00:00:07 SamSmith: ACDC is based on immutable schemas using CIDs/SAIDs 00:00:16 possibly also related: https://datatracker.ietf.org/doc/html/draft-ietf-core-coral 00:00:19 zakim, close the queue 00:00:19 ok, kristina, the speaker queue is closed 00:00:25 q? 00:00:26 ... We would'nt use your schema, because it's not locked down enough. But could map to them. 00:00:33 ... After sending over the wire, can convert... 00:00:43 ... With JSON-LD, you sign the RDF graph after expansion 00:00:44 actually, vc-jwt does sign JSON-LD. 00:00:54 ... We believe you should just sign what's sent over the wire, that's a more secure posture. 00:00:56 it signs JSON. 00:00:58 Right orie 00:01:08 ... ToIP has OCA, a new schema representation... Or schema.org... could do those mappings 00:01:18 ... but we want to not be precluded from sending over the wire in our locked-down form 00:01:28 ... We can certainly define an interop profile from our schema to yours 00:01:30 all of these things sign hashes, actually :) ... if we're splitting hairs. 00:01:38 ack decentralgabe 00:01:43 https://w3c-ccg.github.io/vc-json-schemas/v2/index.html 00:01:48 decentralgabe: There is a draft schema that does this ^ 00:02:01 kristina: Thanks, thank you to the scribes! 00:02:23 Thanks for presenting SamSmith! 00:02:32 kristina: I highly encourage people, especially WG chairs, to document issues that may help us move forward 00:02:46 ... We're starting to tomorrow at... 00:02:48 pchampin has joined #vcwg 00:02:57 rrsagent, draft minutes 00:02:57 I have made the request to generate https://www.w3.org/2022/09/16-vcwg-minutes.html ivan_ 00:02:58 ... 9am. 00:03:44 6:10 in lobby to talk to dinner 00:03:50 s/talk/walk/ 00:04:51 gkellogg has joined #vcwg 00:04:55 Aisp has joined #vcwg 00:05:36 manu: thanks to chairs for keeping us on schedule 00:39:35 Jay has joined #vcwg 15:48:05 RRSAgent has joined #vcwg 15:48:05 logging to https://www.w3.org/2022/09/16-vcwg-irc 15:48:08 RRSAgent, make logs Public 15:48:09 please title this meeting ("meeting: ..."), ivan 15:48:37 Meeting: Verifiable Credentials Working Group F2F, 2nd day 15:48:37 Date: 2022-09-16 15:48:37 Agenda: https://lists.w3.org/Archives/Public/public-vc-wg/2022Aug/0034.html 15:48:37 chair: kristina, brent 15:49:00 present+ 15:52:35 brent has joined #vcwg 15:52:49 risako has joined #vcwg 15:52:55 present+ 15:55:19 takuya has joined #vcwg 15:55:38 JoeAndrieu has joined #vcwg 15:56:30 Aisp has joined #vcwg 15:58:26 phila has joined #vcwg 16:00:06 Good morning, folks 16:00:11 q? 16:00:15 present+ 16:00:22 chike has joined #vcwg 16:00:26 kristina has joined #vcwg 16:00:29 gkellogg has joined #vcwg 16:00:30 present+ 16:00:43 scribe+ 16:00:55 brentz: Good morning. Still need some scribes. 16:01:17 hsnao has joined #vcwg 16:01:17 s/brentz/brent/ 16:01:29 present+ Hiroyuki_Sano 16:01:31 pchampin has joined #vcwg 16:01:35 gkellogg has joined #vcwg 16:01:37 goto has joined #vcwg 16:01:53 present+ 16:02:06 osamu has joined #vcwg 16:02:16 Orie has joined #vcwg 16:02:22 present+ 16:02:26 Jem has joined #vcwg 16:02:38 present+ Pierre-Antoine_Champin 16:02:59 Jay has joined #vcwg 16:03:24 dezell has joined #vcwg 16:03:31 present+ 16:03:39 present+ 16:03:47 Geun-Hyung_Kim has joined #vcwg 16:04:09 present+ 16:04:15 present+ 16:04:18 kdeangs1 has joined #vcwg 16:04:23 scribe+ 16:04:24 brent: let's get started 16:04:36 justin_r has joined #vcwg 16:04:43 ... we are meeting under W3C IPR policy, so if you have something you want to patent, don't tell us. 16:04:56 ... We are also operating under the ethical code of conduct, so be nice. Just like you were yesterday. 16:05:03 present+ 16:05:16 ... Today we are covering .... staring with Holder binded, from Oliver 16:05:24 ... Then a joint session with the RCH working group 16:05:28 present+ 16:06:00 kristina: more this afternoon, ... finishing up with internationalization by Shigeya 16:06:16 ... If we need follow up or another session, let us know. 16:06:20 ... maybe we can fit it in. 16:06:24 rgrant has joined #vcwg 16:06:34 present+ 16:06:51 rgrant has left #vcwg 16:07:00 mccown has joined #vcwg 16:07:02 present+ 16:07:13 present+ 16:07:22 decentralgabe has joined #vcwg 16:07:23 present+ 16:07:28 oliver has joined #vcwg 16:07:30 present+ 16:07:30 present+ oliver_terbu 16:07:38 Mary has joined #vcwg 16:07:42 wonsuk has joined #vcwg 16:07:47 oliver: Ok. Are we ready? 16:07:47 rgrant has joined #vcwg 16:07:57 ... First few slides is a recap of current roles in VC data model 16:08:04 present+ 16:08:07 ... Everyone is likely familiar with this diagram. it describes the role in the model 16:08:25 ... Issuer creates a VC, issues to Holder, holder presents the VC to a Verifier (typically as a Verifiable Presentation) 16:08:36 ... I'm not super happy with this diagram because it leaves out some things 16:08:45 ... For example, the intended holder and the subject 16:08:53 present+ Risako_Hamano 16:09:08 Paul_Dietrich_GS1 has joined #vcwg 16:09:09 ... From the current specification, a holder 16:09:19 ... Subject: ... (quotes from the spec) 16:09:52 ... Credential subject is mandatory, but each credentialSubject may contain an identifier 16:10:09 ... I have no problem with that, it's good to be able to skip that ID for privacy reasons 16:10:14 ... Just note you don't always have that ID 16:10:20 ... What is a VP? 16:10:50 ... A VP is created by a holder. The holder property is optional. It's not even that. Because there is no normative language for the holder. 16:11:01 ... That's something that we definitely need to address 16:11:14 ... Remember the VP may or may not include a holder property (which is also not normative) 16:11:19 ... Let's talk about holder binding 16:11:29 ... Many of us in our group understand this 16:11:45 ... A VC can be created by anyone... 16:11:58 ... The VC can be presented by anyone 16:12:09 s/staring with Holder binded/starting with Holder binding/ 16:12:10 ivan has joined #vcwg 16:12:12 ... We don't have semantics other than tamper-evidence and authorship 16:12:38 ... We do not guarantee that the holder is the intended recipient 16:12:51 cabernet has joined #vcwg 16:12:56 ... Verifier needs to perform additional steps to apply business rules to figure out if holder == subject 16:13:00 present+ 16:13:24 ... This is a common use case for verifiers: to prove that the credential was presented by the intended holder 16:13:37 ... I create a VP, sign it, give it to my future employer. 16:13:48 ... This is a common use, but may not work for everyone. 16:14:20 ... If the subject ID is the same as the holder property. 16:14:26 q? 16:14:47 ... Holder property is non-normative. We should fix this. 16:15:00 ... It is unclear who is the holder if the holder property is ommitted 16:15:09 ... The Credential Subject ID is optional (which is good) 16:15:55 ... So a verifier would typically verify, if holder id = subject id & DID document of holder contains the verification method from the VP proof, and that proof is valid, then the verifier can know is the actual holder presenting the credentials. 16:16:07 q? 16:16:09 q+ 16:16:14 q+ 16:16:17 slideset: https://docs.google.com/presentation/d/1hrqozY2EGZ8i8y40abyEuJmIb6hCiRS-37pdj6bhBLY/edit#slide=id.g1482ccb90af_0_105 16:16:18 ... This doesn't work with anon-creds and BBS+, but it is the simplest model 16:16:18 ack TallTed 16:16:41 tallted: I'm concerned about a few pieces. We explicitly decided that the holder need not be the subject. 16:16:49 nadalin has joined #vcwg 16:16:53 ... the subject is whatever entity those statements are about 16:17:00 present+ 16:17:02 ... may be explicitly identified or not 16:17:07 In general +1 to this... we need to create explict clarity regarding the cases where these `id` values match. 16:17:32 ... We explicitly decided that holder was NOT a statement in the credential *because* several of the initial use cases were for scenarios where the holder was NOT the subject 16:17:51 oliver: Agreed. I'm just pointing out that this is a common pattern. 16:17:54 if the holder is not the subject how is holder authentication done? 16:18:02 tallted: but that's part of the problem. 16:18:05 +1 to what oliver is saying, this presentation is about the case where the holder is the subject... its not to say that HAS to be the case. 16:18:08 ... if folks are doing the wrong thing, we want to fix that. 16:18:17 ... The presenter at the time they present it, *is* the holder 16:18:35 ... The presenter is never in a credential, nor in the VP either (as far as I recall) 16:18:36 the presenter IS identified in a credential WHEN the holder matches the subject. 16:18:45 ack kdeangs 16:18:49 kristina: queue please 16:18:55 q+ to note why holder isn't normative right now, and ask about use cases that we're focusing on and why it matters? 16:19:09 kevin: the way I see this, coming in relatively late. 16:19:14 vq? 16:19:17 ... the absence of the holder means that anyone can hold it. 16:19:29 ... In the use cases that we have identified, the subject is far more critical than the holder. 16:19:29 q+ to give use cases for holder / subject binding in B2B supply chain credential use cases. 16:19:38 ... Cases where the credential can be passed around 16:19:48 ... And it doesn't really matter how has it at any point. 16:19:55 ... It matters what it says about the subject. 16:20:00 +1 to speaker 16:20:02 ... That's important flexibility. 16:20:11 q? 16:20:14 yes, +1 thats how it works today, afaik. 16:20:17 oliver: Agreed. 16:20:30 ... This isn't about mandating any approach. This is what I've seen. 16:20:34 Thanks, Orie. 16:20:40 ... I agree that many use cases do not require it. 16:20:43 +1 to what oliver is saying again. 16:20:51 ... I didn't mean to argue FOR this, but just to point out some gaps 16:20:52 s/kevin/kdeangs1/ 16:21:10 sounds like a lot more agreement than disagreement here so far 16:21:21 ack manu 16:21:21 manu, you wanted to note why holder isn't normative right now, and ask about use cases that we're focusing on and why it matters? 16:21:23 DavidC has joined #vcwg 16:21:31 present+ 16:21:33 manu: just for historical context 16:21:45 ... holder has no normative language because we added it later 16:21:46 q? 16:21:49 +1 Manu 16:21:56 ... we expected we would add something in 2.0 to clean that up 16:22:19 Aisp_ has joined #vcwg 16:22:19 ... I think what we're hearing is that we could do a better job describing how holders fit into presentations 16:22:35 We should formalize it, though. Absence of holder: anyone can hold it, regardless of subject. Absence of subject: statement generic or anonymous, regardless of holder. 16:22:36 ... Might help illustrate this use case if we need the holder defined specifically 16:22:48 q+ to say Please do not think you can delegate credentials 16:23:09 manu: for example, a VC that specifies a parent and who should be holding it 16:23:16 sb has joined #vcwg 16:23:21 ... there's not guidance in the VC data model about what you are supposed to do it. 16:23:24 q+ 16:23:29 q+ 16:23:34 ... Do you have a use case where we need holder defined normatively 16:24:02 q+ to suggest that, when the holder matters, maybe they should also be a subject 16:24:11 oliver: one example would be: I have multipled DIDs. I get credentials for on of those IDs, and I need to present to a potential employer, but I want to use a different VC 16:24:21 q? 16:24:35 ... current spec has language for explaining for claiming DIDs are "sameAs" something like that 16:24:42 ... There are many many more. 16:24:57 ... It's tricky when we don't have values for subjects and holders. 16:25:11 +1 to making `id` more required... making it optional doesn't buy what people think it does. 16:25:16 ... later in the slides, I'd like to talk about some specific things 16:25:36 manu: it would help if we had a clear set of use cases 16:25:49 kristina: growing queue. Let's process that a bit. 16:25:55 ack Orie 16:25:55 Orie, you wanted to give use cases for holder / subject binding in B2B supply chain credential use cases. 16:26:13 orie: I'm queued to provide a use case for holder/subject binding in a supply chain use case 16:26:22 YanZhang has joined #vcwg 16:26:29 ... you'll often have VCs from supply chain about each other, as part of compliance process. 16:26:40 in mDL Holder verification is intended to be at least equivalent to the attended mode, and example is using issuer provided portrait image 16:26:45 ... For example, I might have a cert about the quality of the farms I'm buying from 16:26:53 ... and a credential about my facility 16:26:56 q- 16:27:10 ... and I might present those credentials, where I am the subject, other where I am not. 16:27:41 ... This is where we would like to say... about the holder is SOMEBODY 16:27:45 ack JoeAndrieu 16:27:45 JoeAndrieu, you wanted to say Please do not think you can delegate credentials 16:27:47 scribe+ 16:28:00 JoeAndrieu: I want to clarify what you said, there is already delegatable stuff? 16:28:06 kristina: in the afternoon, a presentaton on it 16:28:49 JoeAndrieu: When you do a presentation, it's a fact that you are the holder when you present. It's functional, which is why it isn't a property anywhere, when you make it a property, you lose that functionality. 16:28:56 +1 to Joe 16:29:02 ack DavidC 16:29:03 JoeAndrieu: That isn't a good delegation use case, MANU. 16:29:28 davidc: privacy aside, we can regard a VC a bit like a public key certificate: anyone can pick it up 16:29:36 ... the trick is proof of control. 16:30:01 ... at the point of presentation, can the presenter prove they control the crypto 16:30:01 q? 16:30:17 related issue regarding disambiguating holder, https://github.com/w3c/vc-data-model/issues/902 16:30:25 "authorized to present" should not be by specifying "holder" within the VC; should be by specifying "valid if presented by" or similar 16:30:32 ... If I present something that says I'm the director, then I need to prove possession (not just as the subject, but that you are related) 16:30:37 q+ 16:30:40 ack pchampin 16:30:40 pchampin, you wanted to suggest that, when the holder matters, maybe they should also be a subject 16:30:42 +1 TallTed 16:30:44 TallTed: yeah, something like that 16:31:01 pchampin: seems to me when the holder matters, this should be somehow claimed, where the holder is the subject 16:31:10 "acceptablePresenter" 16:31:10 Agree with PA that that's an option. 16:31:11 ack kdeangs 16:31:12 q+ 16:31:24 kdeangs1: I want to talk to the credential that someone is a member of the board 16:31:41 there are two different questions: "Is the presenter allowed to present this?" and "is the presenter the subject?" 16:31:44 ... The usefulness of that credential is independent of who holds it. 16:31:48 ack YanZhang 16:32:02 +1 justin_r ! 16:32:10 YanZhang: for a verifier to prove something, a particular good is related to IP on chain. 16:32:10 s/ where the holder is the subject/ where the holder is a subject/ 16:32:18 ... This is hard to prove. 16:32:26 +1 justin_r 16:32:37 +1 to justin_r ... but we may only need one more element to express the former since the latter may already be easily determined 16:32:46 ... It's helpful to reserve a field where we can say something about whether or not the presenter must be the subject 16:33:01 ... I think we can leave this in a limbo mode if we reserve a field for future use 16:33:13 dlongley: it seems to me the second one is the harder one because it requires outside knowledge about the subject 16:33:33 oliver: proof of possession is also hard to prove in a canonical way 16:33:33 dlongley: otherwise the security comes down to only handing VCs to the subjects and nobody else 16:33:43 ... the diversity of proving control and that I'm the intended holder 16:33:46 justin_r: yeah, i guess it depends on whether you can do simple identifier equivalence or not 16:34:08 ... Consider VC issued to Alice, Alice gives it to Bob 16:34:15 ... Bob gives it to Verifier. 16:34:19 dlongley: good point, I was assuming a world with pairwise IDs everywhere, as a starting point 16:34:20 just mark whether this VC is supposed to be bond to a subject or not. 16:34:25 ... Verifier doesn't know if Bob is the intended holder 16:34:35 justin_r: yeah, depends on the use case / privacy requirements. 16:34:38 ... currently there is something about holder binding 16:34:47 dlongley: agreed 16:34:52 ... We had a bunch of issues about this to make the binding more explicit 16:35:11 University Degree identifies the recipient as the Subject. Presenter/Holder doesn't matter, except that if the Presenter is claiming the Degree as their own, they must be identified as the Subject. 16:35:13 ... what is asked that the VP is presented by the intended holder 16:35:35 q? 16:35:39 ... It can get more complicated than this. 16:35:46 holder can be a device and device can have attestation 16:35:53 ... For example, when the VCs have multiple IDs 16:36:01 +1 nadalin 16:36:08 ... Or consider the alsoknownas property 16:36:24 people are not devices, both deserve the right to `id`s. 16:36:26 ... q+ to talk about the intended holder as an anti-pattern 16:36:30 whoops 16:36:39 sebastianelfors has joined #vcwg 16:36:39 +1 to device use case ... there could also be "bindings to a type of device" (as opposed to a specific one) 16:36:41 q+ to talk about the intended holder as an anti-pattern 16:36:50 "Holder Binding" is problematic from the start 16:36:56 s/q+ to talk about the intended holder as an anti-pattern/. 16:37:00 oliver: let's try to define what holder binding really means 16:37:17 ... A way to validate the intended holder is the presenter of a VP 16:37:25 "Presenter binding" 16:37:34 ... We need to bind: they might be the subject. They might be claims made by the issuer. 16:37:52 q? 16:37:54 "Presenter binding" is better, but "binding" also isn't right 16:37:57 ... The holder of the VC, even though there is no holder identifier, presents a proof 16:38:02 TallTed: agreed 16:38:06 ... I hope this meets the sense of the group 16:38:12 of what holder binding is 16:38:34 ack JoeAndrieu 16:38:35 JoeAndrieu, you wanted to talk about the intended holder as an anti-pattern 16:39:09 q+ 16:39:19 q+ 16:39:20 JoeAndrieu: I don't know how much of this is easiy adjustable, or if there is profound disagreement. VCs are statements, if we are going to bind holder to this, feels like it might be censorship. There might be things in here interpreted as business rules, but VC itself is just a statement. I don't know if we should be empowering idea of intended holder.. 16:39:40 "acceptable / intended presenter" seems better here 16:39:55 oliver: a lot of people deployed solutions based on the model, where they want to check if the VP is issued by. 16:40:08 q+ to follow on w/ dlongley's suggestion "acceptablePresenter" with array of presenters? 16:40:10 ... check if the VP is issued by the subject 16:40:16 q+ to mention that those asks are asking for business rules. are business rules in scope? 16:40:29 mDL has the normative concept of holder of the mDoc 16:40:31 ... There is one proposal to ... 16:40:50 ... Holder binding should not be tied to the VC, but maybe rather at the VP point 16:41:12 Jeremie has joined #vcwg 16:41:19 ... We might be able to use NIST 800-63-3 16:41:30 ... But that doesn't deal with the actual binging mechanism. 16:41:37 ... Maybe we could use it in the VP proof. 16:41:59 ivan has joined #vcwg 16:42:00 ... But then, even if you verify the VP, you don't know that it was presented by the right party 16:42:00 ..."intended presenter" 16:42:15 q- 16:42:24 q- 16:42:25 A critical function for VPs is replay prevention, and that is typically an inherent feature of holder binding but IMO should be treated separately 16:42:35 ... Reusing the evidence property might work, but it isn't defined at VP level 16:42:50 q? 16:43:03 ... I would suggest, creating a new VP/holder binding mechanism 16:43:20 ... Potentially restrict how the credential can be used 16:43:39 q+ to say any restrictions on how a credential can be used is censorship 16:43:58 oliver: binding the holder to the VP with maximum flexibility 16:44:12 ... a list of requirements 16:44:27 ... first, allow verifier to 16:44:34 q+ to note we might want this thing to be an array 16:44:38 ... [too fast, check slides] 16:45:02 q- 16:45:03 a VC including an ephemeral public key provided by the holder, such that that key has to be used to sign a VP, is only for replay prevention and does not have to "holder binding" 16:45:06 ... It should be able to create VCs and VPs without holder binding 16:45:28 selfissued has joined #vcwg 16:45:39 kristina: let's look at the concrete proposal 16:45:40 present+ 16:45:51 present+ 16:45:57 oliver: based on discussion, I came up with a proposal. 16:46:21 ... add holderBinding to VC 16:46:22 manu we have another issue that tracks the array case for "issuer", "holder" and "subject".... I think array vs object vs string id should be handled consistently in the core data model... https://github.com/w3c/vc-data-model/issues/762#issuecomment-1218428660 16:46:26 q+ to be generally supportive of the need to find a solution to this problem and to refine the initial proposal. 16:46:39 ... include the following that includes a type property about how the binding can be verified. 16:47:01 ... The holder binding information may also include information about VPs, such as references to VCs 16:47:27 ... for example, it might define that a particular key is checked against a property in the VP 16:47:38 ... that's the proposal 16:48:15 ... I want to guide the verifier to understand which holder binding method applies. 16:48:34 ... There might be binding methods where there are agreements. 16:48:50 ... That's basically my proposal. That would address the concerns raised. 16:48:56 q? 16:49:10 neds has joined #vcwg 16:49:13 ack kdeangs 16:49:23 chair hat off, establishing a standard method for expressing private holder binding is valuable for Avast. 16:49:33 dwaite has joined #vcwg 16:49:34 kdeangs1: the more I think about this, the more uncomfortable about this. 16:49:36 wonsuk_ has joined #vcwg 16:49:37 present+ 16:49:45 present+ 16:49:54 ... consider a passport. when we present that at a border crossing, we have to present our own 16:50:12 q+ to say that whether to check holder binding is up to the verifier 16:50:15 ... but there are other use cases that don't require that holder = subject 16:50:22 ... It is use case specific. 16:50:33 holder is different than subject, no? 16:50:34 q+ to relationship of subject to holder 16:50:37 q+ to say biometrics are a method of holder binding 16:50:38 ... It is the use case that would decide who the holder should be when it is presented 16:50:59 ... I would be hard pressed to think of an example where it is appropriate where only one party can ever present that 16:51:11 q+ to say that framing this as a limiting factor decided by the issuer isn't really correct 16:51:14 q+ 16:51:25 oliver: yes, I wouldn't want this to be required 16:51:36 ... but it would make it so much easier for the verifier 16:51:51 ... This isn't about limiting, it is about enabling 16:51:58 ack rgrant 16:51:58 rgrant, you wanted to mention that those asks are asking for business rules. are business rules in scope? 16:52:04 if it's use-case specific, shouldn't this be decided by the verifier rather than the presenter? 16:52:27 rgrant: seems like we are identifying a few business rules based on how credentials are typically used 16:52:38 ... are there others? are we being comprehensive about this. 16:52:50 ... it may be useful to be more comprehenshive about it 16:52:55 ack JoeAndrieu 16:52:55 JoeAndrieu, you wanted to say any restrictions on how a credential can be used is censorship 16:53:09 how do you prevent "unauthorized presenter" from representing themselves as "authorized presenter" if Issuer has not specified Credential Subject and Authorized Presenter within the VC? 16:53:28 chair hat off, specifying a mechanism that can be used with certain business rules, if they are present, is different from defining those specific business rules 16:54:14 +1 to JoeAndrieu 16:54:16 +1 to Joe, except in cases where a verifier needs to know 16:54:24 JoeAndrieu: Back in the day, the VP was created to help with this problem because anyone could have the serialized credential, the act of presenting it w/ passport is legally binding, relevant. VPs were created for that, what I like about what Oliver is presenting, we have a loosey goosey mechanism right now. What we have right now is too loose. The use cases aren't about who can use the VC, that's an anti-pattern, VC should model statements attested to 16:54:25 by anyone. It doesn't matter who has the statement, the statement exists. Yes, to having more nuance about this, but don't think the purpose can be about restricting use of the VC. 16:54:28 q+ 16:54:29 ack manu 16:54:30 manu, you wanted to be generally supportive of the need to find a solution to this problem and to refine the initial proposal. 16:54:44 manu: oliver's provided some good food for thought. 16:54:56 ... I remain skeptical about the restriction part of this proposal 16:55:05 q- 16:55:07 ... if we don't do it in this group, it's just going to get done elsewhere 16:55:16 ... so let's see if we can improve our language 16:55:17 ack brent 16:55:17 brent, you wanted to say that whether to check holder binding is up to the verifier and to say biometrics are a method of holder binding and to say that framing this as a limiting 16:55:20 ... factor decided by the issuer isn't really correct 16:55:29 Yi has joined #vcwg 16:55:49 brent: framing this as a limiting factor of the credential isn't the right way to think about this 16:55:59 ... when I think about it, I see it as a concern that some verifiers have. 16:56:09 ... This *is* a concern that verifiers have. 16:56:27 https://vitalik.ca/general/2022/01/26/soulbound.html 16:56:31 ... Sometimes they will need prove that the presenter is the "right" party 16:56:37 Soul bounding tokens 16:56:47 ... I want to point out that in my mental model, having a methodology for private holder binding 16:57:10 q+ is using an ephemeral key for replay prevention also considered holder binding 16:57:11 Presumably, something like a Search Warrant is only valid when presented by an authorized authority. 16:57:14 ... that's similar to biometric binding, where the passport is expected to be used by the person whose photo is on the document 16:57:17 there are situations VP shall only be used by the holder. Like in the DAO governance process 16:57:18 +1 Brent 16:57:21 ack dwaite 16:57:22 dwaite, you wanted to relationship of subject to holder 16:57:24 In ACDC we separate the roles cleanly. There is an Issuer and MAY be an Issuee which if specified is a targeted identifier. In a presentations there is a Discloser and a Disclosee. The Issuer may or may not be the Discloser. The issee if any may or may not be the Discloser. So binding to Discloer and Discloee is separable from binding to Issuer and Issuee 16:57:45 q+ Jeremie to say using an ephemeral key for replay prevention also considered holder binding 16:57:46 The term Holder unfortunately does not have such separation. 16:57:50 q+ is using an ephemeral key for replay prevention, also considered holder binding? 16:57:55 dwaite: the way I look at it, is, if the holder *is* presenting, that can be handles as the subject in a new VC. 16:58:08 gkellogg -- Search Warrant doesn't typically specify presenting officer, allows any relevant officer to present it 16:58:08 passport is different, I often time to give my passport to the travel agency and ask them to apply Visa for me 16:58:09 q+ to ask is using an ephemeral key for replay prevention, also considered holder binding? 16:58:11 ... if the person who is allowed to present a birth certificate is their parent. 16:58:18 ... we may already have ways to do this 16:58:23 q+ 16:58:27 +1 to DW, but relationships I think are orthogonal 16:59:01 q? 16:59:03 davidc: For a use case where you can't pass on. I got my cards out of my wallet. Some of them say "non-transferable". 16:59:06 ack DavidC 16:59:13 ack Jeremie 16:59:13 Jeremie, you wanted to say using an ephemeral key for replay prevention also considered holder binding and to ask is using an ephemeral key for replay prevention, also considered 16:59:16 ... holder binding? 16:59:44 jeremie: holder binding where the key is ephemeral and just used for replay protection, is it really just for preventing reply attacks 16:59:46 ack SamSmith 17:00:15 One use case is a verifier asking for my birth certificate. Holder binding is one way for a holder to express that they are the subject of the birth certificate credential in a verifiable way. 17:00:22 samsmith: we looked at the roles of the holder and we saw this ambiguity, so we have issuers and issuees... disclosures and disclosee 17:00:24 ... and so on 17:00:24 JoeAndrieu: I agree, thanks, they just functionally look almost identical 17:00:32 ... then this confusion went away for us. 17:00:37 ... "We" is AC/DC 17:00:41 +1 to SamSmith's definitions 17:00:50 igarashi has joined #vcwg 17:00:52 or we distinguish issuees from holders 17:00:55 q? 17:00:58 present+ Tatsuya_Igarashi 17:01:13 kristina: that's it for the queue! Thanks, Oliver 17:01:52 ... next steps: discussion in Github issue, eventually to a PR 17:01:53 q? 17:02:17 oliver: I would start a normative definition for holder on an issue. 17:02:40 present- 17:02:44 rrsagent, draft minutes 17:02:44 I have made the request to generate https://www.w3.org/2022/09/16-vcwg-minutes.html ivan 17:05:26 Paul_Dietrich_GS1 -- Note that `present` is not temporally tracked (except per meeting log/minutes). You either were present or not. By executing `present-`, you're negating your previous `present+`, so you're no longer logged as present for this meeting. (See https://www.w3.org/2022/09/16-vcwg-minutes.html to confirm.) 17:08:07 wonsuk has joined #vcwg 17:10:59 present+ Wonsuk_Lee 17:15:46 gkellogg has joined #vcwg 17:16:57 phila has joined #vcwg 17:17:43 scribe: kdeangs1 17:17:48 present+ 17:17:49 cabernet_ has joined #vcwg 17:17:50 markus_sabadello has joined #vcwg 17:17:57 present+ 17:18:06 present+ 17:18:13 present+ 17:18:53 markus: Thanks to the VC working group for their hospitality. Joint session to discuss how working groups relate. 17:18:54 yamdan has joined #vcwg 17:19:11 s/markus/markus_sabadello/ 17:19:16 seth has joined #vcwg 17:19:29 markus_sabadello: Not in Vancouver. 17:19:42 ivan has joined #vcwg 17:19:45 ... Quite involved in DID, a little involved in VC. 17:19:57 ivan has joined #vcwg 17:20:08 ... Chair of RDF Canonicalization and Hashing working group, AKA RCH. 17:20:21 phila: I'm a co-chair of the working group. 17:20:50 ... Markus has much more knowledge of DID and cryptographic. My background is in linked data. Between us we have the skills to move the group forward. 17:22:26 markus_sabadello: Output of RCH working group is meant to be generic. Important though that this be applied to VCs. 17:22:44 -> https://docs.google.com/presentation/d/1hrqozY2EGZ8i8y40abyEuJmIb6hCiRS-37pdj6bhBLY/edit#slide=id.g1482ccb90af_0_115 slides 17:23:11 ... Quick introduction. Something gets hashed on the slide. VC contains proof and proof value, which is a signature of the VC. 17:23:53 ... Proof will be partially standardized in VC working group but will also include work from RCH working group. 17:24:14 lgombos has joined #vcwg 17:24:32 ... Deliverables of RCH WG are RDF dataset hash and RDF dataset canonicalization. 17:24:53 selfissued has joined #vcwg 17:24:55 dwaite has joined #vcwg 17:25:03 present+ 17:25:10 ... RDF dataset hash will be derived from canonicalization, which is about creating a canonicalized form of the RDF dataset 17:25:24 q? 17:26:55 ... VC WG is working on VC data model and includes securing of VC, going forward with two prominent ways: VC JWT and VC Data Integrity, 17:27:15 ... VC Data Integrity has dependency on RCHWG deliverables. 17:28:25 ... VC Data Integrity is still evolving. New cryptography suites are being proposed. Some are not signatures e.g., MerleDisclosureProof2021. 17:29:16 Yes, there are details related to BBS+ ... also there is an alternative to it that goes even deeper... https://github.com/zkp-ld/jsonld-signatures-bbs 17:29:40 ... RCHWG has to ensure that its deliverables meet the requirements of the VCWG. 17:29:43 q+ to ask about rdf* and RCH 17:30:08 q+ 17:30:09 ... What does VCWG want, that does not restrict output of RCHWG to working only for VCs? 17:30:18 ack Orie 17:30:18 Orie, you wanted to ask about rdf* and RCH 17:30:32 q+ to note timeline and staging will be a concern. 17:30:49 orie: There is a version of BBS+ signatures that supports term-wise security. 17:31:28 q+ to note other canonicalization schemes for WoT 17:31:30 phila: https://github.com/w3c/rch-rdc/issues/2 17:31:30 ... New RDF*, is it possible that changes to that would result in another version of RDF normalization, which would change RCHWG deliverables? 17:31:46 s/RDF*/RDF-star/ 17:31:49 phila: I've put a few high-level issues in GitHub, including, "What are we going to do about RDF*?" 17:31:53 q+ 17:31:59 q? 17:32:13 q- 17:32:22 ack manu 17:32:22 manu, you wanted to note timeline and staging will be a concern. and to note other canonicalization schemes for WoT 17:32:25 does RDF* introduce a lot of breaking changes from RDF? 17:32:33 No kristina 17:32:34 s/RDF*/RDF-star/ 17:32:38 takashi has joined #vcwg 17:32:43 manu: Markus, you asked what does this group need from RCHWG? 17:32:45 kristina, no branking change, but it extends the data model 17:32:52 kristina: afaik, it adds the ability to annotate edges, which would impact nquads... somehow... 17:33:00 thanks! 17:33:01 s/RDF*/RDF-star/ 17:33:02 Orie +1 17:33:16 q+ 17:33:19 Orie: i'll mention something relevant to RDF-star + RDF canonicalization just briefly in my presentation at the end 17:33:25 s/rdf* and RCH/RDF-star and RCH/ 17:33:44 kdeangs1_ has joined #vcwg 17:34:01 q+ 17:34:28 manu: Concerned that we would have data integrity CR-ready five to six months ahead of RCH WG deliverable. 17:34:41 ("RDF*" and "RDF-star" are pronounced the same, but mean very different things. "RDF*" was an early draft of the idea; "RDF-star" represents the current evolution.) 17:34:43 ... May receive canonicalization from RCH WG and web of things WG. 17:35:05 ... Current canonicalization scheme will continue to work. 17:35:13 thanks Orie for mentioning Term-wise BBS+, which actually I'm in charge of 17:35:26 ... Doesn't stop us from standardizing the thing that's been out there for a decade now. 2015 is the current version. 17:35:49 ... Focus hopefully will be on standardizing 2015 version. 17:36:08 q+ 17:36:10 yamdan: feel free to q in case you have opinions on how canonization impacts termise disclosure. 17:36:34 phila: Timiing is an issue. VCWG having that dependency puts pressure on RCHWG. One way to get on with it is to rubber-stamp what is there already, which is not what we're going to do. 17:36:44 ... That would be an abuse of the system. 17:36:57 ... Going to hear from Dave and Aiden who have been working on this. 17:37:08 ... I don't think there's a different approach. 17:37:26 ... Feel free to raise an issue in the RCHWG GitHub. 17:37:30 q? 17:37:34 ack ivan 17:37:51 https://github.com/w3c/rch-rdc 17:38:00 wonsuk has joined #vcwg 17:38:29 ivan: For the timing, I don't think it would be a major problem. It can be formalized at the end of the WG's life. We should not go out with a recommendation that does not rely on standard methods. 17:38:29 q+ to ask if we can go to CR w/o URDNA2015 being in CR as well? 17:38:51 pchampin: can you provide a link to the rendered spec ? 17:39:30 Orie: there's none yet, we have only just started 17:39:49 ... If we find a canonicalization algorithm that meets the requirements, I would be surprised. 17:40:03 but that will likely be https://w3c.github.io/rch-rdc/, eventually 17:40:08 vq? 17:40:10 ... I don't expect something new popping up. 17:40:47 ... Can we explore the possibility of exploring certain RDF graphs with given characteristics that would lead to faster c14n?\ 17:41:00 ... Reluctant to categorize RDF graphs as they are difficult to categorize. 17:41:39 ... Well-ordered RDF graphs can be put down in Turtle. 17:41:49 ack manu 17:41:49 manu, you wanted to ask if we can go to CR w/o URDNA2015 being in CR as well? 17:41:59 dezell has joined #vcwg 17:42:07 present+ 17:42:10 manu: Ivan, we could proceed to CR. I don't think we can proceed to CR unless 2015 is in there. 17:42:15 ack selfissued 17:42:21 ivan: No, we can stay in CR if we have a working draft. 17:42:40 selfissued: Who is it that wants to use the JCS c14n? 17:42:43 q+ to answer selfissued 17:42:54 ack manu 17:42:54 manu, you wanted to answer selfissued 17:43:02 For the notes, this is the related JCS spec: https://datatracker.ietf.org/doc/html/rfc8785 17:43:08 manu: Because they don't like RDF and want to use a different data stream. 17:43:29 ... They have JSON-E templates that they want to inject data into. 17:43:48 ... Very specific to their (Web of Things) use case. 17:44:04 q+ to talk about algo IDs as part of the c14n 17:44:27 McCool: Want to avoid having to run RDF systems on IoT hubs due to size requirements. 17:44:31 dwaite has joined #vcwg 17:44:44 ... Might have to support multiple styles of signing. 17:45:03 q+ 17:45:15 ... Need some standard way to JSON serialized assignment. 17:45:19 to answer why jcs? 17:45:22 ack markus_sabadello 17:45:32 q- 17:45:40 markus_sabadello: I like the comments so far. I think it's looking better. 17:46:07 ... OK to move at different speeds. 17:46:11 Also note that when you use JCS, you open up the possibility of signing invalid data 17:46:33 ack sb 17:46:34 (when you're using JSON-LD + JCS -- more security attack surface for an easier canonicalization) 17:46:36 ... If anyone feels that RCH WG should work with JCS c14n, say so. 17:46:47 q+ to note dangers w/ JCS c14n. 17:46:47 Regarding the web of things interest in JSON / JSON-LD stuff, we do use some JCS here: https://w3id.org/traceability as part of our JSON-LD context generation process from JSON Schema. 17:46:59 q+ 17:47:36 AFAIK, JCS is used under the hood by URDNA2015 for `@type: @json` 17:47:49 sb: An opinionated implementer's answer. One of the reasons why I might choose JCS c14n is that oftentimes I am in a situation that require approval and must be implemented using what has been approved. 17:48:07 q? 17:48:13 +1 Shawn 17:48:19 ... I can't do anything to make Jackson libraries better. 17:48:33 q++ 17:48:37 qq+ 17:48:52 ... Easy for implementers to understand. Output is consistent and reliable. 17:49:00 ack McCool 17:49:00 McCool, you wanted to react to sb 17:49:11 q- + 17:49:33 McCool: JCS doesn't deal with the values of things in strings (e.g., data/time in local format). Certain values have to be expressed in the right way to be canonical. 17:49:57 ivan_ has joined #vcwg 17:49:59 ... Some elements have default values. Do we insert them or ignore them if not present? 17:50:10 ack markus_sabadello 17:50:15 q+ markus_sabadello 17:50:18 ack manu 17:50:18 manu, you wanted to note dangers w/ JCS c14n. 17:50:46 manu: I don't want people to come away thinking that JWS is equivalent to RDF c14n. JWS risks developers signing anything. 17:50:49 When you use URDNA2015 on `@json`... you are using JCS. 17:51:01 Manu, in what way is the security threat surface opened up? 17:51:28 ... If your developers know what they're doing, they will hopefully write extensions that are usable. 17:51:29 I'm also not sure what @manu means either. 17:51:39 kristina has joined #vcwg 17:51:42 ack markus_sabadello 17:51:44 present+ 17:51:47 phila: Existing spec does use JCS, per Orie. 17:52:19 You can JCS {"foo": "bar"} (literally) and the canonicalizer won't complain... if you have that in a VC, you just signed something that is invalid. 17:52:20 markus_sabadello: Back to relationship between two groups. 17:52:23 (if you have no context) 17:52:26 present+ Michael_McCool 17:52:58 ... How do you get to the hash value given the data set displayed? 17:53:22 ... The VC data model defines pretty much everything except what's in the proof. 17:53:34 q? 17:54:02 ... What's in the proof object define what gets canonicalized and hashed to create the proof value. 17:54:39 ... I imagine that VC data integrity specification plus crypto suite will drive how to do it. 17:55:07 ... Need to define boundary between and VC data integrity and crypto suites. 17:55:28 ... I would like to get some input from the VCWG. 17:56:00 related to existing VC WG things at JCS... https://github.com/w3c/vc-jws-2020/blob/main/contexts/v1/index.json#L15 17:56:08 phila: I think we will be getting a lot of input as there is a lot of overlap between the two groups. 17:56:22 ... Need to be aware of the timing. 17:56:35 markus_sabadello: No more questions to ask of VCWG. 17:57:01 mkhraisha has joined #vcwg 17:57:22 ... My understanding is that what gets hashed is not only a hash of the RDF dataset but also of some of the proof attributes. 17:57:31 q+ to note hash of credential and hash of proof are combined and hashed, and complexities with BBS+ 17:57:46 ack manu 17:57:46 manu, you wanted to note hash of credential and hash of proof are combined and hashed, and complexities with BBS+ 17:58:07 manu: I wish I had an answer. This is something that belongs in data integrity. 17:58:10 +1 to it being in data integrity, data integrity combines the primitives output from the RCH WG as needed 17:58:34 For those that prefer to read code, this is a version of the "create verify data" algorithm: https://github.com/transmute-industries/RsaSignature2017/blob/master/src/common.js#L14 17:58:37 ... Proof options (algorithm, date/time, verification method) are a separate RDF data set from the main VC. 17:58:59 ... If we draw the line where the RCHWG... I don't know. 17:59:23 q+ 17:59:51 ... Other detail is that there are interesting aspects of BBS+. One of them is to ensure that selective disclosure works. 18:00:15 hash-based message authentication code = HMAC 18:00:21 ... May require using HMAC as part of the canonicalization. 18:00:33 Regarding some of the existing BBS+ statement approach manu is talking about: https://github.com/transmute-industries/verifiable-data/blob/main/packages/bbs-bls12381-signature-2020/src/BbsBlsSignature2020.ts#L106 18:00:39 ... May want to canonicalize statement by statement. 18:00:53 its also related to the termise use case mention previously. 18:01:11 ... I'm just highlighting things that need to be formalized in the specification. 18:01:43 markus_sabadello: My understanding is that individual statements need to be canonicalized for BBS+. 18:01:59 Karen has joined #vcwg 18:02:05 Yes Markus, there is a version of this same thing that works with merkle proofs and vanilla JWS - https://w3c-ccg.github.io/Merkle-Disclosure-2021/ 18:02:05 ... This could be a very short specification. 18:02:20 q? 18:02:41 ivan: Historically, when we wrote the charter, the focus was always on the c14n. 18:03:08 ... The fact that we separated the hash makes it trivial. 18:03:25 There is also some work done by gov of singapore I believe related to merkle proofs and nquads. 18:03:30 ... WG may decide that it's not a separate deliverable. 18:04:05 ack dlongley 18:04:08 ... Creating the charter was a very long process. Hash has been separated from the c14n to make it easier. 18:04:42 -> https://www.w3.org/2022/07/rch-wg-charter/explainer.html Explainer 18:04:50 dlongley: Comment on where is the line between VCWG and RCHWG. RCHWG is responsible for creating primitives that can be incorporated into VCWG. 18:05:32 q+ 18:05:34 q+ 18:05:43 ack markus_sabadello 18:05:43 phila: Although not listed, a good use case, including those not feeding VCS, is going to drive this forward. 18:06:30 q+ to request specific requirements from VCWG on the Hash spec, and question the division of responsibility between RDFC14N and Hash. 18:06:52 markus_sabadello: RDF dataset c14n, understanding is that input is an RDF dataset and output is also an RDF dataset. 18:06:56 ack gkellogg 18:06:57 gkellogg, you wanted to request specific requirements from VCWG on the Hash spec, and question the division of responsibility between RDFC14N and Hash. 18:07:09 For the notes, the current draft for bbs+ data integrity - https://w3c-ccg.github.io/ldp-bbs2020/ and Mattr's implementation https://github.com/mattrglobal/jsonld-signatures-bbs 18:07:35 q+ 18:07:44 good questions for the RCH WG to answer later, i think :) 18:07:45 gkellogg: What is the output of the canonicalization serialized or abstract? Is there a notion of a abstract dataset that can deliver an abstract c14n? 18:08:15 ... I'm feeling right now that the requirements of what the hashing spec needs to do is vague. 18:08:21 ack next 18:08:33 I believe that the output of c14n is a mapping from blank nodes to labels 18:08:58 ivan: What you said from an RDF point of view. C14n doesn't change the dataset. It creates a specific canonical serialization of that dataset. 18:09:15 ... Both create proofs in a canonical way. Dataset doesn't change. 18:09:16 shawnb has joined #vcwg 18:09:32 phila: That is my understanding as well. 18:10:19 ... In my head, you can chuck in any serialization of RDF and the output is the same. 18:10:31 ... Two people on the phone who have done this. 18:11:06 -> https://docs.google.com/presentation/d/1hrqozY2EGZ8i8y40abyEuJmIb6hCiRS-37pdj6bhBLY/edit#slide=id.g15613afc368_10_35 Dave's slids start here 18:11:12 dlongley: First thing I want to talk about is relationship RDF and VCWG. 18:11:12 s/slids/slides/ 18:11:57 ... What is an RDF dataset? It's a way to model graphs of information. 18:12:22 ... VC data model aligns with RDF. 18:13:09 ... "Verify" means that we're verifying that the information hasn't changed and that the issuer is indeed the one who created it. 18:13:37 ... Anonymity is preserved if we don't need the verifiers to call home. 18:14:01 ... Cryptographic primitive called a digital signature provides this. 18:14:21 ... Different implementations might produce different bytes for signing for the same VC. 18:14:42 ... Why not just have the issuer define the sequence of bytles? 18:14:58 ... This makes it harder on application developers. 18:15:28 ... Not a problem on simple use cases, but more complex use cases cause problems. 18:16:05 ... C14n ensures that the same set of data produces the same signature. 18:16:26 ... Bytes that are protected are the output of the hash algorithm. 18:16:52 ... Once we produce and sign the hash, we can discard the hash. 18:17:21 ... Whenever we see the same data, we should get the same signature. 18:18:03 ... Trade offs favour c14n. 18:18:42 ... You can transform a VC into another format (e.g., CBOR-LD) and get the same results. 18:20:02 ... URDNA2015 is a c14n algorithm that is input into the RCHWG. 18:20:14 what about canonization vs canonicalization? 18:20:17 ivan has joined #vcwg 18:20:32 ... Based on 2012 algorithm, upgraded to handle multiple graphs instead of a single graph. 18:20:36 and canonize vs canonicalize? 18:20:55 ... Fit-for-purpose for RDF. 18:21:40 ... Combines every RDF element, reuses existing primitives, and hashes with SHA-256. 18:21:43 One of the biggest deployments of it I am aware of is related to Activity Pub / Mastodon ... https://github.com/tootsuite/mastodon/blob/cabdbb7f9c1df8007749d07a2e186bb3ad35f62b/app/lib/activitypub/linked_data_signature.rb#L30 18:21:57 q+ to note that N-Quads doesn't have a specified C14N form, although it can be derived from that of N-Triples. 18:22:05 the Mirabolic consulting paper on URDNA2015: https://lists.w3.org/Archives/Public/public-credentials/2021Apr/att-0032/Mirabolic_Graph_Iso_Report_2020_10_19.pdf 18:22:13 because I was looking at it.. 18:22:27 q? 18:22:32 ... With RDF*, same upgrade process as from 2012-2015 should be followed. 18:22:36 ack next 18:22:38 gkellogg, you wanted to note that N-Quads doesn't have a specified C14N form, although it can be derived from that of N-Triples. 18:23:01 q+ 18:23:08 gkellogg: With regards to CCG spec, there is an open pull request to fix things up. CCG will make a final report out of that for the WG to reference. 18:23:10 q+ to speak to CCG steps 18:23:22 wayne has joined #vcwg 18:23:27 phila: Do you have an idea of timing? 18:23:39 gkellogg: Pull request is ready, it has one approval. 18:23:53 ... Chairs need to publish. 18:24:03 ... Something that can be done in a day. 18:24:28 ... Another thing that occurred to me, N-Quads doesn't have a canonical form but triples do. 18:24:54 +1 gkellogg 18:24:54 ... No normalized form in N-Quad spec. 18:24:58 ack manu 18:24:58 manu, you wanted to speak to CCG steps 18:24:58 https://www.w3.org/TR/n-triples/#canonical-ntriples 18:25:17 confirm that the N-quads spec does not have a similar section 18:25:18 manu: CCG will take more than a day. Need to convene group and get them to approve. 18:25:22 ack markus_sabadello 18:25:28 ... Will push that along. 18:25:32 TallTed: canonize/canonicalization are synonyms 18:25:45 (all the various forms of those words) 18:26:16 dlongley you mean c14n = c10n ? :-P 18:26:21 heh :) 18:26:29 markus_sabadello: It's on the agenda for CCG next week. From a process perspective we need to motion this to recognize it. 18:26:40 ... What is the output? A serialized stream? 18:27:17 q+ 18:27:18 dlongley: Output is abstract data model with labels applied to get sorted N-Quads. 18:27:40 "blank node labels" aren't really "abstract" 18:27:53 a detail for the RCH WG to figure out how to describe appropriately. 18:27:54 markus_sabadello: Output of algorithm is not a serialized N-Quad stream but rather an abstract data model. 18:28:10 q? 18:28:12 ... Which can then be used to create a serialized form. 18:28:15 +1 to being precise 18:28:16 q- markus_sabadello 18:28:20 yes, bnode labels are not part of the abstract syntax of RDF, so this "abstract canonicalized dataset" is somewhat hypbrid 18:28:37 s/hyprid/hybrid/ 18:29:03 -> https://docs.google.com/presentation/d/1hrqozY2EGZ8i8y40abyEuJmIb6hCiRS-37pdj6bhBLY/edit#slide=id.g1553dcd7b23_239_0 Aidan's slides 18:29:16 aidan: Blank nodes are common in real-world data. 18:29:31 ... Things would be easier if blank nodes didn't exist. 18:30:29 ... Creates relationships that are more difficult to determine if they're isomorphic. 18:31:20 ... Drawing a different way makes it difficult to determine isomorphism. 18:31:28 These slides are amazing. 18:31:36 ... GI complete means graph isomorphic complete. 18:32:15 Skolemise is also used in the Termwise work, mentioned previously. 18:32:43 For those who want to learn more about the word: https://en.wikipedia.org/wiki/Skolem_normal_form 18:33:10 mccown has joined #vcwg 18:33:21 ... Canonical labelling makes it faster to detect duplicate documents. 18:35:47 dezell has joined #vcwg 18:35:53 present+ 18:36:09 ... Naive canonicalization will solve most problems. 18:36:16 .. What happens with more complex graphs? 18:37:31 I cannot communicate how much I love this presentation. 18:37:50 make a graph to demonstrate your love 18:38:05 without blank nodes 18:39:40 Orie +1 18:42:57 q? 18:48:18 ... (see presentation for answer) 18:48:20 wayne has joined #vcwg 18:48:37 q+ to ask about thoughts on extending to RDF-star. 18:49:08 No Agda, TLA+ proof? : ) ... That there is a coq proof is pretty awesome. 18:49:59 q+ to ask if a test-suite is available 18:50:38 that was an excellent presentation! 18:50:48 +1 18:50:55 ack gkellogg 18:50:55 gkellogg, you wanted to ask about thoughts on extending to RDF-star. 18:50:55 q+ 18:51:26 gkellogg: Do your insights on ease of extending extend to RDF*? 18:51:36 aidan: Yes, don't see any difficulty. 18:51:42 s/RDF*/RDF-star/ 18:51:50 ... Add some bytes to indicate that it originated as RDF-star. 18:52:06 ... Also use this to canonicalize SPARQL. 18:52:12 Cannonized sparql could reduce compute times I imagine. 18:52:14 ack next 18:52:15 pchampin, you wanted to ask if a test-suite is available 18:52:37 q+ 18:52:38 pchampin: Do you have some reference data that can be used? 18:52:46 aidan: Yes, they're all public datasets. 18:52:58 ack next 18:53:01 ... Some datasets are used to prove correctness. 18:53:11 rgrant has joined #vcwg 18:53:40 markus_sabadello: Conceptually, the two pieces of work appear aligned. Want to get some understanding of overlaps and similarities. 18:54:14 zakim, please close the queue 18:54:14 ok, phila, the speaker queue is closed 18:54:25 q= 18:54:38 they are *very very* similar ... but not the same, unfortunately. 18:54:40 aidan: Certain elements are aligned. There are technical differences that may affect performance and ease of implementation. 18:54:49 ack me 18:54:53 ... There will have to be a comparison. 18:55:28 phila: The process of cleaning, which tries to get rid of duplicates, have you considered using a SHACL shape to get rid of what you don't want? 18:55:41 s/cleaning/leaning/ 18:56:10 i'd recommend not taking on the extra work :) 18:56:17 aidan: One example uses SPARQL to lean graph. Can use SHACL as well. 18:56:54 https://github.com/w3c/rch-rdc 18:56:59 https://github.com/w3c/rch-rdh 18:57:00 RCH WG homepage: https://www.w3.org/groups/wg/rch 18:57:02 rrsagent, draft minutes 18:57:02 I have made the request to generate https://www.w3.org/2022/09/16-vcwg-minutes.html ivan 18:57:03 markus_sabadello: We have our mailing list. Encourage group to subscribe. 18:57:47 rrsagent, draft minutes 18:57:47 I have made the request to generate https://www.w3.org/2022/09/16-vcwg-minutes.html ivan 18:57:56 phila: Very conscious of the fact that the conversation has been very rapid and that this has impacted members for whom English is not the first language. 18:58:36 rrsagent, draft minutes 18:58:36 I have made the request to generate https://www.w3.org/2022/09/16-vcwg-minutes.html ivan 18:59:05 Thank you! 19:11:28 gkellogg has joined #vcwg 19:17:22 ivan has joined #vcwg 19:20:35 rgrant has joined #vcwg 19:30:26 gkellogg has joined #vcwg 19:47:17 sebastianelfors has joined #vcwg 19:52:23 ivan has joined #vcwg 19:54:42 gkellogg has joined #vcwg 19:55:47 gkellogg has joined #vcwg 19:58:28 phila has joined #vcwg 19:59:21 takuya has joined #vcwg 20:01:20 decentralgabe has joined #vcwg 20:01:23 present+ 20:02:23 present+ 20:02:29 qwert 20:02:36 pchampin has joined #vcwg 20:02:38 rgrant_ has joined #vcwg 20:03:19 present+ shawnb 20:03:46 no, sorry -- under a deadline 20:04:26 present+ 20:04:27 present+ 20:04:28 brent has joined #vcwg 20:04:30 mary has joined #vcwg 20:04:31 present+ 20:04:34 present+ 20:04:36 kristina has joined #vcwg 20:04:41 present+ 20:05:40 scribe+ 20:05:53 kdeangs1 has joined #vcwg 20:06:01 brent: Our first presentation is from Gabe. 20:06:07 YanZhang has joined #vcwg 20:06:09 & Orie 20:06:30 brent: Gabe and Orie. 20:07:27 decentralgabe: We're talking about multiparty and delegated credentials today. There are 3 formations and only one has been covered in the spec. 20:07:44 wonsuk has joined #vcwg 20:07:46 decentralgabe: Will be discussing these and what should be included. 20:07:56 hsano has joined #vcwg 20:08:05 present+ Hiroyuki_Sano 20:08:08 decentralgabe: I tried to illustrate what credentials are today. There's an assumption of a single issuer and single subject. Here is Mr. Owl and Tootsie man. 20:08:46 SamSmith has joined #vcwg 20:09:00 decentralgabe: That's the simple case, the first case that's different involves a delegated credential. Mr. Owl has a child and he knows the answer to the challenge and a parent should be able to hold a VC on behalf of the subject. 20:09:06 decentralgabe: Where the child is the primary subject. 20:09:42 decentralgabe: Another possibility is that there are multiple parties. Imagine that Mr. Owl is a conjoined twin. He has two identities and solves the same challenge. Now there are two subjects for the same VC -- how do we express that? The spec shows this case where the `credentialSubject` block uses an array with two entries. 20:10:13 Orie: None of these are VCs -- in the understanding of the word we have today. But they may be technologies that you've heard before. 20:10:25 Orie: The prompt here is "A 3d rendering of a confused deputy". 20:10:27 btw there is a multi-subject JWT individual draft in IETF OAuth WG: https://datatracker.ietf.org/doc/draft-yusef-oauth-nested-jwt/ 20:10:47 Orie: There's been discussion the mailing list about "what's the problem with using VCs as capabilities?" I'm not here to describe that whole thread to you, please read it. 20:10:54 q? 20:11:08 dezell has joined #vcwg 20:11:15 present+ 20:11:27 Orie: There are ZCAPs which could be used and the work we're using could be applied under that model using JSON-LD and Data Integrity. There's ucan with JWT and dpop with JWT. There are NFTs that are controlled by a party and where that party could transfer that thing to another entity. 20:11:47 Orie: Having that token could give you rights, like the ability to post a message to a group and not having it could remove those rights. We see these things happening outside of our WG. 20:11:50 present? 20:12:06 Orie: It's a good idea to keep this in mind and see what others are doing with these NFTs and what the model is we have today. 20:13:09 Orie: Non-transferable NFTs have been called "soul-bound tokens". People can't transfer these. There are some dark cases for these -- like sex-offender lists. There are some uncomfortable use cases there. I don't think we should shy away from those use cases though because we don't control what people do and at the very least we should be aware and aware of how people may confuse our work with that other stuff. 20:13:25 decentralgabe: I don't mean to mean these examples as a proposal, just showing one way to express things. 20:13:43 Orie: Some of the examples we've already discussed as a WG. There's an issue for this I'll dig up for the notes. It's about multiple subjects. 20:14:16 Orie: The question is, can you use a VC with multiple subjects today? It's awkward right now. There's an example in the spec with multiple subjects ... but consistently transforming that to the different securing formats is tough. 20:14:51 Orie: Particularly with multiple subjects because many of the securing formats don't have a way to handle more than one subject. So it's awkward to actually secure multiple subjects in a JWT or another format that may have been traditionally bound to a single identifier. 20:15:15 Orie: Marriage certificates are one example where you could have a legal office and the certificate could have two parties that are getting married and they are both listed in the VC. 20:15:38 Orie: Another example would be a person traveling with a service dog and they have a vaccination VCs -- there are multiple ways to express that. 20:15:59 cabernet has joined #vcwg 20:16:03 present+ 20:16:04 Orie: These examples help show the problems with a multiple subject model. That's hard -- because now we're having the same holder binding conversation but with multiple subjects. 20:16:15 q? 20:16:37 Orie: Other examples like power of attorney, sort of delegated use case ... there are multiple subjects, holder bindings, and delegated use cases -- each of these is a problem and they are all mixed together. 20:16:47 Orie: We've seen examples of each of them. The spec text around them isn't helping enough. 20:17:11 Orie: There are challenges around multiple subjects today and we've seen the challenges with holder binding. There are questions around delegation today. Generally, we will need some text to help clean this up. 20:17:43 Orie: Regarding delegation use cases / scenarios, there are folks experiencing homelessness. They may not have a safe place to store critical documentation to apply for a job or get medical care. They may rely on social workers or others to manage their identity. 20:17:43 aidhog has joined #vcwg 20:18:08 Orie: They don't have a phone / safe place to store docs, things could be stolen. These use cases are real. We should think about how multiple subjects, holder binding, delegation will affect vulnerable populations. 20:18:49 decentralgabe: So this slide is straight from the spec -- an informative example about how one could express two credential subjects. This is a relationship / married certificate. In addition to an identifier name, there's a relationship in each block. 20:18:55 mkhraisha has joined #vcwg 20:19:07 decentralgabe: I'd like to see this move past an informative example and get to strong implementation suggestions and there may be multiple interpretations. 20:19:11 Jay has joined #vcwg 20:19:24 q? 20:19:26 Orie: Multiple issuers. Manu mentioned concerns about this use case -- I'd love for him to queue. 20:19:31 q+ 20:19:44 zakim, please open the queue 20:19:44 ok, kristina, the speaker queue is open 20:19:53 q+ kdeangs1 20:20:19 Orie: Some of the examples of credentials with multiple issuers -- some scenarios in blockchain architectures, where you have a contract (a piece of software that operates autonomously). When things interact you have a contract address and the person creating the artifact (they could have funded the address for this purpose or a long term address). 20:20:41 Orie: That person could transfer the artifact to a party and that could go further ... and the point is, do we identify the party that issued the contract or that called the contract or both. 20:21:15 Orie: I'm not saying what it should be -- I'm just saying there are use cases out there today where multiple identifiers participating in the issuance process. If you choose to recognize that or not in the final VC, that's a choice but you could imagine people making different choices. 20:21:42 Orie: In a few feature of twitter you can collaborate with a tweet together. If those were signed -- would you both be signing, would you have two proofs with different issuers? Is it in order -- is it a proof chain or set? 20:22:27 Orie: There's language that's been discussed around proof chains and proof sets that's relevant to that. There are scenarios around child/parent, there are scenarios around credentials from multiple parties, you need sign off from a large set of people so you don't have just one person being compelled under duress,e tc. 20:22:36 Orie: Should credentials with multiple issuers even be allowed? 20:22:50 ack kdeangs1 20:22:50 q+ 20:23:12 kdeangs1: I'm having a bit of difficulty with the examples to be honest. We need to look for use cases where the subject, or multiple subjects/multiple issuers and they are in some way equivalent. 20:23:30 kdeangs1: In the marriage example it's clear both parties are equivalent. They are both parties to the marriage contract and equal on the certificate. 20:23:45 kdeangs1: Power of attorney isn't such a case. That's a statement of my authority over another granted by them or a judge. 20:23:58 how are multi signature use-cases being dealt right now? 20:24:05 kdeangs1: So someone is issuing the power of attorney ... so we could easily structure it so that the person over whom I have power of attorney is just another attribute, etc. 20:24:17 several iss claims? 20:24:29 kdeangs1: The same would be true for issuers. If there are multiple issuers, a board of directors who have to approve a course of action. They would be considered equivalent -- co-signers for a loan. 20:24:41 ack SamSmith 20:24:43 q+ 20:24:43 q 20:24:43 q? 20:24:44 kdeangs1: I can think of a lot of examples for multiple issuers, I have some difficulty thinking of examples of multiple subjects. 20:25:29 SamSmith: One of the ways we've addressed both delegation and multiple party problem is that we use a practical approach. Everything is rooted in crypto IDs and you can have multiple controllers -- and everything can be multisignature using thresholds. Those thresholds can be sophisticated. 20:25:46 +1 sam, I think merging identifiers into a multi party systems is an excellent way to get rid of the "multiple issuers" case. 20:26:06 SamSmith: For the GLEIF you can have multiple signers, escrow signers, escrow redundancy, different weights for signing, etc. but they all control a single identifier. 20:26:13 SamSmith: There are multiple controllers for one issuer identifier. 20:26:48 SamSmith: You can also have delegated authorities ... [missed] ... there can be terms and conditions in the credential that can be used to identify what authority the issuee of that credential has in terms of actions that someone would recognize. We have good examples of that. 20:27:15 SamSmith: This was important for our setup where people can represent organizations and their authority and representation however they want along the lines of how their corps and orgs are run. 20:27:35 wayne has joined #vcwg 20:27:50 decentralgabe: I like that approach, I don't think that should be the only one. I think there's value in communicating all parties that are enumerated in these scenarios. Perhaps that could be handled in another portion of the credential subject. I think the information could just be in the VC. 20:27:50 ack ivan 20:28:07 JoeAndrieu has joined #vcwg 20:28:37 ivan: A minor warning. The JSON-LD semantics is such that the array is default unordered. If I take the second example -- with multiple issuers. From a JSON-LD standpoint it says that the issuers are the same, there's no order. You can add an order but you have to do that explicitly. 20:28:50 q+ 20:29:07 ack manu 20:29:07 kristina: We have 2 minutes left, so the topic is multisubject credentials and based on the morning conversations, Manu and Joe may have opinions. 20:29:31 manu: Yes, many opinions, there's a very long thread about delegation and credentials on the CCG mailing list, lots of good things said there. We may not be using the same definition of delegation or the use cases may be a bit confused. 20:29:45 manu: I've seen that happen over the years, different definitions resulting in people talking past each other for a long period of itme. 20:29:52 Here is a link to an issue that is related: https://github.com/w3c/vc-data-model/issues/762#issuecomment-1218428660 20:30:06 q+ to talk about delegating statements, verses statements that delegate 20:30:20 manu: There are specific technologies for delegated authorizations -- one of the first questions we should ask is if it's a delegated authorization use case or is it something else. If it's delegated authorizations there are other technologies that are a better fit for this. 20:30:28 the chairs agreed to spend 10 more minutes on this topic 20:30:33 +1 to we need to cleanly separate these topics... but they are merged in the minds of many folks. 20:30:46 ack JoeAndrieu 20:30:47 JoeAndrieu, you wanted to talk about delegating statements, verses statements that delegate 20:30:48 manu: That's the concern I have with this in general -- I don't think we've really honed in on the use cases. People throw them out there -- and some are delegated authz and others are not and we need to categorize. 20:30:53 q+ 20:31:10 JoeAndrieu: +1 to clearer use cases if we don't have enough to distinguish. I think there's a miscommunication around delegating statements and statements that delegate. 20:31:30 +1 20:31:32 JoeAndrieu: Manu mentioned a birth certificate before as a delegateable certificate -- and no, you can't do that. Statements don't get delegated -- they just get verified. 20:31:36 yi has joined #vcwg 20:32:05 JoeAndrieu: Anything you can put in the letter is a statement -- the letter can have a statement of authorization. It doesn't make letters a point of delegation, it's just something you can do with it. You can use VCs to comment on code. Should we change the model to make it easier to comment on code. No. 20:32:28 there seems to be 2 more slides? 20:32:31 next one please 20:32:34 +1 protocols for building authorization on VCs seems out of scope. 20:32:42 sorry, one after this 20:32:42 q+ to note questions confuse the use cases. 20:32:45 JoeAndrieu: There's a differentiation that is subtle and we should understand it. We're here to standardize the envelope and data model -- and there is a rich and open world where people are making authorizations and delegations and we need to be careful. 20:32:45 ack decentralgabe 20:32:45 +1 to stopping at the envelope 20:33:02 but I am not sure we are "forbidding " those use cases or "allowing them" based on the spec today. 20:33:09 decentralgabe: I agree with Manu and Joe on getting clear use cases. I know there have been a lot of prior discussions. I opened 3 issues to talk about them where we could add those good use cases. 20:33:26 decentralgabe: I didn't intend to address all these -- just raising the discussion and I'd like to see proposals on these issues on what we should do next. 20:33:28 q+ to note issues. 20:33:34 ack manu 20:33:34 manu, you wanted to note questions confuse the use cases. and to note issues. 20:33:38 q+ to ask about use cases 20:33:58 dezell has joined #vcwg 20:34:06 present+ 20:34:18 manu: Just to note -- on these issues. The first one "delegate credentials" there be dragons. That's the one that's mixing a bunch of stuff up and that's what the CCG discussion is about. Multisubject credentials the data model supports today and I don't know if it's a good idea to prevent it from doing that today but let's let that play out why cut it off? 20:34:25 Should the data model now support multiple subject credentials? even thought we can't test them concretely in VC-JWT? 20:34:51 manu: Multi issuers is interesting -- if you are using data integrity you can have multiple different proofs using Data Integrity (you can't do this with JWTs) but the issuer field only allows a single value. 20:34:52 I will note that this leads to a "My security format is better because X..." which I am frustrated by. 20:35:08 manu: so when you do multisig, you include only one issuer and/or subject? 20:35:13 ack JoeAndrieu 20:35:13 JoeAndrieu, you wanted to ask about use cases 20:35:17 manu: The bottom two issues ... are worth discussing now perhaps but the delegated one may need months of discussion and getting definitions right so we're on the same page. 20:35:36 Orie, it leads to a: You can do X with Y technology but not Z technology -- it's just a factual statement. 20:35:44 JoeAndrieu: Multiple subject is a necessary and I think we have use cases that clarify that. On a birth certificate there's a mother and a child. A marriage certificate has two spouses, some witnesses, etc. 20:35:55 manu: thats the same thing I am saying, in different words. 20:35:59 JoeAndrieu: We had that debate quite a few years ago -- about whether the language should state there's a single subject and it can't because we know of VCs that need it. 20:36:09 s/manu: thats/manu, thats/ 20:36:18 q? 20:36:25 JoeAndrieu: It's really about the semantics not the crypto here. There are so many different ways that multiple signatures could be interpreted so we'd have to talk about that. 20:36:40 JoeAndrieu: Did you add those use cases to the core spec or use cases? 20:36:47 decentralgabe: Neither they are in issues in the core spec repo. 20:36:50 -1 to moving those issues to use cases. 20:36:55 JoeAndrieu: Ok, let's try to get those moved over to the use cases doc. 20:37:30 selfissued has joined #vcwg 20:37:34 present+ 20:37:36 issues: https://github.com/w3c/vc-data-model/issues/930, https://github.com/w3c/vc-data-model/issues/931, https://github.com/w3c/vc-data-model/issues/932 20:37:45 Orie: I'd like to respond to some of what Manu said. I think we're having a bit of conversation in the chat about ... what's the core data model and what it allows. Then there will be representations of the core data model that are secured in a given system, VC-JWT, Data Integrity, potentially SD-JWT, potentially AC/DCs. 20:37:51 Orie: Each of those systems will have their own constraints. 20:38:17 Orie: That's a fact. But the core data model -- when you divide it out ... some of those security mechanisms will take all the features and some will only take a smaller set. 20:38:41 @JoeAndrieu - use cases to prove out the need for a change to the data model 20:38:41 Orie: We have the ability to alter that. If we say that the core data model lets you have multiple subjects ... and we update IETF specs that allow JWTs to have multiple subjects / issuers. 20:38:56 Orie: That seems unlikely that it would pan out but you could perhaps do things like that with Data Integrity. 20:39:22 Orie: It's our job to say if issuer is a string / array / object with an `id` property. Those questions impact those scenarios we're discussing and we need to be clear. 20:39:28 Karen has joined #vcwg 20:39:36 brent: Next topic is SD-JWT. 20:39:48 kristina: Chair hat off for the full 40 minutes from me. 20:39:48 Topic: Intro to SD-JWT 20:40:14 kristina: The purpose of the presentation is to introduce the concept. There are several questions / cry for help in defining certain aspects. 20:40:25 kristina: This is a draft adopted in the IETF and the work is happening at IETF. 20:40:38 kristina: The problem in the VC space is that the VC-JWTs are not selectively disclosable. 20:40:53 kristina: You get one signature and you can't take out one of the claims without breaking it. 20:41:01 kristina: So the main problem was finding a way to do selective disclosure. 20:41:16 sebastianelfors: As I mentioned earlier, I am part of the UDI wallet group. 20:41:26 s/UDI/EUDI/ 20:41:48 sebastianelfors: We got feedback from cryptographers on different ways to do selective disclosure -- there are problems with the mDoc presentation is the connection to the issuer which is revealing that the holder is taking action. 20:41:56 sebastianelfors: Another problem is with BBS which is new crypto. 20:42:15 sebastianelfors: So we're really interested in is SD-JWT for personal identification data for the EUDI wallet. 20:42:48 mccown has joined #vcwg 20:42:49 kristina: This slide just says that the principle we want is to keep SD-JWT as simple as possible. We have several implementations in a couple months which is a testament to that. 20:43:01 kristina: The concept is not new, it's just never been documented as a standard. 20:43:17 kristina: The idea is that the issuer hashes each claim, only digests are included, no claim values. 20:43:40 kristina: So a mapping is sent with actual claim mappings and salts and key-value pairs. 20:44:02 kristina: In presenting -- the whole digests are sent and only the salt and mappings/key-value pairs that the holder agrees to release. 20:44:08 kristina: There's an illustration for this in the slide. 20:44:30 With some minoradaptations to the ACDC structure, the salted hash or blinded digest approach is the mechanism in the ACDC spec for selective disclosure and bulk issuance 20:44:42 kristina: I'm using the concept defined in the IETF draft and later we'll try to map it to the VC. So just think of the SD-JWT as a VC signed as a credential and you send a container with the mappings you need. 20:44:49 kristina: Including the information for all the digests. 20:45:16 One more question to be discussed: Should the proposed "sd_digests" VC claim be registered as a top claim by IANA? 20:45:17 kristina: In selective disclosure happens with the mapping -- the holder only sends the salt and claims values for those claims that are being released. 20:45:32 kristina: We say optionally signed by the holder in the IETF ... if it's a VP, it's most likely going to be signed by the holder. 20:45:42 kristina: So some examples. These examples are from the SD-JWT doc. 20:45:44 The unique feature of ACDCs is a graduated disclosure mechanism using composed schema that supports contractually protected selective disclosure 20:45:55 kristina: The question is -- how can these concepts in the SD-JWT document be mapped to the VC model. 20:46:06 kristina: SD-JWT defines `sd-digests` as a top-level JWT claim. 20:46:25 kristina: It contains mappings and arrays with salts and values, it's opinionated but it's a draft and we expect discussion. 20:46:36 kristina: During presentation is the `SD-JWT-Release` container. 20:47:07 DavidC has joined #vcwg 20:47:07 kristina: It's worth noting that the concept of reusing VC-JWT ... the security changes a bit, as a verifier, you do need to compute the additional computation to do the complete verification. 20:47:12 present+ 20:47:19 regrets+ 20:47:28 kristina: The verifier must not accept the claim values in the release without computing the digests because a malicious holder could inject those values. That's a huge caveat. 20:47:42 q+ to ask if objects are supported, or just flat arrays of claims? 20:47:55 kristina: There was a long discussion around that -- so far sending the plain text without encryption ... missed ... the verifier needs to do the computation. 20:48:05 dezell has joined #vcwg 20:48:06 q- 20:48:14 present+ 20:48:21 kristina: The current document does allow generating one digest for the whole object or each separate object. This could end up with lots of complexity. 20:48:37 kristina: We have implementations, one in python, kotlin, rust. 20:48:39 q+ 20:48:55 kristina: I want to bring this up with the VCWG, there's discussion in an issue between mostly me and sebastianelfors. 20:49:21 kristina: There are options in the issue where there is a top-level `sd_digest` claim but instead of defining the claims directly we do something else [missed]. 20:49:33 Here's the issue on SD-JWT-VC: https://github.com/w3c/vc-data-model/issues/908 20:49:45 kristina: Conceptually, the claims included in the credential subject and non-SD claims. 20:50:05 kristina: Because there is a whole signature on the whole JWT -- the first name / last name, you won't be able to do SD. 20:50:20 kristina: The digest of the claims ... and claims included by value in the credential subject. 20:50:43 kristina: In the next slide I have questions -- potentially -- there might be cases if we go this path the credential subject becomes empty and it's a required property and is that allowed is one question. 20:50:45 q+ 20:50:49 kristina: In the VP the object would be included. 20:51:18 kristina: Not to confuse people -- just to note where discussion has been. The other option is to put the whole subject in the SD claim ... but that violates the draft spec. 20:51:32 kristina: Nesting / processing is not straightforward in some options. 20:51:49 I appreciate the intention behind this, but it just makes you wish for a better alternative... like JWP.... for sure, there will need to be a __very different__ mapping for vc-sd-jwt vs vc-jwt. 20:51:57 kristina: Can credential subject be empty? Where do we describe SD-JWT? 20:51:58 would it work to map credentialSubject and sd_digests so they are equivalent? 20:52:02 ack decentralgabe 20:52:34 ref: https://github.com/workdaycredentials/specifications/blob/master/specifications/claim-proof.md 20:52:36 q+ 20:52:37 decentralgabe: I'm really happy to see this, when I was at work in 2019, we did a similar scheme not using JWTs. We used a claim next to each field that was the digest and a digest overall at the end so you could disclose pairs or the whole thing. 20:52:40 ack SamSmith 20:52:41 +1, I like what you're attempting to accomplish 20:52:43 q+ 20:52:46 I also like the idea of it, just not the serialization backflips needed :) 20:53:40 SamSmith: I'm really interested in this, I don't know if you're familiar but we should discuss -- the solution for both SD and issued credentials in AC/DC show lots of similarities. Using salty nonces to blind values and so on ... and using schemas to allow verifiers to confirm the disclosure is acceptable. 20:53:49 ack sebastianelfors 20:53:50 SamSmith: You can generate on the fly credentials that are unlinkable as well. 20:53:59 q+ to note complexity explosion w/ VC-JWT, SD-JWT, JWP. To be clear, these are tracking identifiers but that's not what SD-JWT is trying to address? 20:54:15 sebastianelfors: I have a comment on how to document this. Section 5.8 -- could we rename that to Selective Disclosure, ZKP is just another methoed. 20:54:26 sebastianelfors: We have atomic VCs, SD-JWT and other options to add there. 20:54:29 ack wayne 20:54:33 Jeremie has joined #vcwg 20:54:46 +present 20:54:49 q+ 20:54:54 wayne: Basically just wanted to say that we're working on a VC model of a driving license and we like to see this so we're supportive. There's a SD mechanism in a CBOR model that does the same thing. 20:54:55 q+ to respond to wayne 20:55:12 wayne: It's interesting to have a common representation on how to do this. Also, we'd like to be able to blind field names to produce better values. 20:55:36 wayne: We'd like to see holder binding and understanding how it could work with the VP. The alternative representation would be to create the claim itself in the VP. 20:55:55 wayne: We don't like to see serialized JSON in strings, that throws a flag. On the plus side, the potential to issue the same data many times... 20:56:06 wayne: The term pepper might be better than salt because it's meant to be kept secret. 20:56:06 ack manu 20:56:06 manu, you wanted to note complexity explosion w/ VC-JWT, SD-JWT, JWP. To be clear, these are tracking identifiers but that's not what SD-JWT is trying to address? 20:56:07 I'll take string encoded json over base64url encoded JSON : ) 20:56:24 manu: I'm concerned with the complexity that we're adding here. It sounds like ... 20:56:49 manu: It sounds like several different securing schemes. 20:57:27 manu: SD-JWT feels like a stop gap, if you were to reveal none of the fields you've still got a tracking cookie. This is true for VC-JWTs and it's true for a lot of data integrity things. I want us to be clear about what problem we're actually solving. 20:57:27 Agree, sd-jwt feels like a stop gap, aimed at tackling ISO / mDL use cases... meaning it might be a useful stop gap. 20:57:37 clime blinding is definitely the topic, wayne. and there is high potential it will be mandated 20:57:39 manu: It feels like a narrow solution -- and it's useful, but it's a lot of complexity. 20:57:46 s/clime/claim 20:58:08 manu: People will look at VCs and be like "There are 4-5 different ways" to secure a VC and I have to figure out which one of those things I want to give the user. They will have to make an A or B person. 20:58:48 q 20:58:53 manu: The concern here is that we're adding a lot of complexity for a narrow use case and it will confuse people. 20:58:58 ack kristina 20:58:58 kristina, you wanted to respond to wayne 20:59:12 present+ wayne 20:59:30 kristina: The concern noted. But I would disagree in the sense that it's added complexity for a narrow use case... in the sense that, and I expect -1 from some people for saying this. There is a potential for replacing VC-JWT with SD-JWT. 20:59:30 q+ to talk about the tyranny of choice 20:59:46 is that horse trade on the table!?!?! thats exciting. 20:59:53 kristina: Those don't have the features we want -- I would argue SD is a requirement. 21:00:02 kristina: I would want to avoid VC-JWT because SD-JWT does SD. 21:00:22 kristina: The concern about keeping both is complexity and having more complexity ... and that we want the tech to be more mature. 21:00:30 kristina: Having SD-JWT instead of VC-JWT might be an option. 21:00:34 ack phila 21:00:34 phila, you wanted to talk about the tyranny of choice 21:00:37 I think an objective is to minimize the number of "alternative" but "nearly equivalent" security formats. 21:01:01 phila: A lot of this is above my head, I'm sorry, but I do understand that the more choice there is the harder to get implementations. If what you're proposing is better than someone else, if it's another way of doing the same thing please don't. 21:01:01 q+ 21:01:23 ack kristina 21:01:27 q+ 21:01:28 phila: From a GS1 point of view -- the fact that there's more than one way is a barrier to adoption and we want to adopt. By all means if something is missing and needs doing, please do it, but don't give me another choice to have to make. 21:01:46 q+ 21:01:47 nadalin has joined #vcwg 21:01:47 kristina: If the explanation was not clear enough -- this is not a reinvention of VC-JWTs, we're adding a feature. 21:02:01 ack manu 21:02:02 present+ 21:02:11 osamu has joined #vcwg 21:02:17 manu: Thanks for that clarification, that is helpful. If we're going to move from VC-JWTs to SD-JWTs, great. It keeps the same number of options on the table. 21:02:36 q+ 21:02:53 manu: I have a feeling that then the argument might become well JWPs do everything VC-JWTs and SD-JWTs do ... and then we have 3 things and by the end of the group 2-3 go into the world, it gets into the tyranny of choice problem that Phil mentioned. 21:03:38 ack sebastianelfors 21:03:41 manu: Understanding that this is new and who knows how this will mature / play out at IETF... do we have a handle on when SD-JWTs will be done. We don't know if it will be in the next year or two or what? What's the timeline, would be good to know. The other question -- how does it affect `@context` -- I don't know yet there are multiple ways to pair things together. 21:04:06 q+ to respond to sebastianelfors 21:04:08 q+ to ask about "Must disclose" DSs, talk about "complexity" in crypto. 21:04:08 sebastianelfors: I wanted to clarify SD-JWT, it reduces complexity because BBS and anoncreds are extremely complex because they haven't been analyzed properly. 21:04:11 I would offer that if v2 includes `@vocab` no changes necessary and context will work fine using the v2 version : ) 21:04:15 sebastianelfors: I think this approach reduces complexity than anything else. 21:04:16 ack kristina 21:04:37 kristina: If JWP proceeds faster than SD-JWT, I would be happy to just have it. 21:04:49 I would love for JWP to move faster... add your voice to the IETF list on the subject. 21:04:54 kristina: JWP started a year and a half before before SD-JWT but SD-JWT is moving faster it seems. 21:05:09 kristina: There are multiple implementations that are moving SD-JWT and no JWP ones. 21:05:26 q+ 21:05:31 kristina: I can't guarantee there will be a stable draft in a year and a half, but just with JWT drafts ... there would be stable examples early on. 21:05:45 the JWP BoF is getting scheduled, ideally in the next few weeks 21:05:47 ack brent 21:05:47 brent, you wanted to respond to sebastianelfors 21:05:48 kristina: I understand all the comments raised ... I raised this now to get stable examples, etc. 21:06:24 brent: You asserted that BBS and anoncreds were rejected by the EU because they hadn't been fully analyzed. There are reasons they haven't been accepted because they haven't been standardized -- it's not because they are brand new crypto or not secure or too complicated. 21:06:25 ack manu 21:06:25 manu, you wanted to ask about "Must disclose" DSs, talk about "complexity" in crypto. 21:06:51 q+ 21:06:52 mccown has joined #vcwg 21:07:07 manu: I wanted to respond to that comment as well. That is not cool. I'm not a huge fan of BBS, it is fantastically complex is to say that it has been rejected by the EU is a gross misstatement. It is being moved through CFRG right now. It's got call for adoption. 21:07:16 manu: It has been analyzed by different cryptographers. 21:07:36 manu: It would be great to bring other cryptographers to the fore and say what it's not good to use. I think we should be careful with statements like that so it isn't misleading. 21:08:11 manu: It would also be good to have the BBS cryptographers to respond to those statements. All crypto is complex, many of us have no idea what's going on behind the scenes. The vast the majority of people just pick up a library shove data at it and believe it works. 21:08:37 manu: I take it as fact that salted hashes are a well known thing and paired with NIST crypto and is simpler than some other crypto, but it lacks some of the properties the other crypto brings. 21:09:03 manu: So, when you SD something, you really have to disclose "these three fields". I know the BBS work has this feature. 21:09:15 agree, that it would, but disagree that it would have a material impact for sd-jwt. 21:09:22 manu: There may be times to selective disclose `@context` ... maybe you need to always do that so the type of context is understood. 21:09:26 manu: Things there to look into. 21:09:37 ack selfissued 21:09:56 kristina: I actually think that would be in scope for VC data model to decide. The scope of SD-JWT is to create a general mechanism an `sd_digest` container and how you communicate salts and plain values, etc. 21:10:08 kristina: So what happens when you apply to the VC data model and so on -- that's all in scope for the VCWG. 21:10:22 I don't think it would have a material impact, Orie, just important to consider. 21:10:26 selfissued: I wanted to reinforced a point from my own experience that Kristina briefly made about stability in spec development. 21:10:48 selfissued: When we were developing the JWT spec, I put together a consensus at the end of 2010 among people that were proposing similar things, Google, Facebook, MS, a few vendors. 21:11:11 selfissued: We came up with some example JWTs and the crypto behind them that we believed would be solid. We managed from 2010 to mid-2015 to keep those examples working. 21:11:30 selfissued: It's not that additional stuff wasn't added, it was, but the SD-JWT work at a similar level of maturity to when we created the JWT examples that we kept live. 21:11:49 selfissued: Yeah, there's still some decisions to be made, but we're very close to having a core the WG could agree to. 21:11:56 q? 21:11:58 selfissued: It took a while after that but mostly for JWS, JWE. 21:12:16 selfissued: The JWT specs and their underpinnings weren't done when OIDC went to final knowing that they could change but in practice they didn't. 21:12:27 selfissued: Not everything is the same, but I do have confidence we can keep things stable through the IETF process. 21:12:30 ack sebastianelfors 21:12:52 q+ to add color on mDL and potentially next steps 21:13:06 sebastianelfors: I just wanted to elaborate on my previous statement. I apologize if it was taken badly. The architecture framework will be released in October -- so they will select crypto that has been approved and only SD-JWT is the option to consider there. 21:13:11 ack kristina 21:13:11 kristina, you wanted to add color on mDL and potentially next steps 21:13:46 kristina: To add a bit of color on the mDL side, the reason SD-JWT exists is because of that. The first idea to solve SD ... was to do CBOR data over the Web but developers are more used to JSON. 21:13:51 And to add "why" are they considering "sd-jwt" for selective disclosure... its because its achievable with popular tooling... a design principle that we should not ignore the significance of. 21:14:00 kristina: In mDL world, SD is an absolute requirement, JWTs obviously do not do SD without SD-JWT. 21:14:10 kristina: Doing JSON-LD and BBS ... BBS did not exist. 21:14:30 kristina: There was no JSON option ... so the SD-JWT work was forced to be accelerated. 21:15:09 kristina: SD-JWT seems like the best bet in the middle term. 21:15:49 kristina: Next steps -- majority of people in the room are working on JSON-LD and advanced crypto and this work is important for certain implementers and use cases. If there's interest in helping ... that would be great because there's just a handful of us so far. 21:16:02 q? 21:16:03 kristina: I feel, honestly, a bit insecure in doing the definitions here and I would like the experts from this group to chime in. 21:16:11 q? 21:16:11 kristina: I'd like to see if there's at least some value in doing this. 21:16:33 Topic: VC Test Suites 21:16:52 manu: I found this hideous slide deck, so I really wanted to use it. 21:17:05 scribe+ 21:17:23 manu: maybe what we should do is review all the ways we've made mistakes in our test suites over the years. let's do that. 21:17:32 JoeAndrieu has joined #vcwg 21:17:58 manu: we're gonna look at what went wrong with 1.0 test suite, 1.1 test suite, go over what we might do for 2.0. we're not going to make any decisions, just survey what's out there and slowly pick something over the next couple of months for next-generation testing. 21:18:54 manu: christine webber is the person who put together our first test suite in lisp. the pre-1.0 test suite was a command line driven python script, christine imported to racket. you needed to install racket and the vm to run the test suite. it was as bad as it sounds. 21:19:13 manu: no one knew how to maintain the test suite because it was in lisp. this is an example of the test. 21:19:54 manu: for the 1.0 rec test suite, we had a structure [diagram]. driver would call the issuer to issue, verifier to verify, then write results to a results file. 21:20:23 manu: this is what we did in the 1.0 rec test suite, but we did rewrite it from lisp into javascript. more contributions, more maintainable, 11 implementations. this was enough to survive the version 1.0 stuff that we did. 21:20:24 q? 21:20:47 ivan: when you say the driver tells the issuer to issue, then driver tells verifier to verify, does this mean one impl? 21:21:11 manu: what would happen is all the implementers would download the test suite themselves, configure their system to run against a very specific issuer, and a very specific verifier 21:21:23 ivan: could two implementations interop their verifiable credentials? 21:21:25 manu: yes 21:22:09 I'm a big fan of "docker + cli" setups. 21:22:23 manu: what did we learn from 1.0? first lesson was don't produce a test suite environment that reduces the amount of people who can contribute. lisp wasn't a good choice, but it worked for long enough. we explored docker, one of the downsides was that everyone had to run the test suites themselves, but a number of implementers didn't know how to put together a docker image. 21:22:25 q+ 21:22:32 manu: therefore we used a command line approach. 21:23:06 ack gkellogg 21:23:06 manu: when implementers completed their tests, they never looked back. it's very doubtful that conformance tests are ongoing, and that the implementation report is likely out of date for years for some of these impls. 21:23:09 +1 to continuous nightly test reports! 21:23:50 gkellogg: we might be conflating two things here, one purpose for the impl report is to be able to show purposes of broad compatibility for transition. for that, it's important to show a result at that point in time. the other purpose is for the community to show the current state of the market regarding these things. but they're two different things 21:23:55 manu: great point, agreed 21:24:01 +1 to gkellogg 21:24:04 +1 21:24:11 manu: what happened in 1.1? 21:24:15 topic: 1.1 21:24:43 manu: we weren't allowed to make normative changes, so the test suite didn't change very much. we therefore got through the 1.1 process unphased, but not much more improvement. 21:24:44 topic: 2.0 21:25:14 manu: what are some requirements that we might want to apply here? test all the must normative statements in specs. 21:25:44 +100 to this. 21:25:57 manu: we ran the positive and negative tests per normative statement. we want to test the data model, but that usually means to testing the serialization. we want to test data integrity, jwt, sd-jwt, etc. 21:27:02 manu: we probably want to keep a loose coupling between impls and the test suite. i'm strongly recommending that we are running tests against implementations on a weekly/nightly basis towards gkellogg's points 21:27:13 q+ 21:27:13 q+ 21:27:40 q+ 21:28:16 ivan: i wasn't around near 1.1 end, but at the end of the day, the MUST normative statements, if you do not give them something--the director either spend days and days to check the MUST statements against the tests, or just to believe us or not. we should list the tests against the MUST statements. 21:28:18 q+ 21:28:31 Link to W3C Process that describes the requirements for implementation experience: https://www.w3.org/2021/Process-20211102/#implementation-experience 21:28:45 q+ 21:28:48 2 options to consider, for the record, (docker + cli) : https://identity.foundation/JWS-Test-Suite/#implementations, (postman + http): https://w3c-ccg.github.io/traceability-interop/reports/interoperability/ 21:28:48 ivan: for the publishing WG, we are practicing this to show that each MUST statement has a pointer to its test, allowing us to check each requirement and go into the source. something like that is very useful. 21:29:00 manu: that sounds very useful 21:29:40 https://respec.org/docs/#data-tests 21:29:43 ack TallTed 21:29:45 ivan: we realized this around a year ago, and we could use a tool where we could take the statements and link to tests 21:29:49 manu: sounds very useful, thanks! 21:30:11 +1 to testing shoulds 21:30:19 TallTed: i hope we can test all SHOULD normative statements, there's a reason why that exists. i disagree with MUST and MAY only. i disagree with forcing SHOULDs into MUSTs. 21:30:28 q+ 21:30:44 ack phila 21:30:44 TallTed: i'd like to see these tests runnable after we're done, specifically after transitions are done. there should be a way to run against a later implementation to get similar results out. 21:31:25 phila: to put in the side, manu, you say the results are assumed to be out of date....does anyone go back and check again and again? the other alternative, is that you can set a cron job to test each implementation. so what are you expecting for long term proof of conformance? 21:31:37 +1 to daily / weekly / monthly recurring tests. 21:31:41 -> An example for what respec can give you (from an EPUB WG document) https://w3c.github.io/epub-specs/epub33/rs/#sec-epub-rs-conf-foreign-res 21:31:43 q+ to talk about difference between what is required for Rec vs conformance testing 21:31:52 huge +1 to recurring scheduled tests 21:31:57 manu: there is at least a subset of companies that want constant testing to show their customers. 21:31:58 phila: thanks 21:32:03 ack DavidC 21:32:30 DavidC: this is a question about optional MUSTs. we have a number of features in the standard, they are optional, you don't have to provide them. but if you do provide them, they MUST conform. so how do people provide this and test? 21:32:43 q+ 21:33:13 q+ to note that some specs add parameters to the manifest to group tests by type or attributes. 21:33:31 manu: great question, we handle this on a case-by-case basis. for all the optional MUSTs, we found ways to test them. this is case-by-case. for example, you can create a VC with an optional MUST feature (such as evidence property), but if you do it perhaps you MUST have a type. so you create this VC and give it to a verifier, and see if there's an error or not. in theory it shouldn't. that's example 21:33:35 DavidC: what about issuers 21:33:53 ack decentralgabe 21:33:54 manu: issuers are more difficult, it's case-by-case. we have to see if it's testable. if it's not testable, we usually take the optional MUST out. 21:34:22 q+ to note that some specs add parameters to the manifest to group tests by type or attributes. Also, to note GH Actions infrastructure 21:34:26 decentralgabe: i'd like to advocate for a requirement for implementers not to run their own infrastructure. i think orie's pattern of docker containers is pretty straightforward, would be a good option to pursue. 21:34:27 A nice way to remove the infra requirement is to use docker + cli, and not use http. 21:34:28 ack YanZhang 21:35:08 YanZhang: do we already have testing procedure in place? we'd like a test suite where we can test out the existing implementations to make sure they're correct. 21:35:10 manu: interactions? 21:36:04 YanZhang: so right now, with all the test suites, you're testing automatically. but is there any technical features to test for protocols? 21:36:10 s/topic: 1.1/topic 1.1/ 21:36:35 manu: no, not authorized to work on protocol. there will be in time. there are things testing protocols outside, such as in CCG, OIDC, etc. 21:36:38 ack selfissued 21:36:40 s/topic: 2.0/topic 2.0/ 21:37:14 selfissued: we talked about this once upon a time in the DID WG, but i'll repeat it here. it's definitely in the case in the IETF and the W3C that plain english statements are normative unless marked non-normative via RFC2119 language. 21:37:41 selfissued: for example, in the JWT spec there were statements without the normative keyword terms, but they were required nonetheless. 21:37:49 q+ to respond to Mike 21:38:15 selfissued: i'm involved with the OIDC certifications, and it's the case that for OpenID, the WGs do have power on purpose to be able to add things to the conformance suite that are not in the spec. that may seem a strange thing to say or do, but here's an example. 21:38:40 q 21:39:16 selfissued: the definition of an ID token says that (in the spec) there must be a key ID if multiple keys are available to sign. the WG ultimately decided that interop would be improved if we just failed the case where a key ID was not included. i'm not saying we should do that or not, but if our goals are interop and not just conformance, we do have tools available to us to improve interop that go beyond what's in the spec. 21:39:37 ack brent 21:39:37 brent, you wanted to talk about difference between what is required for Rec vs conformance testing 21:39:42 selfissued: when do you test SHOULDs? you often improve interoperability by testing SHOULDs. in normal implementations, you usually implement them anyway. 21:40:23 +1 to brent we should differentiate the minimum from what is ideal 21:40:28 +1 21:40:31 brent: i wanted to mention the reason we have a test suite is to show the W3C that we have implementation experience. the purpose is to demonstrate that, whether it shows conformance or just shows that, is additional. the minimum we need to do is to demonstrate implementations using the data model in existence. 21:40:51 ack gkellogg 21:40:51 gkellogg, you wanted to note that some specs add parameters to the manifest to group tests by type or attributes. and to note that some specs add parameters to the manifest to 21:40:53 brent: some of the questions that the director/AC is asking for is if we have shown independent interoperable impls. 21:40:55 ... group tests by type or attributes. Also, to note GH Actions infrastructure 21:41:21 gkellogg: as an implementation technique, i've seen test suites add parameterization to the tests, so you can group tests by features to pass. 21:41:50 +1 to github actions 21:42:08 gkellogg: a number of groups have been using GitHub actions that check on PRs. there are many things you can run on them, including periodicity (cron jobs). additionally, you could provision all the latest up to date implementations. GitHub and solve this. 21:42:18 ack phila 21:42:18 phila, you wanted to respond to Mike 21:42:23 shawnb has joined #vcwg 21:43:08 q+ 21:43:15 phila: yes, you don't have to use RFC2119 to make normative statements, but when i'm writing specs, i do choose those keywords to make it very implicit as a matter of choice. i take slight issue that the purpose is to get through the process. it is, but it's also so that implementers can check their impls and build better software. 21:43:17 q+ 21:43:22 +1 to sharing the test suite 21:43:29 q+ to discuss motability of test suite after REC 21:43:30 phila: yes, it does fulfill, but there are more things to do too. 21:43:33 ack ivan 21:44:15 ivan: the test suite is an excellent way to test your own spec, to ensure that your statements are precise and testable. we have found errors in the process of modeling everything as tests, so it's very important. 21:44:23 scribe+ 21:44:24 ack wayne 21:44:50 I think github actions would be great, so implementers can use it in CI/CD 21:44:51 wayne: One more use case, we use continuous integration on our source code, we run the VC test suite when a branch is pushed, if it doen't pass a test, we don't merge. That would help implementers if we enabled that. 21:44:54 ack gkellogg 21:44:54 gkellogg, you wanted to discuss motability of test suite after REC 21:45:10 q? 21:45:47 s/motability/mutability/ 21:45:49 yi has joined #vcwg 21:45:57 gkellogg: the test suites may show most valuable for other implementations after the spec is done. but what happens after problems are found in the test suites? what are the policies about immutability of test suite after publishing? we should have a policy on what to do with the test suite iterations after the rec is out. 21:46:17 topic 2.0 options 21:46:22 This slide covers a few of the links I shared earlier... each of these suites has pro's and con's. 21:46:30 Great slide Manu. 21:46:33 manu: we could keep test suites as-is, static and from command line. 21:47:03 manu: we could dockerize the command line impls, or we could use an HTTP interface for implementations. this seems to be where most of the test suites have been going. 21:47:13 manu: we could use some other interface 21:47:56 manu: [showing screen for test suite] normative statements on left, tests on right. this is what we have today. 21:48:22 manu: if you go back and go to the JWS test suite [screen sharing], a more macro test suite that tests in a macro sense. 21:48:40 Orie: just a comment as an author. this covers both JsonWebSignature2020 and also VC-JWT because they both build on JOSE 21:49:22 Orie: keep them separate test suites, even if they're on the same docker-based deployment 21:49:53 Orie: what's cool about this test suite is that you can have a rust impl run against a javascript impl, and the CLI generates the different vectors for testing. 21:49:57 q? 21:50:08 javadch has joined #VCWG 21:50:16 -> another example may be https://w3c.github.io/epub-tests/ 21:50:34 manu: net one is the traceability test suite [screen sharing], it's postman based, flow of credentials, breakdown of the tests, etc. it's more of a higher level kind of workflow type testing to do an end-by-end impl testing, but we could probably figure out a way to do some of the testing in this group as well. 21:51:15 Orie: that's right, it covers issuance of revocable + unrevocable credentials. e.g., if you issue things will the verifier accept it? 21:51:30 Orie: folks may not want to stand up an HTTP server to demonstrate the full conformance to the data model. 21:52:19 manu: in the last example is the verifier VC-API test suite [screen share], this one has asked the organizations to set up infrastructure. every vertical is a differnt company. test suite runs on a weekly basis to check conformance. 21:52:21 Credit to Mesur and Mavennet (and Transmute) for the work on the Traceability Test Suite... it also runs nightly. 21:52:51 manu: it's possible to dockerize this. some implementers are totally fine running this infrastructure. there are a variety of options for us to pick from. 21:52:55 ivan: there's another example here 21:53:26 manu: if you're interested in testing, please get in touch with me or send an email out to the mailing list to say you're interested in helping out. 21:54:04 ivan: [screen shared], what's interesting is that this is a description of the tests themselves, tied to a MUST, SHOULD, or MAY test. on the right hand side, there are links. one link is going back to the spec with the statement, the last column links to a test result in a separate file. 21:54:46 ivan: so there's more information here than usually revealed. this is what you usually see [screen share], identifiers, implementations, and green/red accept. but the previous one gathers metadata and manifests it. this kind of information may be useful for our testers. 21:55:01 q? 21:55:08 ivan: it's a little bit different because each test is different, and we'd need to configure this. 21:55:26 manu: that's it for testing, we don't have to make a decision on which approach, we can make those decisions the next couple of meetings across the next few months. 21:55:40 -> https://gs1.github.io/GS1DL-resolver-testsuite/ An alternative approach to test suites, aimed at devs 22:00:42 gkellogg has joined #vcwg 22:09:10 q 22:13:11 phila thanks for the link to the digital link test suite... I love how interactive it is. 22:15:48 Topic: Internationization 22:16:17 phila has joined #vcwg 22:16:23 gkellogg has joined #vcwg 22:16:37 present+ 22:16:58 Topic: Internationalization 22:17:13 present+ 22:17:13 mccown has joined #vcwg 22:17:21 so is there not going to be a discussion about JSON Schema? 22:17:47 krisstina has joined #vcwg 22:17:59 kristina has joined #vcwg 22:18:03 present+ 22:18:06 scribe+ 22:18:21 scribe- 22:18:21 scribe+ 22:18:46 scribe+ orie 22:18:49 shigeya: lets talk about internationalization 22:19:14 ... I want to talk about requirements, not so much how 22:19:41 ... lets talk about language strings among other things 22:19:56 ... there are credentials that need to work cross-boarder 22:20:19 ... for example, foreign students attending universities 22:20:21 s/boarder/border/ 22:20:34 q? 22:20:51 ... typically the certifcates differ regarding education depending on the country of origin 22:21:11 wayne has joined #vcwg 22:21:29 ... currently the japanese government is issuing 2 types of certificates related to vaccination, based on HL7FHIR 22:21:48 ... HL7FHIR is multilingual 22:22:15 ... some fields are translated, other are not, such as name. 22:23:06 ... the japanese government handles name encoding is special fields related to the patient data 22:23:38 ... the first example of the VCDM includes a multilingual example, but there is no explanation for how it is produced. 22:23:45 ... we probably want to remove this example 22:24:10 ... we need normative rules for handling multilingual strings 22:24:32 JoeAndrieu has joined #vcwg 22:24:37 ... do we need to use a language tag? related to BCP47? 22:24:51 ack ivan 22:25:15 ivan: clarifying question, does this account also for left to right and right to left, but also vertical encoding? 22:25:29 ... JSON-LD 1.1 has a directionality encoding that is problematic 22:25:50 22:26:20 wonsuk has joined #vcwg 22:26:26 ack gkellogg 22:26:44 gregkellog: win 1.1 we added 2 mechanisms for encoding text direction not otherwise supported by RDF 22:27:10 ... the one that is most favored in a name space with an encoding scheme, which includes the langauge identifer and the text direction... 22:27:17 q? 22:27:43 s/win 1.1/in JSON-LD 1.1/ 22:27:46 ... its in the JSON-LD REC, the idea would be that it would become a wider RDF standard... if there are requiremetns for top to bottom direction, we would need a modification. 22:28:18 shigeya: in the japanese language, we can manage without the veritical direction, its handled by display programs 22:28:25 ... not sure about other languages 22:29:06 ... how do we handle the construct 22:29:38 ... if we need to present 2 or 3 langauges, for readable text entries... this creates complex and difficult structures 22:29:58 ... which might harm program readers ability to process... different to single language credentials 22:30:15 ... program interpretation of data structures remains a challenge 22:30:26 ... do we want to standardize such mappings? 22:30:52 ... do we have a use case for, supporting a large number of languages? 22:31:03 ... also translating property names would be useful. 22:31:14 ... here are some examples of several constructs we could use 22:31:30 ... left hand side is the current approach. 22:32:09 ... right hand side top, and bottom right ... bottom right might be easier to refer to the inner property names from a programs point of view 22:32:30 q? 22:32:31 ... We should use BCP47 for language tags 22:32:47 ... key mappings depend on construct used 22:33:10 ... maybe we should externalize things 22:33:44 ... we can use exact string mappings to translate between languages, but we have to consider integrity issues 22:34:01 ... this might be useful for handling text in each credential 22:34:07 q+ 22:34:10 ... we have talked about JSON-LD compatibility 22:34:23 ... should we implement a JSON-LD langauge map? 22:34:25 q+ to note preference for external mappings, not using current mechanisms. 22:34:31 having a "multilingualDictionary" property in the VC that points to a minidictionary is interesting 22:34:59 ... next steps, we need to consult internationalization experts 22:35:03 q? 22:35:06 decentra_ has joined #vcwg 22:35:10 ack manu 22:35:10 manu, you wanted to note preference for external mappings, not using current mechanisms. 22:35:13 q? 22:35:13 ack manu 22:35:14 ... and draft PRs to address the mapping and externalization considerations 22:35:19 manu: great summary of the options 22:35:44 ivan: slide 342 i don't think this is JSON-LD 22:36:03 yeah, the existing examples don't work well for "simple JSON" users 22:36:08 manu: these are options available, but not sure this is being used in practice 22:36:10 q+ to question manu's assertion that they're not working out. 22:36:18 ... the externalization use case is the most compeling 22:36:35 ... because thats how other solutions have worked, such as language mapping files in OS 22:36:42 decentr__ has joined #vcwg 22:36:42 ... it aligns with developer use 22:36:51 ... one file can be translated in parallel 22:37:10 ... there are a lot of benfits for handling an external representation, is you can improve over time 22:37:29 ... maybe we want to do hashlinks, but maybe we don't so we can improve internationalization 22:37:32 q? 22:37:48 ... at this point I am feeling pretty -1 on slide 42 and using the existing JSON-LD language features 22:38:04 s/42/342 22:38:05 s/42/342 22:38:10 ... the experts told us to use the language features, but they didn't comment on externalization 22:38:20 +1 for externalization. 22:38:28 ... +1 to adding a comment on externalization 22:38:55 gkellog: in some communities language maps are working well, maybe they are not working well here.... I like external maps idea 22:39:09 q+ to ask translation extension at FHIR 22:39:12 ... I think there are a lot of benefits to externalization 22:39:17 q+ 22:39:22 ack gkellogg 22:39:22 gkellogg, you wanted to question manu's assertion that they're not working out. 22:39:24 ack Jay 22:39:24 Jay, you wanted to ask translation extension at FHIR 22:39:44 Jay: Is translation extension in HL7FHIR the same approach? 22:39:58 manu: i don't know FHIR enough to know 22:40:07 q? 22:40:11 ack TallTed 22:40:25 q+ to talk about getting FHIR expertise 22:40:26 TallTed: I am concerned that externalizing it will limit its untility, and online offline acccess 22:40:39 q+ 22:40:42 ... I don't know that we have really even tried the existing mechanisms 22:40:46 presumably the dictionary could also be embedded 22:40:46 ack phila 22:40:46 phila, you wanted to talk about getting FHIR expertise 22:40:55 ... I don't think the deployment of VCs todate has tested this 22:41:00 ack shigeya 22:41:03 phila: there is an expert name 22:41:10 External mechanisms make me mildly concerned about security risks. 22:41:24 decentralgabe has joined #vcwg 22:41:26 yup, may be harder to do selective disclosure as well 22:41:31 s//Eric Prud'hommeaux (ericP in W3C circles)/ 22:41:38 shigeya: I think its good to externalize but then embed, and we can handle remote access as a seperate issue 22:41:43 q? 22:41:52 q+ 22:41:54 q+ 22:42:08 ack Orie 22:42:53 Orie: I like the idea of externalizing this and there being one binding point between VC data model and externalized language support. I agree with parallelizing language stuff as manu suggested. You send string file out to multiple language experts and get stuff back in parallel. We could provide guidance on caching. 22:42:54 q+ talk about hashlinks for this 22:43:01 q+ to talk about hashlinks for this 22:43:59 from Jay: FHIR 5.0 traslation extension in https://build.fhir.org/languages.html 22:44:06 ack brent 22:44:08 Orie: Also agree about not necessarily wanting to address immutability, it could be useful to make language corrections without breaking signatures. I know that's a bit heresy, but I could see value in having an integrity protected terms w/ translated mappings/versions could be added over time without going through a reissuance process. This is an super important thing for us to address, could be one of the most things we do here. Very supportive of 22:44:09 giving it more effort in v2.0. 22:44:23 brentz: unless we have a way to get the external thing, it changes the threat model 22:44:40 q? 22:44:40 ... if you start addressing the meanings / translations... thats a potential attack. 22:44:43 q+ 22:44:51 ack phila 22:44:51 phila, you wanted to talk about hashlinks for this 22:45:03 ack TallTed 22:45:06 phila: I agree with Brent, and Orie... but this will effect the threat model 22:45:25 q? 22:45:31 TallTed: the other thing about externalization is that they impact interfaces to the user as well, form elements, not form inputs 22:45:32 gkellogg has joined #vcwg 22:45:49 kristina: there seems to be a lot of support for this work 22:45:59 ... we should create issues for this 22:46:11 Topic: JSON Schema and VC Data Model 22:46:13 the resulting language map could also include a reference back to the VC and be signed by the issuer 22:46:13 kristina: last official topic for the agenda 22:46:34 yi has joined #vcwg 22:46:35 selfissued has joined #vcwg 22:46:43 decentragabe: most people here are familar with JSON Schema 22:46:43 present+ 22:46:57 ... it supports field level validation, regexp, etc.. 22:47:07 ... it can help with credential field validation 22:47:19 ... it can help with defining document types 22:47:34 ... as a holder, I want confidence that my credential will be accepted 22:48:06 ... as a verifier, I want to define data shapes that I will accept, and I only trust certain issues to produce those data shape constraints 22:48:11 dezell has joined #vcwg 22:48:19 present+ 22:48:19 ... JSON schema can be cached 22:48:37 ... in the spec today, the example mentioned JSONSchemaValidator2018 22:48:44 ... which does not exist 22:49:02 ... in 2019 at Workday, we built a draft at the CCG to address the credentialSchema property 22:49:09 ... the draft defines metadata about the schema 22:49:30 ... covering authors and versioning, relative URIs and DIDS 22:49:40 ... there are a few companies that used it in a few languages 22:49:49 q+ 22:49:52 ... since then its gained some adoption but there are issues 22:50:07 ... in late 2021, we wanted to improve it, but it got stale 22:50:18 ... we need to make some updates to it 22:50:27 ... we need a way to authenticate schemas somehow. 22:50:38 ... we need to continue to cover the metadata 22:50:56 ... i know at least of 2 imps that use this today 22:51:16 ... folks are independently using JSON Schema, regardless of the CCG draft 22:51:39 ... I asked in the DIF slack who uses JSON Schema, and several companies responded. 22:51:54 ... at DIF, we use JSON Schema in a lot of our specs for object models 22:52:12 ... JSON Schema has a number of IETF drafts and excellent language support 22:52:28 ... this doesn't cover code gen, editors, etc 22:52:46 ... I think it plays well with JSON-LD, and they pair well together. 22:52:56 ... I think we should allow for both 22:53:01 q+ 22:53:12 ... I asked GPT-3 why we should include it in our spec 22:53:13 q+ 22:53:16 q+ 22:53:21 ... and the ai gave some good answers. 22:53:25 ack ivan 22:53:40 q+ to support further definition of this. 22:53:58 kdeangs1 has joined #vcwg 22:54:03 ivan: personally I am a fan of JSON Schema... we did use it in the DID WG, and the JSON Schema agrees and does not conflict with JSON-LD 22:54:22 ... one minor caveat, last i checked, JSON Schema is still a bit of a moving target 22:54:36 ... this makes it hard to target for standardization 22:54:55 ... W3C has had discussions with them, they politely said no, and would like to go their own way 22:55:04 (+1 to ivan...) 22:55:09 ... the impact to us is, if we provide a JSON Schema, it can't be normative 22:55:13 q+ 22:55:21 ... the spec can't normatively rely on JSON Schema or features 22:55:33 ... if they do find a home for it in time, we might be lucky 22:55:42 ... apart from that, I am in favor of what you said 22:55:45 ack dezell 22:56:10 dezell: I am a fan of creating a schema any time you have people creating documents, even with a non normative schema 22:56:33 ... I will reach out and see if we can't find a way to find it a home 22:56:48 ... everyweek i write a ccouple hundred lines of JSON Schema 22:57:01 ... I have handled awkward features of composition 22:57:09 ... consider me available for review 22:57:11 ack SamSmith 22:57:28 SamSmith: +1 to all the reasons to use JSON Schema mentioned 22:57:51 ... we like to use the composition operators, to handle single issuance and presentation with graduated disclosure 22:57:57 q 22:58:13 ack wayne 22:58:28 wayne: I am supportive of this work, I think JSON Schema is a great tool to help define shapes 22:58:34 ... I want to warn that it can be messy 22:58:50 ... type checks, semantic vocab, etc... 22:59:09 ... JSON Schema can start to touch field constraints such as regex 22:59:13 ack manu 22:59:13 manu, you wanted to support further definition of this. 22:59:21 manu: +1 to the work item in general 22:59:46 ... wanted to ask 23:00:00 ... should we define a JSON Schema 2018 type, is that right? 23:00:12 ... are you also saying we should have a schema for the core data model 23:00:29 decentragabe: this is more about securing the credentialSubject, but I am ok to do both 23:00:41 manu: we can do both as long as we know they are different 23:00:49 q? 23:00:56 decentragabe: yep, primary mission regarding the credential subject 23:01:02 ack pchampin 23:01:24 pchampin: +1 as well, I want to point out there is a lot of conversations about this in JSON-LD CG related to YAML-LD 23:01:38 ... some people are really interested in linking a JSON-LD context with a JSON Schema 23:01:49 ... I also wanted to point out that those people use Open API 23:02:00 ... maybe its a solution to the problem Ivan raised 23:02:01 q+ 23:02:19 ... if its more stable maybe we can refer to OAS3.0 instead? 23:02:27 ... thats why its being raised in YAML-LD context 23:02:38 ack Orie 23:04:41 Orie: I've been involved in some of those conversations in JSON-LD CG, conversations about YAML-LD. We use OpenAPI specification files today and have extended YAML/JSON Schema representation to contain just enough properties to contain JSON-LD context from open api specification. Traceability vocab uses those things, work item has been contributed to by several companies. I don't know answer to question on stable versioning and openapi has versioning 23:04:41 and how they treat JSON Schema and I like that section because it gives you a better handle on exact features you can rely on in openapi 3. I've had a wonderful experience with open api and JSON Schema and have experienced the pain of JSON Schema, and language support, but if you look at specific features, that feature might not support the feature across implementations. 23:04:51 q+ 23:04:52 q+ 23:04:55 Orie: When you have an API, you target a specific OpenAPI version. 23:05:00 ack dezell 23:05:10 dezell: great minds think alike 23:05:24 ... every JSON Schema we write, we use OAS to do it... with components 23:05:38 ... we already use OAS, and its a great point. 23:05:42 ack phila 23:05:55 phila: OAS is a standard? 23:06:00 -> https://swagger.io/specification/ 23:06:06 https://swagger.io/specification/ 23:06:16 ivan: the question is can we refer to it? 23:06:35 phila: that thing isn't a formal standard, but it seems used often... can we use it? 23:06:47 ivan: we do refer to schema.org normatively 23:06:52 q? 23:07:18 kristina: great conversation 23:07:24 ... see you on the issues 23:07:33 ... this is the end of the official agenda 23:07:42 Topic: Editorial Work Mode 23:07:42 topic: Editorial Work Mode 23:07:55 brent: we had a request to reiteerate the editorial work mode 23:08:17 ... for issues, we want the editorial team to triage and comment on issues 23:08:27 ... for PR if its substantive, it needs WG review 23:08:38 ... editorial cchanges, only require 1 editor to sign off 23:08:47 q+ to note "FPWDs" and timeline for that. 23:08:47 ... if concerns are raised, you may need to revert. 23:08:51 ... thats it 23:08:58 ack manu 23:08:58 manu, you wanted to note "FPWDs" and timeline for that. 23:09:06 manu: I think we had specified times before 23:09:14 ... 7 day window for review, to avoid backing out PRs 23:09:23 q+ 23:09:33 ... are we ready for FPWD on data integrity? 23:09:41 ... in the next month? 23:09:48 ... do we want to pull another crypto suite spec 23:09:50 q+ 23:10:03 ack Orie 23:10:10 scribe+ 23:10:24 orie: in general in favor of doing FPWD for data integrity 23:10:40 decentralgabe has joined #vcwg 23:10:44 ... the main comment is, to have confidence in the doc that represent WG consensus, 23:10:55 ... not sure there is a wg consensus on another crypto suite 23:11:15 ... want to have more conversation on crypto suite before doing another FPWD on it 23:11:20 q+ to note we might want mandatory reviews on documents 23:11:49 ... not sure WG fully understands the implications of another cryptsuite 23:11:54 q- 23:11:55 ivan: general attitude is FPWD as soon as possible 23:11:56 q+ ivan 23:11:59 ack ivan 23:12:04 ... it does not have to reflect wg consensus 23:12:19 ... i've seen FPWD with just section headings... not that we need to do that. 23:12:24 ... its a stake in the ground 23:12:40 ... unless there is something very shameful in it, no reason not publish 23:12:44 I am a little concerned with a 5th working document.. seeing the progress on other ones 23:12:55 ... it triggers patent disclosure, and gives us stable URLs 23:12:57 ack manu 23:12:57 manu, you wanted to note we might want mandatory reviews on documents 23:13:05 manu: what we could do is mandatory reviews 23:13:18 ... usually you just tell people, to read. 23:13:42 +1 to Ivan, FPWD sooner rather than later 23:13:48 ... I am suggesting an FPWD for data integrity, there has been a lot of ground work for the design goals and characteristics of the spec 23:13:59 ... there are a lot of issues that don't need to be resolved 23:14:18 ... I think we do need to update it to reflect the rough consenus on the data integrity proof stuff 23:14:18 agreed on FPWD for data integrity now, would like more discussion before additional cryptosuite document 23:14:35 ... +1 to what orie said, about publishing a crypto suite along side it 23:14:41 ... if they are both ready, sooner the better' 23:15:52 q+ 23:15:59 q+ 23:15:59 q+ 23:16:17 ack TallTed 23:16:30 ack dezell 23:16:46 RRSAgent, draft minutes 23:16:46 I have made the request to generate https://www.w3.org/2022/09/16-vcwg-minutes.html pchampin 23:17:06 +1 to dezell 23:17:19 s/+1 to dezell// 23:17:54 ack mccown 23:21:18 sorry just got back getting a drink. 23:22:00 kristina: if there is anything that is "ready for PR"... lets try to get to a PR. 23:22:13 ... we got a lot done over the past few days, a huge thanks for everyone 23:22:22 ivan: I will do my best to clean up the minutes 23:22:39 ... it will be hard, because I don't know all names 23:22:48 kristina: thanks to scribes 23:23:02 ... joe, kevin, dave orie 23:23:15 brent: we will be off next week 23:23:27 sry... 23:23:45 brent: we decided not to cancel next week 23:24:03 RRSAgent, draft minutes 23:24:03 I have made the request to generate https://www.w3.org/2022/09/16-vcwg-minutes.html pchampin 23:24:05 kristina: thanks everyone! 23:24:23 RRSAgent, draft minutes 23:24:23 I have made the request to generate https://www.w3.org/2022/09/16-vcwg-minutes.html pchampin