From 6c2321cdbeaafc988db18ae0b2ea0f345aa3bed1 Mon Sep 17 00:00:00 2001 From: Ivan Herman Date: Sun, 3 Sep 2023 10:41:37 +0200 Subject: [PATCH] Special call and regular call minutes, august 29&30 --- _minutes/2023-08-29-vcwg-special.md | 306 ++++++++++++++ _minutes/2023-08-30-vcwg.md | 596 ++++++++++++++++++++++++++++ assets/minute_processing.json | 6 +- assets/nicknames.json | 6 + 4 files changed, 912 insertions(+), 2 deletions(-) create mode 100644 _minutes/2023-08-29-vcwg-special.md create mode 100644 _minutes/2023-08-30-vcwg.md diff --git a/_minutes/2023-08-29-vcwg-special.md b/_minutes/2023-08-29-vcwg-special.md new file mode 100644 index 0000000..304d954 --- /dev/null +++ b/_minutes/2023-08-29-vcwg-special.md @@ -0,0 +1,306 @@ +--- +layout: minutes +date: 2023-08-29 +title: Verifiable Credentials Working Group Special Topic Call on PR Discussions — 2023-08-29 +json-ld: | + { + "@context": [ + "https://schema.org", + { + "resolution": { + "@id": "https://w3c.github.io/scribejs/vocab/resolution", + "@context": { + "@vocab": "https://w3c.github.io/scribejs/vocab/" + } + }, + "irc": { + "@id": "https://w3c.github.io/scribejs/vocab/irc" + } + } + ], + "@type": "CreativeWork", + "url": "https://www.w3.org/2017/vc/WG/Meetings/Minutes/2023-08-29-vcwg-special", + "name": "Verifiable Credentials Working Group Special Topic Call on PR Discussions — Minutes", + "about": "Verifiable Credentials Working Group Special Topic Call on PR Discussions", + "dateCreated": "2023-08-29", + "irc": "vcwg-special", + "datePublished": "2023-09-03", + "genre": "Meeting Minutes", + "accessMode": "textual", + "accessModeSufficient": "textual", + "encodingFormat": "text/html", + "publisher": { + "@type": "Organization", + "name": "World Wide Web Consortium", + "url": "https://www.w3.org/" + }, + "inLanguage": "en-US", + "recordedAt": { + "@type": "Event", + "name": "Verifiable Credentials Working Group Special Topic Call on PR Discussions", + "startDate": "2023-08-29", + "endDate": "2023-08-29", + "location": { + "@type": "VirtualLocation", + "description": "Teleconference" + }, + "attendee": [ + { + "@type": "OrganizationRole", + "roleName": "chair", + "attendee": [ + { + "@type": "Person", + "name": "Kristina Yasuda" + } + ] + }, + { + "@type": "OrganizationRole", + "roleName": "scribe", + "attendee": [ + { + "@type": "Person", + "name": "David Waite" + } + ] + }, + { + "@type": "Person", + "name": "Manu Sporny" + }, + { + "@type": "Person", + "name": "Ted Thibodeau Jr." + }, + { + "@type": "Person", + "name": "Dave Longley" + }, + { + "@type": "Person", + "name": "Michael Jones" + }, + { + "@type": "Person", + "name": "David Lehn" + }, + { + "@type": "Person", + "name": "Dmitri Zagidulin" + }, + { + "@type": "Person", + "name": "Phillip Long" + } + ] + } + } + +--- + +# Verifiable Credentials Working Group Special Topic Call on PR Discussions — Minutes +{: .no_toc} + + + +**Date:** 2023-08-29 + +See also the [Agenda](https://www.w3.org/events/meetings/eaf86734-c2f9-410e-86b9-1cca18d0d6c9/20230829T180000/) and the [IRC Log](https://www.w3.org/2023/08/29-vcwg-special-irc.txt) + +## Attendees +{: .no_toc} +**Present:** Manu Sporny, David Waite, Ted Thibodeau Jr., Dave Longley, Michael Jones, Kristina Yasuda, David Lehn, Dmitri Zagidulin, Phillip Long + +**Regrets:** + +**Guests:** + +**Chair:** Kristina Yasuda + +**Scribe(s):** David Waite + +## Content: +{: .no_toc} + +* TOC +{:toc} +--- + + +**Kristina Yasuda:** still working on TPAC agenda, hoping to present to the working group soon. + +**Manu Sporny:** heads up to group - data integrity specifications have PRs in for every pre-CR issue - those should be merged in towards end of the week. That will mean that none have any pre-CR issues and will be ready for candidate rec. Should be in good shape for TPAC and DI being ready for CR. Status list and VCDM still have work to go. +… feedback from horizontal review from DI - internationalization did not respond, three months for the request means that we are good but may re-ask. + +### 1. VCDM PRs. +{: #section1} + +> *Kristina Yasuda:* [https://github.com/w3c/vc-data-model/pulls](https://github.com/w3c/vc-data-model/pulls). + +#### 1.1. Add validation section regarding holder (pr vc-data-model#1199) +{: #section1-1} + +_See github pull request [vc-data-model#1199](https://github.com/w3c/vc-data-model/pull/1199)._ + + + + +**Manu Sporny:** waiting on JoeAndrieu re-review. + +**Joe Andrieu:** will look at again. + +#### 1.2. (pr vc-data-model#1252) +{: #section1-2} + +_See github pull request [vc-data-model#1252](https://github.com/w3c/vc-data-model/pull/1252)._ + + + + + +**Manu Sporny:** changes requested by aphillips, waiting on review of changes. +… can add description to the issuer or to the credential itself. Issue raised were internationalization based, now allows for language tags and has examples. Still raised issue of setting a default language for entire credential. That raises issues on side effects on languages being applied to other strings such as encoded images. + +#### 1.3. Address optionality of fields (pr vc-data-model#1256) +{: #section1-3} + +_See github pull request [vc-data-model#1256](https://github.com/w3c/vc-data-model/pull/1256)._ + + + + + +**Manu Sporny:** optionality of fields and requirement on verifying required fields. + +**Joe Andrieu:** concerned about "validate" as a defined term. + +**Manu Sporny:** defined in a non-normative section. + +> *Brent Zundel:* I'm happy to take suggestions. + +**Joe Andrieu:** I don't think we have defined what that means in a conformant way. + +> *Brent Zundel:* me lol. + +**Manu Sporny:** suggests that we do specify what an appropriate syntax is for those fields, if "validate" makes people uneasy we can say it must meet the normative requirements for the format of the field. + +> *Brent Zundel:* works for me. + +**Joe Andrieu:** describing in that manner frees up the term "validate" which has been used to describe business rules post verification. + +#### 1.4. (pr vc-data-model#1257) +{: #section1-4} + +_See github pull request [vc-data-model#1257](https://github.com/w3c/vc-data-model/pull/1257)._ + + + + + +**Manu Sporny:** describes use in HTTP, specifically appropriate use of media types. However, be liberal in what you accept. + +#### 1.5. Guidance around arrays (pr vc-data-model#1258) +{: #section1-5} + +_See github pull request [vc-data-model#1258](https://github.com/w3c/vc-data-model/pull/1258)._ + + + + + +**Manu Sporny:** provides guidance on array/multi-dimensional array usage with JSON-LD, to make sure ordering is preserved. + +#### 1.6. Sync and fix bugs in v2 context. (pr vc-data-model#1259) +{: #section1-6} + +_See github pull request [vc-data-model#1259](https://github.com/w3c/vc-data-model/pull/1259)._ + + + + + +**Manu Sporny:** at the point where we need to lock down the JSON-LD context, Dave Longley and Manu have taken passes to fix issues in the context. +… one new issue - concern about JWT properties are defined. They are currently defined as having to be URLs, may not be the right thing for all properties. For example, kid is defined as being a URL value. + +**Michael Jones:** kid has no semantics, it is a string. + +**Manu Sporny:** asks for note from selfisused on 1259 to kid, needs general review of types. + +#### 1.7. Add Verification Method types to v2 context (pr vc-data-model#1260) +{: #section1-7} + +_See github pull request [vc-data-model#1260](https://github.com/w3c/vc-data-model/pull/1260)._ + + + + + +**Manu Sporny:** adds key types to base context. Don't know if we have general use cases for expressing keys in a verifiable credential. Don't know if it is a good idea until we have use cases warranting this. + +**Kristina Yasuda:** will bring this up in tomorrow's working group call. + +> *Phillip Long:* Why would anyone want to publish their private key in a VC??? + +> *Manu Sporny:* exactly :). + +> *David Waite:* (zk selective disclosure). + +**Manu Sporny:** add support for DIDs issue is providing a controller document, danger here is that definitions will deviate due to copies in DID core, DI and vc-jose-cose. + +**Michael Jones:** a reason we can't just cite did-core? + +**Manu Sporny:** we need to update the text without a mandate to update did-core. +… the point in which the group should get concerned is if these copy-pasted sections start giving opposite advice. + +### 2. issue triaging. +{: #section2} + +> *Kristina Yasuda:* [https://github.com/w3c/vc-data-model/issues?q=is%3Aopen+is%3Aissue+-label%3Abefore-CR+-label%3Apost-CR](https://github.com/w3c/vc-data-model/issues?q=is%3Aopen+is%3Aissue+-label%3Abefore-CR+-label%3Apost-CR). + +#### 2.1. are `domain` and `range` correct for all properties in data model? (issue vc-data-model#1263) +{: #section2-1} + +_See github issue [vc-data-model#1263](https://github.com/w3c/vc-data-model/issues/1263)._ + + + + + +> *Kristina Yasuda:* `@dmitri`: here is the issue: [https://github.com/w3c/vc-jose-cose/issues/140](https://github.com/w3c/vc-jose-cose/issues/140). + +> *Kristina Yasuda:* on the controller doc I mean. + +**Ted Thibodeau Jr.:** `<`refering to properties`>` most properties apply to VCs and not VPs - one property supports both, one is VP-specific. Concerns this is incorrect. + +**Manu Sporny:** some difficulties in evaluating the diagram - the properties can exist on the VP and VC simulataneously. + +**Ted Thibodeau Jr.:** credentialSchema vs presentationSchema, the conversation settled on a VP being a VC with some specialness to it. + +**Manu Sporny:** the VP has different properties, can hold a bundle of verifiable credentials. + +**Ted Thibodeau Jr.:** can you not put VCs in VCs? + +**Manu Sporny:** you can put them in spots but not in the way that you can do so with a VP. + +**Ted Thibodeau Jr.:** people want to associate a verifiable credential with a holder, this diagram makes that impossible. + +**Manu Sporny:** I think this comes down to suggested use - since it is an open world model, they can add whatever properties they want. + +#### 2.2. Add `revoked` and `expired` to verification method classes (issue vc-data-model#1262) +{: #section2-2} + +_See github issue [vc-data-model#1262](https://github.com/w3c/vc-data-model/issues/1262)._ + + + + + +> *David Waite:* kristina, TallTed: mark as discuss. + +**Manu Sporny:** Orie noticed that JWK didn't have the expired and revoked properties that multikey had. +… alignment would mean JWK would have all the same properties. +… being aligned in DI, after that may need to be aligned in base context. +… may be able to do it post-CR since the context can be modified, but not preferred. + +--- diff --git a/_minutes/2023-08-30-vcwg.md b/_minutes/2023-08-30-vcwg.md new file mode 100644 index 0000000..b9436e4 --- /dev/null +++ b/_minutes/2023-08-30-vcwg.md @@ -0,0 +1,596 @@ +--- +layout: minutes +date: 2023-08-30 +title: Verifiable Credentials Working Group Telco — 2023-08-30 +json-ld: | + { + "@context": [ + "https://schema.org", + { + "resolution": { + "@id": "https://w3c.github.io/scribejs/vocab/resolution", + "@context": { + "@vocab": "https://w3c.github.io/scribejs/vocab/" + } + }, + "irc": { + "@id": "https://w3c.github.io/scribejs/vocab/irc" + } + } + ], + "@type": "CreativeWork", + "url": "https://www.w3.org/2017/vc/WG/Meetings/Minutes/2023-08-30-vcwg", + "name": "Verifiable Credentials Working Group Telco — Minutes", + "about": "Verifiable Credentials Working Group Telco", + "dateCreated": "2023-08-30", + "irc": "vcwg", + "datePublished": "2023-09-03", + "genre": "Meeting Minutes", + "accessMode": "textual", + "accessModeSufficient": "textual", + "encodingFormat": "text/html", + "publisher": { + "@type": "Organization", + "name": "World Wide Web Consortium", + "url": "https://www.w3.org/" + }, + "inLanguage": "en-US", + "recordedAt": { + "@type": "Event", + "name": "Verifiable Credentials Working Group Telco", + "startDate": "2023-08-30", + "endDate": "2023-08-30", + "location": { + "@type": "VirtualLocation", + "description": "Teleconference" + }, + "attendee": [ + { + "@type": "OrganizationRole", + "roleName": "chair", + "attendee": [ + { + "@type": "Person", + "name": "Brent Zundel" + } + ] + }, + { + "@type": "OrganizationRole", + "roleName": "scribe", + "attendee": [ + { + "@type": "Person", + "name": "Joe Andrieu" + }, + { + "@type": "Person", + "name": "Manu Sporny" + } + ] + }, + { + "@type": "Person", + "name": "Michael Prorock" + }, + { + "@type": "Person", + "name": "Ted Thibodeau Jr." + }, + { + "@type": "Person", + "name": "Kristina Yasuda" + }, + { + "@type": "Person", + "name": "Gabe Cohen" + }, + { + "@type": "Person", + "name": "Sebastian Crane" + }, + { + "@type": "Person", + "name": "David Chadwick" + }, + { + "@type": "Person", + "name": "Benjamin Young" + }, + { + "@type": "Person", + "name": "Dave Longley" + }, + { + "@type": "Person", + "name": "Andres Uribe" + }, + { + "@type": "Person", + "name": "Michael Jones" + }, + { + "@type": "Person", + "name": "Orie Steele" + }, + { + "@type": "Person", + "name": "Dmitri Zagidulin" + }, + { + "@type": "Person", + "name": "David Lehn" + }, + { + "@type": "Person", + "name": "David Waite" + }, + { + "@type": "Person", + "name": "Justin Richer" + }, + { + "@type": "Person", + "name": "Calvin Cheng" + } + ] + } + } + +--- + +# Verifiable Credentials Working Group Telco — Minutes +{: .no_toc .draft_notice_needed} + + + +**Date:** 2023-08-30 + +See also the [Agenda](https://www.w3.org/events/meetings/36ecd2da-2ec3-4012-b74a-72546ab352f4/20230830T150000/) and the [IRC Log](https://www.w3.org/2023/08/30-vcwg-irc.txt) + +## Attendees +{: .no_toc} +**Present:** Brent Zundel, Michael Prorock, Ted Thibodeau Jr., Kristina Yasuda, Gabe Cohen, Sebastian Crane, Manu Sporny, David Chadwick, Joe Andrieu, Benjamin Young, Dave Longley, Andres Uribe, Michael Jones, Orie Steele, Dmitri Zagidulin, David Lehn, David Waite, Justin Richer + +**Regrets:** + +**Guests:** Calvin Cheng + +**Chair:** Brent Zundel + +**Scribe(s):** Joe Andrieu, Manu Sporny + +## Content: +{: .no_toc} + +* TOC +{:toc} +--- + + +> * present:* present+. + +**Brent Zundel:** processing issues and discussions as usual. + +**Rachel:** self-introduction (hard to hear). + +**CalvinCheng:** self-introduction. here to learn. + +### 1. Work Item status updates/PRs. +{: #section1} + +**Brent Zundel:** starting with updates and PRs. + +#### 1.1. Changes to normative statements (pr vc-jose-cose#143) +{: #section1-1} + +_See github pull request [vc-jose-cose#143](https://github.com/w3c/vc-jose-cose/pull/143)._ + + + + + +**Brent Zundel:** looking to transition to CR no later than end of September. + +**Michael Prorock:** one PR ready to merge (vc-jose-cose). +… clean things up. better to test. +… should help with test suites. + +#### 1.2. Add support for DIDs (pr vc-jose-cose#144) +{: #section1-2} + +_See github pull request [vc-jose-cose#144](https://github.com/w3c/vc-jose-cose/pull/144)._ + + + + + +**Michael Prorock:** Also PR #144 could use eyes. +… pulling over items from data integrity. +… some won't apply to jose-cose, so help with that would be appreciated. + +#### 1.3. Schema test suite. +{: #section1-3} + +> *Gabe Cohen:* [https://github.com/TBD54566975/vc-json-schema-test-suite](https://github.com/TBD54566975/vc-json-schema-test-suite). + +**Gabe Cohen:** the VC-json-schema test suite is up. testing our implementation at Block. +… reach out to me if you're interested in integrating it. + +**Brent Zundel:** Ivan is out, but I'll follow up with him about moving the repo. + +#### 1.4. DI, VCDM, and Crypto Suite specs. +{: #section1-4} + +**Manu Sporny:** update on data-integrity and crypto suite specs. +… we have PRs for all before-CR issues. In DI and the cryptosuites. +… for VC Data Model, by the end of september, I don't see that happening. Its close but we need more issue processing and PRs. +… maybe October? +… StatusList continues to drag. It shouldn't have much work, but should be doable. + +**Brent Zundel:** StatusList, just needs rebasing on the one open PR. + +**Manu Sporny:** yes, some merge conflicts, Mike? + +**Michael Prorock:** I'll look after the call. + +**Manu Sporny:** we should discuss if we are going to have multiple status list types or not. + +> *Michael Prorock:* +1 manu. + +**Brent Zundel:** for the group, the chairs perspective: meetings up to and including TPAC will be processing issues and PRs for all issues marked before CR. +… whatever we don't get to before TPAC, we'll deal with that at TPAC. +… Editors, can you reach out to us to tell us how much time you need during TPAC. + +**Manu Sporny:** I'm wondering what you mean by time. +… if we have no pre-cr issues what are you expecting? + +**Brent Zundel:** if no pre-cr issues open and all PRs are merged, then we can talk proposal to move to CR. +… which probably won't need much time. +… other work items might need more time. + +### 2. Add Verification Method types to v2 context (pr vc-data-model#1260) +{: #section2} + +_See github pull request [vc-data-model#1260](https://github.com/w3c/vc-data-model/pull/1260)._ + + + + + +**Orie Steele:** this PR was raised after a thread in DI repo about how many contexts are needed. + +> *Joe Andrieu:* .,, vc-di has the vc-di context, but only with limited terms. + +**Orie Steele:** [more details]. +… in DI, we have three contexts. one for proof and DI proof. one for multi-key and one for webkey. +… for StatusList2021 you can use without one of the contexts, but that context is bundled into v2 context. +… you can use multikey and json multikey but these are not bundled. +… so this adds those terms to that bundle, so you can get the same URI in all situations. +… the contentious part is the private key representations. +… manu said he doesn't know a good use case for private keys. +… my preference is that the term definitions be consistent, as its harder to prevent them from ... +… people can do whatever they want. my preference would be to make sure the graph looks right. +… also, the keys part of a JSON web key set. +… similiar to JWK in v2. + +**Manu Sporny:** I think that's a fair introduction to the issue. +… to hone in on the parts that are contentious. +… One is, do we have a use case where people are going to express private key material in a VC and signing it? +… If so, they can always do that. +… but its a corner case, so it's not clear we want to promote that by default. +… I don't think that as a working group we should be promoting that. +… Signing over private key material doesn't seem like something we should support. +… We don't currently have an example of representing this. +… if we had confidenceMethod is included, that might make sense. +… but that doesn't look to be on a trajectory to make it into the spec, so I think we should hold off. +… If we get a super valid use case, we can always put that into the context later. +… We have text in the spec that the context file might change during CR and we can deal with it then. + +> *Phillip Long:* +1 to NOT supporting signing over private credentials - not something we should encourage. As we're in an open world model we can't prevent this. + +**Manu Sporny:** I don't think its a good idea to merge this PR at this time. We need a good use case. + +> *Phillip Long:* private credentials should have read private keys. + +**Sebastian Crane:** Orie, I know where you're coming from. I asked Manu something similar last week. +… given the VC flexibility, you can use them to cross-sign keys. +… any one of those use cases could be addressed with cross-signing. + +> *Orie Steele:* You can sign whatever you want... this working group does not control what issuers sign... and using RDF to try and enforce that is... not a good idea. + +> *Manu Sporny:* To be clear - we're not blocking any of the use cases Orie is talking about... we're just saying: "That's not a mainstream use case, but if you want to do it, there is a mechanism there to do it (include the other context).". + +**Sebastian Crane:** at no point do you actually need a private key to move. + +**Orie Steele:** The confidenceMethod is reserved. Not clear if we settled domain & range. +… There is a question if we should define those for reserved properties. +… You could say the range is "verification methods". +… then you could expect to see those defined. +… For those who want confidence method, one of the use cases is to bind to a DID. +… the other is to bind to some key material. +… the only contentious issue I see here is the secret key material in them. +… if its better to do that not in the V2 context, but can be in a different one. +… I was surprised to see secret keys in the context definition. +… I want to move away from the multi-base approach but support issuer-provided means. + +**Brent Zundel:** this is good, about ready to move on. + +**Manu Sporny:** two contentious part here. one confidenceMethod doesn't exist (because of no implementations). +… we've agreed that if you don't have an implementation, don't add it to the context. +… I agree. In theory you could use confidence method, but that will need another context (because it isn't in V2). +… So we shouldn't put that into the spec. + +> *Orie Steele:* confidenceMethod the "predicate" is reserved, and exists. + +> *Orie Steele:* ConfidenceMethod the RDF class does not exist, but "VerificationMethod" does... afaik. + +> *Orie Steele:* disagree with basically everything Manu is saying... but happy to keep talking about it on issues. + +**Manu Sporny:** Two, yes. We've been arguing for a long time. Orie, you said you would object if it isn't in there. So that was a compromise made. +… That is shifting into core context where it doesn't look like it belongs. +… There is no use case that's broad enough for secret keys to be in the base context. + +> *Orie Steele:* I will object if core context defines confidenceMethod, but not JsonWebKey and Multikey. + +**Manu Sporny:** if its not there, it can be an issuer-specific context. + +### 3. Issue Triage. +{: #section3} + +_See github issue [vc-data-model#1263](https://github.com/w3c/vc-data-model/issues/1263)._ + + + + + +**Brent Zundel:** sounds like Orie is happy to drop it from the main context if we can get it in other contexts. +… now moving to issue triage. + +#### 3.1. are `domain` and `range` correct for all properties in data model? (issue vc-data-model#1263) +{: #section3-1} + +_See github issue [vc-data-model#1263](https://github.com/w3c/vc-data-model/issues/1263)._ + + + + + +**Brent Zundel:** only one issue so far. +… looking for before-cr or post-cr comments. + +**Manu Sporny:** discussed this yesterday. Ted mentioned he would think about it. + +**Brent Zundel:** ok, that's ok with me. Ted did you want to share anything now? + +**Ted Thibodeau Jr.:** not yet. This is probably post-cr. + +**Orie Steele:** there are reserved terms that also point to reserved RDF classes. +… we currently have confidenceMethod as a reserved RDF class. +… which maybe implies some future inheritance. but what is the relationship between the reserved predicate and the reserved RDF class. +… what's the thought process around confidenceMethod being reserved in this way, instead of having confidencemethod refer to verification method. +… are these normative. + +**Manu Sporny:** ivan did a lot of this work. we'd need to ask him. + +> *Orie Steele:* Does this work reflect working group consensus? + +> *Orie Steele:* Is the vocabulary normative? + +### 4. Issue Discussion. +{: #section4} + +> *Brent Zundel:* [https://github.com/w3c/vc-data-model/issues?q=is%3Aopen+is%3Aissue+label%3Abefore-CR+sort%3Aupdated-asc](https://github.com/w3c/vc-data-model/issues?q=is%3Aopen+is%3Aissue+label%3Abefore-CR+sort%3Aupdated-asc). + +**Brent Zundel:** moving to final topic. +… These are all labeled before CR, some are ready for PR we'll ask when we might see that. Some are not. We'll ask what the plan is. + +#### 4.1. need resourceIntegrity in vocab and under w3c (issue vc-data-model#1152) +{: #section4-1} + +_See github issue [vc-data-model#1152](https://github.com/w3c/vc-data-model/issues/1152)._ + + + + + +**Brent Zundel:** Raised by Mike Prorock. Ready for PR. + +**Michael Prorock:** I thought we were going to get some guidance from Ivan, but maybe I'm misremembering. +… it's ready for PR. I'll try to get to it. + +**Sebastian Crane:** is this the same a #1261. + +**Manu Sporny:** no. + +**Brent Zundel:** no. + +**Michael Prorock:** no. different. + +> *Manu Sporny:* This should be an easy one -- fairly straight-forward PR. + +**Brent Zundel:** the resource integrity is literally adding that term to the vocabulary (rather than integrity of the vocabulary). + +#### 4.2. Internationalization Review for VCDM 2.0 (issue vc-data-model#1155) +{: #section4-2} + +_See github issue [vc-data-model#1155](https://github.com/w3c/vc-data-model/issues/1155)._ + + + + + +**Brent Zundel:** any actions to take here? + +**Manu Sporny:** it's not clear. Addison continues to review. So I think we are getting active i18n reviews. +… we should probably ask outright if we've addressed his concerns in his review. + +**Brent Zundel:** we do have on i18n pre-cr issue. + +> *Orie Steele:* +1 to an example. + +**Dmitri Zagidulin:** I wanted to ask if there would be any objections or push back to adding a PR with an example of i18n. + +**Manu Sporny:** we have stuff in the internationalization section. + +**Dmitri Zagidulin:** it doesn't have value-level language selection. + +**Manu Sporny:** yes, we had that and people complained, so we removed it. +… so maybe we could add one that has the bare @language or @value in there. + +> *Orie Steele:* maybe file an issue capturing the example you want to see, and cross link for discussion. + +**Dmitri Zagidulin:** I just mean, for example, if the value is a string, then an object with the properties for lang. + +**Brent Zundel:** hold on. remember the queue. +… an issue to track this concern with an example example, would be an appropriate way to advance this. + +#### 4.3. Clarification needed on the ease of deducing that a subject is the holder. (issue vc-data-model#959) +{: #section4-3} + +_See github issue [vc-data-model#959](https://github.com/w3c/vc-data-model/issues/959)._ + + + + + +**Brent Zundel:** issue 959. says PR exists. +… If we merge that PR we can close this? + +**Orie Steele:** that was the intent. + +#### 4.4. NIST defines "credential" differently (issue vc-data-model#1047) +{: #section4-4} + +_See github issue [vc-data-model#1047](https://github.com/w3c/vc-data-model/issues/1047)._ + + + + + +**Brent Zundel:** NIST defines credential differently. + +**Orie Steele:** I definitely need to get to it. +… it might be that credential has more alignment. +… it's related to previous topic about the abstract class confidentMethod. +… I do plan to do this at some point. + +**Brent Zundel:** is the some point anticipated before TPAC. + +**Orie Steele:** possibly, but this should probably be post-CR. +… assuming the other PR is merged this gets to post-cr. + +**Brent Zundel:** comments to that effect with link to PR would be helpful. + +**Justin Richer:** the TLDR version is that 800-63 definition of credential is authenticator plus attributes. +… fundamentally this is how credentials are used in VCs. +… but that's largely based on the definition of authenticator, which is fundamental to the NIST definition of credential. +… so the W3C can align or redefine or reference. +… this term has changed about 6 times since I started working with NIST. + +**Orie Steele:** the group has been discussing how to express "confidenceMethod" in VCs, which would express the public key that would be used for an authenticator. +… we are using similar but not the same. + +> *Manu Sporny:* Nope -- that's not the only use case for `confidenceMethod` -- it's not only bound to authenticators. + +**Brent Zundel:** moving to next issue. + +> *Orie Steele:* ConfidenceMethod is a "super set" that includes authenticators? + +**Brent Zundel:** we added context resource integrity. how do we test it? + +> *Orie Steele:* or we just need it to not be the same thing in order to justify defining it? + +> *Dave Longley:* Orie: ^not that later question, which is presuming bad faith, please don't do that. + +**Michael Prorock:** I will be adding code for testing the jose-cose side of this. + +**Manu Sporny:** +1 should be straightforward to add. + +> *Justin Richer:* "authenticator" per 800-63 is fundamentally about proving access to a secret, it's an intentionally wide definition that spans many technologies. It might or might not make sense for it to be used exactly the same way here. NIST is not likely to change how it's used. + +**Brent Zundel:** should we move this to the test suite repo? + +**Manu Sporny:** or we just test in the core data model. + +> *Orie Steele:* so its a superset, where we are not defining the behavior beyond authenticators?... I am not going to assume thats being done maliciously, but I will assert its a bad idea to do this way. + +**Brent Zundel:** If I here no issues, I'll move to vc test suite repo. + +> *Dave Longley:* justin_r, yeah, that makes sense -- and people here have said they want some concept that also includes other "authentication mechanisms" that are not strictly related to secrets or proof of possession / use of keys. + +> *Justin Richer:* `@orie` I think it's more a matter of the venn diagram having some overlap that's fuzzy around the edges - not a super or subset from what I can tell. + +> *Justin Richer:* dlongley, right, which in the NIST framework would include things that aren't authenticators, which is fine. + +> *Dave Longley:* +1. + +#### 4.5. Document the value of processing as JSON-LD (issue vc-data-model#1227) +{: #section4-5} + +_See github issue [vc-data-model#1227](https://github.com/w3c/vc-data-model/issues/1227)._ + + + + + +**Brent Zundel:** value of processing JSON-LD. + +**Manu Sporny:** you can mark it ready for PR. we are working on text for it activly. + +#### 4.6. Revisit validation vs verification (issue vc-data-model#1232) +{: #section4-6} + +_See github issue [vc-data-model#1232](https://github.com/w3c/vc-data-model/issues/1232)._ + + + + + +**Brent Zundel:** revisit verification and validation. + +**Joe Andrieu:** I don't think there's been any forward movement. +… I do think it's on me to do a review on validation/verification... could come back and add them as comments. I think that's where we're at. + +#### 4.7. `termsOfUse` is insufficiently specified (issue vc-data-model#1010) +{: #section4-7} + +_See github issue [vc-data-model#1010](https://github.com/w3c/vc-data-model/issues/1010)._ + + + + + +**Brent Zundel:** termsOfUse insufficiently specified. +… can anyone give us an update. + +**David Chadwick:** I think we got to the text in the space should be generic enough to allow anyone to specify their own terms of use with their own URI. +… and for testing we want something more than generic URI. +… we want specific URI for the type, which we can actually test for. +… I think we're at this state now. +… I think we can now write specific tests with specific URIs and we could have different implementations that understand that type and can process it. + +> *Joe Andrieu:* pl-asu: I think David said it well. + +**David Chadwick:** the issue was that we needed something machine processable and not just a reference to a description. +… now we have a way to test out David's idea. + +**Manu Sporny:** I'm confused about where we are on this topic. + +> *Brent Zundel:* +1 to being confused. + +**Manu Sporny:** we made ... we had a consensus that the reserve term is going to be removed if we don't have a spec with two implementations by end of CR. +… the other way to do it is that we have multiple implementations and there is functional interoperability. +… where are we as a group. have we decided on one way or another. + +> *Orie Steele:* +1 manu. + +**Sebastian Crane:** I was going to propose something complicated, but in the interest of time, I'll yield to David. + +**Manu Sporny:** to be clear, I'm fine w/ either way forward... we just need to pick a direction. :) -- the first one is more stringent than the second. + +**David Chadwick:** manu didn't quite catch what I said. There *will* be two implementations that are interoperable. + +> *Manu Sporny:* great, thanks DavidC -- that makes things easy. + +--- diff --git a/assets/minute_processing.json b/assets/minute_processing.json index aecdf99..3a5158d 100644 --- a/assets/minute_processing.json +++ b/assets/minute_processing.json @@ -1,5 +1,5 @@ { - "date": "2023-08-23T16:10:03.846Z", + "date": "2023-09-03T08:41:08.699Z", "file_names": [ "2021-06-14-vcwg.md", "2021-08-11-vcwg.md", @@ -113,7 +113,9 @@ "2023-08-15-vcwg-special.md", "2023-08-16-vcwg.md", "2023-08-22-vcwg-special.md", - "2023-08-23-vcwg.md" + "2023-08-23-vcwg.md", + "2023-08-29-vcwg-special.md", + "2023-08-30-vcwg.md" ], "resolutions": [ { diff --git a/assets/nicknames.json b/assets/nicknames.json index 8666d4d..a9e0f4f 100644 --- a/assets/nicknames.json +++ b/assets/nicknames.json @@ -1178,5 +1178,11 @@ "vanveen" ], "name": "Arjen van Veen" + }, + { + "nick": [ + "Calvin" + ], + "name": "Calvin Cheng" } ]