18:55:36 RRSAgent has joined #vcwg 18:55:40 logging to https://www.w3.org/2023/06/07-vcwg-irc 18:56:12 zakim, start the meeting 18:56:12 RRSAgent, make logs Public 18:56:13 please title this meeting ("meeting: ..."), brent 18:56:21 meeting: VCWG Weekly Telecon 18:56:27 chair: Brent Zundel 18:56:32 present+ 18:59:23 andres has joined #vcwg 19:00:41 DavidC has joined #vcwg 19:00:45 dmitriz has joined #vcwg 19:01:01 gkellogg has joined #vcwg 19:03:09 cabernet has joined #vcwg 19:03:13 present+ 19:03:14 PhilF has joined #vcwg 19:03:56 present+ 19:04:03 Orie has joined #vcwg 19:04:05 present+ 19:04:06 JoeAndrieu has joined #vcwg 19:04:11 present+ 19:04:19 present+ 19:04:51 gkellogg_ has joined #vcwg 19:04:52 present+ 19:04:57 present+ 19:04:58 present+ 19:05:04 scribe+ 19:06:29 brent: Agenda today: Work item status updates, PRs, Triage issues 19:06:49 ... Categorize items as before or after CR or closed 19:07:23 Topic: Work Item status updates/PRs 19:07:33 https://github.com/w3c/vc-data-model/pulls?q=is%3Apr+is%3Aopen+label%3Adiscuss 19:07:35 present+ 19:08:16 present+ 19:08:18 brent: Question for the group, do we feel that consensus is possible here? 19:08:31 ... on issues 1100 and 1101 19:08:53 q+ 19:09:02 ack dlongley 19:09:20 subtopic: https://github.com/w3c/vc-data-model/pull/1100 19:09:25 dlongley: We are missing key players to discuss today. Probably should not discuss today. 19:09:40 +1 people are not here. 19:10:11 brent: Agreed we are missing key players, moving on 19:10:49 ... beginning the HR process. Preparing documents to engage other groups. 19:11:36 https://github.com/w3c/vc-jwt/pull/103 19:11:43 I don't know why those key players are absent today, but I might suggest including mention of these PRs in the next agenda, so there's advance warning that they will be discussed (and so encouraging those folks to prioritize attendance)? 19:11:52 https://github.com/w3c/vc-jwt/pull/104 19:11:57 Orie: There are 2 new PRs on VC-JWT, 103 and 104 19:12:26 https://github.com/w3c/vc-data-model/pull/1144 19:12:49 ... PRs up in the core data model 1144 19:13:29 q+ 19:13:34 pdl-ASU has joined #vcwg 19:13:36 ack JoeAndrieu 19:14:08 JoeAndrieu: Added a comment to 103. Would it be useful to reuse the pattern for VCs. A base media type plus securing? 19:14:17 q+ 19:14:22 ack dlongley 19:14:25 ... both securing mechanisms will need a payload with a common basis 19:14:25 +1 Joe, I was wondering about that as well 19:14:34 correct, that is what it is doing. 19:14:40 dlongley: agrees it is following the same pattern 19:15:16 gkellogg has joined #vcwg 19:16:01 Orie: talking about confidence method in registry 19:16:01 +1 to adding confidence method to the reserved terms table + v2 context, sounds good. 19:16:40 brent: 9 open PRs, please review and look thru them 19:16:47 q+ 19:16:54 ack TallTed 19:16:54 ... moving on to final topic, issues 19:17:21 TallTed: suggest that we call out specific issues and PRs in agenda ahead of time. 19:17:49 There are also several open PRs here: https://github.com/w3c/vc-status-list-2021/pulls which can be discussed. 19:18:30 Topic: Issue Triage 19:18:34 https://github.com/w3c/vc-data-model/issues?q=is%3Aissue+is%3Aopen+sort%3Aupdated-asc 19:18:53 subtopic: https://github.com/w3c/vc-data-model/issues/1019 19:18:56 brent: Discuss issue 1019 19:19:28 q+ 19:19:30 q+ 19:19:38 q? 19:19:44 gkellogg_ has joined #vcwg 19:19:58 JoeAndrieu: Thinks it would be hard to discuss this without Kristina's input 19:20:02 ack DavidC 19:20:18 q- 19:20:47 +1 to closing the issue, it's being resolved elsewhere. 19:21:09 DavidC: Has this been superseded by Oliver's email requesting this has been moved to a work item with some positive replies on the working group. 19:22:07 brent: talking into mute 19:22:33 +1 to close as well 19:22:39 ... agreement that this needs to be done but not here. So should be pending close as its being done elsewhere 19:22:49 DavidC: I'm happy with it being pending closed 19:22:50 +1 to mark it pending closed 19:22:51 +1 to close 19:22:51 +1 David 19:23:00 brent: Marking issue as pending closed. 19:23:10 subtopic: https://github.com/w3c/vc-data-model/issues/908 19:23:21 Please add a reference to Oliver's proposed work item 19:23:47 brent: Issue raised by Sebastian, current assigned to Kristina. Is this work that should be done before we go into CR? 19:23:48 Suggest this issue be closed, that work is happening in other working groups. 19:24:06 q+ to suggest the directory 19:24:15 ack JoeAndrieu 19:24:15 JoeAndrieu, you wanted to suggest the directory 19:24:42 JoeAndrieu: since the W3C isn't doing this work, we should move this into the directory of related work and mark pending close 19:25:16 brent: Going to mark issue pending close 19:25:39 JoeAndrieu: Someone has to move it, right. Have to capture that task 19:25:42 nobody needs to add it though... people can list their work there... if they want to. 19:26:20 agreed, Orie. Just seemed like the right resolution of the issue. 19:26:32 q+ 19:26:34 subtopic: https://github.com/w3c/vc-data-model/issues/938 19:26:42 ack DavidC 19:26:46 brent: Issue 938 raised by and assigned to DavidC 19:27:36 DavidC: what are people wanting here? 19:27:56 ... what i want is some way to indicate to the recipient that the VCs are actually encrypted and maybe how 19:28:06 encryption is out of scope for this working group. 19:28:09 ... helpful hint 19:28:14 or has been... to date. 19:28:18 q+ to say it seems like a credential design issue 19:28:25 ack JoeAndrieu 19:28:25 JoeAndrieu, you wanted to say it seems like a credential design issue 19:29:04 JoeAndrieu: there are many different ways to do this. That makes it a claim design issue. Either claim by claim or entire VC 19:29:05 Also having the entire VP encrypted 19:29:14 DavidC: This is for the entire VC being encrypted. 19:29:18 In JWTs, you check the header for that information. 19:29:46 ... talking about app to app encryption. We should define one recognized best way to do this. 19:30:20 q+ 19:30:22 q+ 19:30:24 brent: sounds like interest in pursuing this. May require some normative guidance. Mark this as before CR 19:30:31 ack JoeAndrieu 19:30:34 q- 19:31:02 JoeAndrieu: Want to suggest quick fix. What if we add a pattern that has a "encryptedCredential" property and define that in the context. 19:31:03 suggest not doing anything with this... we don't need to add more JSON-LD terms. 19:31:12 ... But that's not a valid VC, nevermind 19:31:18 q+ 19:31:48 ack dlongley 19:31:52 encrypting a presentation is different than encrypting a credential. 19:31:53 DavidC: any VC in your wallet may be encrypted. When you send it to the verifier that it is encrypted and be able to present in the Presentation 19:32:12 +1 to that approach 19:32:19 dlongley: Add a property that indicates an encrypted VC referencing JWE. Expected payload would be JWEs 19:32:33 ... Add a PR to add that property 19:32:35 q+ 19:32:46 brent: Mark as before CR and move on 19:32:53 ... looking at 959 19:33:30 DavidC: asking to talk about 1102 which is now marked pending close 19:33:41 subtopic: https://github.com/w3c/vc-data-model/issues/1102 19:33:57 brent: now talking about 1102. Was discussed and no one liked the idea so it was marked pending close 19:34:05 ack DavidC 19:34:39 DavidC: Each of the extension points only get in if there are implementations but that the definitions could change 19:34:51 q+ to note recorded opposition 19:34:54 ... we already have a class of extension which have impls and have a unique URI 19:35:35 ... if we have the concept of a single extension point and all others have their own URI but be under the single extension point. 19:35:37 We kinda already do have the concept of a single extension point... its called @context, and nobody understands it, and its values are not normative. 19:35:45 ... don't need the outer wrapper. 19:36:23 ... if you have vague extensions that don't fit specific items like "TermsOfUse" you don't know where to put it. 19:36:38 David, we've made this easy for developers by bundling everything into the JSON-LD context. 19:36:42 ... a single pot makes it easier for developers to propose future extensions 19:36:57 ack brent 19:36:57 brent, you wanted to note recorded opposition 19:37:01 You just need to learn how to use JSON-LD to write conformant extensions, which is super easy. 19:37:31 brent: chair hat off, I would be be in favor of this change. It is not less confusing. Implementers have a small set of extension points that are well define is the better option. 19:37:48 s/be be/not be/ 19:37:56 q+ to say that it is useful constrain the meaning of the extension points and use @context for open ended 19:38:08 ... chair hat on, we have recorded that several members have said they would not be in favor of the change. Likely no consensus. 19:38:11 ack JoeAndrieu 19:38:11 JoeAndrieu, you wanted to say that it is useful constrain the meaning of the extension points and use @context for open ended 19:38:16 q+ 19:38:35 JoeAndrieu: +1 to all that, would also be opposed. Open ended extension mechanism exists in @context 19:38:50 q+ to ask about FO 19:38:54 ack DavidC 19:39:00 ... agree with Mike Jones it feels more complicated having them all in one bucket 19:39:27 DavidC: looking for technical reasons and haven't heard any. 19:39:33 ... just that people don't like it. 19:39:34 q+ the technical argument is we already have it 19:39:41 ack JoeAndrieu 19:39:41 q+ to say the technical argument is we already have it 19:39:43 technical reason, we already have an open ended json-ld way to do this, adding another makes our spec even harder for people to understand or use. 19:39:51 +1 joe. 19:39:58 JoeAndrieu: one of the technical arguments is that this mechanism already exists in @context 19:40:17 ack brent 19:40:17 brent, you wanted to ask about FO 19:40:24 the fact that its not obvious that json-ld solves this, is shocking to me, given our entire data model assumes we are experts at JSON-LD. 19:40:26 q- 19:40:54 brent: it is clear, there is no path to consensus. Question to DavidC: do you plan to formally object is we close the issue? 19:40:58 DavidC: No I would not 19:41:11 ... would appreciate more technical arguments. 19:41:59 q+ 19:42:10 ack dlongley 19:42:35 dlongley: If you want some incubation for your idea, create an extension in the @context that is a generic extension 19:42:44 DavidC: Thank you Dave, that is a good idea 19:43:09 subtopic: https://github.com/w3c/vc-data-model/issues/1102 19:43:10 brent: Issue 959 back on the table 19:43:16 subtopic: https://github.com/w3c/vc-data-model/issues/959 19:43:35 ... current assigned to Orie 19:43:41 q+ 19:43:44 ... it is marked ready for PR, Orie what is the status? 19:43:46 ack Orie 19:44:16 Orie: Joe pointed out that we already have this in a section in the spec. Willing to compare current section with this issue. Should be current CR work. 19:44:36 brent: Adding before CR label to issue 19:44:55 subtopic: https://github.com/w3c/vc-data-model/issues/1009 19:44:59 ... moving to issue 1009, assigned to Manu, DavidC and Kristina. 19:45:16 Suggest closing this, the group has essentially resovled there is no difference 19:45:31 ... wonder if this has been overtaken by events. How should we mark before or post CR? 19:45:45 q+ 19:45:47 q+ 19:45:51 ack DavidC 19:46:00 There is not spec legal way to distinguish between credential and verifiable credential. 19:46:33 DavidC: this needs someone to carefully go through current version and ensure use of credential or verifiable credential are proper and submit editorial change. 19:46:37 q+ 19:46:38 ack JoeAndrieu 19:47:10 indeed, the base media type explains that you never know. 19:47:17 JoeAndrieu: Appreciate the clarification. Agrees the language in the spec is confusing. 19:47:18 ack Orie 19:47:43 Orie: +1 to what Joe said. Base media type does not talk about securing mechanism. 19:48:01 brent: suggests to make this as post CR 19:48:08 q+ 19:48:15 ack Orie 19:48:35 Orie: this may effect normative statements. esp the definition of what a proof is. Must be addressed before CR 19:48:42 brent: adding before CR label 19:48:53 subtopic: https://github.com/w3c/vc-data-model/issues/981 19:49:20 ... moving on to 981, assigned to Manu, marked as ready for PR 19:49:29 I tried fixing this, Manu need to fix : / 19:49:42 +1 for Manu to fix 19:50:06 ... will leave it for Manu to fix. Editorial so can add post CR label 19:50:16 ... marking issue as post CR 19:50:29 subtopic: https://github.com/w3c/vc-data-model/issues/991 19:50:44 q+ 19:50:45 ... next issue 991, to discuss label. raised by and assigned to DavidC 19:50:50 ack Orie 19:51:17 kristina has joined #vcwg 19:51:23 Orie: We have a separate work item for credential status. This issue seems overtaken by events with open PRs. Close this PR and go over to that work item 19:51:40 I suggest closing this issue 19:51:49 brent: suggestion is to move this item to status list repo 19:51:50 and instead reviewing the open PRs on that work item 19:52:01 q+ 19:52:11 (you don't) 19:52:11 JoeAndrieu: that is not correct. Does seem to be about a specific status mechanism. 19:52:15 ack DavidC 19:52:37 there are not 2 objects, we spent over month on this. 19:52:46 +1 just one object 19:52:50 DavidC: There are 2 objects, credential and verifiable credential and now talking about the status is "mixed up" as well. 19:52:51 +1 just one object 19:53:09 +1 just one object, but this is the layering problem 19:53:12 q+ to say key revocation is a security layer problem 19:53:19 It seems http range 14 is yet again, disrupting our ability to communicate. 19:53:20 ... one could be valid while the other is invalid and vice versa. 19:53:26 ack dlongley 19:53:26 dlongley, you wanted to say key revocation is a security layer problem 19:53:56 dlongley: key revocation at the crypto layer is different than at the credential layer. 19:54:06 q+ 19:54:11 q+ to note that there is one object 19:54:12 ack JoeAndrieu 19:54:16 ... key revocation and credential revocation are different things. 19:54:23 q- 19:54:43 q+ 19:54:49 JoeAndrieu: We don't have separate items in our work. We have just one digital thing 19:54:53 ack DavidC 19:54:55 joe is correct, and the digital thing, may or may not have any integrity protection. 19:55:28 DavidC: Driver's license is my credential (and I've been driving for a long time). 19:56:02 JoeAndrieu: There are three layers here. Different between having driven, the physical license and a digital thing. 19:56:24 ... we don't have good language differentiating these three things. 19:56:32 DavidC: Yes it is difficult to talk about 19:57:21 zakim, who is here? 19:57:21 Present: brent, cabernet, andres, Orie, dlongley, JoeAndrieu, DavidC, shigeya, PhilF, dmitriz, TallTed 19:57:24 On IRC I see kristina, gkellogg_, JoeAndrieu, Orie, PhilF, dmitriz, DavidC, RRSAgent, Zakim, brent, TallTed, shigeya, rhiaro, cel[h], ounfacdo, bumblefudge1, dlongley, stonematt, 19:57:24 ... dlehn, cel, bigbluehat, hadleybeeman, Dongwoo, stenr, csarven, bumblefudge, MojGraph, cel[m], w3c_modbot, saysaywhat, npd, Github 19:57:30 there can a validity period on a proof (expressed via internal / external proof securing mechanism), a validity period on the VC, and a validity period expressed in a claim about a license that someone possesses ... all different things 19:57:34 all works with 1 VC object. 19:57:45 present+ kristina 19:58:09 zakim, end the meeting 19:58:09 As of this point the attendees have been brent, cabernet, andres, Orie, dlongley, JoeAndrieu, DavidC, shigeya, PhilF, dmitriz, TallTed, kristina 19:58:11 RRSAgent, please draft minutes 19:58:13 I have made the request to generate https://www.w3.org/2023/06/07-vcwg-minutes.html Zakim 19:58:20 I am happy to have been of service, brent; please remember to excuse RRSAgent. Goodbye 19:58:20 Zakim has left #vcwg 19:58:24 rrsagent, bye 19:58:24 I see no action items