15:53:29 RRSAgent has joined #vcwg-special 15:53:33 logging to https://www.w3.org/2023/01/24-vcwg-special-irc 15:53:33 RRSAgent, make logs Public 15:53:34 please title this meeting ("meeting: ..."), ivan 15:53:45 Meeting: Verifiable Credentials Working Group Special Topic Call on StatusList2021 15:53:45 Date: 2023-01-24 15:53:45 chair: kristina 15:53:45 Agenda: https://www.w3.org/mid/c8b8d2408867948fe40778ccc002877c@w3.org 15:53:45 ivan has changed the topic to: Meeting Agenda 2022-01-24: https://www.w3.org/mid/c8b8d2408867948fe40778ccc002877c@w3.org 15:58:13 TallTed has joined #vcwg-special 16:00:58 TallTed has changed the topic to: Meeting Agenda 2023-01-24: https://www.w3.org/mid/c8b8d2408867948fe40778ccc002877c@w3.org 16:01:41 brentz has joined #vcwg-special 16:01:51 present+ 16:01:56 present+ 16:02:28 cabernet has joined #vcwg-special 16:02:32 present+ 16:03:48 Orie has joined #vcwg-special 16:03:51 present+ 16:04:05 JoeAndrieu has joined #vcwg-special 16:04:08 kristina has joined #vcwg-special 16:04:10 present+ 16:04:10 present+ 16:04:13 present+ 16:04:15 scribe+ 16:04:19 Kerri_Lemoie_ has joined #vcwg-special 16:04:31 PDL-ASU has joined #vcwg-special 16:04:35 kristina: Apologies the agenda was late going out. 16:04:37 andres has joined #vcwg-special 16:04:42 +present 16:04:44 ... StatusList2021 is our focus. 16:05:11 ... We are trying to determine if we need to spend time on this in the F2F 16:05:23 ... No pressure. We'll go through the 20 issues and put labels on 16:05:41 gregory has joined #vcwg-special 16:05:44 q? 16:05:45 ... Two goals: where does the document sit and progress, and familiarize people with the work item itself 16:05:47 present+ 16:06:03 ... Ok. Let's dive in. 16:06:10 present+ 16:06:24 zakim, start the meeting 16:06:24 RRSAgent, make logs Public 16:06:25 please title this meeting ("meeting: ..."), brentz 16:06:37 meeting: VCWG Special call 16:06:41 present+ 16:06:42 present+ 16:06:42 present+ 16:06:42 present+ 16:06:42 present+ 16:06:44 scribe+ 16:06:45 present+ 16:06:45 chair: Kristina 16:06:50 kristina: Apologies the agenda was late going out. 16:06:51 present+ 16:06:55 ... StatusList2021 is our focus. 16:06:58 present+ 16:06:59 ... We are trying to determine if we need to spend time on this in the F2F 16:07:04 will has joined #vcwg-special 16:07:05 ... No pressure. We'll go through the 20 issues and put labels on 16:07:13 ... Two goals: where does the document sit and progress, and familiarize people with the work item itself 16:07:21 ... Ok. Let's dive in. 16:07:22 present+ 16:07:32 Topic: issue tiraging 16:07:39 subtopic: https://github.com/w3c/vc-status-list-2021/issues 16:07:51 ... Let's start with the first one 16:07:58 ... Issue 39 16:08:01 subtopic: https://github.com/w3c/vc-status-list-2021/issues/39 16:08:13 q+ 16:08:27 ... There are no comments. Just an example 16:08:40 ... So what do we do if the URL is a bad one? 16:08:47 ack manu 16:08:58 manu: there's a difference between verificationa nd validation 16:09:14 ... verification is checking signatures... validation is different 16:09:30 ... Some verifiers might not care if the credential is suspended or revoked 16:09:40 ... So I think this is about validation not verification 16:09:47 ... We should provide some guidance about this 16:09:55 ... Probably in the StatusList spec, not the VCDM spec 16:10:08 ... If that sounds right, we could mark Ready for PR 16:10:10 q+ 16:10:17 ... But haven't had a chance to discuss yet. 16:10:36 Just a note - verification is defined in the spec as including that "... if present, the status check succeeds" 16:10:38 ack orie 16:10:57 yes, andres, good point... 16:11:04 kristina: so you're saying if a verifier doesn't care, ignore the 404, if they do, it should fail. 16:11:19 orie: it's concerning that a verifier might not care 16:11:23 +1 to something along the lines of what Kristina said ... if the verifier cares about status and can't retrieve the status list credential, it should result in a validation failure 16:11:33 ... the status and id are two URLs that we need to define what they dereference to 16:11:35 ^ yes, +1 to that. 16:11:37 ... and what happens if they fail 16:11:40 q+ 16:11:42 q? 16:11:42 (to what dlongley said) 16:11:46 scribe+ 16:12:31 JoeAndrieu: This may have been a scribe error, but what I heard in your summary Kristina, was about Verification, but what Manu noted was it's about "Validation". Orie is saying it should be a part of Verification, but Manu is saying, because it is a part of business rules, it's a part of Validation. 16:12:34 dwaite has joined #vcwg-special 16:12:38 present+ 16:13:07 q+ 16:13:07 kristina: I think we agree this isn't about validation. It's about business rules? 16:13:21 "validity of the credential" is "business logic" (as opposed to verification) ... at least that's how we've talked about it in this group in the past. 16:13:33 ack JoeAndrieu 16:13:40 ack manu 16:13:48 manu: I'm nitpicking on some of the language 16:14:03 ... it's not about business rules, it's about validation. But validation *is* about business rules. 16:14:18 ... Some of us are saying this is validation, which is where additional rules kick in. 16:14:32 +1 validation is about business rules, which may care about verification results *including* failures 16:14:37 q+ 16:14:42 ... Andres pointed out something interesting. If present, the status check needs to succeed, and it's not clear what that means 16:14:54 ... Need to clarify validation is about running a set of business rules 16:15:06 ack Kerri_Lemoie_ 16:15:09 q+ 16:15:09 ... And if the use case needs to vary based on status, that happens in validation 16:15:18 q+ 16:15:29 Kerri_Lemoie_: are we sure its validation? 16:15:42 ... I thought verification is from what's in the space and validation is business rules 16:15:54 It's a good question, Kerri. 16:15:57 ... So, fit for role is a business rule, but the status is verification 16:16:00 our definition from the spec today: https://www.w3.org/TR/vc-data-model/#dfn-verify (not that it couldn't change) 16:16:04 q+ 16:16:05 kristina: I think both are happening. 16:16:27 ... making sure there is a valid URL and checking it is "verification" and making a decision based on that is "validation" 16:16:29 ack kristina 16:16:31 ack Orie 16:16:44 orie: This issue is filed specifically for verification. We filed it. 16:16:59 ... If verifying is inconsistent, that leads to problems. 16:17:04 q+ to note what the spec says today. 16:17:11 ... Which will lead to different behaviors by different verifiers 16:17:17 q+ 16:17:27 ... If folks want to layer validation in front, that's fine. But this is a security issue about verification 16:17:28 Reference we've been using for verification & validation: https://github.com/w3c-ccg/vc-api/blob/main/verification.md 16:17:37 ... about verifying a credential that is revocable 16:17:39 ack dwaite 16:17:56 dwaite: Like a lot of things this is a condition of use that the issuer is setting 16:18:22 q+ 16:18:22 ... I think this should be in the main spec the same way that a verifier that accepts expired credentials... it may be a business decision but it still matters 16:18:24 ack manu 16:18:24 manu, you wanted to note what the spec says today. 16:18:52 The spec currently states: https://www.w3.org/TR/vc-data-model/#status-0 16:19:05 manu: The current spec states... link. Status checking is a part of validation. 16:19:18 ... However, I agree that it is important that everyone does it the same way. 16:19:19 q? 16:19:28 ... Where to put the language is a fair question 16:19:46 ... We might be able to waive our hands around what "must succeed" means 16:20:04 q+ 16:20:09 ... But I'm not sure how to do it, because if we have it in two places, we start to have validation creep into the VCDM 16:20:22 q+ 16:20:28 ... Hard decision either way. Status checking is part of validation. We don't say anyting about it in current VCDM 16:20:39 ... Not sure what language would solve the problem 16:20:40 ack brentz 16:20:52 zakim, close the queue 16:20:52 ok, kristina, the speaker queue is closed 16:20:56 brentz: I think there's a clear separation between validation and verification 16:21:18 +1 Brent, its not possible to "verify" a revocable credential, unless this is defined properly. 16:21:19 ... You can't verify unless you can get the response from status list endpoint 16:21:25 +1 brent, that feels workable. 16:21:26 Would any spec outside of VC but used as part of VC be considered validation instead of verification? 16:21:28 ... So we can say the status property must provide information. 16:21:28 +1 to brent 16:21:45 ... Whether the verifier does anything with that information, is a validation choice 16:21:47 ack gregory 16:21:51 +1 to that 16:21:59 q- 16:22:02 gregory: We have to cover some of the basic security and processing. 16:22:20 ... but if we get different credential rules about what is usable here or there, that models the real world 16:22:33 ack Orie 16:22:49 orie: I'm confused by the comments about validation v verification 16:23:03 ... can I get clarity about whether or not the expiry date impacts verification 16:23:12 q+ 16:23:20 ... Whatever we say about validity date. That same sentence should be applied to this format 16:23:22 q+ 16:23:22 zakim, open the queue 16:23:23 ok, kristina, the speaker queue is open 16:23:32 q+ brent 16:23:32 q+ 16:23:33 ... It's the intention of the issuer to communicate something essentially the same 16:23:49 both verification and validation are clearly defined in the vc-data-model spec 16:23:59 kristina: it looks like we need a new issue to talk about verification and validation 16:24:07 ack brentz 16:24:08 q? 16:24:14 ack brent 16:24:16 brentz: I think the division is the same in both cases. 16:24:30 ... If there is a validFrom date, if that's there it needs to be a valid date 16:24:35 ... The verifier should check that 16:24:45 ... but if the verifier cares about that date is validation 16:24:47 ack manu 16:24:49 So "issuanceDate" and "credentialStatus" are equally the responsibility of the verifiers "validation process" ? 16:25:04 manu: what Brent said. That's a philosophy we can apply to all of these. 16:25:12 ... namely that it has to be syntactically valid 16:25:32 ... So the ID has to be a URL and we could add has to be dereferenceable and must get data back from it 16:25:44 I think it "has to dereference to an object of the type noted by the list"... or it does not work. 16:25:49 ... Then, once you get into processing, that will be highly dependent on the type of Status List it is 16:26:06 also the thing that is "dereferenced" needs to be verified.... 16:26:11 ... Do we want to say something about the status check has to pass? 16:26:19 ... We do already say that in a validation section and status section 16:26:24 +1 Manu, we do need to describe what the verifier does with the object that is dereferenced. 16:26:34 or verifiers will handle it differently. 16:26:36 ... If the property is available, it is expected to be evaluated by the verifier 16:26:45 it has to be possible for the verifier to do the evaluation 16:26:51 q 16:26:52 q? 16:26:53 +1 to Manu's suggestion. 16:26:55 q+ 16:27:03 I will try to write something that makes sense, then :P 16:27:05 q- 16:27:11 kristina: looks like it is ready for PR for the beginning language. We can play with it once the PR is filed 16:27:14 I think I have enough to go on. 16:27:48 ... Going to the next issue, 38 16:27:56 subtopic: https://github.com/w3c/vc-status-list-2021/issues/38 16:28:07 ... Should we discuss this or move on? 16:28:14 orie: I can provide some verbal update 16:28:25 ... This also applies to the behavior of the object that is dereferenced 16:28:40 q+ to note about TTL in HTTP Headers vs. in the actual object itself -- argue for actual object itself. 16:28:41 ... Imagine you get that list, how long should you hold on to it before you refresh? 16:28:53 ack manu 16:28:53 manu, you wanted to note about TTL in HTTP Headers vs. in the actual object itself -- argue for actual object itself. 16:29:13 manu: time to live can be expressed in many ways, in HTTP headers or the object itself 16:29:20 ... I think we should put it in the object itself 16:29:35 ... The statuslist is signed by the issuer, so the holder can deliver that list to the verifier 16:29:48 ... as a more privacy preserving way to do it, especially for offline scenarios 16:30:12 +1 to Manu 16:30:14 ... So there's an argument for putting in the object itself so its clear no matter the delivery mechanism 16:30:18 +1 to just use validUntil and validFrom 16:30:25 q? 16:30:29 q+ 16:30:52 ack dlongley 16:30:53 ... We could do both, but that seems like a bad idea.The real time-to-live should be in the object, which might be echoed in the header 16:31:09 dlongley: since the status list itself is a VC itself, we should recommend we just use those 16:31:09 +1 to reuse validFrom / validUntil 16:31:22 +1 to reusing 16:31:23 kristina: looks like we need more discussion? Or is it straightforward. 16:31:38 manu: could be ready for PR, if all we are doing is using validFrom/validUntil 16:31:45 ... So ready for PR, I imagine 16:31:54 kristina: ok, I don't see any objections to that 16:31:59 subtopic: https://github.com/w3c/vc-status-list-2021/issues/37 16:32:07 ... Next issue #37 16:32:11 q+ 16:32:20 ack Orie 16:32:36 orie: in earlier versions, it was only possible to have one status. just true/false 16:32:53 ... it's now possible to have multiple statuses, e.g., a DL that is revoked, suspended, or both 16:32:53 q+ to ask if we'll know the full list of statuses? Or just document to those we know of. 16:33:06 ... So what is the order that the verifier should process statuses? 16:33:16 ... I'll update the issue to clarify that 16:33:18 ack manu 16:33:18 manu, you wanted to ask if we'll know the full list of statuses? Or just document to those we know of. 16:33:38 manu: The order of priority is revocation trumps suspension 16:33:53 ... The spec todays just defines suspension and revocation, but the field is designed to be openworld 16:34:00 ... people can put whatever status they want 16:34:00 why is it legal to be both revoked and suspended at the same time? 16:34:13 ... because of that, I don't think we'll be able to have an order of priority for everyting 16:34:19 ... just for the things we define. 16:34:21 q+ 16:34:40 ... If someone creates a new type, its up to them to define how it fits with the existing status terms 16:34:45 ... I think its a bit of a corner case 16:34:56 ... I don't expect people to create all kinds of crazy forms of status 16:35:06 ... We should speak to revocation over suspension. 16:35:08 i don't think verification software needs to know this and could just report the status of all things ... leaving it to validation (business rules) to determine what to do from there 16:35:23 ... The other spec authors can explain how their new types fit it 16:35:33 q+ 16:35:48 kristina: why would a credential be both revoked and suspended? 16:36:12 ... We could say its undefined or if there are multiple states at the same time that's invalid 16:36:17 q? 16:36:20 ack kristina 16:36:23 ack Orie 16:36:24 orie: I want to echo part of what manu said 16:36:29 shawnb has joined #vcwg-special 16:36:30 could we make clear that there are possible invalid states? 16:36:32 present+ 16:36:33 ... This is defined for open world application 16:36:52 ... While we defined those. Others might add a bunch of additional flags/terms 16:37:16 ... I think the issuer should be able to specify the intention and verifiers should be able to execute that order in a computationally efficient way 16:37:26 ... Revocation and Suspension are just two of many 16:37:34 q? 16:37:39 ... We should not overfit to these two 16:37:54 q+ to answer Kristina's question. 16:38:00 kristina: We could say, the software returns the data and its up to the issuer to indicate the order. 16:38:13 q? 16:38:14 ...is that good? 16:38:15 ack manu 16:38:15 manu, you wanted to answer Kristina's question. 16:38:28 manu: why would a credential have two statuses? 16:39:02 ... Remember these things are issued, they are neither suspended or revoked. In the future, you might need to check both. 16:39:07 q? 16:39:46 ... Orie raised a question. Yes this is open world, we can only specify what these two mean and their priority. He also said other things to be done and its up to the issuer to define order of importance. 16:39:54 ... we could do that by the ordering in the array. 16:40:07 ... The problem is that is currently an unordered set in the VCDM 16:40:14 ... So do we add a priority field? 16:40:27 ... Or is it just up to the verifier to figure it out 16:40:46 ... So we report both pieces of data, and its up to the verifier to decide how to process 16:40:47 q+ 16:41:02 ... Were you intending there to be an explicit order set by the issuer? 16:41:06 ack Orie 16:41:16 orie: I would like for the issuer to be aware of what they are doing 16:41:34 ... If they are assigning over a set, then they need to understand order doesn't matter 16:41:47 ... I'm not sure which model we need, but the issuer needs to be clear about it 16:42:00 ... The point about the set is really important. 16:42:17 q+ to suggest "order is unimportant", 'cause people will get it wrong, and it's up to verifier to set the order of importance (first based on spec, then their own rules). 16:42:22 ... We have to be clear about our design decisions or they will just treat it as JSON, where order matters. 16:42:29 ... So we need to be clear 16:42:43 issuer might need to publish info about their statuses (ontology? priority? other?) that verifier can check along with the statuslist 16:42:44 kristina: I added the discuss label to the issue 16:42:47 ack manu 16:42:47 manu, you wanted to suggest "order is unimportant", 'cause people will get it wrong, and it's up to verifier to set the order of importance (first based on spec, then their own 16:42:48 ... rules). 16:42:50 manu: We're almost to PR, I think 16:42:50 If order is unimportant, we should say so :) 16:42:58 q+ 16:43:01 ... I'm going to suggest the order is unimportant 16:43:11 ... because implementers are going to likely get that wrong 16:43:18 q- 16:43:23 ... and its up to the verifier to set the order of importance 16:43:34 ... but the spec will clearly say that revocation is more important 16:43:45 ... then verifiers can add their own rules after 16:44:00 now we're defining business rules? 16:44:01 ... so revocation first, then suspension, then any additional rules 16:44:25 ... We are defining the validation rules Orie says is imporant 16:44:44 tallted: I get that some people is desiring that. I don't think we should be dictating it in this way. 16:45:04 ... I'm ok with someone saying revoked trumps everything 16:45:14 ... but there are use cases where that isn't true 16:45:46 hrm, them perhaps: "status is reported back and the verifier makes the decision on order of importance, with suggestion that revocation is more important than suspension." 16:45:48 s/someone saying revoked/someone deciding revoked in their ecosystem/ 16:45:49 kristina: I sense more confusion than clarity. I don't think we are ready for PR 16:46:03 subtopic: https://github.com/w3c/vc-status-list-2021/issues/36 16:46:07 ... ten minutes left. one more issue #36 16:46:15 q+ 16:46:21 ack manu 16:46:25 manu: yes, we should do this 16:46:29 brent has joined #vcwg-special 16:46:40 ... we already have examples of implementers interpreting this differently. Ready for PR 16:46:43 q? 16:46:47 kristina: any objections? 16:47:03 ...[none were heard] 16:47:08 I would call them processing rules. Once processed, the Verifier can still determine whether the information applies to its internal validation rules. 16:47:09 Brian has joined #vcwg-special 16:47:19 subtopic: https://github.com/w3c/vc-status-list-2021/issues/23 16:47:25 ... issue 23 16:47:51 ... It's a tricky, legal oriented discussion. Last comment said ready for PR 16:47:54 ... Is it? 16:47:58 q? 16:48:14 q+ 16:48:14 ... Shawn? 16:48:20 ack shawnb 16:48:31 shawnb: This is something I raised early on. 16:48:45 ... I have a set of privacy legal experts I can task to help make a PR 16:48:49 q+ to note "ready for PR" 16:48:53 ... Happy to take this on 16:48:54 ack manu 16:48:54 manu, you wanted to note "ready for PR" 16:49:14 manu: I think this is ready for PR, Shawn if you can move this forward with legal experts, that would help 16:49:20 Sounds good 16:49:33 kristina: thanks shawn. added Ready for PR 16:49:40 subtopic: https://github.com/w3c/vc-status-list-2021/issues/12 16:49:43 ... issue 12 16:50:00 q+ 16:50:02 q+ 16:50:05 ack manu 16:50:06 ... Adding reason field. Which sounds useful. 16:50:16 manu: I agree it would be useful 16:50:22 ... but I'm concerned about size 16:50:40 ... The whole point is of Status List is to scale well 16:50:49 ... Also, it leaks privacy 16:50:53 q+ 16:51:00 ... And is the reason just an open text? 16:51:21 ... The issuer should keep track of why, and they should be able to explain why to the appropriate parties 16:51:34 ... That's between the individual and the issuer, not information that is publicized 16:51:40 ... Presently, I'd be -1 to this 16:51:46 ... Because the use case isn't clear 16:51:56 ... and we don't have enought experience to say what all the codes would be 16:51:59 ack dlongley 16:52:21 dlongley: Agree with manu. This seems like something that is very hard to do while preserving the privacy of the holder. 16:52:32 ack gregory 16:52:35 ... solving this in a general way that won't be abused is fraught 16:52:52 gregory: echoing Manu. At least in Canada, you could run into real problems with privacy law. 16:53:11 ... it may not be your concern that its suspended for repeat DUI verses something less serious 16:53:14 q? 16:53:44 kristina: let's document that there's no consensus on adopting this feature and we can revisit later 16:53:56 ... with two minutes left 16:54:20 subtopic: https://github.com/w3c/vc-status-list-2021/issues/8 16:54:30 q+ 16:54:35 ... Issue 8 16:54:39 ack manu 16:54:42 ... Looks like debates about issue. 16:54:43 this is a duplicate 16:54:48 manu: This looks like a dupe 16:54:55 kristina: Ok, we'll close it as a dup 16:55:06 ... Thanks everyone. That was a productive discussion 16:55:19 ... Looking forward to reviewing PRs in main call 16:55:32 ... See you all tomorrow at the same time 16:55:40 dmitriz has joined #vcwg-special 16:56:42 rrsagent, draft minutes 16:56:43 I have made the request to generate https://www.w3.org/2023/01/24-vcwg-special-minutes.html kristina 16:56:59 zakim, end meeting 16:56:59 As of this point the attendees have been brentz, dlongley, cabernet, TallTed, Orie, kristina, JoeAndrieu, present, Kerri_Lemoie_, gregory, manu, PDL-ASU, dwaite, shawnb 16:57:02 RRSAgent, please draft minutes 16:57:03 I have made the request to generate https://www.w3.org/2023/01/24-vcwg-special-minutes.html Zakim 16:57:09 I am happy to have been of service, kristina; please remember to excuse RRSAgent. Goodbye 16:57:09 rrsagent, bye 16:57:09 I see no action items 16:57:09 Zakim has left #vcwg-special