18:47:18 <RRSAgent> RRSAgent has joined #vcwg
18:47:18 <RRSAgent> logging to https://www.w3.org/2022/08/17-vcwg-irc
18:47:28 <Zakim> Zakim has joined #vcwg
18:48:35 <brentz> zakim, start meeting
18:48:35 <Zakim> RRSAgent, make logs Public
18:48:36 <Zakim> please title this meeting ("meeting: ..."), brentz
18:48:52 <brentz> meeting: Verifiable Credentials Working Group weekly call
18:49:13 <brentz> chair: Brent Zundel
18:49:43 <brentz> Date: 2022-08-17
18:50:29 <brentz> present+
19:00:35 <kristina> kristina has joined #vcwg
19:00:37 <DavidC> DavidC has joined #vcwg
19:00:37 <kristina> present+
19:00:42 <DavidC> present+
19:02:07 <manu> present+
19:02:19 <TallTed> present+
19:02:35 <mprorock> mprorock has joined #vcwg
19:02:49 <brentz> scribe+ DavidC
19:03:24 <marty_reed> marty_reed has joined #vcwg
19:03:38 <Orie> Orie has joined #vcwg
19:03:41 <manu> q+
19:03:52 <manu> DavidC: Are we going to discuss 3 issue, or is there an order?
19:03:55 <Orie> present+
19:03:59 <marty_reed> present+
19:04:04 <dlongley> present+
19:04:24 <selfissued> selfissued has joined #vcwg
19:04:32 <selfissued> present+
19:04:35 <mprorock> present+
19:04:38 <manu> q+ to note addition/changes to agenda/request
19:05:10 <brentz> ack manu
19:05:10 <Zakim> manu, you wanted to note addition/changes to agenda/request
19:05:28 <JoeAndrieu> JoeAndrieu has joined #vcwg
19:05:41 <Mary> Mary has joined #vcwg
19:06:25 <logan_porter> logan_porter has joined #vcwg
19:06:42 <kdeangs1> kdeangs1 has joined #vcwg
19:06:43 <DavidC> Manu asked if people are working on PoCs please add a slide describing this
19:07:08 <DavidC> Manu will add the URL of the slide deck to the mailing list
19:07:16 <logan_porter> present+
19:07:19 <oliver> oliver has joined #vcwg
19:07:30 <identitywoman> identitywoman has joined #vcwg
19:07:30 <brentz> Topic: TPAC
19:07:40 <brentz> https://docs.google.com/spreadsheets/d/1Du-3G4d08OWxW1fNtn_8BLNsAIT4GETvk7F7v_Mu_dA/edit#gid=0
19:07:55 <decentralgabe> decentralgabe has joined #vcwg
19:07:58 <decentralgabe> present+
19:08:17 <oliver> present+ oliver_terbu
19:08:25 <DavidC> brentz: There is a yellow box in the above doc for people to add topics to it to be discussed at TPAC
19:08:53 <DavidC> brentz: second tab is for people to say if they are attending in person or virtually
19:09:11 <DavidC> brentz: also indicate if you want to attend the dinner
19:09:37 <DavidC> brentz: VC DM scheduled for thurs and friday
19:10:08 <DavidC> brentz: Wednesday joint meeting for web of things and VCs
19:10:34 <DavidC> brentz: may be other joint meetings as well
19:11:33 <brentz> Topic: Issue Discussion
19:11:38 <brentz> https://github.com/w3c/vc-data-model/issues?q=is%3Aissue+is%3Aopen+label%3Adiscuss+sort%3Aupdated-asc
19:11:57 <brentz> subtopic: https://github.com/w3c/vc-data-model/issues/709
19:13:19 <Orie> q+ to cover the domain of the 'issuer' attribute
19:13:52 <DavidC> Anthony Nadalin: we do not know what type of info is at this URI
19:14:07 <brentz> ack Orie
19:14:07 <Zakim> Orie, you wanted to cover the domain of the 'issuer' attribute
19:14:28 <dmitriz> present+
19:14:32 <Steve_C__> Steve_C__ has joined #vcwg
19:14:51 <brentz> zakim, who is here?
19:14:51 <Zakim> Present: brentz, kristina, DavidC, manu, TallTed, Orie, marty_reed, dlongley, selfissued, mprorock, logan_porter, decentralgabe, oliver_terbu, dmitriz
19:14:53 <dmitriz> q+
19:14:54 <Zakim> On IRC I see Steve_C__, decentralgabe, identitywoman, oliver, kdeangs1, logan_porter, Mary, JoeAndrieu, selfissued, Orie, marty_reed, mprorock, DavidC, kristina, Zakim, RRSAgent,
19:14:54 <Zakim> ... brentz, dmitriz, TallTed, dlongley, manu, dlehn, dlehn1, Mike5Matrix, Github, hadleybeeman, bigbluehat, stonematt, shigeya, cel[m], rhiaro, cel, juancaballero
19:15:05 <DavidC> Orie: what is the relationship between the issuer attribute and a DID document. Orie says they should be the same
19:15:15 <brentz> present+ nadalin
19:15:32 <brentz> present+ Steve_C__
19:15:46 <DavidC> ... we should cover all cases
19:15:59 <dlongley> +1 to Orie to showing examples with DID dereferencing
19:16:00 <manu> DavidC: What about a .well-known URL?
19:16:14 <manu> q?
19:16:24 <brentz> ack dmitriz
19:16:50 <DavidC> dmitriz: what about putting issuer related fields directly into the issuer object?
19:17:22 <brentz> present+ identitywoman
19:17:42 <DavidC> ... in JFF we want to store things like name and logo of the issuer
19:18:22 <DavidC> nadalin: would like some more time to think about this issue
19:18:30 <dwaite> dwaite has joined #vcwg
19:18:51 <oliver> https://w3c-ccg.github.io/vc-ed/plugfest-1-2022/
19:20:11 <DavidC> nadalin: not sure that discussion so far will help implementors determine what they are likely to get back
19:20:47 <brentz> subtopic: https://github.com/w3c/vc-data-model/issues/839
19:20:59 <manu> scribe+
19:21:57 <kristina> don't think we made that decision in Connect WG, David..
19:22:03 <manu> DavidC: We have schemas for VCs, so looking at schema you can see what they contain... but we don't have one for VPs. We have talked about this in OIDC, when we stick something into VP, it will have new type into type field -- it would be nice if this data model could give some guidance on how different types of VPs are formed and how recipient will know if VP is well formed.
19:22:25 <manu> DavidC: Are we going to have a presentation schema? That's the broad issue.
19:22:55 <manu> q+
19:22:59 <dmitriz> q+
19:23:01 <brentz> ack manu
19:23:08 <selfissued> q+
19:23:10 <DavidC> brentz: is anyone opposed to having a vp schema
19:23:27 <DavidC> manu: not opposed, but it would be very simple for now
19:23:47 <cel> present+
19:23:49 <DavidC> ... however it will be related to protocols as they determine what fields should be there e.g. audience
19:24:08 <brentz> ack dmitriz
19:24:22 <mprorock> q+
19:24:29 <kristina> +1 to maybe we do not need a schema
19:24:33 <oliver> q+
19:24:42 <DavidC> dmitriz: not opposed but maybe we don't need a schema if all the fields are optional
19:24:45 <brentz> ack selfissued
19:25:01 <SamSmith> SamSmith has joined #vcwg
19:25:27 <DavidC> selfissued: not opposed but it is work. Takes work to keep schemas in sync
19:25:38 <Orie> context files are not schemas.
19:25:48 <kdeangs1> q+
19:25:52 <DavidC> ... is the effort worth the benefit?
19:25:55 <brentz> ack mprorock
19:25:56 <Orie> very different security considerations
19:26:04 <identitywoman> present+
19:26:09 <SamSmith> q+
19:26:14 <dwaite> q+
19:26:55 <DavidC> mprorock: can we leave this until we have more context and examples. Feels like a lot of maintenance work to start now
19:26:58 <brentz> ack oliver
19:28:00 <DavidC> oliver: the schema is needed for syntactic interoperability. Can we reuse credentialSchema for VPs?
19:28:46 <DavidC> ... whilst number of properties is small now, implementors may add lots of new ones
19:28:51 <SamSmith> present+
19:28:52 <brentz> ack kdeangs1
19:28:54 <JoeAndrieu> present+
19:29:01 <dwaite> present+
19:29:23 <DavidC> kdeangs: if we are going to verify a VP then processing schema seems to be fundamental to me
19:29:25 <brentz> ack kdeangs
19:29:25 <selfissued> present+
19:29:29 <selfissued> q+
19:29:30 <decentralgabe> q+
19:29:34 <brentz> ack SamSmith
19:29:39 <Orie> See also input validation, as it related to "schemas"... https://cheatsheetseries.owasp.org/cheatsheets/Input_Validation_Cheat_Sheet.html
19:30:36 <manu> q+ to note to kdeangs that the spec defines the normative values in a presentation and the test suite does/will cover that (the minimum).
19:31:05 <DavidC> SamSmith: in ACDC we use compose schema and disclose schema so that once verifier signs it is committed to the rules then the ACDC can be disclosed
19:31:08 <brentz> ack dwaite
19:31:47 <DavidC> dwaite: if we have normative text describing properties plus a schema then one has to trump the other if they conflict
19:31:53 <Orie> +1 david... normative text trumps... ideally schema implements normative stuff only.
19:32:25 <brentz> ack selfissued
19:32:27 <dlongley> +1 to David
19:32:27 <manu> +1 to dwaite
19:32:39 <DavidC> ... since we dont want to mandate people to use schemas then they should be informative
19:32:41 <Kerri_Lemoie> Kerri_Lemoie has joined #vcwg
19:32:47 <Kerri_Lemoie> present +
19:33:29 <DavidC> selfissued: JSON schema is not used in TLS. Pros are sufficient for interoperable implementations
19:33:32 <mprorock> +1 selfissued - the normative text tells you what to do (hopefully with nice examples and test vectors and other fun bits)
19:33:35 <brentz> ack decentralgabe
19:34:02 <DavidC> pros -> prose
19:34:39 <brentz> ack manu
19:34:39 <Zakim> manu, you wanted to note to kdeangs that the spec defines the normative values in a presentation and the test suite does/will cover that (the minimum).
19:34:43 <DavidC> gabe: their is value in schemas
19:35:16 <DavidC> manu: there is spec text already so a schema would be simple and not necessary (for now)
19:35:35 <oliver> q+
19:35:51 <brentz> ack oliver
19:35:53 <DavidC> ... someone who is interested can create a PR with the schema and keep it up to date
19:37:04 <manu> q+ to note that oliver is talking about `credentialSchema`-like value for presentations.
19:37:21 <manu> DavidC: Yes, trying to write down what Oliver said, got a bit lost when he was talking about subtypes and subschemas.
19:38:30 <manu> DavidC: As we have with credentials, there can be multiple types of credentials that have the same schema, there was some confusion in DIF -- 1-to-1 mapping between schemas and types. Types come into this because we should be creating different types of verifiable presentation when they have different content... but if properties remain the same, type could still change. Schema defining a particular property, but type alters value of particular property
19:38:31 <manu> for example.
19:38:34 <brentz> ack manu
19:38:34 <Zakim> manu, you wanted to note that oliver is talking about `credentialSchema`-like value for presentations.
19:38:55 <shawn_butterfield> shawn_butterfield has joined #vcwg
19:39:21 <DavidC> manu: we are still not clear if we are talking about a new VPschema or existing credentialSchema
19:39:59 <DavidC> ... we have conformance tests currently for VPs
19:40:08 <brentz> q+
19:40:43 <DavidC> ... if the wallet creates a VP with its own properties and adds the schema, but has a bug in this, then the wallet has not followed its own rules
19:41:03 <brentz> ack brentz
19:41:44 <brentz> subtopic: https://github.com/w3c/vc-data-model/issues/846
19:41:44 <DavidC> brentz: concludes that there is no opposition to this, but not necessarily anyone wanting to do all the work!
19:42:36 <cel> present-
19:42:45 <DavidC> Orie: found flaws in the v1.0 description of date/times
19:42:57 <DavidC> ... this was fixed in v1.1 DM
19:43:22 <DavidC> ... but need to be clear about which string format is being used
19:43:44 <manu> q+ to let's have a schema! :P
19:44:01 <brentz> ack manu
19:44:01 <Zakim> manu, you wanted to let's have a schema! :P
19:44:06 <DavidC> ... so prefer a regex value
19:44:28 <DavidC> manu: we can add this to v2 DM
19:44:38 <dmitriz> +1 to including the RegEx in the spec :) (having had to come up with that same regex for a library...)
19:45:09 <dmitriz> q+
19:45:26 <DavidC> ... alternatively we could define an XML schema for date/time and a regex to check if it is correct
19:45:57 <brentz> ack dmitriz
19:46:30 <selfissued> q+
19:46:38 <brentz> ack selfissued
19:46:39 <kristina> kristina has joined #vcwg
19:46:43 <DavidC> dmitriz: having already implemented this, we will save a lot of time if we add Regex expression to the DMv2
19:46:59 <decentralgabe> +1. implementing xsd:dateTime was incredibly painful
19:47:13 <DavidC> selfissued: I added regex to OAuth2 and implementors have found it useful
19:47:45 <manu> +1 selfissued, I think that would be fine.
19:47:50 <DavidC> ... so I support adding it
19:48:35 <DavidC> brentz: we need a volunteer to produce a PR for this? Orie? Dmitry?
19:49:02 <DavidC> dmitriz: said he would produce the first draft
19:49:05 <brentz> subtopic: https://github.com/w3c/vc-data-model/issues/762
19:49:22 <manu> q+
19:49:52 <brentz> ack manu
19:49:56 <DavidC> brentz: credential subject is currently an object or array of objects. Can it be a simple string?
19:50:33 <DavidC> manu: what is the use case for having a subject as a URL
19:50:37 <oliver> +1 manu
19:50:52 <selfissued> I have to step away because of a repairman that just arrived at my house.  Talk to you all later!
19:50:57 <DavidC> q+
19:51:00 <brentz> q?
19:51:19 <manu> q+
19:51:52 <Kerri_Lemoie> q+
19:51:54 <manu> DavidC: At an earlier time, we discussed this being an email address, possibly... verifier could send PIN code, wallet user could return PIN code, that's proof of possession... there were alternatives, telephone number, sent secret to phone number.
19:51:57 <brentz> ack DavidC
19:51:59 <manu> DavidC: It doesn't have to be a DID.
19:52:04 <brentz> ack manu
19:52:18 <Orie> q+
19:53:39 <DavidC> manu: we can allow alternative PoP schemes today through the id in the subject object.
19:53:46 <brentz> ack Kerri_Lemoie
19:53:57 <DavidC> ... so do not see any value in altering the text today
19:54:00 <dwaite> q+
19:54:34 <brentz> ack Orie
19:54:44 <DavidC> Kerrie_Lemoie: prefer to keep it as an object
19:55:10 <DavidC> Orie: credentialSubject and Issuer and Holder should be aligned. Currently they are not
19:55:25 <DavidC> ... subject can be an array but the others cannot be
19:55:26 <brentz> ack dwaite
19:55:33 <manu> hrm, disagree, because each field has a slightly different purpose
19:56:00 <DavidC> dwaite: agree with Orie that we should make these objects more consistent
19:56:01 <manu> like, having an issuer that is a DID is totally fine... whereas doign the same for credentialSubject is problematic.
19:56:24 <Kerri_Lemoie> Thanks!
19:56:51 <brentz> zakim, who is here?
19:56:51 <Zakim> Present: brentz, kristina, DavidC, manu, TallTed, Orie, marty_reed, dlongley, selfissued, mprorock, logan_porter, decentralgabe, oliver_terbu, dmitriz, nadalin, Steve_C__,
19:56:56 <Zakim> ... identitywoman, SamSmith, JoeAndrieu, dwaite
19:56:56 <Zakim> On IRC I see kristina, shawn_butterfield, Kerri_Lemoie, SamSmith, dwaite, Steve_C__, identitywoman, oliver, kdeangs1, Mary, JoeAndrieu, selfissued, Orie, marty_reed, mprorock,
19:56:56 <Zakim> ... Zakim, RRSAgent, brentz, dmitriz, TallTed, dlongley, manu, dlehn, dlehn1, Mike5Matrix, Github, hadleybeeman, bigbluehat, stonematt, shigeya, cel[m], rhiaro, cel, juancaballero
19:59:16 <brentz> rrsagent, draft minutes
19:59:16 <RRSAgent> I have made the request to generate https://www.w3.org/2022/08/17-vcwg-minutes.html brentz
19:59:30 <brentz> zakim, end meeting
19:59:30 <Zakim> As of this point the attendees have been brentz, kristina, DavidC, manu, TallTed, Orie, marty_reed, dlongley, selfissued, mprorock, logan_porter, decentralgabe, oliver_terbu,
19:59:33 <Zakim> ... dmitriz, nadalin, Steve_C__, identitywoman, cel, SamSmith, JoeAndrieu, dwaite
19:59:33 <Zakim> RRSAgent, please draft minutes
19:59:33 <RRSAgent> I have made the request to generate https://www.w3.org/2022/08/17-vcwg-minutes.html Zakim
19:59:35 <Zakim> I am happy to have been of service, brentz; please remember to excuse RRSAgent.  Goodbye
19:59:39 <Zakim> Zakim has left #vcwg
19:59:44 <brentz> rrsagent, bye
19:59:44 <RRSAgent> I see no action items