Credentials Community Group Telecon

Minutes for 2015-10-06

  1. Current state of Credentials Survey
  2. Survey Outreach
  3. Upcoming Demos
  4. Lumina Meeting Review
Manu Sporny
Brian Sletten, Dave Longley
Brian Sletten, Manu Sporny, Nate Otto, Matt Stone, Richard Varn, Dave Longley, John Tibbetts, Rob Trainer, Eric Korb, David I. Lehn, Laura Fowler, Stuart Sutton
Audio Log
Brian Sletten is scribing.
Manu Sporny: Short call today. We're just reviewing the survey. Talking about outreach and do some demos next week.

Topic: Current state of Credentials Survey

Manu Sporny: We have reached out to 50-60 organizations. We have gotten responses back from 28 of them so far. Not fantastic, but not terrible. The Credentials folks have gotten the highest response rate compared to the rest of the web payments groups. We'd like to get 40 though.
Manu Sporny: I have tried to blind a lot of the information here so that when organizations talk about themselves. The Use Cases are generic enough so you can't tell who submitted them.
Nate Otto: Switched computers... sip trouble, pardon my connect/disconnect
Manu Sporny: Does anyone have any questions about the data or what the survey is trying to do?
Manu Sporny: We have education, two health care organizations and a number of financial services companies.
Manu Sporny: We wanted good representation from three industries. There is more to do, but we are good on this breadth.
Manu Sporny: The first few questions have good answers. Not surprising. Good to have them documented.
Manu Sporny: We will share the data with W3C members, but not with others.
Manu Sporny: On question 7, we asked what kind of credentialing capabilities does the organization this are valuable (issuing, requesting, verifying, storing...)
Manu Sporny: We are above 75% for every feature mentioned except storing them which is 61%.
Manu Sporny: Any questions on the feedback for 7?
Matt Stone: What were the items in 'Other'?
Manu Sporny: Let me look at the live data... I have to go through every single line item here. I'm not seeing anything pop out now. One of them was 'embedding business rules' in the credentials themselves. Not sure what that means. Where it can be used, who is allowed to receive it. Another one was a uniform description of credentials for comparison purposes.
Matt Stone: I think that idea would be managed in the vertical.
Matt Stone: If we're trying to say a security credential in one industry is comparable to another one is a good next step.
Manu Sporny: I think Badge Alliance is doing some of that.
Nate Otto: Yep, BA wants to have our niche be to define what types of fields are defined for educational credentials
Manu Sporny: The last one is a misunderstanding of what was being asked. They were asked to choose one thing to focus on. Another was "I don't know" for 'Other'.
Manu Sporny: Any other questions?
Manu Sporny: Question 8 then is what do you use today to achieve your credentialing needs. The responses were low here. Now that we know that 'Other' isn't very well represented here, we'll try to get it sorted in the final data set.
Manu Sporny: The reason this was in the questionnaire is the certain parties were asserting that all of the technologies exist but people don't know about them. These answers were good. They show that these companies know about SAML, OpenID Connect, OAuth, etc. but they still don't think they solve all of the problems. There was a single respondent who said these things solved their own home-grown solution but admitted it wasn't a sta
Manu Sporny: Many of these organizations indicated that some of their needs were met by SAML and OpenID but certainly none of the advanced use cases.
Manu Sporny: The most used technology for transmitting credentials is email and downloading PDFs.
Manu Sporny: There's mixed news here, there were a number of organizations who responded "I Don't Know" if these technologies answered their credential needs. A number of these answers during follow up indicated that they weren't solved problems in their organizations.
Manu Sporny: Question 10 was "What are the limitations of current solutions?" Verification is too complicated, there is no context around the identity or the credentials. They are fragile, hard to create, lack longevity. Organizational information isn't there. Cloud-based solutions won't work for perimeter-based security in place inside Don't work in open ecosystems. They are not user controlled. The list goes on.
Manu Sporny: It's a great list.
Manu Sporny: The final question was if they would participate in a W3C effort to standardize credentials. Many said they aren't staffed to support standards work if they weren't already members. They supported it, but many don't have staff.

Topic: Survey Outreach

Manu Sporny: We are at 29 responses. Another came in while we were on the call. I am putting together the data for next week. It is due on Monday. Please reach out to anyone if you know they haven't responded.
Manu Sporny: Any other questions?

Topic: Upcoming Demos

Manu Sporny: We're hoping to get some public demos out to show the workflow.
Manu Sporny: We're going to focusing on payments, drivers license, passport, etc. We're hoping to have some educational ones.
Stuart Sutton: +1 On demos…They’s help me

Topic: Lumina Meeting Review

Richard Varn: It was a good meeting. We were able to get Parchment, ETS, and a few others to suggest support of the W3C work. That was one of the outcomes, so that was good. [scribe assist by Manu Sporny]
Dave Longley is scribing.
Richard Varn: The other person that talked to me afterwards, mostly about machine readable and machine-automated stuff. I had one person to follow up with and we should figure out how to respond to him.
Richard Varn: I think the interests of our group were represented well.
Nate Otto: I've got an additional contact at New America if you'd like
Nate Otto: Though the one you have is the right person to talk to
Manu Sporny: Were there any thought leaders that seemed like they were pretty far ahead that we're not collaborating with already?
Richard Varn: Technologically, no. There were a lot of people from various business areas, users, producers, aggregators, vendors, etc. Good collection of smart people who want to see credentials work for a variety of purposes. Not a lot of tech people though, no.
Manu Sporny: I don't know if you have an email list, but it would be good to reach out to them and put together their use cases. If we've got 108 initiatives clearly they've got use cases behind them... getting them to fill out the survey would be an easy thing we can do while we wait for a WG to get started at W3C.
Richard Varn: They did give us an attendees list which I can forward to you.
Manu Sporny: Great.
Richard Varn: I can forward the landscape survey as well.
Richard Varn: By the volume alone that can be presented to W3C whether or not they are already at the table.
Richard Varn: I didn't get participant names from this but you can see who is there.
Manu Sporny: Are there people's names or just orgs?
Richard Varn: No names, unfortunately.
Manu Sporny: It would be good to figure out if we can get a contact list or something like that.
Richard Varn: I think if we're going to reach out to them they can shepherd a response .. .we can send the survey to them and they can send it out to all attendees.
Manu Sporny: Do you have the person we need to send that to?
Richard Varn: I'll get the person's name leading the discussion/running the meetings.
Richard Varn: Ok, I'll have to dig it up.
Manu Sporny: Yeah, if you can send it to me that would be great.
Richard Varn: I do have a contact list in paper form, I'll scan this to you.
Manu Sporny: I think you're right, contacting the Lumina Foundation and having them send out the request would be the best approach.
Richard Varn: I'll get this to you.
Manu Sporny: Thanks again for doing all that, Richard. Anything else on the Lumina Foundation?
Manu Sporny: We'll try to get around to doing demos next week. I expect that will trigger more technical related discussion next week.
Manu Sporny: We'll likely skim it at the surface level.