14:41:20 RRSAgent has joined #vcwg 14:41:24 logging to https://www.w3.org/2026/06/24-vcwg-irc 14:41:24 RRSAgent, make logs Public 14:41:25 please title this meeting ("meeting: ..."), ivan 14:41:38 Meeting: Verifiable Credentials Working Group Telco 14:41:38 Agenda: https://www.w3.org/events/meetings/d811d954-dd65-4cce-844a-53dfd95e75c7/20260624T110000/ 14:41:38 chair: phila, brentz 14:41:38 ivan has changed the topic to: Meeting Agenda 2026-06-24: https://www.w3.org/events/meetings/d811d954-dd65-4cce-844a-53dfd95e75c7/20260624T110000/ 14:41:41 regrets: manu 14:58:42 present+ 15:00:12 kezike has joined #vcwg 15:00:21 brent has joined #vcwg 15:00:23 present+ 15:00:50 wes-smith has joined #vcwg 15:00:53 KevinDean has joined #vcwg 15:01:09 present+ 15:01:11 phila has joined #vcwg 15:01:23 present+ 15:01:24 present+ 15:01:35 present+ hsano 15:01:38 hsano has joined #vcwg 15:01:42 present+ 15:01:50 present+ wes-smith 15:02:33 present+ mark-andree 15:02:52 Wip has joined #vcwg 15:02:56 present+ 15:02:59 present+ bigbluehat, elaine 15:03:12 present+ 15:04:14 scribe+ 15:04:37 present+ ted 15:06:01 Carolynn has joined #vcwg 15:06:16 p+ 15:06:16 present+ Carolynn 15:06:32 present+ Jennie 15:06:39 s/p+// 15:06:53 q+ to mention external interest in confidence method work 15:07:01 Brent: We're going to look at forgery defence, process some data model issues, and get updates on task forces. 15:07:05 ack wes-smith 15:07:05 wes-smith, you wanted to mention external interest in confidence method work 15:07:05 JennieM has joined #vcwg 15:07:12 present+ 15:07:20 Wes-smith: I have a brief note and ask a brief question. 15:08:03 present+ joe 15:08:04 ...I've been speaking either Elaine Wooten, who has been speaking with European ??? and they're interested in developing biometric credentials that would be useful for VC use cases. 15:08:04 Marc has joined #vcwg 15:08:12 q+ 15:08:22 ...They're interested in getting a concrete set of technical requirements for the confidence method task force. 15:08:27 ack phila 15:08:31 ...What are the next steps to do so? 15:09:01 Phila: Would you clarify the name of the standards body? 15:09:16 q+ 15:09:33 ack wes-smith 15:09:38 Wes-smith: CEN European Committee for Standardization. 15:09:56 Phila: They are not an open standards organization so we will have to figure out how to integrate them. 15:10:03 q+ 15:10:08 Wes-smith: Elaine, can you clarify how they can participate? 15:10:25 s/???/Committee for Standardization (CEN)/ 15:10:49 Elaine: Some have expressed that they can't participate in W3C so we'll have to look into it. 15:10:54 q+ 15:10:58 q- 15:11:06 Brent: I would encourage the task force to look into it so we can have a deeper conversation. 15:11:13 ack ivan 15:11:15 Elaine: They're looking into how to join W3C. 15:11:19 bigbluehat has joined #vcwg 15:11:42 present+ 15:11:59 Ivan: To be very specific, I think the best thing is to invite them to one of the task force calls and see what they want to do. There's no need to put the load on Elaine right now until we see what the requirements are. 15:12:40 JoeAndrieu: That's fine. Happy to have them join us. We meet every other week Thursday at 7am Pacific. 15:12:51 Topic: Forgery Defense Co-Editor 15:13:24 Brent: Originally this topic was to announce that we have a co-editor. I would like to share some information feedback to the FPWD. 15:14:07 q+ 15:14:13 ...We see that ??? is in the charter, but we don't quite believe that it's there. It's on the task force to get the lawyer to look into it to ensure that the work can proceed. 15:14:14 ack ivan 15:14:31 s/???/Forgery Defense/ 15:15:02 Ivan: It would be cleaner to investigate the problem immediately. 15:15:07 Elaine has joined #vcwg 15:15:09 q+ 15:15:23 ack phila 15:15:23 Brent: The problem is that they need convincing that it can be supported in the current charter and they need further explanation. 15:15:44 q+ 15:15:48 ack wes-smith 15:15:50 Ivan: Wes, do you know what else to add there? 15:16:21 Wes-smith: I think the relevant question is, do they need to be convinced by the text of the specification or by the emerging security threat that allows it to fall under the charter? 15:16:29 present+ mccown 15:16:32 Brent: They need to be convinced that the charter covers this specification. 15:17:01 Wes-smith: I can put together a persuasive write-up that there is an emerging security threat that needs to be addressed here. 15:17:11 ...That doesn't seem like stuff that would go into the specification. 15:17:22 Brent: That's not something for the specification, it's for communication. 15:17:33 Wes-smith: If I do this write up, what's the next step? 15:17:38 Brent: Send it to the chairs. 15:18:04 Ivan: I find it strange that this is happening as a back door discussion. I don't know why this wasn't put into the issues I was working on this morning. 15:18:15 Brent: It was someone looking for clarification. 15:18:23 Ivan: Why didn't they ask me or Wes about it? 15:18:38 Brent: It was a matter of being on the same call at the same time for different reasons and it happened to come up. 15:18:55 ...If we were to independently add some detail to the issue, that would be helpful. 15:19:11 Ivan: It should go into a GitHub issue for it to be worked on. 15:19:30 Wes-smith: I would prefer to have messaging come from the chair of the group. 15:19:58 Topic: VCDM Maintentance 15:20:11 https://github.com/w3c/vc-data-model/issues 15:20:25 s/Maintentance/Maintenance/ 15:20:31 Brent: There are three at the top that have not yet been triaged. 15:20:40 subtopic: https://github.com/w3c/vc-data-model/issues/1633 15:20:45 ...We will look at them and determine whether we're going to address them here. 15:21:00 ...Normative text on VP-within-VP 15:21:24 smccown has joined #vcwg 15:21:33 present+ 15:22:07 ...Do folks have any questions or need more clarity? 15:22:56 q+ 15:22:57 ...I will note that the poster is asking questions, so it may be sufficient for the group to answer the question. 15:23:03 ack ivan 15:23:05 ...The answers may affect the specification. 15:23:38 Ivan: My feeling is that the answer is no, that the model is such that the VP can have several VCs but not another VP. As far as I remember, this is the model. 15:23:49 q+ 15:23:57 ack phila 15:23:58 ...I would prefer having someone deeper in the technology give a definitive answer. 15:24:44 Phila: I'm not qualified to answer directly, but it looks to me like this commenter wants links to other credentials. If the answer is no, could the answer be to look at recognized entities? 15:25:17 Brent: The VC Data Model says the a presentation contains a set of VCs. The JOSE-COSE documentation says that it can contain VPs as well. 15:25:39 q+ 15:25:47 ack ivan 15:26:16 Ivan: I think you're right, Brent, but that means for me that the JOSE-COSE document is incorrect in terms of the model. I personally do not see how recognized entities help. 15:26:25 q+ 15:26:37 ...I would like to see an example that would be solved by this. 15:26:45 ack brent 15:27:27 Brent: The description of the VP is that it contains multiple VCs and can contain arbitrary data, and that the VCs may be from multiple issuers. 15:27:53 ...Conceptually, there wouldn't be a problem with including another VP, but it doesn't explicitly say that that can be done. 15:28:23 Elaine has joined #vcwg 15:28:50 ...I think that the VC JOSE-COSE recognizes that need from the supply chain space. Often folks would be receiving VPs and would often want to pass them along directly rather than extract the VCs. 15:29:26 ...What I'm reading in the core data model section of our spec is that this is possible but in order to make it explicitly possible it would require normative and substantive changes to the VC data model. 15:29:36 ...These changes would be beyond what we're currently chartered to do. 15:29:57 ...I'm adding the class 4 and future labels. 15:30:03 Elaine has joined #vcwg 15:30:13 subtopic: https://github.com/w3c/vc-data-model/issues/1632 15:30:26 ...remove confidence and render methods from the VCDM spec 15:30:34 ...This is definitely within our charter to do. 15:30:49 q+ 15:30:56 ack ivan 15:30:57 ...It points out that because we're producing a confidence method specification and extension points should point to those specifications. 15:31:10 JoeAndrieu has joined #vcwg 15:31:15 Ivan: That's one possibility. Another option is to delete the entire section. 15:31:49 ...That will raise problems for the confidence and render methods. I think we can remove the whole section altogether. Something has to be done. 15:31:59 Brent: Sounds like this is class 2, editorial. 15:32:10 Ivan: Yes, maybe a bit more. 15:32:47 subtopic: https://github.com/w3c/vc-data-model/issues/1631 15:33:05 Brent: Deployment-pattern guidance: principal-authority pre-layer for credentials consumed by autonomous agents 15:33:11 Elaine has joined #vcwg 15:33:19 ...Is there anyone who has read this and has an opinion? 15:34:56 ...On one hand, the formatting and length suggests that this was written by an agent, but there still may be a point within the text. It's mostly usage guidance. Unless vcomm wants to have an opinion, perhaps this would best fit within the implementation guide. 15:35:28 ...My suggestion is that this is a recommendation for implementation guidance clarity and doesn't appear to be calling for changes to the data model itself. 15:35:40 q+ 15:35:50 ack Wip 15:36:03 wip: It definitely reads like AI to me, but we can move it to the implementation guide. 15:36:38 Brent: Anyone opposed to transferring to the implementation guide? Hearing none, we can look at there in the future. 15:37:02 Topic: Task Force Round Table 15:37:18 wes-smith has joined #vcwg 15:37:20 q+ 15:37:26 ack wes-smith 15:37:41 Wes-smith: On behalf of the barcode and data integrity task force... 15:37:50 q+ 15:38:04 ...One of the big issues is the forgery defence specification, but it's unclear how that fits into the charter. 15:38:25 ...The barcodes work is on the back burner as a result. We know we have outstanding work such as threat modeling to do. 15:38:43 ...My understanding of the data integrity work is that it's going well. 15:38:57 q+ 15:39:04 ...I think we're in a good place in that task force. 15:39:13 yes 15:39:21 q+ to voice opinions about PQ 15:39:25 ack ivan 15:39:47 Ivan: There is one more thing we discussed the other day. It's an editorial reengineering of the DI spec and the crypto suite. 15:39:54 s/it's unclear/we need to make sure it's clear 15:39:59 q+ to provide update for VCALM TF 15:40:28 ...We are considering factoring all of them out and generating separate specs. This would make future crypto suite publication much easier. 15:40:50 ack brent 15:40:50 brent, you wanted to voice opinions about PQ 15:41:30 Brent: The guidance I have heard in various quantum secure forums is to keep things as simple as possible. Choose as small a subset of the existing potential algorithms as is absolutely necessary. 15:41:53 ack Carolynn 15:43:11 Carolynn: Things are going well. We spent an hour and a half with Ivan to prepare the work for the Digital Product Passport task force. We're writing a note in three parts: Why are VCs useful for DPP? Why is there an international VC task force in W3C? How can I check that my DPP standard is compatible with VCDM? 15:43:29 ...I hope to steer the group on the first part in the coming weeks. 15:43:35 ack kezike 15:43:35 kezike, you wanted to provide update for VCALM TF 15:43:36 Thanks Carolynn - that sounds very +ve 15:44:29 q+ 15:45:04 q+ to suggest milestones 15:45:47 q+ 15:46:00 Kezike: We got good progress at the meeting with the vcomm task force and have a good path forward. We've created a v1.0 label for labelling existing and new issues. We want to implement a feature freeze to discourage blood in the spec. We're continuing to apply that to issues as they come in. We're making good progress on existing PRs and issues. 15:46:00 Threat modelling is proceeding and we should have a PR in the next day or two. We are also developing test suites. We're going to move the CCG tests into the charter. 15:46:07 ack phila 15:46:21 Phila: It sounds like you're making fantastic process. As CR is on the horizon, have you thought horizontal review yet? 15:46:22 s/Threat/... Threat/ 15:46:47 ack brent 15:46:47 brent, you wanted to suggest milestones 15:46:51 Kezike: No, but that's why we're rushing issues. It will likely still be in flight at TPAC but we should be closer. 15:47:03 Brent: Another feature of GitHub that might be useful is creating milestones. 15:47:15 ack ivan 15:47:20 ...I encourage you to consider that. 15:47:36 Ivan: I wrote in an email this morning that I don't recall seeing any requests. 15:47:48 ...Can you send me an email to tell me what needs to be moved forward? 15:48:15 Kezike: I think we're just looking for permission to move the repository into W3C space. 15:48:22 Ivan: We can coordinate that. 15:48:55 q+ 15:49:00 ack JoeAndrieu 15:50:00 JoeAndrieu: We don't have a lot to report. We merged in the draft biometric PR with quite a few at-risk issue markers. We thought it was a good foundation. We also made a commitment to have enough of the tests fleshed out so we can get to horizontal review by TPAC. 15:50:07 q+ 15:50:25 ack ivan 15:50:27 +1 to a month out to start the request 15:50:28 Brent: It may be good to submit for horizontal review a month before TPAC. 15:50:58 Ivan: Another thing I would need is, what are the terms that would have to be added to the VCDM coming from your spec? It would be helpful to have clear guidance. 15:51:04 ...Same for the render method. 15:51:04 +1, understood. I'm not sure either at this point. 15:51:41 Brent: I don't see Dmitri on the call, who is leader for render method. 15:52:15 q+ 15:52:25 scribe+ 15:52:27 ack KevinDean 15:52:58 KevinDean: Brief update on Recognized Entities, recently have been discussing linkages between credentials, focused on the GS1 use case, which documents a hierarchy of credentials beginning with a root of trust. 15:53:16 ... We have been discussing how the presence of one VC can authorize the issuance of others by the subject of the original VC. 15:53:24 q+ 15:53:27 scribe+ 15:53:31 ack ivan 15:54:16 Ivan: Something which is not a technical thing is to say in presentations about our work... The interesting thing I find in that work is that it's an application of VCs that does not add anything to the VCDM per se. 15:54:53 ...I think it's important that we demonstrate the ability to add community-specific capabilities built on the existing VCDM spec. 15:55:19 q+ 15:55:27 ack phila 15:55:52 Phila: Next week, my target is to create the ISO-friendly version of VCDM2. 15:56:15 rrsagent, draft minutes 15:56:16 I have made the request to generate https://www.w3.org/2026/06/24-vcwg-minutes.html ivan 15:57:08 rrsagent, bye 15:57:08 I see no action items