Meeting minutes
<denkeni> https://
<denkeni> https://
denkeni: attended California's hachathon
… hosted VC workshop in Taiwan. Not a technical one but international forum
… we had it last year
… had a number of speakers
… we would like to use it to make connections
… traditional Chinese in Madarin only for now
… EID project
… we have a natioal ID card
… having privacy and informational security concerns for now
… discussion around security EID
… what benefits does it take? how do we treat the thread like the one where it brings to your privacy
… people are in the gornment are afraid about taking to EIT
… similar to what hapened in the Swiss
<npdoty> the time between the failure/rejection and subsequent approval is much closer together than I would have expected
denkeni: 15.39% grows for @1
… good benefit from this town culture to have a lot more credentials from the government
… not just for digital identity of human but physical goods, identity, those kind of stuff in supply chains
… not serving for digital signatures
… it's similar to Europans cloud by the trade
… electronic signatures
… we would like to block in their business in their mysteries
… they decided not to have been through this area based on this
… it's not opening for everyone yet
… expecting to have a press release next month
… more important is that the whole project, including the wallet app would be open source
… still in progress
… TWD dimension, it's not relevant anymore
… mentioning interesting that the whole SDK is made up with filtered
… I'm typing at the river for the past decades
… weired to me to do an SDK, mobile SDK
… failed EIT
… John Hotel Company, a big company in Taiwan like NTT or AT&T
… reponsible for digital identity product purchase
… people are not the comfortable about that
… opening on the AI, the reason I decided to join the project is that at least the opponents in this specific project will be open source
… extended with the expanded through open trustees registering 3 years next year
… we have been adopting @2
<npdoty> does the trust list limit who can request credential presentations? or does it limit the scenarios/use cases that are acceptable for requesting digital ID?
denkeni: we have a body for BCI VP for the educational channel
… VC will have the bias binding based on theri protocols
… we have IATSD joins to do some early related disclosure feature on it
… who has been using UP?
… interesting thing in Taiwan, having a similar culture in Japan, we developed our own software system
[page 10]
… we expected to upgrade that version next year
… what you need now would be open source
[page 11]
denkeni: we implemented this method with just the key for now
… basically use a needs to be the figures in the slide
… European people might have required as well
… you can show your whole wallet by your phone, and there will b no running agents or holder service
… that doesn't mean you cannnot do it your own site
<npdoty> does that mean the user can't choose their own wallet software? or backup their IDs or move them to other devices?
denkeni: at least for the publishers one, they are doing pretty conservative way at this time
… if you are from the crypto world, we usually use the word non-trustorial
… we are collaborating with people academias and Etherium foundation
<npdoty> +1, linkability is a serious privacy concern with some of the existing selective disclosure standards/methods
denkeni: we aim to generate a whole proof on the phone
… similar to the high-level requirement of the EU's approach
… and we have POC from the privacy rules of the difference
[showing github page on Cirocom validation of JST ES256 tokens]
denkeni: I've been told that they are preparing to publish a paper on this
[page 13]
denkeni: there's the trust based on issures, verifier, and we've been in discussion how to do
… I personally would like to do my build up my own body as well
… about Bhutan
… Putin has adopted experience for their national identity as well
… they tend to be on the main net
[page 14]
… still adopted in main area. 3 kind of specs
… 1 from ISO, 2 from US, European people has @3
… some proofs can doing online identification
… we do not expect @4
… banking people trying to solve authentication issues
… anti-froud
… to use driving system, etc
… what they have been doing to get assuarance thru credentials
<npdoty> I really liked to hear skepticism about the government's app and the excitement about building your own
[page 15]
denkeni: we see W3C standards, OpenID, IETF, and adopting ISO standards
… officals aware that we should have selling @4
… many countries adopting ISO standards
<npdoty> https://
denkeni: like Australia, Newzealand
… in California, drivers license
<npdoty> (the speaker referred to the concerns and controversy about "phoning home")
denkeni: government implements both
… when doing verify ISO standards, we implement @5 issues
… phone is interactive thru verifier
<npdoty> would do local retrieval only, not support server retrieval even if supporting the ISO standards
denkeni: promising system by Google
… not going to @7
[page 16]
denkeni:
denkeni: Omniphones ecosystem, we retrieved that the relocation list
… the status list of the credenials
… they were concerned about the cost due to the issuers they have already no business model on it
… they have to offer that relocation list for free
… the phone service in Taiwan is all real name-based
… you can eventually get the information from the telecom company
… hosted by MODA
… facing some struggles
… what's vendors to choose
… there's possibility of HOng Kong issues on it
… important thing is to have real-time checking on the chart list
… I'm already thinking is that the trustees might have to be hosted
… by third-party organization in the society, and they can be funded by the government
… we have launcehd that sandbox
… bit complicated to use that term
[Denken is showing the service]
denkeni: we have testing version on it
<npdoty> I wonder if the trust list could be handled by signing statements that are distributed to the verifiers on the list, rather than maintaining a centralized list that's API-accessible
[Denken is showing how to input information]
… for the insurance side, once you complet the filling of the present information, you'll get this QR code
… the code is popular
… once you get it, you can just open it
… you can decide what to share, what information to share with the verifier
… if you are interested more, you can see from our website
… wallet.gov.tw
… we have automatic account to allocate for our own citizens numbers
… but do not do their phone number identification
… other countries, we will have to apply for this with email
… we will create this because there are some orgs we've been touched to apply for this
<npdoty> or if it could be signed and then distributed by many parties, rather than a single party
manu: Zero-knowledge proof
… have you looked into any of the BBS?
denkeni: we had early tried to implement it
… having experienced resource for this big project
… one of the debates on the biggest adoption is that they're using a crops that is not supported by the hardware
<JoeAndrieu> [09:20] q+ to ask about holder retrieval of the bitsting statuslist
denkeni: I think it's still possible to deply that later stage
… we started to talk with Europena people
Martin: do you have some potential use cases in the private sector?
denkeni: our early WG, we had showcases
… to make the whole project is that well established, we'll begin production
… we have telecom VC for parcel pickup
… Amazon is not popular here but we use convenience store
… to pick up items
… getting your last 3 digits of your phone numbers and take a look at any of your ID card
… for a telecom company, they are already got your tel number
… purchase received VC, you can just get the monitors without revealing any onf your personal information
… about diploma
… a real implementation on our platform already
… Sony has been doing student ID already
… government needs some achievement to show to their
@8@: are there any modalities that a third-party wallet would need to?
denkeni: compare to European approach today, establish all the laws before really going through in the moment
… we started the broadestthings and think about the regulation data
… simply because the particular reason we have two-party systems similar to the US
… they can build it in their own wallet
… we are focusing on buiding the whole senario
npdoty: tx for the presetnation. curious about the trust list
… policy is in place for the evaluating which verifiers will be
… approved for the trust list
… how that info might be distributed
… what plicy you are using for evaluating verifiers whether they should be on the trust list?
denkeni: there has to be
… both sides to be trusted, they have to create their own data on it
… we requre them to authorize that with their PI card and get into a system
… the info of the legal entity, but should also included
… what data would I be requested?
… once you have asked the verifier to pre-fill the in @10
… we haven't done it yet
… we are piloting some selective partners
npdoty: absolutely right about data minimization about having to pre-commit to what fields are required
<npdoty> like a stapled status list value that's submitted along with the presentation?
denkeni: tx for coming