07 summary of summary table good; huge summary table and ability to drill down to per-implementtion and/or per-tested-fature details also good 15:29:18 ... shigeya - so, don't work on a 2d matrix. ivan - what we need to show the Director specifically, is the list of features that didn't cut it. (and, obv, that list should be 0 items long :) ) 15:29:50 scribe+ 15:29:51 ack shigeya 15:29:52 q+ 15:30:18 q- 15:30:20 ack burn 15:30:50 q+ to note I only think we're missing one thing -- a list of things that don't have sufficient implementation experience -- that list will be non-zero for JSON 15:30:57 burn: what I've been through in director meetings - you're right manu, whatever the categories are that we are testing for which we say we need at least two implementations we need to be able to clearly summarize at the top the number of features we don't have sufficient implementations 15:31:03 ... it's also helpful to say what we do have sufficient for 15:31:07 ... and to click in to see details 15:31:21 ... and should be easy to tell visually which don't have enough, eg. bright red title 15:31:25 ... so it's easy to skim 15:31:45 ... one of the reasons it's good to have the link to sufficient implementations is because another important check for the director (sometimes, depending on things) is to see how independant they are 15:32:06 ... this example is a great example because it looks like everythingis great but when you click on the list of implementations and you see 'example examlpe example' that could be a red flag 15:32:17 q? 15:32:18 ... yes, summary at the top sayinghow many featurs have at least two, how many don't, but a click to get to details 15:32:20 ack ian 15:32:21 ack ivan 15:32:22 ivan: agree 15:32:30 ... only a minor thing, more psychological than anything 15:32:35 ... we will have 30-40 implementations 15:32:43 ... it might be more impressive to give the number of positive implementations 15:32:46 ... not only to say yes we are over 2 or not 15:32:49 ... but give the number 15:32:54 ack manu 15:32:54 manu, you wanted to note I only think we're missing one thing -- a list of things that don't have sufficient implementation experience -- that list will be non-zero for JSON 15:33:03 manu: we're converging 15:33:08 ... with optional things that might be helpful 15:33:24 ... we're only really missing one thing in the report - that is a breakdown of here are all of the features that don't have more than implementation 15:33:27 ... or have 0 or 1 15:33:33 ... and then links to take you to those detail sections 15:33:42 ... and another section that says here are all the features that have mor ethan two indepant implementations 15:33:46 ... here are the number of implementations 15:33:51 37 uses of "universal resolver" are not 37 implementations ... and it seems like there isn't another resolver? that's a pretty big gap. 15:33:53 ... and here's a link to that section if you want to look in more detail 15:34:03 ... the expectation si the director will look at those two things first and if they have questions will drill down 15:34:09 ... we will have things in each list 15:34:18 ... I don't think anyone is going to submit a json implementation that has a null value 15:34:21 ... as the right hand side value 15:34:25 ... i don't think anyone has a use case for that yet 15:34:33 ... so we'll be able to prove both lists are being generated properly 15:34:36 q? 15:34:42 ... did I say anything that didn't agree? 15:34:45 q+ 15:34:47 q+ 15:34:48 ack burn 15:34:49 ivan: it's fine 15:35:20 burn: additional comment - when you get to that last step, you first have the summary, then click to see how many implemented, then to that list and I like the idea per feature that has a summary, what the blue bars are 15:35:24 ... it has a feature with a count 15:35:35 ... but when you go to see details of the implementations I'd prefer a link to the individual implementation report 15:35:37 ... that contianed that 15:35:52 ... and the reason is because it can be helpful when you click to that to see the implementer implemented one feature and nothing else 15:35:58 ... to see the full report for somebody is sometimes helpful and interesting 15:35:59 q? 15:36:02 ack TallTed 15:36:06 TallTed: echoing that 15:36:12 ... being able to drill down on either access to any given point 15:36:17 ... per implementation, but also per feature 15:36:20 ... see who implemented it 15:36:25 q+ to note that "fancy" and "nice to have" -- shigeya is very graciously doing the work, I don't want to overload him. 15:36:33 ... if the blue bars included a count of... just count successes, no failures? failures wouldnt be in the table? 15:36:35 manu: they would 15:36:42 TallTed: the bars could summarise one success out of 37 testers that would be useful 15:36:58 ... I'm concerned in the early comments you said there were a bunch of resolver implementations which aren't independant 15:37:01 ... they're a bunch of uses of the thing 15:37:04 ... that looks like a big gap 15:37:06 manu: correct 15:37:07 ack manu 15:37:07 manu, you wanted to note that "fancy" and "nice to have" -- shigeya is very graciously doing the work, I don't want to overload him. 15:37:08 agreed. 15:37:11 +1 to the gap 15:37:20 manu: I ack Dan that would be nice to have 15:37:22 I don't want to overload Shigeya either 15:37:32 ... Shigeya has done a ton of work and I want to be respectful and not overload him 15:37:38 ... want ot make sure we get to the minimum possible, then it's up to Shigeya 15:37:45 q+ 15:38:00 ... I'd like to ask you Shigeya does everything make sense and do you feel it's actionable? Are the priorities clear? 15:38:07 ... and what you need to implement is clear? 15:38:08 ack shigeya 15:38:14 shigeya: yes, actionable 15:38:16 ... depends on the deadline 15:38:18 ... and my time 15:38:25 ... not so much work I believe 15:38:26 q+ 15:38:33 ... when do we need the report? 15:38:34 q+ to say summaries, both pos and neg, are what's important 15:38:39 ack manu 15:38:48 manu: whenever 15:38:51 ... you can do it 15:39:02 ... ideally everything ready by next monday, but I don't think that's realistic 15:39:18 ... within the next two to three weeks, the most basic thing, that would be decent shape 15:39:22 ack burn 15:39:22 burn, you wanted to say summaries, both pos and neg, are what's important 15:39:25 shigeya: that's doable 15:39:26 burn: agree 15:39:38 ... first, thank you Shigeya, we should give Shigeya a lot of thanks 15:39:42 yes, +1 -- this is a big job and it's very much appreciated. 15:39:57 ... all we need is the summaries 15:40:08 ... and individual reports if you can. Doesn't have to be beautifully linked 15:40:13 ... positive and negative are important 15:40:13 q+ to note negatives 15:40:17 ack manu 15:40:17 manu, you wanted to note negatives 15:40:31 manu: on the negatives, people don't like submitting negative tests to show an implementation fails or doesn't conform 15:40:36 burn: i meant that we don't have at least two 15:40:41 ... we are failing the report 15:40:46 manu: +1 15:40:50 burn: any other comments? 15:40:51 q+ 15:40:57 ack shigeya 15:41:04 shigeya: there are a bunch of examples here 15:41:08 ... so we need to eliminate them 15:41:10 ... at some point 15:41:16 q+ 15:41:29 ... any good ideas to handle this? 15:41:30 ack manu 15:41:39 +1000000 thanks to Shigeya -- setting these reports up is vital, never gets enough resource, and often falls flat. this is one of the more challenging groups to set up report on, and these reports are far beyond what might have been delivered. 15:41:48 manu: it is very important that the examples remain in th etest suite to make sure we are testing everything 15:41:53 ... we needed the test suite to run against something 15:42:10 ... all that needs to remain, but shigeya you're right, when we generate the report the report should not include the examples 15:42:13 q? 15:42:21 +1 to manu on not including did:example 15:42:25 ... probably needs code that you run to eliminate the things with example in them 15:42:31 ... I don't know how exactly, might have to be a regex 15:42:47 ... I don't think we have the word example in any of the normative statements, so you would check the implementation, and I don't think we have 'exmaple' in any implementation names 15:42:57 ... so you might be able to filter out those test results by doing a regex against the implementation name 15:42:58 shigeya: i will try 15:43:12 Topic: Report on documents 15:43:18 q+ 15:43:20 present+ 15:43:23 burn: report on implementation guide or rubric? 15:43:23 ack manu 15:43:35 manu: I have a list, but happy to defer to editors of each doc 15:43:41 ... Use cases would be Joe and Phil 15:43:50 ... it's done. 15:43:55 ... We published it. Hurrah! 15:44:05 ... DID Core has a few issues remaining but they're being handled 15:44:13 ... one issue from securekey that we want to have a light discussion around in the next week or two 15:44:18 ... around the construction of DID URLs 15:44:25 ... and we've got a number of PRs, many editorial 15:44:31 ... one is moving the cbor thing out into its own note 15:44:36 ... other ones having to do with cleanup in the appendices 15:44:40 ... that's happening and will continue 15:44:48 ... slower than I'd like but we're addressing them 15:44:56 ... The outstanding scary thing is the MIME type discussion at IETF 15:45:01 ... Need to email about a decision 15:45:05 ... concerned our fallback is unworkable 15:45:20 ... We may need to put aside some time to talk about what we're going to do 15:45:26 ... waiting on sending an email to ietf 15:45:26 q+ 15:45:35 ack ivan 15:45:47 ivan: why do you think the alternative is not workable? 15:45:57 manu: i don't think people want to implement it... the profile thing on ld+json feels unworkable 15:46:02 ... having had a fresh discussion about it 15:46:15 ... we thought people would be okay with it but they thought surely ietf would have a decision at this point so they didn't consider us having to implement it 15:46:30 ... do other people feel that way? 15:46:32 ivan: separate discussion 15:46:43 manu: DID Spec registries 15:46:50 ... based on decisions in past weeks, design is mostly stable 15:46:54 ... still a large number of issues 15:47:06 ... most are we don't have contact information for authors of specs, except for github handles, which have worked out well 15:47:11 ... we can get a list of all the contributors 15:47:20 q+ 15:47:23 ... many are DID method creators, that's how we pinged 90+ of them when we needed implementations and they repsonded 15:47:28 ... we just don't have email addresses 15:47:29 q- 15:47:31 ... no big blockers I can think of 15:47:48 ... Next, DID Rubric 15:48:02 ... Joe reported out on that two weeks ago, in good shape, waiting on a PR from Joe to update with 20+ new considerations 15:48:04 ... work continues 15:48:13 ... Next is DID+CBOR note 15:48:19 ... that spec was created this weekend by ivan and I 15:48:27 ... we have a repo with all the latest in it, spec has been cleaned up 15:48:31 ... we're close to being able to publish that as a note 15:48:44 q+ 15:48:45 ... we'll do it when we've got many of the DID Core editorial updates to the appendices done 15:48:53 ... finally the implementation guide has been updated to use Orie's language 15:48:56 ... Orie did a bunch of suggestions 15:49:00 ... some were controversial 15:49:09 ... markus has put in a PR on @context and his concerns around that 15:49:23 ... the decision we made is that we're going to allow people to take positions that are controversial and document all the different arguments on that controversy 15:49:28 ... so it's documented and crosslink them to each other 15:49:37 ... so people can read and understand that there are some things the group couldnt agree on 15:49:46 ... take a look at Orie's new language and markus' PR, we're going to merge that 15:49:49 ... and we'll have a note by the tiem the WG ends 15:49:51 ... that's in good shape 15:49:58 ... General takeaway is we're in good shape, have been for a while 15:50:02 ... Good job as a WG 15:50:14 ack ivan 15:50:16 ... looks like we're going to have a number of useful documents that are in our charter and a couple that weren't that are going to help the ecosystem 15:50:23 ivan: did we get any feedback from jonathon the cbor stuff? 15:50:24 manu: none 15:50:37 burn: questions or comments? 15:50:51 s/jonathon/jonathan/ 15:51:21 Topic: Status of registries 15:51:26 manu: We never came to ground on if we were going to have a description field in the Registries or not 15:51:50 ... Currently every entry is meant to have the thing that's being registered a link to where it' sdefined and an open question about should we have a field where the person registering can put in useful information about the field 15:52:01 ... eg. this property will work across all representations 15:52:15 ... and the cbor tag for this is value 63 15:52:18 ... that's been a proposa 15:52:28 ... the counter argument against it is because there's no standard entry people can put in whatever 15:52:31 ... but maybe that's okay 15:52:40 ... maybe we allow people to put in guidence around specific properties that they feel are important 15:52:46 ... the real thing that matters is the link to the spec 15:52:53 ... the managers of the registry dont' have to care that much about th edescrpition 15:53:10 ... may do some high level check but not requiring the registry maintainers to evaluate the truth of what the registrant writes 15:53:20 ... Do we want a general description field? Or forbid that and only provide a link? 15:53:23 ... and the json-ld context 15:53:46 ... Would there be any objections to providing a description field that registrants can use for purposes that they deem are important? 15:53:50 ... free form text field 15:53:57 ... light vetting 15:54:06 ... but up to the people managing the registry to determine 15:55:02 manu: *proposal writing voice* 15:55:23 PROPOSAL: The DID Specification Registries will support a "description" field for all registry entries that can be used at the discretion of the registrant to express items of importance to the registered item. The registry maintainers are not required to check the truthfulness of the statement, but may exercise their best judgement when processing the registration request. 15:55:41 q+ 15:55:45 ack justin_r 15:56:10 justin_r: problem I have is that it is a very long winded way to say this is a human readable field with no implied impact on interoperability 15:56:35 ... but given the fact it has been the intent of the WG of the registry to not have a normative impact on interop... we can make this proposal but it is ultimately meaningless 15:56:43 ... I object to the statement but I dont think my objection matters 15:57:10 +0.5 but may need "how to get changes made" if/when something gets past "best judgement" and similar... 15:57:10 manu: the effect is .. I half agree 15:57:23 ... it is true, but we're recording that the group contemplated this. 15:57:39 ... yes we have the field, no it doesn't really mean anything, has no normative effect, but might guide people in the right direction 15:58:09 burn: the way I heard what Justin said is that there was a different decision that you disagree with and this continues to be part of that same disagreement. You can object but there's no point in objecting because it's at a different level 15:58:24 ... unless we're going to revisit the broader statement I'd rather see if we get agreement on a statement today that presumes that prior broader decision 15:58:29