Meeting minutes
Render Method Update: HTML Sandbox
Benjamin Young: Hang on.
Benjamin Young: I was just about to ask cover text that this one's happening. Mark, gotcha.
Manu Sporny: Yes,…
Manu Sporny: I think so. Today is Joe and Denin running the confidence method discussion. I'm pretty sure
Benjamin Young: It was just still marked as tentative, so I didn't That's great.
Joe Andrieu: What just happened?
Joe Andrieu: Okay, I think enough of us are here to probably get started. So, Den, I think our plan was just to go over the issues we have outstanding. Is that right?
Denken Chen: That's correct.
Joe Andrieu: Okay, let me share my screen and we go through these in oldest order.
Joe Andrieu: Yes,…
Manu Sporny: One sec,…
Manu Sporny: I've got one tiny thing I could add to the agenda before we get started. I know this is a spec refinement call and I know that we're not doing render method this week, but I wanted to convey something we learned over the past week that's of use that I'd love people to think about over the holidays if that would be Five minutes.
Joe Andrieu: please. Yeah,…
Manu Sporny: All right.
Joe Andrieu: that'd be great.
Manu Sporny: So thanks Joe. this is about render method.
Manu Sporny: we have been talking about whether or not it would be possible for us to support through render method. right now I think the focus was on SVG and PDF. we at Dig Bazar have been doing some work looking at the HTML stuff and if you'll remember I was fairly anti HTML is too complicated. We probably can't do it. and Demetri was u pretty pro but it's super useful and we've done some looking into the HTML sandbox feature that every browser engine supports right now. and it looks like it addresses a number of the privacy and security concerns that'll be had around HTML rendering.
Manu Sporny: meaning you can turn off network access, you can turn off form access, if you can turn off JavaScript. you can turn off requests for cameras and other types of features like that sandboxing feature was largely built for the ad industry and making it so that the ad industry couldn't spy on you more than the site wanted them And because of that, it's pretty robust and addresses all of the security and privacy things that at least we digar were concerned about to the point that I think we're okay with HTML support in render method.
Manu Sporny: I think it covers all the security and privacy considerations concerns we had, meaning that I think we would have an easy time defending it with ping and singing. so, just wanted to provide that update to the group. I think we're going to want to start having discussions around that when the render method, spec u reconvenes. Anyway, just putting that out there. if other people want to take a look at the sandbox feature for HTML that's in the HTML spec,…
Manu Sporny: please do see if you see any concerns, around that. that's it, Joe. Back over to you,
Joe Andrieu: Cool. Thanks,…
Joe Andrieu: Manny. all right. That actually reminded me of an issue that, Den and I have talked about a bit and, I guess I want to pick the first issue to talk about the charter, issues around, evidence. Dan, I'm not sure if it's 16 or 12 that would capture it best.
Joe Andrieu: Okay, Then I think we should be able to get through to that. All Excellent. I didn't know you had created that. Thank you.
Denken Chen: I have created another one 23 so we can discuss it later.
Joe Andrieu: All right, then.
Joe Andrieu: which ones Don? Want to talk about the ones that need discussion? Then the first one is this issue from David Chadwick. The confidence level is not sufficient on its own.
Denken Chen: I think we can just go through it one by one to make sure the actions we are going to move forward.
Confidence Method: Multi-subject VCs
Joe Andrieu: and our sense I believe is that on some level we agree with him in that it's confusing how to use confidence level and we think in this particular case the solution is to have an example that illustrates a multi-ubject VC because I think the way that you deal with the fact that there is a juvenile or a guardian involved or a dependent like a dog or a cat is that you don't think about how the owner would authenticate on behalf of the dog on its own but rather you embed in the VC hey Joe is the owner this is his dog his dog has had his shots and so by putting the semantics in the VC I think we can have an example which addresses this
Joe Andrieu: Go ahead, man.
Manu Sporny: That sounds good to me. are there spec changes necessary? I think the examples would be like a multi-ubject credential and you would put confidence method on one of the subjects I guess or would you put it on the topmost what would the example do would we use evidence I'm guessing not and…
Manu Sporny: then if we use confidence method what of the objects does confidence method go on and then what does that
Joe Andrieu: Dave, did you want to address that or…
Joe Andrieu: do you want me to try fielding it? Go ahead, Dave.
Dave Longley: Yeah. and…
Dave Longley: then you can correct me. I think we might want to have more than one example. I think we need at least one example that shows a VC that has multiple confidence methods on multiple subjects and then it shows that in a verifiable presentation. you can express who the holder is that's doing the presentation and it can be one of those subjects and then that I think becomes clear to the verifier that you can see who the holder is in the presentation and that they are a particular subject in the VC and based on the semantics of the VC that might be acceptable to a verifier. I think that's the more complex case.
Dave Longley: The less complex case is something like what you were saying Manu where you have multiple subjects but only one of them has a confidence method maybe the owner of a pet and…
Dave Longley: then you show that when you do the presentation you check the holder against that subject as opposed to some other one or the
Joe Andrieu: Yeah, plus one to that.
Joe Andrieu: That was basically what I was going to propose. We have in I think the marriage license example. and so we could augment that and have confidence method to show, both parties in a marriage credential could have independent confidence methods. and then I do think the owner and the pet makes it clear why the pet doesn't have one, right? It's like you don't have to do this but for the subjects that it's useful to do it for, you can do it. Go ahead, man.
Manu Sporny: I'm wondering if Fluffy should have a picture of the pet, I mean, as a confidence method. I'm openly wondering about that. not saying it's good because I think what we want to do is just do a very simple confidence method first. but there's also this kind of biometric component that's floating out there and biometrics are complicated and dangerous and all that kind of stuff. but when it comes to identifying the pet, maybe you do want a picture of it as to raise your confidence that that's fluffy and…
Joe Andrieu: I take it that's an old one.
Joe Andrieu: Many to respond real quick, I think I'd like to separate those two. we do Dacon and I do want to get to a biometric verification method. We've identified three that we're going to try and push for in this cycle. and we'll cue up the rest. but the first one would not be the image. the easiest one is, hey, you have a verification method in did document. so we're going to do that one. that's our intention. Followed by an email confirmation loop. if you can verify this email because also I think that's common and in use.
Joe Andrieu: And then the photo for the dog is interesting. I hadn't thought about that.
Joe Andrieu: But certainly I want to make it clear that you can have a subject that doesn't have anything at all. that's not invalid. It's just part of the complicated relationships you can express in RDF. all right. I'm seeing some thumbs up. So, what should we memorialize here? Is there anything new that we should note down? Feels like we got a general endorsement on what we were proposing.
Manu Sporny: I think just the multiple examples that Dave said. no.
Joe Andrieu: Do we have the bot connected to auto? We don't.
Manu Sporny: No we don't. Unfortunately, not yet.
Joe Andrieu: I do see. So Ivan, you just did that by hand on the 13th. I just see a note above. I was hoping that …
Dave Longley: I think that's from the other meeting tools. Yeah.
Joe Andrieu: that was from VCWG meeting, Okay.
Ivan Herman: But if you put pointers to the minutes manually someone then this will trigger the actions running the bot of op of y one. but it has to be done manually.
Confidence Method: Biometrics & MOSIP
Joe Andrieu: Next up is line with motive claim 169.
Joe Andrieu: Thank you.
Manu Sporny: one sorry Joe on the last one.
Joe Andrieu: Do you want to It is welcome.
Manu Sporny: We have a ready for PR marker. Was that marked with ready for PR? Okay, sorry. Thanks.
Joe Andrieu: Issue 14 align with most of claim 169 work for biometrics. Thank you. Anyone want to introduce us?
Denken Chen: Yeah. I think I can take this one to study how the spec works and trying to incorporate the spec in this confidence method when going for biometric. And one thing I would like to make it clear that is it really a quest for changes? I think it's already within this competence method. so I believe it should be ready for if anyone is okay with this directions because we shouldn't we which we have already have one base 64 representation of the biometric and we could continue to including other formats. Yeah. Menu please.
Manu Sporny: I think of son before
Denken Chen: Hold on,
Ivan Herman: So I would prefer not to refer to this level one two three or…
Ivan Herman: class one two three four with dispersect of this work because the class 4 thing is when we edit we upgrade published recommendations. and in this case, it's totally irrelevant. So it just makes the discussion more difficult by using that terminology. There is no class 4 issue. This is a new document. the group is chartered to develop it let alone doing it in the new charter. But even in the current charter is perfectly fine.
Denken Chen: Right.
Ivan Herman: There is no relevance to classes.
Manu Sporny: While that's true, Ivonne, I was going off of something I heard, I can't remember where we were trying to unify the way we talk about features at W3C. class 4 just means that it's a new feature,…
Ivan Herman: Yeah.
Manu Sporny: And there are process implications of that. But here I'm just saying that this is a new feature versus it's an editorial change. What I was trying to signal by starting to add these labels is to give the working group some understanding of the significance of the change to the specification. I'm fine with taking it off, but it was kind of like if W3C is saying we should start referring to, certain types of changes, could we start doing that with the initial spec before it even gets to CR? I take your point, right?
Manu Sporny: I mean typically class 4 is like we can't do that because the charter doesn't allow it but currently this is a new spec like that we can make class 4 changes to it right my understanding of the process is But that's totally fine.
Ivan Herman: I mean it just creates problems in my view.
Ivan Herman: least for me it's always disturbing when I see it because for me class 4 is relegated to the core problematic of updating and maintaining an existing recommendation. It has nothing to do with the development of What?
Manu Sporny: That's not…
Joe Andrieu: Let Okay.
Manu Sporny: that's not why I put my myself on the Q4. I was going to talk to this use case unlet
Joe Andrieu:
Joe Andrieu: Let me ask about this one, I think we're probably better off if we flip the other way and we mark editorial to let folks know when it's not significant. the class three to me sort of is on some level all of these are class 4…
Ivan Herman: Yes.
Joe Andrieu: because everything's new. and I don't want to have a debate. Is it class three or close four? sometimes I like having those debates. I think many of us know that. but in this case, I'm not sure it's adding much. Do you mind if we remove it,…
Manu Sporny: Absolutely. Sure.
Manu Sporny: Yeah.
Manu Sporny: Yeah, I'm totally fine. Yeah, I Sounds like I'm in the rough here. so, on this particular one, the claim 169 work, my hope is that there are a couple of ways we could go with this. One of them is, MOSUP's going to do whatever they want and they've registered, claim 169 in the Seabore repository and there's a fairly static format for doing biometricy things.
Manu Sporny: So one of the confidence method types we could have literally the type is claim 169 and then it's a seabore encoded claim 169 strict format biometric thing right okay so that's the other approach is that we look at the claim 169 use case because it has things in it for doing iris
Manu Sporny: print fingerprints index pinky it's got a lot of kind of biometricy components to it that are iris biometrics fingerprint biometrics face biometrics and maybe we want to generalize that and break it out of that kind of fairly constrained static format that they have in claim 169 9 and allow more variability in the expression of that stuff. So some people might want to express iris, other people will definitely not want to express it. and then there may be other biometrics like palm print nose print for livestock for example.
Manu Sporny: do that because we found out in Japan and other things like that. So I'm wondering if I think the right way to do this is to look at claim 169 and break it out into a more flexible kind of biometricy mechanism that can evolve over time rather than just rashing it down to claim claim 169. So providing equivalence to what claim 169 is doing maybe providing claim 169 as its own type but providing I think the outright thing to do is provide equivalence to what claim 169 is doing but do it in a way that's upgradable throughout time and has more of an open extension capability and…
Manu Sporny: and we need to talk with MOSIP about that and get consensus from them about it.
Joe Andrieu: Okay, cool.
Joe Andrieu: I think I captured that. but I have another question which maybe is a chair failure. I don't think we're recording this and we don't have a scribe. okay.
Manu Sporny: We are recording It's auto transcribed and It's auto correct. Yep.
Joe Andrieu: So we have that tooling. What we didn't have was the topic integration thing. Thank you, Any other comments on this issue? I think this is not yet ready for PR. So, someone needs to go look at 169 and think about how we would apply it.
Joe Andrieu: Dang it. Okay, excellent.
Denken Chen: Yeah, I think I can take this one and…
Denken Chen: to have some study and discussing with most folks. Yeah.
Joe Andrieu: Thanks, D. All right, next Confidence levels from the issuer currently flagged that as ready for PR. and this queued up this other issue.
Joe Andrieu: that we'll address then but I'll frame it here. So in our understanding of what David Chadwick was getting at here wait no this was related to David but you raised it. confidence level in our conceptualization is something that the issuer uses to inform the verifier that there is something they can do to increase their confidence that the current presenter of a credential is the intended recipient or the party that is being discussed in that credential.
Joe Andrieu: the confidence level or assurance level of and I should say these NIST identity assurance levels or levels of assurance from ISO 29115. these are things that we think go in the evidence field where the issuer is saying we satisfied this regulatory standard before we issued this credential. So a verifier without having any of the evidence at least knows that the issuer has performed XYZ and if they trust the issuer on that level then they may themselves infer something but it has not established their own identity assurance level because some of these identity assurance levels are not transferable in that manner. so we were thinking of separating those two. and we're curious about feedback. I don't know Denin if you want to add anything.
Denken Chen: Yeah I think in the below that is comment I believe should be in the evidence field because there will be one confidence level from each issuance of the credential. and that'll be easier and reasonable rather than binding to the confidence level to each subject and that's the case and I should discuss it in the next charter when developing VCDN 2.1 right manual face.
Manu Sporny: Yes, I think this has more to do with evidence than it has to do with confidence method. I think some of the NIS specs and the IIL stuff's supposed to work is that you as the evaluator determine the level of assurance that you have. it is not something an the issuer can tell you through the evidence field I checked their passport or driver's license and here's the level of assurance that I got to when I issued that doesn't mean that the verifier gets to believe that and they get to just believe that right meaning the issuer could lie about it and so the confidence method
Manu Sporny: is meant to raise your level of confidence in the subject, but the verifier is the one that is responsible for determining the level of assurance, the level, all of that kind of stuff. It's their job and their evaluation to see if they reach the same they reached the LOA or that's acceptable to their use case, so I do think these two things are very separate. I don't think we should use confidence I don't think we should state and LOA levels in confidence method data but I do think we should mention them potentially in the evidence field.
Manu Sporny: Our current the rechartering text says that we can make I think class 4 changes if it's in support of some of the new work that we're doing. this is a bit of a gray area but I think we would be allowed to add new properties to the core context of the B21 context if we wanted to start specifying I levels in the evidence field for example.
Manu Sporny: As long as we're not making backwards incompatible breaking changes I think we're okay but Ivon you might be on the queue to tell me I'm mistaken.
Ivan Herman: So the current charter of today doesn't talk about that just to make it clear…
Ivan Herman: but the current charter proposal it was Phil who added it in a PR right before I sent it to the W3C team that besides the possible changes re for privacy and security reasons we have some text which says we are also O allowed to make changes to accommodate newly coming up other recommendations something of that sort in a better English than mine. so yes formally we don't have that charter approved and by the time it will be approved it will be end of February mid-March something like that.
Ivan Herman: So we have to be a little bit careful not to change things today but we can postpone that to let's say mid-March. and one more thing we are not modifying the current recommendations along these lines. We are issuing a new recommendation for 2.1 which will include that.
Ivan Herman: We have to be clear how we do that. That's it. It will be version 2.1 which is formally speaking a new recommendation indeed and…
Joe Andrieu: Did you mean for that Ivon the new recommendation for VCDM?
Joe Andrieu: I see. Okay. Thank you.
Ivan Herman: that's true not only for VCDM. I've listed in the charter all the seven recommendations that we have published. potentially all of these go to a 2.1
Joe Andrieu: So, thinking I'm not sure how to resolve this particular issue. I feel like we've wandered into the other issue that you raised.
Joe Andrieu: Should we maybe go resolve that and then come back to this one?
Denken Chen: And yeah, I think this issue will be closed and I can open another new issue in VCDN, So we can continue to the discussion when developing the VCDN 2.1
Ivan Herman: We don't have to an issue.
Joe Andrieu: So that's one proposal made
Manu Sporny: I was going to agree with Denvon. I think what we potentially are deciding today is that LOA and I has no place in confidence method. It shouldn't be expressed there. It needs to be expressed in evidence. And so the right place to deal with it is in the s in an issue there on the evidence property. And we should close this issue because we have determined that I and LOA shouldn't go in confidence method.
Ivan Herman: Yeah, my apologies.
Ivan Herman: If it's raised in the other repository, then it's fine.
Evidence Property & Confidence Methods
Joe Andrieu: So, I'm not sure about that.
Joe Andrieu: And that ends up, I think, in the framing of this other issue. So, let me pull that up and introduce that, which was we don't have an evidence spec. We don't have any proposal for a type of object that would go in evidence. but we could put one in the document that is the deliverable for the confidence method. this was an idea that Denin and We ran it by PA unfortunately who was the wrong person. I should have included Yvon, but it made it to Yvon and we sort of missed the deadline to change the charter before it went out.
Joe Andrieu: But it did go out, right? …
Ivan Herman: No, the church.
Ivan Herman: Then what do you mean by going out?
Joe Andrieu: I was hoping to get it adjusted before it was formally announced, so we didn't hit that window.
Ivan Herman: Yes,…
Joe Andrieu: But I'll let you explain. We still have a chance to update it.
Ivan Herman: that's why I'm saying It's gone out when it went to the AC for a vote. We are not yet there. So if the working group wants to make a change on the charter it's an kind of an adjustment or expansion of the topic or whatever then it can raise a PR for doing it. I will put a note in the other issue which is the one that is reviewed by the team and…
Joe Andrieu: Go ahead there.
Ivan Herman: and that's it and then we get reviews and comments and we do it. There is nothing that makes it impossible right now.
Dave Longley: I also wanted to comment if the confidence method spec wanted to define an evidence type that's related to in the confidence method specification. I don't understand why that would require any charter changes whatsoever. There's already an evidence extension point in VCDM. we already have in the charter working on confidence method. If there's some component of working on confidence method that requires or is best achieved by adding an evidence type, I don't see any reason why that can't be in the confidence method specification as is.
Joe Andrieu: minute. Go ahead.
Manu Sporny: Yeah, plus one to that. and if it's goes in the confidence method spec, then there's an argument for that it should probably go in the main spec. and I think the current language covers that kind of change, which I think is what Ivonne was getting to. we can update evidence if we find out that it's best to do that because we were thinking about confidence method and turns out confidence method and evidence kind of have an interplay there and because of that it would be best for the ecosystem to have this new type specified and if someone objects to putting in the main spec we'll basically be like fine we'll put it in the confidence method spec but that's probably not where it belongs over the
Manu Sporny: the long term. so that's just are we allowed to make this kind of change? even with the current spec recharter text, I think should we have a unified type? I think there's some core properties that would benefit from being unified. But for example, the I and LOA thing, I think that's an example of where you definitely don't want to put that in confidence method. It goes in evidence. and that's where I would be concerned about us saying yeah, no, the type's totally unified between evidence and confidence. I think they do share some base properties,…
Manu Sporny: but they are different. and maybe teasing out that difference is some of the work that we have to do here.
Joe Andrieu: Yeah, let me correct…
Joe Andrieu: what was meant by unified there. because I didn't mean the same types. I meant just right now because we do still have the wrinkle as might be the case that we want evidence to be attached to a particular subject then it may make more sense to treat evidence as confidence method as a property of a claim set as opposed to a property of the VC and that would be a class 4 change and so we can make class 4 changes
Joe Andrieu: within deliverable called the verifiable credential confidence method. but potentially taking out evidence from the VCDM would be class 4 over there. so that's what I would be concerned about.
Dave Longley: So the framing I have in my mind for this entire feature is and maybe people think about this differently is that we're defining some confidence methods and then issuers might say they themselves consumed these confidence methods when they performed some authentication or whatever it is that they did and they want to be able to express that in a VC. All of that seems really related to confidence the use of confidence methods and so it seems to me like there's a good argument to be made that in the confidence method spec you define the confidence methods and then you can say and if you have consumed these and want to express that NBC you express that in the evidence field like this and we define an type of evidence confidence whatever we want to call this thing and you say you put that and this is an evidence
Dave Longley: extension of the BCDM and you put that in the evidence field. All of that seems highly related and it might be better served in the same all in the confidence method spec showing you…
Joe Andrieu: Hey man.
Dave Longley: how to use all those things as opposed to splitting it out and putting it into these different places and hoping someone can bring it all together.
Dave Longley: So to me it seems like it all makes sense to go in the confidence method spec anyway.
Ivan Herman: So to be very pragmatic isn't it a possibility that we gently change the title of the spec…
Ivan Herman: which is now related to confidence method which is very very specific to an object in RDF so to instead of that we talk about verifiable credential confidence gen in general or you come up with a better word and I look at the line which describes the abstract of the document suddenly it becomes much more general and we can put all these things into the same spec without too much trouble.
Ivan Herman: we are not bound to the title of the document as it is now. we are in a way…
Ivan Herman: because we have a first hurricane draft published but that can be handled.
Joe Andrieu: Thanks Ivon.
Joe Andrieu: I was similarly thinking the description here definitely it might benefit from being plural i.e a specification defines mechanisms. but otherwise the evidence property does increase the confidence of a verifiers that a particular subject is the right person. So it definitely fits the current description.
Joe Andrieu: I'm wondering how do people feel about just getting rid of the word method in the title. So the document is just verifiable credential confidence and…
Ivan Herman: work Joe,…
Joe Andrieu: we talk about how you have confidence that what's in there is true or real or associated with the right person. I'm seeing some thumbs Anyone opposed to that? Seems like a rallying bit of support.
Joe Andrieu: Excellent.
Ivan Herman: on a very practical level, it looks better if you put in a pull request to the charter rather than I going to go and change out of the blue things. So, can you do that?
Joe Andrieu: Yes, I would be happy to do that. So, let me just note that's what we're going to do.
Joe Andrieu: Any other thoughts on that before I hit comment? I think we're good. All right. So, that was 16 17. They can you open this to add some more confidence method types based on different kinds of MFA.
Presenter Identification & Confidence
Joe Andrieu: Okay.
Denken Chen: Yeah, I would like to know the community's opinions about adding some email, phone numbers and biometric for the confidence previously methods. That's and is there any objection to this and reasons and I don't quite get what has been said in that case is Ted available for speak a little bit about this thank
Ted Thibodeau Jr: Unavailable.
Ted Thibodeau Jr: It's not top of mind. Let me see if I can quickly read it over again.
Joe Andrieu: So the parent issue had linked to this comment on 16.
Joe Andrieu: So the parent issue, you just had a short C number 16. And so I'm sharing number 16.
Ted Thibodeau Jr: Right. what you were just saying, Joe, actually made a lot of sense to me about attaching these to claim sets rather than to the credential.
Joe Andrieu: my goodness. I want to jump on the queue. is there this is a crazy idea and I feel it breaks some things, but I want to get it out of my head before I filter it too much more, which can't we have a confidence method that is expressing that the issuer did something. because we have this structural quandry. to what Tall Ted just said which is that evidence is not bound to subjects it's bound to the credential.
Joe Andrieu: So if I wanted to say, hey, I satisfied IAL3, which subject would that apply to? And so, that was my comment earlier that, if we want to get rid of the evidence property in VCDM, that may be a class 4 change to the VCDM. but maybe if it's all just in the confidence method in a single property,…
Joe Andrieu: then the type could tell you, is this something that the issuer did or is this something for the verifier? But maybe that's breaking some other simplicities we had. Go ahead, Ted.
Ted Thibodeau Jr: yes.
Ted Thibodeau Jr: So, I've always been concerned about this idea that either of these properties meant anything to the verifier. My understanding of them as when they were introduced, my understanding of them were that they contributed to the issuers what they put in, right? And then the verifier might see, the issuer whom I trust in some way, and trust is a terrible word, but I'm going to use it anyway.
Ted Thibodeau Jr: The issuer whom I trust to issue useful credentials used this evidence or this method to confirm that the thing that they said about the subject is accurate and I trust that the verifier did sorry as the verifier trust that the issuer did this and that gives me more confidence in the credential But I'm not doing anything about confidence. I'm not doing anything about assurance. I'm relying on stuff that the verifier says that they did. Does that make sense?
Manu Sporny: I think you meant the issuer said that they did in the last sale. Mhm.
Ted Thibodeau Jr: So yes. Yes, you're correct.
Joe Andrieu: So I think that does make sense. I want to nuance and that I think there are two different things we're talking about here. One of which is what did the issuer do to have their confidence that they gave this credential to the right person like that they digitally gave that object to the correct person because they could have been intercepted or whatever. and so they might say hey I satisfied however my mental model of the confidence level is mechanisms that the verifier may use to increase their confidence. For example, if you have a public key as a confidence method, then someone who could satisfy a challenge against that confidence method increases the verifier's confidence that person is that party, whether or not the issuer did that same check.
Joe Andrieu: so I see those as sort of in fact two different bookends of an identity assurance conversation where the issuer is talking about what do they do and they are not likely to provide all the evidence when you state that you satisfied you don't give all the evidence for it like you don't literally discourage the evidence you just say I did it and then on the verifier side you're like hey issuer what did you tell me that they could use here's a picture if they look like this guy you should look at that here's an email if you verify the email we actually knew that they had that email at one time. but of course any of those particular confidence methods only give you the confidence that method would give you. an email loop only convinces you that somehow the email correctly transferred the token. It doesn't mean that emails was securely read by only the person you wanted it to be read by.
Joe Andrieu: And so I think as long as the verifier understands the implications of a particular confidence method then they can go through that exercise whatever it is to add the confidence to their belief that the issuer did the right thing and…
Joe Andrieu: we've got a credential from a person that we think is the right person it was given to go ahead you were next on
Ted Thibodeau Jr: I think that's sideways again.
Ted Thibodeau Jr: The issuer is saying things about one or more entities and those are the things that I'm expecting I'm not necessarily expecting the issuer to pay attention to the first holder that they are issuing the certificate That they can give me a credential about my dog. There is no assurance that they have issued it to my dog, nor even to my dog's owner. That's not part of the puzzle in my visioning things. All right.
Ted Thibodeau Jr: The issuer is saying things about an entity and therefore it needs to have some confidence that entity is the one they're talking about and that the statements that they're issuing here are accurate which may be based on some number of pieces of evidence. And as the verifier, I'm concerned with they were talking about the entity that I care about and that the evidence that they used to make the statements about the entity that I care about is good evidence. I'm not going to see the rabies vaccination document. I'm just going to see they're vaccinated against rabies.
Ted Thibodeau Jr: And I think that there's a lot of fuzziness that creeps in unstoppably as far as I can tell about things that I don't think are part of the puzzle. We've got three parties to this. We've got an issuer, a holder, and a verifier. And that's it. The holder may or may not be any of the entities discussed in The issuer the verifier probably is not any of the entities discussed by the credential. It's just that the credential was issued by that issuer whom I trust to do the right thing and to tell me the truth.
Ted Thibodeau Jr: And the holder or holders have done nothing but relay the thing without corruption and that corruption is going to be detected if there is any. Hopefully that's clearer than what we've been going through. I'll also throw in the last bit of this comment that I made in October that what's going on here, the process that's going on at this point is the verifier is deciding whether they will accept the claims made by this credential and whether they satisfy the verifier's business logic about whatever transaction this crime
Ted Thibodeau Jr: trying to go through between them and the holder about the entities that are discussed in the credential. And it seems like we're trying to wedge some more functionality in here that I don't think exists.
Joe Andrieu: All right,…
Ted Thibodeau Jr: Or maybe I'm completely wrong. It does at the moment.
Joe Andrieu: Ted, does that conclude your thoughts? Can we go to Brent? All right,…
Joe Andrieu: thanks. Go ahead, Brent.
Brent Zundel: Thanks Joe.
Brent Zundel: So I've been lurking and listening and had to spend half the call on another call at the same time and so I apologize if this isn't quite as pertinent as I would I hope it is. if I remember correctly, we ended up calling this spec the confidence method spec because we didn't want to use the word binding and it came out of the desire to do some sort of holder or subject binding in the credential without using that horrific term binding. and so the confidence method specification, okay, we'll call it that.
Brent Zundel: We got a, agreement on that as a title for it. But it's all about is this subject from the verifier's perspective. Is the subject that I'm aware of is the same as the one that the issuer was talking about? It's that connection and approvable connection ideally in some cryptographic means. all of the other stuff that has been talked about as means of increasing confidence in the VC I think is important. it was evidence and folding the evidence into the confidence method is kind of what we're talking about.
Brent Zundel: I'm not sure if merging them is the right thing because a clean separation of goals is I think very useful to make specifications as implementable as possible. And while it's tempting to create kind of a grabag of everything confidence related in one thing because there are some conceptual similarities there is tempting. I'm not sure that it would serve our users to do that. at the same time, if that's what the group ends up wanting to do, I'm not going to, object. I am concerned if we try to do this before moving to a new charter.
Brent Zundel: If the group decides they really want all of the evidence stuff and whatever else inside the confidence spec, then I think we would have to do that under a new charter rather than under the existing one because it really is a kind of a fundamental change to what was meant by the confidence methods back when we said yes, we're going to work on that. just some idle thoughts and wanted to get them out so they stopped percolating in my head.
Joe Andrieu: Cool. Thanks,…
Joe Andrieu: Brent. I want to note the time. I do want to, have a habit of getting done at five before the hour. so, I just want to quickly say two things, then Ted, I'll give you a chance to have the last comment here, or actually Dankin after you, in case you had anything, one I wanted to say I think we're not just talking about the subject that in fact what we are trying to figure out is if the presenter at this point in time the person who is interactively saying this is my credential is that the person in any way whatsoever. So all the use cases they're totally valid that you have a credential that isn't about whoever's presenting. those are fine but not what we're talking about.
Joe Andrieu: We're talking about mechanisms whereby the verifier could say, if I do this other mechanism, then I could have more confidence that the person in front of me is one of the people mentioned in the thing." to your notion that we were creating something new or more complications that weren't here. To me, this was always part of how the did off pattern worked. and this is sort of tribal knowledge that I think confidence method is trying to bring out of the tribality so that it's better and more common practice that before you issue a VC to a given DID verify that they do a DID off before you give it to them that expectation was absolutely there and then in the VP you're signing over potentially with the same identifier that the VC was issued to and those two together are the book ends that said hey the issuer did something before they gave it to him so that gives me confidence that it went to the right person and then I'm doing something when
Joe Andrieu: I got it. And that's giving me confidence that that same person it was given to is involved in this transaction.
Joe Andrieu: And with that, I'll hand it to you, Ted. Yeah.
Ted Thibodeau Jr: H yeah,…
Ted Thibodeau Jr: we're overloading some things and I don't think that the process that you just described, Joe, is written out in any of our documents about these things. it's trying to put a number of fields to a secondary use which might be okay but again that falls into the verifiers business logic from a technical perspective I don't believe that that follows from the use cases and user stories that we've got and I don't think it follows from any of
Ted Thibodeau Jr: the documents that we've got thus far and that troubles me a great deal. I'll leave it at that for now.
Joe Andrieu: Okay. Thanks,…
Joe Andrieu: Thank you. Did you want to say anything before we wrap?
Denken Chen: Yeah I really appreciate the conversations here particularly from Ted and Brent and I apologize that probably it's me have a fuzzy brand because it's in midnight in my time zone and I need some time to digest And I believe we can continue the discussion in the next call on this one.
Denken Chen: Yeah, I don't have other feedbacks for now.
Joe Andrieu: Very good.
Joe Andrieu: Thanks, And thank you all for the contributions and the conversation. we are taking a couple of weeks off and I think the render method is going to take the first open Wednesday in the year which is I think the 10th and then we will follow after the render method. So that should go out via the BCWG email channels I hope.
Ted Thibodeau Jr: C.
Joe Andrieu: Have a good holiday. Thank you all for your contributions and we'll continue the work in the new year. Cheers all.
Presenter Identification & Confidence
Joe Andrieu: Have a good holiday. Thank you all for your contributions and we'll continue the work in the new year. Cheers all.