Credentials Community Group Telecon

Minutes for 2014-12-02

Agenda
http://lists.w3.org/Archives/Public/public-credentials/2014Dec/0000.html
Topics
  1. Coordination Plan for Next Few Months
  2. Path Forward for Digital Signatures
  3. Moving CG Documents onto REC-track at W3C
Organizer
Manu Sporny
Scribe
Bailey Reutzel
Present
Bailey Reutzel, Manu Sporny, Evgeny Vinogradov, Nate Otto, Eric Korb, Sunny Lee, Mary Bold, Dave Longley, Victoriano Giralt, David I. Lehn
Audio Log
Bailey Reutzel is scribing.
Manu Sporny: On the agenda today we have discussion of how were going to coordinate the work items over the next couple months. One we care about the most is Web Payments IG.
Manu Sporny: Agenda:Coordination plan and following up with discussion on password on digital signatures
Manu Sporny: Any other items?

Topic: Coordination Plan for Next Few Months

Manu Sporny: Sent email to mailing list about work items we have right now.
Manu Sporny: 3. Graph Normalization - http://json-ld.org/spec/latest/rdf-graph-normalization/
Manu Sporny: 5. Open Badges / Credentials JSON-LD Context/Vocabulary - http://tinyurl.com/nxr9n62
Manu Sporny: 6. JSON-LD + JSON Schema validation - http://tinyurl.com/nxr9n62
Manu Sporny: 7. Identity Credentials - http://opencreds.org/specs/source/identity-credentials/
Manu Sporny: These are the deliverables we currently have or potentially have and work on in this group.
Manu Sporny: Three types of work streams. One is roadmap, what we feel the roadmap for creating a credentialing system is, another work stream is digital signatures, number of approaches on the table to get consensus about, third working stream is called context stream, JSON-LD context stream, another stream is the protocol.
Manu Sporny: In the email I suggested that we might want to prioritze these
Manu Sporny: So, maybe the priority should be:
Manu Sporny: 1. Signatures
Manu Sporny: 2. Context
Manu Sporny: 3. Roadmap
Manu Sporny: 4. Protocol
Nate Otto: +1 Very interesting question (How to move a badge from one place to another). I had a conversation with the xAPI folks, and it is likely one (nonexclusive) transport method for badges may be via xAPI statements.
Manu Sporny: Stream Signatures - Dave Longley, Manu Sporny, Brian Sletten, Nate Otto, Dave Lehn
Manu Sporny: Stream Context - Nate Otto, Sunny Lee, Kerri Lemoie, Chris McAvoy, Dave Lehn, Dave Longley, Manu Sporny
Manu Sporny: Stream Roadmap - Mark Leuba, Mary Bold, Eric Korb, Sunny Lee, Nate Otto
Manu Sporny: Then there was suggestion on who could work on each one of the work streams...
Manu Sporny: Context stuff really has to do with building out the vocabulary, badge alliance has been working on for a while
Manu Sporny: Roadmap high level business-y on where we want/need to go
Manu Sporny: Proposal, does that make sense to people? Are there things missing from this proposal? Anyone want to be shifted on work stream?
Nate Otto: Definitely happy to contribute on all work streams. Signatures won't be in a leadership role though.
Eric Korb: I'm good with the alignments
Manu Sporny: Any other comments?
Sunny Lee: I'm good with these as well
Manu Sporny: At this point, if people that are first in list ok with taking the lead? Signature-Dave Longley Context stuff-Nate and Sunny Roapmap-Mary and Mark
Nate Otto: I'm already doing significant prototyping on the JSON-LD + JSON-schema work, the approach we've proposed for Open Badges 1.1 at least (which applies the JSON-schema to the JSON input, not the expanded version)
Mary Bold: With Mark not on the call we certainly need to nominate him as chair of something immediately.
Dave Longley: Taking lead on signatures
Manu Sporny: In general the way we've worked on this stuff, document created that the leads will edit and ask for feedback on. Crunch on those documents for a while. Leads will do edits and add content. Community give them feedback. Leads work changes into the documents. New revision of document come out and ask for another round of reviews.
Manu Sporny: Concerns?
Sunny Lee: With regards to the context group... Do we organize ourselves independently and define the goals we want to accomplish? Do we do this independent of this group?
Manu Sporny: Really up to the leads to decide how to organize.
Manu Sporny: Use this telecomm time for each of the streams. Don't want to overwhelm people with meetings.
Manu Sporny: Having a different call for each stream would be overwhelming.
Manu Sporny: Leads go organize the work and ask for input on mailing list, people provide that and then leads edit the document in an asynchronous fashion.
Manu Sporny: Every week set aside time for each of these streams.
Manu Sporny: Rational way?
Sunny Lee: Sounds great.
Nate Otto: +1 Rational.
Mary Bold: Great plan. Bold leaving this meeting but will read transcript later. Have a good day.
Manu Sporny: Want to make sure we're not overwhelming people with meetings. But can set up a call if we need to about one specific stream.
Manu Sporny: Any questions?
Manu Sporny: Plan there will be documents for each stream, leads will modify the documents and ask for reviews, reviews come through mailing list, discussions, spot checks on how progress being made on this call.

Topic: Path Forward for Digital Signatures

Manu Sporny: Go ahead and talk about the password for digital signatures... Quite a bit of discussion on mailing list.
Manu Sporny: Seems chaotic to people new to this.
Manu Sporny: The first thing is that no one is arguing against the data normalization.
Manu Sporny: Want to get that ball rolling by getting W3C activity leads involved.
Manu Sporny: Graph normalization stuff isn't blocked it doesnt look like.
Manu Sporny: Questions about data set normalization? Comments?
Manu Sporny: Two streams JSON-LD context stream can proceed without having to worry about signature stuff. Will be a point they overlap, but in the beginning not much coordination needed.
Manu Sporny: How are we going to analyze the JOSE vs secure messaging discussion?
Manu Sporny: A proposal: Show what a OBI credential looks like with a Jose signature on it? Then show a true cred badge and what that looks like with secure messaging signature? Then show both of those things look like with the opposite type of signatures?
Dave Longley: Possible combination of things. Two different types of credentials or two different singatures. So four different things to show. JOSE is not linked data.
Manu Sporny: If we use the graph normalization stuff, the data in the blob will look very different to people expecting JSON.
Manu Sporny: How is that, Github Wiki page?
Nate Otto: +1 To focusing on showing the various layers, transformations needed to go from the signed document to the data
Dave Longley: Might want some images on there as well.
Manu Sporny: Show some code, what the code looks like, what has to be pulled in
Dave Longley: Libraries you have to pull in and calls you have to make
Nate Otto: I've had pretty decent success with slide decks for that kind of demo that doesn't need to be actually functional. ~but not strongly leaning toward one presentation format or another.
Manu Sporny: Quite a bit of work to put all that together. Slow us down but we have to do it.
Manu Sporny: When we get the analysis done then send it to Jose group? And ask is there an easier way to do this?
Dave Longley: Want credentials to be linked data even when they're not signed.
Manu Sporny: Ask Jose people, why certificate signatures don't use... JWS (I might have missed that...)
Dave Longley: JWS refers to JSON web signatures.
Nate Otto: Those questions are going to be very related.
Manu Sporny: As far as the badge alliance vocabulary, Nate/Sunny do either of you have ... unaware where you are on the badge alliance spec. How did you want to proceed? Typicall you'd create a vocab doc to specify what you have in github. Put that in W3C format.
Manu Sporny: Was that a work item you'll be working on in near future? Status?
Dave Longley: Eg: rough draft vocab document: https://web-payments.org/specs/source/vocabs/security.html
Nate Otto: Meeting soon. Start building that probably later today.
Manu Sporny: One thing to keep in mind, when you do stuff in W3C community group... patent protection and copyright protection might be needed?
Nate Otto: For reference, this is the existing Github repo Manu referenced: https://github.com/mozilla/openbadges-specification/blob/master/Assertion/latest.md
Nate Otto: Talk about that. Do want to make sure with badges the patent protections follow.
Sunny Lee: BA has not gone through legal wrangling.
Manu Sporny: As far as roadmap concerned, does anyone has questions/comments what it is or should be?
Manu Sporny: Very lightweight. Intro to tech stack and timeline.
Manu Sporny: Mark and Mary aren't here so can't talk about this. Does anyone else have expectations about what the roadmap should do?
Nate Otto: The badge alliance working groups have put in work on that question about how the credentials get put into higher education, etc.
Manu Sporny: Could be that because badge alliance is already working on that we don't need to take that on. Defer to badge alliance
Sunny Lee: I agree with that.
Manu Sporny: If we keep this group as focused on tech as possible that's a fairly good path to success.
Manu Sporny: How do we get this stuff in front of W3C groups? Strategy for that/

Topic: Moving CG Documents onto REC-track at W3C

Manu Sporny: In this email have a number of docuements that we've pointed to that are important.
Manu Sporny: Web Payments transitioning their use cases doc into Web Payments IG. Taking something from community group and moving it into official W3C group. Those web payments use cases were in worse shape than our use cases are. So there's a good chance for us...
Manu Sporny: Call this Thursday to talk about use cases. Question: Do we also want to start pushing the credentials use cases?
Nate Otto: The Badge Alliance may not serve to promote the identity credentials component of the tech stack diagram (as opposed to the accomplishment credentials that Open Badges are), but can work to integrate them into badges, when they're ready, so they will tangentially be promoting use of identity credentials. Web Payments IG may take on promoting identity credentials with the banking/financial type stakeholders they are involved with.
Manu Sporny: Or do we want to add something to the use cases document before pushing?
Manu Sporny: Nate basically sayign badge alliance may not promote the identity credentials directly.
Nate Otto: But interested in using the coolest types of credentials.
Sunny Lee: Agree with Nate
Manu Sporny: What's the plan for federation?
Nate Otto: "Federation" will not happen as planned late 2013
Nate Otto: We need a transport mechanism for badges themselves, but focusing on the baked PNG/SVG badge image as unit of portability right now
Nate Otto: As opposed to focusing on federated APIs at the backpack appliance level
Sunny Lee: If wefocus on badge thing we can accomplish more at that level. Shifting philosophy.
Manu Sporny: At least in credntials work its not a backpack, it's your identity provider. One of those you can read and write there are your identity credentials.
Manu Sporny: How are we coordinating on that? Coordination is basically badge alliance do SVGs to move data around, if credentials stuff takes hold than that would be another option for moving stuff aorund.
Manu Sporny: What are everyone's thoughts on use cases stuff? Ready to put it in front of Web Payments IG?
Eric Korb: Addressed the endorsement use case or not?
Manu Sporny: Have not.
Eric Korb: I think we need to add that and have talked about adding that.
Manu Sporny: The word we're using for endorsements is different than the badge alliance. When we're talking about endorsement we're talking about someone doing multiple signatures.
Manu Sporny: Need to support both but need to come up with vocabulary for explaining that.
Eric Korb: Hate to see us using vocabulary and not meaning the same thing.
Eric Korb: Then the question becomes does the badge alliance want to adopt that vocabulary. Bigger conversation but want to get it on the table.
Manu Sporny: Agenda item next week.
Manu Sporny: Out of all work items we have, use cases one is most important.
Manu Sporny: Get our use cases in there or first working draft won't say anything about badges or identity.
Manu Sporny: Use cases priority number one. In pretty good shape.
Manu Sporny: Next most important document is graph normalization one.
Manu Sporny: Then the third most important deliverable would be the JSON-LD context and vocabulary for badges. Document you'll be working on but get that finalized as quikcly as possible. In next month we should have something out there.
Nate and Sunny agree with path forward.
Manu Sporny: Secure messaging thing, have a pretty deep discussion on. Talked about strategy on getting that done. Compare and contrast pages
Manu Sporny: Nate JSON schema validation stuff, ongoing discussion on how to integrate JSON schema with JSON-LD
Manu Sporny: The way Nate is going about it in line with what we're wanting to do.
Manu Sporny: Identity credentials specification.
Manu Sporny: Sounds to me like we're not going to get into that discussion until January/February this year.
Manu Sporny: I think that's all the work items we have right now.
Manu Sporny: Are there any other work items we're missing?
Manu Sporny: Those are the communities marching orders and we should all start working as soon as possible.
Nate Otto: Anybody else on the call want to assign themselves to one of these priorities?
Manu Sporny: Anything else folks are concerned about? Or should talk about?
Manu Sporny: If you want to work on one of these things please put your name down
Manu Sporny: Nothing else, close the call for this week.
Manu Sporny: Call next week will pick up one of these work items.