14:33:16 RRSAgent has joined #vcwg 14:33:20 logging to https://www.w3.org/2023/04/05-vcwg-irc 14:33:20 RRSAgent, make logs Public 14:33:21 please title this meeting ("meeting: ..."), ivan 14:33:29 Meeting: Verifiable Credentials Working Group Telco 14:33:29 Date: 2023-04-05 14:33:29 Agenda: https://www.w3.org/events/meetings/3094a419-a55e-4608-aac1-6144804c5201/20230405T110000 14:33:29 chair: brent 14:33:29 ivan has changed the topic to: Meeting Agenda 2023-04-05: https://www.w3.org/events/meetings/3094a419-a55e-4608-aac1-6144804c5201/20230405T110000 14:56:05 KevinDeanGS1 has joined #vcwg 14:56:51 present+ 14:59:39 present+ 14:59:44 scribe+ 15:01:01 present+ brent 15:01:26 present+ kgriffin 15:01:28 kgriffin has joined #vcwg 15:01:38 present+ stenr 15:01:40 TallTed has joined #vcwg 15:01:46 Phil-ASU has joined #vcwg 15:01:46 present+ selfissued 15:01:51 present+ 15:01:53 present+ tallted 15:01:56 present+ 15:02:03 present+ 15:02:07 selfissued has joined #vcwg 15:02:19 Present+ 15:02:19 brentz has joined #vcwg 15:02:28 sebastianelfors has joined #vcwg 15:02:32 present+ 15:02:32 mprorock has joined #vcwg 15:02:47 present+ mprorock 15:02:49 present+ 15:02:57 Kerri_Lemoie has joined #vcwg 15:03:00 present+ 15:03:11 present+ orie 15:03:25 Orie has joined #vcwg 15:03:41 present+ manu 15:03:50 present+ dlongley 15:04:26 brentz: Reviewed agenda, including summary of special topics call of yesterday 15:04:45 present+ awhitehead 15:05:03 present+ elfors 15:05:25 present+ gregory 15:05:30 TOPIC: Scope of work and priorities 15:05:31 brentz: First topic, scope of work and priorities 15:05:47 present+ samsmith 15:05:47 SamSmith has joined #vcwg 15:05:47 present+ 15:05:54 present+ dmitriz 15:06:00 brentz: Now in feature freeze, work items we have agreed to are what we will work on. 15:06:18 brentz: Features are described in issues, which we will be considering in those work items 15:06:51 brentz: We have a lot of work on our plates. Eight or nine normative documents in the queue. 15:07:56 brentz: If there is a work item that is important to you or your company, we will expect you to work on the item via issues and PRs. 15:07:56 present+ pauld 15:08:03 mkhraisha has joined #vcwg 15:08:06 brentz: Starting today to make sure that people are assigned to issues. 15:08:07 present+ 15:08:25 present+ Przemek 15:08:30 oliver has joined #vcwg 15:08:35 present+ 15:08:46 brentz: Most of the editorial team's plates are full. Need everyone we can to be actively engaged. Chairs' primary responsibility is to see the group succeed. 15:08:47 present+ identitywoman 15:09:20 brentz: Data model, two data integrity models, in scope. 15:09:48 przemek has joined #vcwg 15:10:07 brentz: We have identified four normative specifications that will be our primary focus. Four or five additional ones will be worked on provided that they don't compromise the four at the core. 15:10:45 present+ 15:11:04 +1 to the above ^ :) 15:11:06 As a sign of the crowded space we have, here is the list of GH repositories that are, currently, under our "control": https://www.w3.org/groups/wg/vc/tools 15:11:10 q+ 15:11:28 ack stenr 15:11:44 q+ 15:11:49 stenr: Is there an overview page of the priorities? 15:12:01 q+ to note that "working on specs" is not enough to get through CR... and possibly not enough to entering CR. :) 15:12:10 brentz: We have not documented the priorities. Chairs can send out an email outlining the plan. 15:12:46 mprorock: From a priority side, the charter itself states what normative deliverables we expect to provide. Mapping to the exact documents hasn't been done. 15:13:02 ack mprorock 15:13:07 ack manu 15:13:07 manu, you wanted to note that "working on specs" is not enough to get through CR... and possibly not enough to entering CR. :) 15:13:29 manu: +1 to everything brentz said. Editors are in the position now where they have a very full work queue for the rest of the year. 15:13:32 present+ shawnb 15:13:46 manu: People have to step up and do work if they want their feature in the specification. 15:13:58 +1 manu 15:14:06 q+ 15:14:19 manu: Getting the language into the specification isn't enough. If you have normative text, you will have to implement it and coordinate test suites etc. if no one else comes forward. 15:14:42 manu: Work has to be done before candidate recommendation. 15:14:57 ... Group shouldn't spend time on features that are not implemented. 15:15:16 ... "Are you committed to writing the tech spec and the test suites?" 15:15:24 ack ivan 15:16:00 ivan: Emphasize what manu said, it's not one implementation, there must be at least two independent implementations. 15:16:38 brentz: Work is underway on a test suite. For features that you are promoting or implementing, you or someone close to the work have to write the test fixtures. 15:16:53 q+ to do a quick update. 15:16:58 Topic: Work Item status updates/PRs 15:17:02 ack manu 15:17:02 manu, you wanted to do a quick update. 15:17:03 ... Moving on to work item status updates and PRs. 15:17:29 manu: On VC Data Model, there are six PRs that are effectively stuck, that we need to discuss how we get them unstuck. 15:17:45 ... Other PRs look fairly straightforward and simple. 15:18:18 ... Data integrity spec is fine, nothing stuck there, same for EBCSA. 15:18:33 ... Need to do first public working drafts for EBCSA. 15:18:59 s/EBCSA/EdDSA and ECDSA 15:19:10 ... StatusList2021, not a whole not of progress. If folks are looking for work, that would be a good place to start. 15:19:21 (Thanks, dlongley.) 15:19:48 gnatran has joined #vcwg 15:20:23 brentz: SPWD is important so that other W3C groups can review and so that patent declaration has time. 15:20:40 ... Want to enter SPWD as soon as possible. 15:20:41 q+ 15:20:45 ack Orie 15:20:50 https://github.com/w3c/vc-jwt/pull/68 15:21:07 Orie: Open pull request on VC-JWT what we want to merge. 15:21:25 ... Document is still close to the format it was in when it was copied out of the core spec. 15:21:56 ... Talked to Tobias at IETF, still in the process of adopting it. 15:22:04 ... Happy to do that work. 15:22:30 q+ to note documented process. 15:22:39 ack manu 15:22:39 manu, you wanted to note documented process. 15:22:49 yep - on the lookout 15:23:14 manu: Just a note that I have sent a list of steps to Gabe, who is raising PR on transitioning from CPG to VC-JWT. 15:23:21 s/CPG/CCG/ 15:23:29 Topic: Issue Discussion 15:23:36 https://github.com/w3c/vc-data-model/issues?q=is%3Aissue+is%3Aopen+sort%3Aupdated-asc+no%3Aassignee+ 15:23:36 (Thanks.) 15:23:50 present+ smccown 15:23:51 brentz: Set of issues in the order we want to look at them. 15:24:33 ... Being assigned to an issue doesn't mean that you are the only one resolving it or that you will create the PR. You will be responsible for moving it forward, coordinating parties, proposing solutions, moving to resolution. 15:25:33 smccown has joined #vcwg 15:25:37 subtopic: https://github.com/w3c/vc-data-model/issues/709 15:26:02 ... Underspecification of issuer object format and document obtained if issuer id is dereferenced 15:26:28 JoeAndrieu has joined #vcwg 15:26:34 ... If you say that an issuer ID should be dereferenceable and processed, we don't say what that should look like. 15:26:42 ... Anyone wish to be assigned? 15:26:49 q+ 15:26:58 ack Orie 15:27:05 present+ 15:27:27 +1 Orie. 15:27:37 Orie: Added a link to the verification method. May not belong to the data model but rather data integrity. 15:27:48 outside the context of securing integrity, there is no requirement to resolve an issuer id 15:27:59 q+ 15:28:03 +1 to dmitriz' comment 15:28:09 ack ivan 15:28:16 present+ 15:28:29 selfissued has joined #vcwg 15:28:40 ivan: I'm a little bit surprised because the previous iteration of this WG decided in 2019 to consider this as closed. 15:28:40 Present+ 15:28:51 Q+ 15:29:09 ... The issue remained open and is now back in front of the WG. 15:29:15 identitywoman has joined #vcwg 15:29:18 ack selfissued 15:29:41 q+ 15:29:41 +1 15:30:08 -1 no, that's not what issuer was intended to be used for... we're changing the definition of issuer... I expect those issues to be closed if they were raised on the data integrity spec. 15:30:26 q- 15:30:38 selfissued: Agree with Orie. To Ivan's point about whether it is being reopened, developers have told us that the spec as written is not actionable, that you have to have outside knowledge of how to retrieve the keys, which means you are not interoperable. 15:30:45 its not possible to "test" without defining this... but perhaps those tests only apply to the "security suites" where "verification" can actually be tested. 15:30:55 ... Pleased that we're considering this issue. I would consider being assigned this issue. 15:31:16 brentz: Would you accept opening and assigning to yourself? 15:31:23 selfissued: Not this week. 15:31:33 it is possible to test verification w/o "how to dereference issuer" being defined. 15:31:52 subtopic: https://github.com/w3c/vc-data-model/issues/996 15:32:00 Question about verifiable presentations 15:32:04 brentz: Question about verifiable presentations 15:33:04 ... Resulting thing might not be a VC but we want to include it in a Verifiable Presentation. 15:33:17 ... Is there someone willing to be assigned to this issue to work toward greater clarity? 15:33:55 q+ 15:33:59 dmitriz: Willing to be assigned to the issue or to provide an example. 15:34:19 ack stenr 15:34:47 stenr: To add to that, doesn't want to be assigned but is using VPs and may apply to their examples. Will look into it. 15:35:36 dmitriz: May have misunderstood. Reconsidering being assigned to it. 15:35:54 subtopic: https://github.com/w3c/vc-data-model/issues/985 15:35:54 brentz: Will assign both to the issue to discuss and move things forward. 15:36:21 brentz: Enable CBOR Representation(s) of Verifiable Credentials 15:36:29 ... Is there someone willing to be assigned to this issue? 15:36:43 q+ to ask if we can just close it 15:36:47 q+ 15:37:01 q+ selfissued 15:37:14 dlongley: Who would be the closest, based on resolutions made previously? 15:37:24 +1 dave 15:37:34 +1 dave 15:37:37 ack dlongley 15:37:37 dlongley, you wanted to ask if we can just close it 15:37:40 ... Maybe we should close this. 15:37:43 ack ivan 15:37:55 +1 to close 15:38:05 CBOR is a new work item, we are past feature freeze, close it. 15:38:13 ivan: Do we want to add another issue for CBOR representation? 15:38:21 ack selfissued 15:38:39 +1 to close 15:38:49 selfissued: I concur. With where we are and what we need to do, not willing to add another work item. 15:38:55 +1 15:39:02 +1 to close 15:39:25 q+ 15:39:29 +1 to nuke it 15:39:38 ack KevinDeanGS1 15:39:41 ... Supports closing. 15:40:05 KevinDeanGS1: CBOR supported in ACDC, so may be covered there. 15:40:13 brentz: Closed it. 15:40:31 ... Reopened it. 15:40:41 ... Going to continue conversation. 15:40:48 ... ivan will close it. 15:40:52 subtopic: https://github.com/w3c/vc-data-model/issues/1008 15:41:10 q+ to recommend we close it 15:41:17 brentz: Remove 3-party Issuer-Holder-Verifier diagram and replace with 2-party Raw Credential Sender-Receiver Model 15:41:36 ack dlongley 15:41:36 dlongley, you wanted to recommend we close it 15:41:41 q+ selfissued 15:41:41 dlongley: I would also recommend we close this. 15:41:52 ack KevinDeanGS 15:41:58 +1 closing this issue 15:41:59 ack selfissued 15:42:11 DavidC has joined #vcwg 15:42:11 +1 to close this 15:42:14 present+ 15:42:25 selfissued: Once again, I agree that three-party model is integral to what we've created and how it's used. This should closed with prejudice. 15:42:46 brentz: There is no consensus in the group to change the three-party issuer-holder-verifier setup. 15:42:56 ... Therefore we are going to close this., 15:43:45 kristina has joined #vcwg 15:43:47 present+ 15:44:20 brentz: We will include in the weekly communication the list of issues that are marked "pending close". 15:44:31 ... We're not necessarily going to say in a call that we want to close it. 15:44:59 subtopic: https://github.com/w3c/vc-data-model/issues/1017 15:45:04 ... Requesting content type for presentation 15:45:26 subtopic: https://github.com/w3c/vc-data-model/issues/986 15:45:33 manu: Self-assigned and ready for PR. 15:45:53 brentz: Separation of Cryptographic Verification from Business Process (and Semantic) Validation 15:46:08 ... Marked as a conversation. If this is an issue that you want to help resolve, please speak up,. 15:46:24 q+ 15:46:33 ack oliver 15:47:07 +1 to Oliver's suggestion 15:47:09 oliver: Mark as pending close due to no activity on the issue. No action resulted from the discussion., 15:48:00 subtopic: https://github.com/w3c/vc-data-model/issues/991 15:48:18 brentz: Clarify credentialStatus 15:48:36 ... Not sure if this has been resolved because of our adoption of the StatusList work item. 15:48:47 present+ davidc 15:49:37 davidc: I think it's a valid comment. If you take the case of a degree certificate, revoke could happen if the private key is compromised or a student cheated. Need to differentiate between them. 15:50:01 ... There was a problem with the CredentialStatusList. Did raise an issue. 15:50:26 ... It would be nice if anyone involved in CredentialStatusList could say so. 15:50:33 subtopic: https://github.com/w3c/vc-data-model/issues/915 15:50:37 brentz: Assigned davidc. 15:50:51 ... Address controller ambiguity 15:51:01 q+ 15:51:08 ack Orie 15:51:09 ... Is there someone that wants to be assigned to the issue? 15:51:39 Orie: Similar to previous when discussing how to obtain key material, this may belong to data integrity, not data model. 15:51:48 ... Would like for someone else to take this issue. 15:52:25 ... Seen a lot of confusion in VC-JWT over what to do with this property. 15:52:36 Agree that this issue should be transferred to vc-data-integrity and vc-jwt (and ideally, they both give the same advice) :) 15:52:38 brentz: Speak up to be assigned. 15:53:15 q+ 15:53:18 ... Is the step forward to raise issue with vc-data-integrity and vc-jwt and link to this? 15:53:32 ack Orie 15:53:38 q+ 15:53:57 Orie: Cannot address this in the core specification. What you get back from dereferencing will depend on the integrity specification, not the model. 15:54:04 ack Orie 15:54:31 ivan: Just a minor thing, in the core model where this property is defined, should say that it depends on the security format. 15:54:40 ack ivan 15:54:40 ivan than it should stay in core data model, and the guidance should be added to the vocab 15:54:44 who is willing to do that? 15:55:17 brentz: Is there a need to have a Data Integrity version of this issue? 15:55:32 I have observed data integrity implementations doing that binding, regardless of what the spec says 15:55:43 Orie: vc-data-integrity and vc-jwt can define document independently. 15:55:45 and I have observed vc-jwt ignoring that convention as well. 15:56:03 +1 Orie, I agree, there's definitely a normative behavior for DI, wrt controller 15:56:08 brentz: Adding ready for PR label. 15:56:36 ... We are going to continue triaging until all issues assigned. 15:56:57 rrsagent, draft minutes 15:56:58 I have made the request to generate https://www.w3.org/2023/04/05-vcwg-minutes.html ivan 15:57:44 zakim, end meeting 15:57:44 As of this point the attendees have been ivan, KevinDeanGS, brent, kgriffin, stenr, selfissued, Phil-ASU, tallted, brentz, mprorock, Kerri_Lemoie, orie, manu, dlongley, awhitehead, 15:57:47 ... elfors, gregory, samsmith, dmitriz, pauld, mkhraisha, Przemek, oliver, identitywoman, dlehn, shawnb, smccown, JoeAndrieu, DavidC, kristina 15:57:47 RRSAgent, please draft minutes 15:57:49 I have made the request to generate https://www.w3.org/2023/04/05-vcwg-minutes.html Zakim 15:57:55 I am happy to have been of service, ivan; please remember to excuse RRSAgent. Goodbye 15:57:55 Zakim has left #vcwg 15:57:55 rrsagent, bye 15:57:55 I see no action items