14:44:38 RRSAgent has joined #vcwg 14:44:43 logging to https://www.w3.org/2023/06/28-vcwg-irc 14:44:43 RRSAgent, make logs Public 14:44:44 please title this meeting ("meeting: ..."), ivan 14:44:55 Meeting: Verifiable Credentials Working Group Telco 14:44:55 Date: 2023-06-28 14:44:55 Agenda: https://www.w3.org/events/meetings/ae05a21b-c065-4e69-8d5e-352a0d391513/20230628T110000/ 14:44:55 chair: kristina 14:44:55 ivan has changed the topic to: Meeting Agenda 2023-06-28: https://www.w3.org/events/meetings/ae05a21b-c065-4e69-8d5e-352a0d391513/20230628T110000/ 14:53:13 gkellogg has joined #vcwg 14:55:10 gkellogg_ has joined #vcwg 14:57:42 andres has joined #vcwg 14:59:44 hsano has joined #vcwg 15:00:16 present+ 15:00:25 sebastianelfors has joined #vcwg 15:00:37 Paul_D_GS1 has joined #vcwg 15:00:50 pl-asu has joined #vcwg 15:00:56 present+ 15:00:58 brent has joined #vcwg 15:01:16 apologies, I am having minor technical difficulties, but should be able to join soon 15:01:33 present+ 15:01:36 mprorock has joined #vcwg 15:01:38 present+ 15:02:06 present+ 15:02:17 present+ 15:02:19 cabernet has joined #vcwg 15:02:22 present+ 15:02:38 present+ andres, selfissued, tallted, oliver 15:03:03 TallTed has joined #vcwg 15:03:12 present+ manu, brent, orie 15:03:20 present+ dlongley 15:04:42 chair: brent 15:04:44 scribe+ 15:04:57 GregB has joined #vcwg 15:05:06 present+ 15:05:17 present+ 15:05:20 Will has joined #vcwg 15:05:23 present+ 15:05:33 kgriffin has joined #vcwg 15:05:38 Brent: agenda today is straightforward - intros, work item status update, and shout out to PRs to pay attention to, bulk of meeting on issues. 15:05:43 present+ 15:05:48 present+ 15:05:50 q+ 15:05:53 Brent: additions to the agenda or changes 15:06:03 ack TallTed 15:06:05 dmitriz has joined #vcwg 15:06:14 Orie has joined #vcwg 15:06:20 JoeAndrieu has joined #vcwg 15:06:30 present+ jandrieu 15:06:30 TallTed: if you need his input sooner is better than later because he's connecting from his phone today. 15:06:45 present+ kevin 15:06:59 present+ dmitri 15:07:21 present+ 15:07:22 oliver has joined #vcwg 15:07:23 present+ 15:07:54 Brent: meeting minutes in IRC. Use it ask to speak, etc. 15:08:16 present+ nistor 15:08:21 decentralgabe has joined #vcwg 15:08:24 present+ 15:08:40 present+ PaulD 15:08:41 Brent: go to CR v2 at end of Sept. Only 10 wks before TPAC. Have only 10 meetings to wrap everything up for the data model, and as much as possible for other work items. 15:09:14 Manu: notes there are 18 meetings if we skip July 5th. 15:09:27 FULL ON PANICING IS OK RIGHT NOW! :P 15:09:38 q+ 15:09:40 Brent: sharing anxiety and recommends we move expeditiously ;) 15:09:42 topic: Work Item status updates/PRs 15:09:48 ack manu 15:09:51 Brent: manu recognized 15:11:22 Vocabulary URLs for terms might change. 15:11:47 Manu: for VCDM, have discussed through 149, base context getting normative. Orie requesting we might change markers during candidate recommenations. Not controversial. Placeholders URLs must get replaced. 15:12:17 https://github.com/w3c/vc-data-model/pull/1159 15:12:21 Orie: GitHub URLs need to be changed, and term defs with issue markers for vocab PR may need changing. 15:12:35 present+ GregB 15:13:03 Manu: other PRs are largely fine but there are a lot of them. Need review within the next 5 days. 15:13:19 Manu: other PRs that aren't worth mentioning - but do look at them. 15:13:20 +1 manu, people should review PRs 15:13:41 Brent: shout outs for VC-JWT etc. ? 15:13:58 q+ 15:14:08 ack manu 15:14:12 Brent: haven't heard back from horizontal review groups yet but if any editors want to give attention to a PR or two? 15:14:39 +1 15:15:03 +1 to defining what a processor will do if normative hashes do not match 15:15:09 Manu: Jeffrey Askin wanted an issue marker added to #1158 wanted an error message if something doesn't match but Manu nees the text for that, once done #1158 will be merged. 15:15:18 s/Askin/Yasskin/ 15:15:18 Topic: Issue Discussion 15:15:19 Brent: any other PR issues? 15:15:35 Brent: Next topic issue discussions 15:16:01 DavidC has joined #vcwg 15:16:36 Brent: are things that need work now, things than can be done post-CR, or closed? 15:16:36 present+ 15:16:36 https://github.com/w3c/vc-data-model/issues?q=is%3Aissue+is%3Aopen+-label%3Abefore-CR+-label%3A%22pending+close%22+sort%3Aupdated-asc 15:16:36 Brent: gives URL of issues to be convered today. 15:16:49 q+ 15:16:55 subtopic: https://github.com/w3c/vc-data-model/issues/1048 15:17:00 Brent: starting with issue #1048 15:17:16 Manu: Pre-CR ready for PR, on his plate and he'll do it. 15:17:24 subtopic: https://github.com/w3c/vc-data-model/issues/1117 15:17:26 Brent: #1117 next 15:17:39 selfissued has joined #vcwg 15:17:45 q+ 15:17:48 q- 15:17:52 ack ivan 15:17:52 Brent: was a glitch with vocab term defs not showing up. Clicking on the link still seems to have the problem 15:17:56 present+ 15:18:09 I find the tooling for vocabulary, very hard to contribute too, fwiw. 15:18:22 I wish I could be more helpful for this kind of thing 15:18:34 q+ 15:18:36 Ivan: seems to be a strange 'feature' in GitHub. It's a generated page. Terms are all in the page in GitHub but Manu might have something to comment. Tooling problem? 15:18:44 q- 15:19:12 Manu: Pre-CR and needs to be fixed. Assigned to Ivan and Manu 15:19:23 Brent: makes the assignement to Ivan and Manu. 15:19:28 subtopic: https://github.com/w3c/vc-data-model/issues/1010 15:19:40 gkellogg has joined #vcwg 15:20:27 Brent: #1010 terms of use insufficiently specified. This may be overtaken by events. Currently at re: ToU is the group decided if there aren't two independent implementations they get moved to the extentsions list (reserved terms table) 15:20:54 Brent: already marked at risk. Will be closed in the event that these sections are removed. Is that correct? 15:21:09 you're more or less right as far as I can tell :) 15:21:24 present+ vavala 15:21:31 Brent: marked before CR but not much work until we have to decide. If there is an implementation, great! 15:21:36 subtopic: https://github.com/w3c/vc-data-model/issues/1123 15:22:11 Brent: #1123 - A PR open that Brent raised, adds Brent as asignee, and marked before CR 15:22:28 subtopic: https://github.com/w3c/vc-data-model/issues/1125 15:22:53 Brent: #1125 next - Status identical to the last. Part of the same PR #1123 and Brent assigned to it. 15:23:04 subtopic: https://github.com/w3c/vc-data-model/issues/1040 15:23:08 q+ 15:23:22 ack manu 15:23:35 Brent: #1040 next - Guidance on applications on application/ld+json 15:23:48 Manu: will do this one, dup of another 15:23:49 subtopic: https://github.com/w3c/vc-data-model/issues/1089 15:24:10 q+ 15:24:16 ack Orie 15:24:25 Brent:#1089 - why does context define a DataIntegrityProof RDF class? 15:24:38 https://github.com/w3c/vc-data-model/pull/1149 15:24:59 Orie: can't be closed because we need to define additional terms in VC context. Another open PR#1149, similar set of issues. What are we making normative with hashed approach is similar. 15:25:16 Brent: Before CR label most appropriate and so labelled. 15:25:18 TallTed has joined #vcwg 15:25:32 Brent: Mike Prorock assigned to it 15:25:36 subtopic: https://github.com/w3c/vc-data-model/issues/881 15:25:46 Brent: #881 raised and assigned to Orie 15:26:06 gkellogg_ has joined #vcwg 15:26:15 Orie: Similar comment to normative context. Impact is on the shape of the graphs. Related to what happens if the hash doesn't match? 15:26:41 Orie: This property impacts how the resolution of the graph works. Resolving normative context PR should solve this. 15:27:06 gkellogg_ has joined #vcwg 15:27:12 q+ 15:27:54 Orie: This #881 - comes from certain JSON-LD key words which are normative. Different n-quads produced when normalized depending on what key words are in the context file. These will produce different n-quads and force failure of signatures. 15:27:57 ack ivan 15:28:16 Ivan: don't understand the clarification. 15:28:31 q+ to say it was not normative before 15:29:01 Ivan: Only problem seen is if you want nice graphs you can't do it because Neo46 is prepared for it.Proof has always been somethign that produces a graph. 15:29:03 teh neo4j stuff is just to visualize the problem, its not the problem 15:29:08 ack Orie 15:29:09 Orie, you wanted to say it was not normative before 15:29:13 It's not clear what problem you're highlighting, Orie. 15:29:39 q+ 15:29:59 Orie: Neo4j is not the problem - the problem is the context being normative. If you process data with different contexts which you could do before but normative changes will prevent this. 15:30:22 gkellogg has joined #vcwg 15:30:37 Ivan: still don't understand this. Know what proofs do and how sigs work. Proof is always a property of the graph. 15:30:42 ack manu 15:31:13 Manu: doesn't see the problem either. Perhaps the issuer signs something and the verifier uses a different context the sig will not verify. That's a security feature. 15:31:23 it's normative in the spec already in https://w3c.github.io/vc-data-model/#syntactic-sugar 15:31:29 q+ 15:32:01 ack Orie 15:32:08 Orie: Seems like this is perceive as a proble but it's the way digital signatures work. That's always been the design problem but it's not clear what that security issue, if signed bytes change the security will fail. 15:32:38 Huh, ok? I still don't understand the problem... but I'm hearing we can close this once we merge the normative context thing. 15:32:39 subtopic: https://github.com/w3c/vc-data-model/issues/1134 15:32:43 This issue can be closed when the pull request for normative nature of the context terms is merged. 15:32:49 btw, `proof` and `verifiableCredential` as graphs was already normative via the above link (even before making the context normative) 15:32:53 You cannot assume you know what bytes will be signed unless the context value is normative, and issuers and verifiers use the same structure. 15:32:55 Brent: #1134 - orie? 15:33:35 Orie: have alread merged pull request to merge RDF classes to credentialstatus but have had other complaints with other values added. 15:33:45 q+ 15:33:53 ack manu 15:33:56 Orie: might leave this open if we want to bundle term defs with VC Data. 15:34:16 Manu: should bundle this. This will make developer lives easier. 15:34:29 Brent: looks like this is before CR 15:34:36 +1 to bundle things we agree make sense for developers to use. 15:34:44 Orie: volunteers Gabe ;-) 15:35:00 Gabe: will be take it on. 15:35:11 subtopic: https://github.com/w3c/vc-data-model/issues/1135 15:35:25 Brent: #1135 - Add VC JWT diagrams to core specification 15:35:34 q+ 15:35:35 yes, this can be a post-CR thing 15:35:36 +1 post cr 15:35:40 Brent: as diagrams are non-normative this is a post-CR 15:35:40 ack Orie 15:36:19 Orie: related to date integrity proofs in the core context and need to be understood by implementers. The pictures are one of the most important information we offer. 15:36:42 Is it possible to add "diagram" tag for any issues requests diagrams? 15:37:17 +1 for diagrams visualizing both securing mechanisms. 15:37:21 Orie: prefer to see the diagrams upgraded include proof specs that define securing mechanisms. 15:37:23 (PRs welcome) :) 15:37:38 Brent: #1029 15:38:00 anyone working on JWT want diagrams to show up in the core data model? open a PR. 15:38:14 Brent: PRs are welcomed! (Manu encouraged that) 15:38:19 selfissued has joined #vcwg 15:38:28 q+ 15:38:35 You can always put your text in an issue, and ask an editor to do the PR for it. 15:38:45 Brent: if anyone has a problem raising a PR ask for help of Brent or anyone to learn how. 15:38:54 ack selfissued 15:38:58 gkellogg has joined #vcwg 15:39:04 +1 selfissued 15:39:06 -1 to not talking about securing in the core spec. 15:39:13 subtopic: https://github.com/w3c/vc-data-model/issues/1029 15:39:17 Selfissued: reinforced Orie's comment about stuff that should be in the securing spec. 15:39:34 Brent: #1029 - Orie? 15:39:37 of course, philosophies around external vs. internal securing mechanisms are at odds there -- we should remember they are different things and that may influence approaches. 15:39:53 q+ to note we don't need to discuss JSON-LD Framing in the core data model. 15:40:14 Orie: Get mailing list comments into the minutes. Request for support for data integrity selective disclosure that heavily uses JSON-LD framing. 15:40:28 present+ shawn 15:40:30 ack manu 15:40:30 manu, you wanted to note we don't need to discuss JSON-LD Framing in the core data model. 15:40:43 Orie: We could consider some of what is happening in that docs. Links to follow. 15:40:51 https://lists.w3.org/Archives/Public/public-credentials/2023Jun/0165.html 15:41:14 Seems like it might be related to competitive framing with ISO mDOc 15:41:21 Manu: this isn't core data model work, and not needed in the core spec. If we need to we can point people to the W3C JSON-LD framing. 15:41:33 Brent: what is the disposition of this issue? 15:41:44 Manu: can move it to data integrity 15:41:45 Here is the the announcement regarding framing https://lists.w3.org/Archives/Public/public-credentials/2023Jun/0164.html 15:41:59 Ivan: probably post-CR 15:42:16 Manu: no. the algorithms Orie is talking about need to be in pre-CR 15:43:12 Orie: WG may adopt EDDCSA so it should be in the core data model repo? 15:43:27 s/EDDCSA/ECDSA-SD/ 15:43:44 gkellogg_ has joined #vcwg 15:44:07 Orie: EDDSA-SD currently only works on VCs not other JSON-LD objects. If this is what is intended it should stay in core data model 15:44:11 subtopic: https://github.com/w3c/vc-data-model/issues/991 15:44:22 Brent: leave as pre-PR 15:44:32 Brent: leave as pre-CR 15:44:41 Brent: #991 15:44:53 Brent: how do we triage this one? 15:44:53 q+ 15:45:00 ack DavidC 15:45:52 This the part of ecdsa-sd that only works for W3C JSON-LD VCs. https://github.com/digitalbazaar/ecdsa-sd-2023-cryptosuite/blob/62c76663f81cb6f836efd5f28109ae3ede113e5d/lib/disclose.js#L141 15:46:09 DavidC: depends is how much left in the core DM. Wants to change the terminology to "certificate verifiable credential". Certificate can be revoked or the VC can be revoked and status list should be able to distinguish between the two. 15:46:21 It is relevant to the previous issue, and comeptitive positioning vs mDoc 15:46:24 Brent: sounds like it's VC Status List work item 15:46:37 q+ 15:46:43 DavidC: this is generic, not depending on the revocation status per se. 15:46:44 ack JoeAndrieu 15:47:24 JoeAndrieu: issue is related to the core. Appreciates certificate suggestion. Status should just be about the VC. If about cert, should use ghe claim status of the cert. 15:48:16 q+ 15:48:17 q+ 15:48:45 DavidC: If we work remotely, then we have only VCs, Certs are only relevant f2f. Therefore if in the remote situation you only have the VC but the underlying cert can't be verified 15:49:10 Brent: Proposes this issue be before CR and allow it to continue within the issue. 15:49:12 ack brent 15:49:15 ack JoeAndrieu 15:49:47 JoeAndrieu: fine with proposal - Re: David's ideas. Cert status? Either a mechanism to check it is there or not. If it exists you can put it in the claim. 15:49:58 q+ 15:50:04 Brent: encourages conversation to continue in the issue 15:50:17 gkellogg has joined #vcwg 15:50:27 ack DavidC 15:50:31 subtopic: https://github.com/w3c/vc-data-model/issues/1145 15:50:35 q+ 15:50:44 I think we fixed 15:50:44 ack manu 15:50:47 Brent: to DavidC's question proposed text should be put in the issue 15:50:48 close it 15:51:00 Brent: #1145 - 15:51:05 too late, I closed it 15:51:10 sry bros 15:51:11 Manu: can be marked pending closed 15:51:20 Brent: Orie just closed it. Done! 15:51:25 subtopic: https://github.com/w3c/vc-data-model/issues/1148 15:51:33 Brent: #1148 Check status privacy 15:52:03 Brent: person raising it is not a member of the working group. That's great. Perhaps someone here has an idea of the issue? 15:52:25 +1 dlongley 15:52:44 dlongely: issue is in the text in the diagram to change it to may preserve privacy. An editorial change. 15:52:46 I can take it 15:52:52 Suggest changing the text to "might not preserve privacy" 15:53:12 Brent: andres agrees to take #1148 15:53:12 subtopic: https://github.com/w3c/vc-data-model/issues/1150 15:53:27 q+ 15:53:35 ack Orie 15:53:36 Brent: # 1150 Orie raised this a few weeks ago. Needs someone assigned and a label 15:53:55 q+ 15:53:58 Orie: If you make v2 presentation and use a v1 you get an error 15:54:22 ack dlongley 15:54:29 Orie: need to address in the normative context 15:55:07 dlongley - should be addressed in the context - it's one line change to be made to the v2 context. 15:55:20 Brent: assigned to dllongley 15:55:30 Brent: it's a wrap 15:56:06 Brent: all of the issues that we have left we have 69 opene issues. 15:56:43 Orie: correction on scribes part if you make a v2 presentation and us a v1 context you'll get an error. 15:57:14 Brent: pending close issues be aware! 15:57:21 zakim, end meeting 15:57:21 As of this point the attendees have been hsano, pl-asu, shigeya, mprorock, ivan, sebastianelfors, cabernet, andres, selfissued, tallted, oliver, manu, brent, orie, dlongley, GregB, 15:57:25 ... Will, kgriffin, jandrieu, kevin, dmitri, nistor, decentralgabe, PaulD, DavidC, vavala, shawn 15:57:25 RRSAgent, please draft minutes 15:57:26 I have made the request to generate https://www.w3.org/2023/06/28-vcwg-minutes.html Zakim 15:57:33 I am happy to have been of service, ivan; please remember to excuse RRSAgent. Goodbye 15:57:33 Zakim has left #vcwg 15:58:06 rrsagent, bye 15:58:06 I see no action items