Meeting minutes
Brent Zundel: welcome
Brent Zundel: intros welcomed
Eva Blomqvist: recently joined WG interested vocabs re: passports
Sebastian Schmittner: recently joined. Submitted a suggestion for RenderMethod and that's the path to this group. Background in software dev for a small company in Germany. Working on identity and developing a business wallet.
Brent Zundel: agenda, the f2f meeting. General guidelines for task for leaders and security review and consideration guidelines for today's agenda, followed by data model maintenance
Manu Sporny: barcodes and data integrity group passed a proposal for quantum proof signatures. We forgot to move the use cases for VCALM when it was moved over to pull from the CCG to to the VCDM WG
Ivan Herman: has questions re: one of those docs for later.
F2F Meeting
<Brent Zundel> https://
Brent Zundel: f2f scheduled for 1st week of June, June 2-4, in Brussels at GS1. In agenda a sign up sheet for the meeting was sent out. Please let them know if you are coming, or want to participate remotely (same link). No recommended hotels but Phil Archer might have suggestions if asked
Ivan Herman: It's possible to have separate task force meetings before or after the main meeting in Brussels
Phil A: main meeting room has space for 30 people. Two other rooms for 8 or 11 people, but need advanced booking. Some smaller rooms but not enough for all task forces to meet at the same time. A VC Barcode sessino h as been requested, Monday or Thursday afternoon.
Phil A: main meeting room has space for 30 people. Two other rooms for 8 or 11 people, but need advanced booking. Some smaller rooms but not enough for all task forces to meet at the same time. A VC Barcode sessino h as been requested, Monday or Thursday afternoon.
Brent Zundel: if anyone one wants a focused meeting please ask.
Joe A: do we have time for a threat modeling session? Do we have an agenda spreadsheet? No not likely until mid-May. Bu this topic is important for f2f meeting.
Manu Sporny: if doc is created people can contribute ideas to it.
Brent Zundel: will create a doc for that purpose
upcoming calls
Brent Zundel: Advisory board meeting in China next week. FYI no primary working group call next week. Task forces can meet as desired. Last week in April is IIW. Will there be enough people available to hold this call?
Brent Zundel: sufficient interest to hold the meeting
Brent Zundel: no meeting next week, but yes there's a meeting the week after (during IIW)
TF Leadership guidance
Brent Zundel: Task force leaders are doing appreciated work on their items. Official task force meetings are not official VC Working Group meetings themselves.
Brent Zundel: important for TF leadership are members of the VC Working Group, or their contributions must be non-substantive. Should have non-VC WG members can come and listen.
Brent Zundel: TF meetings are recorded and autoscribed and give people a chance to object. If anyone does, Manu Spornyal scribing is required.
Brent Zundel: useful for proposals and resolutions within the TFs but concern that this might become the norm. If there is something to present to the VC WG, that's ok but not to propose and vote of directly in the TF itself.
Brent Zundel: TFs can't make resolutions which they are not authorized to do on behalf of th e VC WG
Brent Zundel: preference as TFs determine something needs to be done, sending that to the mailing list will give WG chairs notice and if proposed language is in the email, that's helpful
<Ivan Herman> See https://
Ivan Herman: Agree fundamentally with what Brent Zundel said. He generates a page with a list of resolutions and separates the WG resolutions from any others as WG are formal, the others are informal notifications
Brent Zundel: would prefer TF decisions do not look or resemble WG resolutions
Phil A: TFs doing the work, which is necessary. But TF work is being done on behalf of everyone and everyone has a right a may question anything.
<Ted Thibodeau Jr.> "TF decisions"? "TF recommendations to the WG"?
Joe Andrieu: What should be the language to memorialize it's own consensus to elEva Blomqvistte something to the WG?
Brent Zundel: saying this is something the WG should attend to
Manu Sporny: no polling available at present. Could say things are non-binding but that might be difficult. Could instead stop doing proposals and resolutions and proposals in the TF: and simply do POLL: and put it the TF notes.
Manu Sporny: POLL: with language you wish. Anchors are generated for each poll that might suffice and be misinterpreted
Brent Zundel: TF leadership can use POLL: and or come up with your own language to communicate that and tell VC DM chairs the TF is ready to have this topic discussed.
Brent Zundel: one can contact the chairs driectly. There is a vc-github repo to put in as issues if that is preferred.
Manu Sporny: a lightweight process is preferable. Getting something published and visible, is enough to consider something on the WG calls.
Manu Sporny: could say something was published and raising it is fine. This instead of a formal poll: or whatever.
Brent Zundel: having time in the WG meeting for TF leads to raise for the WG to consider is fine. Pinging the chairs in advance still helpfu.
Brent Zundel: VC DM Maintenance now.
Proposal to adopt vc-quantum-safe spec?
Manu Sporny: TF has two potential proposals
Manu Sporny: in barcode integrity call voted on the proposal affirmatively. Background: Google and Cloudflare have moved quantum safe signatures will be necessary. Have to advance the timeline on the quantum safe crypto suite. Need to move that to the WG to make it a formal work item.
Brent Zundel: are there folks to be editors of this quantum safe crypto suite doc?
Ivan Herman: the proposal does not say the barcode working group will take this.
Manu Sporny: lead editor is Greg Bernstein, and Manu as backup. Presumption is it will in fact be done in the barcode and integrity TF
Phil Archer: shouldn't mention the barcode TF is the place it will be taken up regardless of whether that's where it will be discussed.
Manu Sporny: 3 implementers so far have committed to do so. Have test vectors for ML-DSA, SLH-DSA, FALCON (FN-DSA), SQISIGN
Manu Sporny: the test suites will follow the same approach as prior test suites. Just changing the function calls to generate the signatures. Should meet the deadlines and likely will be done sooner.
<Brent Zundel> PROPOSAL: Adopt the Credentials Community Group Quantum Safe Data Integrity Cryptosuite specification ( https://
Thanks Ivan Herman
<Manu Sporny> +1
<Brent Zundel> +1
<Dave Longley> +1
<Ivan Herman> +1
<Phil Archer> +1
<Ted Thibodeau Jr.> +1
<Kayode Ezike> +1
Brent Zundel: proposal is in
<Will Abramson> +1
<Dmitri Zagidulin> +1
Brent Zundel: proposal is in
<Jennie Meier> +1
<Joe Andrieu> +1
<Phillip Long> +1
<Wesley Smith> +1
RESOLUTION: Adopt the Credentials Community Group Quantum Safe Data Integrity Cryptosuite specification ( https://
Brent Zundel: no objections so we are resolved
Manu Sporny: forgot to adopt to pull over VCALM use cases. May not be needed to pull use case doc from the CCG to get it to the VC WG
Manu Sporny: have editors Eric Schuh(sp?)
Ivan Herman: what is the goal?
Manu Sporny: we have to share it for horizontal review. Will look odd if it doesn't come from the VC WG
Manu Sporny: Probably publish as a note. Could be under VCLAM spec or a separate pub.
<Sebastian Schmittner> and I am all in for post quantum crypto ;) quess was late to vote
Brent Zundel: If there are specific changes that need to be made it doesn't need to be moved over.,
Joe Andrieu: should be moved over. May be changes.
Phil Archer: Sperity is rejoining the group to be part of this
Manu Sporny: would be published as CG final. This proposal is to begin that process
<Brent Zundel> PROPOSAL: Adopt the Credentials Community Group Verifiable Credentials API Use Cases document ( https://
<Manu Sporny> +1
<Brent Zundel> +1
<Dave Longley> +1
<Kayode Ezike> +1
<Joe Andrieu> +1
<Wesley Smith> +1
<Ivan Herman> +1
<Benjamin Young> +1
=1
<Dmitri Zagidulin> +1
<Ted Thibodeau Jr.> +1
<Jennie Meier> +1
<Will Abramson> +1
<Phillip Long> +1
<Phil Archer> +1
<Elaine Wooton> +1
having keyboard issues like Brent Zundel
Joe Andrieu: should call it VCALM
RESOLUTION: Adopt the Credentials Community Group Verifiable Credentials API Use Cases document ( https://
Brent Zundel: when it's published as a working draft the correct short name when it's published
VCDM Maintenance
<Brent Zundel> w3c/
w3c/vc-data-model#1624
Brent Zundel: Issue not yet triaged #1624
Joe Andrieu: this is editorial (#1624)
<Manu Sporny> I agree, it's editorial
Brent Zundel: agrees with that label therefore class 2
<Ivan Herman> +1 to editorial
w3c/vc-data-model#1603
Brent Zundel: Manu Sporny was assigned to this and was discussed and willing to address it.
Manu Sporny: still willing to address it and it's straight forward. Will get to it in 3 week
Brent Zundel: enough to move to the next
w3c/vc-data-model#1583
Brent Zundel: expects #1583 will make up part of the f2f meeting - no one yet assigned and it's a big one
Brent Zundel: anyone willing to be assigned to it, and should it be taken up in the f2f meeting
Manu Sporny: +1 to taking it up in the f2f. Have been conversations about how to approach threat models. Probably working on other threat models before the VCDM
Manu Sporny: the subspecifications and their threat models will be useful to have before doing the VCDM. E.g., much of the VCALM threat model may be pulled into the VCDM threat model. A threat model dir. will be created and things put into it.
Manu Sporny: then it will be refactored into the VCDM threat model. That's the current cunning plan...
Brent Zundel: Simone makes clear can co-exist as part of or separate from the main doc. It can be published separately. Reviewers will be able to see the threat model makes sense. An ecosystem threat model may be sufficient for some TFs.
Joe Andrieu: +1 for iterative method to look a simpler ones first. We haven't gotten approval from PING to let threat models deal with privacy considerations. We need both security and privacy sections. Have an option for TOC in an appendix or separate note, as well. Could keep text to highlight the threats but that adds complexity
Phil Archer: Has received comms for several people. Threats need to highlight dangers, or threats are avoided.
Brent Zundel: reminder no call next week.
<Sebastian Schmittner> many thanks! have a good day :)