Meeting minutes
Ivan_Herman: Good afternoon.
Wesley_Smith: Good morning slash afternoon folks.
Elaine_Wooton: Wanted to say good morning with my real face, but now I'll turn off the camera.
Wesley_Smith: Morning folks. I'll give it a couple more minutes for people to trickle in before we get started.
Wesley_Smith: I know we're hoping Greg Bernstein will be here to lead the DI portion of the call. Do we know of anybody else that we're expecting? I know we had quite a lot more cases the first week or two, but …
Dave Longley: Yeah, I'm not sure.
Dave Longley: This is maybe the first week since the first invite went out and maybe people have not appropriately updated calendars and that sort of thing.
Wesley_Smith: All right.
Wesley_Smith: I'll get started at 5 in just a sec here.
VC Barcodes Spec and Data Integrity Workflow
Wesley_Smith: All right, let's go ahead and get started. hey everybody. Thanks for being here. This is the April 28th meeting of the barcodes and data integrity task force of the VC working group. the agenda for today is much the same as it has been the last couple weeks and probably will be for the foreseeable future. we'll go through administrative and process items briefly and then we'll spend about half the call doing PR review and issue processing on the VC barcodes spec and about half the time doing PR review and issue processing on the various
GitHub UI and Whitespace Issues
Wesley_Smith: inflight data integrity works. So with that in mind, I guess we'll do announcements and introductions. I don't have any announcements for the group. Does anybody want to introduce themselves or have any announcements to hearing nothing I think we can go ahead and jump right into some VC barcodes work then let me go ahead and share my screen. So there are now actually a few pull requests open on the barcode spec. A couple of them we've already discussed here.
Wesley_Smith: A couple of them are kind of small process style pull requests and then some of them do make more substantive changes to the specification itself. So the first thing I want to discuss with the group and that's largely because I have a question is there's something weird happening with GitHub and the GitHub UI and it's breaking something. So, this has been a PR that there's been a fair amount of discussion on, but last night when I committed a change suggestion directly from the GitHub UI,…
Ivan_Herman: Go ahead.
Wesley_Smith: it did this thing where it basically rewrites the entire file.
Wesley_Smith: I know Benjamin Young and I had run into something similar on a different specification and I think he said it was something to do with new line character encodings or something to that effect. but I'm curious what the group's perspective is here on this. So I can show you the actual commit that did it. It's a tiny little commit. Yeah, I guess it won't show you the detail. Basically, this commit updated one line of text. but it caused the entire index file to be sort of rewritten. So, I'm curious what people think about this. I just realized that I don't get hand notifications if I'm not tabbed in. So, feel free to jump in. Dave Lane, go ahead.
Dave_Lehn: go to the little gear thing and…
Dave_Lehn: do the ignore whites space thing and see if that fixes it. next to the submit review.
Wesley_Smith: this gear thing.
Dave_Lehn: So yeah,…
Wesley_Smith: Right.
Dave_Lehn: it was a white space thing.
Wesley_Smith: So that shows what the commit is, but does that actually solve the problem in the git history?
Dave_Lehn: No, no, it's just ignoring it for the diff. So the…
Dave_Lehn: if you were to check it out and look at it, you can probably see that it probably changed all the line endings from whatever it was to whatever it is now.
Wesley_Smith: …
Wesley_Smith: what do people suggest as the way to move forward here?
Wesley_Smith: Should I re redo this PR in a separate branch or something to that effect? right.
Dave_Lehn: You probably don't want to commit something like that intentionally,…
Dave_Lehn: but I mean, you might want to check and see what it was. did it get reformatted to all the wrong thing before and…
Dave_Lehn: it's just fixing it, or did it
Wesley_Smith: That was my other question.
Wesley_Smith: Is this flipping a switch back on that was previously flipped off in a similar way? I don't actually know. okay, that's fine. I will maybe take some of this discussion offline, figure out what to do with this PR. regardless of that kind of technical bump, I think this PR is about ready to be …
Dave_Lehn: just a note that setting that you changed may be stuck on so you may want to turn it off so you will see the differences later.
Wesley_Smith: sorry. Go ahead. heard that.
Dave_Lehn: I think it's Yeah.
Wesley_Smith: Anybody else have their hand up? I'm apparently do not get notifications when I'm in a different tab. All right. So, regardless of that technical hiccup, this PR is about ready to get merged. There's been a fair amount of discussion on the topic. Ivonne, I know you had some questions but recently approved the changes.
Wesley_Smith: Manu made some points that I attempted to address. So I do think that the content in this PR is about ready.
Wesley_Smith: So if you're a interested participant in the details in the conversation of this PR, go ahead and take one last look and then I'll try to get it merged in some form at some point soon.
Improving Specification Examples
Ivan_Herman: I looked at it about two hours ago and it looks okay to me. Ivan Herman:
Wesley_Smith: Okay. …
Ivan_Herman: I raised a separate issue because I think that the examples should be rewarded but I put that separate issue for good reasons.
Wesley_Smith: yeah. Yeah.
Wesley_Smith: So, I noted that and agreed. I think that probably doesn't need to grow in scope to include example reworking.
Ivan_Herman: Exactly.
Wesley_Smith: While we're on the topic,…
Ivan_Herman: That is a separate issue.
Wesley_Smith: do you want to briefly give an overview of what you put in this issue? What you think the examples could benefit from?
Ivan_Herman: Usually is a lot of things are presumed as being known and they are not obvious. So, I gave a lot of examples here, but yeah, it's on the screen. I don't want to read up exactly what I mean. One thing is maybe that comes through is it was I think Dave Longley who on the last call when we discussed it made this point which for me was sort of clicked is that in the case of augmenting the subject is different. The subject is essentially the old barcode. that's is the case in the examples but this is something that was worth really emphasizing and in the same direction inversing the order.
Ivan_Herman: The example three is the obvious one and in your list in the introduction you start with the obvious case where you have a verifiable credential from somewhere and you prove it like we do with all the others and you would the in inverted comma the only thing you do is to convert it into a barcode. and that should be the first example because that the simple one and the other two are more complex.
Ivan_Herman: And one other thing which permeates very many examples that are written in different documents which always bothers me is that we put in properties or classes that are application specific and not standardized by us and we mix it with those properties and classes that we do standardize and I know that in real JSON it's difficult to differentiate between the two but in our examples we could use a different color or something to make these distinctions very clear.
Ivan_Herman: I know that this AMV whatever it's unclear where it will be standardized and so that's still a question that we will have to discuss at some point but I see a protected component index and…
Ivan_Herman: I have not the faintest idea what the hell that is because this is not something that we defined in any of on our spec so far and you put it into an example and that sort of lead people away from the discussion.
Wesley_Smith: Yeah. …
Wesley_Smith: Go ahead. Understood. And thanks. Much appreciated. it's useful for you to go through these in such such depth. so to speak briefly to what I understand the current state of the document to be and I think what we want to happen with respect specifically to this ammo driver's license type and the protected compone so I believe protected component index is currently defined by the specification but I believe it is also strongly coupled to this AMA driver's license type which is something that we don't want.
Wesley_Smith: So I think the last time we discussed it the general consensus is maybe a strong word but the general lean from the group was we are probably going to want to generalize protected component index as much as we can to be an index against the barcode that is being augmented and it's an index defined somehow in some generic way maybe just as an extension point and…
Wesley_Smith: then we're going to want to have the amber driver's license type B part of an appendex. So that's my current understanding. Right.
Ivan_Herman: Yeah, I think that's correct.
Ivan_Herman: That's correct. Yes. But that's right.
Wesley_Smith: So I want to be clear about the nuance there that I think yeah right now these two are strongly coupled but I do think protected component index is defined. we need to decouple them make this generic so it can be used for expressions of XI cryptoeet signatures over barcode data that are not specified directly in our specification. and then in an appendix say here's how you use it for this type. All right.
Ivan_Herman: That's fine.
Merging Administrative Pull Requests
Wesley_Smith: Sounds like we are on the same page there. thanks for going over your new issue as it relates to that previous PR. all right. Let's go through a couple of these PRs and get them merged down. So, this one I approved this a week ago. It's been sitting for a week. this is just adding a script.
Wesley_Smith: It's adding a workflow. I'm go ahead and merge this on the call unless anybody has any objection. actually I am curious this is not an editorial PR. What would you describe this as administrative?
Ivan_Herman: It's an administrative PR…
Ivan_Herman: if there is notable…
Wesley_Smith: Thank you.
Ivan_Herman: because it's the way we publish the document. ment automatically. And of course you merge this one and then next time we merge a real PR so to say with real changes then we will have to ch to check whether it is really published to see if this works and I have this experience with other documents that we have done it's good time time to make this check I don't say that you have to do
Ivan_Herman: that you merge but once a month at least or once every two week if you do a PR then check it because I don't know which document there was a miss there was a bug somewhere and for a half a year we didn't realize that nothing was published on slashtr…
Ivan_Herman: because all the failed and then It's more difficult to find a problem.
Wesley_Smith: Okay, that's a good note.
Wesley_Smith: Anybody know why I can't merge this PR? Is it because this preew thing failed? So, deploy PR preview is canceled after 1500 minutes.
Ivan_Herman: What? I have no idea…
Wesley_Smith: It's a day or something, right? okay.
Ivan_Herman: what that stuff is.
Wesley_Smith: I cannot merge it.
Ivan_Herman: Let me try.
Wesley_Smith: I do. We need two reviewers to approve it. Does it need multiple approvals? Multiple reviews?
Ivan_Herman: I have no idea. Don't let me go there. Just a minute.
Wesley_Smith: And…
Wesley_Smith: if we get down in the weeds, we can table this and maybe figure it out offline,…
Wesley_Smith: Ivon. But if possible, I'd like to get it handled on the call.
Ivan_Herman: Can I try whether I can merge it…
Ivan_Herman: because I have an admin, right? I think it merged it for me.
Wesley_Smith: Sure, go for it. Okay. I'm a lesser being.
Wesley_Smith: That's fine. I accept this reality. All right.
Ivan_Herman: And…
Ivan_Herman: let's not try to understand everything.
Wesley_Smith: Better All another similar PR.
Wesley_Smith: You might need to be standing by again, Ivon. I'm logged in. Okay. …
Wesley_Smith: the preview failed after a day. and maybe that's why. Okay. I'll just type yeah, I
Ivan_Herman: Can you check other PRs whether it does the same thing?
Wesley_Smith: I don't think it does because I have merged.
Ivan_Herman: def container for previewing code spaces. What is this?
Wesley_Smith: We have the author on the call here. Give me just a second.
Ivan_Herman: Because this has the same problem. it's not a matter of the spec, it's a matter of the repo.
Benjamin_Young: Yeah, that shouldn't change the spec at all.
Benjamin_Young: So yeah,…
Benjamin_Young: so the problem is which thing in this case?
Ivan_Herman: I have no idea.
Ivan_Herman: I have no idea what this is about.
Wesley_Smith: problem is that I can't click the big green merge button.
Wesley_Smith: Yes,…
Dave_Lehn: You can look at the actions.
Benjamin_Young: But you used to be able to.
Wesley_Smith: I can click this one and…
Dave_Lehn: You can look at the actions and see that they are failing.
Wesley_Smith: this one doesn't have the failing. okay, so it does look the only ones I haven't been able to click are the ones that have that timeout error.
Wesley_Smith: So, it's probably that to click on the actions to see which ones are failing. Yeah.
Ivan_Herman: There is a preview thing…
Benjamin_Young: Yeah. It's also possible somebody set up branch protection rules that are requiring things to pass.
Ivan_Herman: which I don't know where it comes from. is it possible that preview failed
Dave Longley: So, I wasn't watching the screen too closely.
Dave Longley: When you say you can't click the button, is that because it looks like you can't click it, or can you click it and it just is that color?
Wesley_Smith: Wow.
Dave Longley: So you can click it.
Wesley_Smith: Okay. Thanks. That's a little silly.
GitHub Code Spaces for Spec Editing
Wesley_Smith: I can click it. More power than I know. My mistake. I will go ahead and merge this All right. Benjamin, do you want to briefly discuss the dev container P that you put up
Benjamin_Young: You have more power than
Benjamin_Young: Yeah, we've done this on at least one other specification. It's essentially allows you to use GitHub code spaces to live in your browser. And the bigger thing that it sets because you can do that already. The bigger thing it sets up is a live server. as you can see there, so that you can preview in your browser as well. And that just makes it possible for folks who don't have VS Code installed or don't want to. and want to just edit some HTML and see what they're editing. it makes that possible. And there's instructions I think referenced if you go back to the conversations tab with and click on Yeah,…
Benjamin_Young: go ahead and click on that. this is where we did it first was in this render methods repo and there are instructions there. yeah,…
Wesley_Smith: I'm going to go ahead and…
Wesley_Smith: just copy paste this into a comment on this PR.
Benjamin_Young: that'd be fine. We could even put it in the readme, but it's also on the w3ccc.org website, there's a contributing page that explains all that. but the idea is that from GitHub you can click edit in code spaces
Benjamin_Young: what you're changing make multiple commits from there and create a PR just like somebody who has bothered to set up all the stuff locally and run command line stuff and whatever without having to do all that. So that's it.
Wesley_Smith: Yeah. …
Wesley_Smith: this seems to me to be improving one specific workflow for working on the spec at no cost. so, I'm happy to merge Any other opinions?
Wesley_Smith: Any objections?
Dave_Lehn: I tried raising my hand again, but I guess you can hear that.
Wesley_Smith: Yeah, thank you for speaking up.
Dave_Lehn: Yeah,…
Wesley_Smith: I can't hear for some reason the meat hand raise noise and other tabs.
Dave_Lehn: that's fine. this is just that whatever extension that's there. I seem to remember looking at this before and…
Dave_Lehn: it looked like it was completely unmaintained. I don't know if this is a security issue too, just using random people's code to do this thing. Is that an issue or is this a well understood community thing that people use or what?
Benjamin_Young: There might be others out there. if you think we need to shop for one, but it's running an HTTP server inside of a dev container that's had a UU ID specific to the person who clicked the code spaces.
Benjamin_Young: So unless the person is going to self harm through that HTTP server, I really don't know that there's a risk.
Dave_Lehn: I've never used any of this stuff,…
Dave_Lehn: so I don't even know what's going on here,
Benjamin_Young: So code spaces to maybe explain it a little more code spaces is just a docker container with VS code in it by default.
Wesley_Smith: This code tab. Yep.
Benjamin_Young: So if Wes you go to the code tab in ub. the default one and then where it says code in the green button and then code spaces tab right below your mouse. if you were to click that now, you don't need to, but if you create code space on main, then you get an environment that's essentially VS Code in your browser and you're by default editing on main.
Benjamin_Young: The instructions I wrote up talk about switching branches and whatever, but the thing that GitHub weirdly lacks is the ability to preview HTML in your browser. So, the live server thing just makes it possible within that Docker container spin up an HTTP server that…
Benjamin_Young: then lets you preview what's inside that Docker container. why that's not table stakes for this thing, I don't know, but So, there's a community extension there. There might be another one out there. yeah.
Dave_Lehn: There's 2,300 open issues on this project.
Dave_Lehn: …
Benjamin_Young: It's still the one suggested throughout all the blogs and…
Dave_Lehn: just beware.
Ivan_Herman: I'm
Benjamin_Young: therefore by AI as the thing to use for it. doesn't mean we have to use it, at all. We don't even have to merge this unless somebody wants it. But again it's just HTML in the person's browser out of a Docker container that is the contents of this repo. So the risk here is somebody running HTML in their browser which they're doing already. So I don't like I said they'd have to really be copying and pasting stuff from some other place to do more than they're doing.
Wesley_Smith: and Ivonne.
Wesley_Smith: Does W3C have a position on this sort of thing? Do you know
Ivan_Herman: I don't think that we have ever heard a discussion about it that…
Ivan_Herman: but nevertheless, me as a person, I am a little bit uneasy based on what Dave said. because who knows what happens and if it destroys one or one of our documents or puts it back to I don't know where later is it really worse the trouble I mean do we really have people on this group who need this I am not convinced I don't
Ivan_Herman: experimenting with these kind of tools on a repo that has a lot of people working together and…
Ivan_Herman: has documents which have some level of timing attached to. so I'm a bit uneasy to be honest.
Wesley_Smith: heard. And really quick,…
Wesley_Smith: Benjamin, before you go, agreed with some of your points of one point I want to make is you said, do we have people in this group that need this glow? I don't think so.
Wesley_Smith: I don't think that I think the right way to look at it is accessibility improvements mean that we might get people into the group that currently are kept out of the group by the barrier to entry that we currently have from a very technical contribution process.
Ivan_Herman: I agree with that.
Ivan_Herman: Okay, I take that.
<Dave_Lehn> here's the extension source; GitHub - ritwickdey/vscode-live-server: Launch a development local Server with live reload feature for static & dynamic pages. · GitHub
Wesley_Smith: Benjamin, go ahead.
Benjamin_Young: Yeah.
Benjamin_Young: So the way forward without this is folks who need this kind of environment still have it. they can still do code spaces. they just won't be able to see the effect of working in the code space until after they send in their PR at which point the W3C preview bot which is going to do the same. is going to make a URL that has HTML that one can load in one's browser. then they have to wait on all that to happen before they can see what's happened in their PR and then they can switch to that branch and continue to make changes. so it's the exact same experience. It's just glacial.
Benjamin_Young: And Dave, if you again want to find something that you feel more comfortable about, please do
Wesley_Smith: All So, it sounds like we should at the very least leave this PR open for a bit longer while people look into alternatives, that sort of thing. I don't get a tremendous amount of heartburn from this…
Wesley_Smith: although I do think that good questions to answer things like Ivon raised a concern about sorry okay yeah so Ivon made a point about damaging the specification in some way.
Ivan_Herman: No, sorry.
Ivan_Herman: No, no, no. Sorry. But I have remark when we finish this.
Wesley_Smith: I would be curious what the potential risks would be if a super user with administrative level control over the repository went through this flow.
Wesley_Smith: Does that pose a security risk? I expect that largely the things that you can do using this flow are limited by your GitHub account level powers. so I don't think that's an issue for most people, but for the corner cases, maybe that's something interesting to look into. That sort of thing. Go ahead, Ivon.
Ivan_Herman: No, Benjamin,…
Ivan_Herman: go on because I have something different. I presume you want to answer this, Benjamin.
Benjamin_Young: Yeah,…
Benjamin_Young: I mean we can dig into all of that. again it's an HTTP server running inside the Docker container. So it would have to be escalating to a point where it's somehow got your key to commit as you to do anything else. All of which goes through the VS code UI forget and requires additional login steps and…
Benjamin_Young: and authentication steps just like VS Code does locally. whatever. But if y'all are squeamish about it, don't worry about it.
Wesley_Smith: So I'm in favor of at least leaving the PR open,…
Wesley_Smith: give people some time to look into alternatives if they want. Again, I personally don't have a lot of Harvard and I'd be happy to merge this. but if people want to give it some more time to deliberate and look into maybe better maintained alternatives that is fine. I will note that the issue count that you mentioned Dave Lane could be interpreted multiple ways. If these are issue counts if these are issues like this is a pressing security vulnerability please fix this that's one thing but if these are issues like this is a widely used and generally liked piece of software that a lot of people want features in that sort of thing. those are very different things.
<Benjamin_Young> It's already in use on Render Method, fwiw
Wesley_Smith: I'm gonna go ahead and move on unless anybody has anything else they want to say on the topic. Ivon, go ahead.
Ivan_Herman: In the meantime I have checked and…
<Benjamin_Young> most of those issues on that repo are bogus...
<Benjamin_Young> f
<Benjamin_Young> for example learn HTML · Issue #3288 · ritwickdey/vscode-live-server · GitHub
Ivan_Herman: the latest version is on DR so the akidna stuff works.
PDF 417 VCBs and Multibase Encoding
Wesley_Smith: That is wonderful to hear. let's see all right. We have a very small PR that I raised half an hour ago and that is directly addressing an issue and the entirety of the PR is a twoline change. It basically says that for PDF 417 so for PDF 417 VCBs we recommend that and specifically they use this type.
Wesley_Smith: We recommend that you use B 64 URL when you encode these things before you put them into the PDF 417. This PR adds a couple of lines of text that say if you want you can also use multibase and then that's essentially it. so I think the value of that is somewhat self-explanatory. we want to be clear that you can use multibase if you want. the reason why multibase isn't essential slash super valuable here is because you need some ahead of time knowledge to understand where in the PDF 417 a VCB is anyway.
<Benjamin_Young> The PRs are similarly bot-junk
Wesley_Smith: So the self-describing properties of multibase have limited value, but it's value. So it's good to allow it explicitly in the specification. anybody have any questions, points to All right. go ahead and take a look at this approve it if you're an approving type. I'll merge it after it's been sitting out there for a little while. And yeah. Okay, that is that small and simple. we already talked a little bit about this. I guess Benjamin, I'll ping you maybe since I know we ran into the same problem on a different specification about what to do about the whites space thing. there's this R as well. Okay, this is raised last night.
Wesley_Smith: This is a PR that updates some of the test vectors. it has the same problem. it's because I built it on top of the previous PR. That's why. So, let me go ahead and hide the white space. All right. So yeah, this PR is on top of a different PR. So it looks like there's more in it than there actually is. basically this PR just updates the test vectors to use the correct seabore tag. that's it.
Wesley_Smith: I actually will need to go back to this PR and make sure that the generated barcode images are updated as well because I don't think this PR currently does that. so this PR is actually not ready to be merged. because I think it should include updates to the images as well. but other than that, I don't know if it needs a tremendous amount of discussion. It's really just a PR that bumps the test vectors to use the correct and modern Cboard tag. any questions, discussion points? All right. so I will make sure that that PR gets updated to bump the images of the barcodes as well and figure out what we're doing with that whites space thing.
Wesley_Smith: I think that's it for Rs. All right. So, there are basically three content PRs out at the moment. one of them we need to figure out a technical hiccup. The other two need a little bit of time. I think we can go ahead and move into issue Noting that Greg isn't here. I guess does anybody want to run the data integrity portion of the call in Greg Bernsteinstead because now is the time that we'd be doing the switch.
<Dave_Lehn> looking at that whitespace churn commit you can see it went from 0a to 0d0a.
Wesley_Smith: Okay, Dave Longley.
Wesley_Smith: Go ahead.
Dave Longley: The answer is no to that for me.
Dave Longley: But we could just state the one there's at least one update from that group which is that the final report got merged. there's still a little bit more to do over there with CCG process but that's making its way.
Dave Longley: This is for the data integrity quantum safe specification.
Wesley_Smith: Excellent. That's great news.
Wesley_Smith: Thanks, go ahead, Avon.
Ivan_Herman: The question is…
Ivan_Herman: if the CCG finish what it has to do then am I allowed to move over the repo to this task force right away or…
Ivan_Herman: do we have to wait? the CCG at the CCG.
Dave Longley: I think we still have to wait for one other process thing to happen.
Dave Longley: I wouldn't want to move it prematurely. Yep. Yes,…
Ivan_Herman: No, what I'm saying is once that is done, is it okay if I move it over? Dave Longley:
Dave Longley: I believe so. someone I think Greg's following that process and he will let you know when it's done.
Ivan_Herman: Okay, actually ping me and then I will do it.
Dave Longley: Yep. Thanks, Von.
Wesley_Smith: Okay, cool.
Wesley_Smith: Anybody have anything else to say about the data integrity work? All right. If not, let's do some barcode issue processing. there's a fair amount of issues open on the spec and they are completely untagged on. So, let's start from the oldest stuff from 2024.
<Dave Longley> which we don't want, so we will want to not do that (changing line endings from \n to \r\n is not desirable)
Wesley_Smith: When implementing the specification, I came across a few minor issues with the test vectors. it looks like there has been a fair amount of discussion something relating to the check sum digit being incorrect in an MRZ. However, I think that the issue this person is pointing out is at the barcode slashMRZ conformance layer and not the VC barcode correctness layer, if that makes sense. the barcode that was augmented or the MRZ that was augmented had an incorrect check some digit something to that effect.
Wesley_Smith: I don't know if this has been updated. I was mentioned in a issue that's been closed. So, let's go see what happened there. Updated barcodes with the correct header information will be in slow shortly, excuse me. And that was rge That doesn't have anything to do with the MRZ example that they discussed. So, I don't think this issue can be closed without at least looking into see if that checks some well, I guess it's good for the group to discuss.
Wesley_Smith: If there is an incorrect check sum in the MRZs on one of these credentials, that's presumably something that we would want to fix. Although it doesn't actually impact our ability to verify the verifiable credential. it does make the underlying barcode look wonky if you're using some verification flow that also checks things like check some digits in an MRZ. folks have thoughts about thoughts about that.
Wesley_Smith: Go ahead, Dave Longley.
Dave Longley: is this whatever version of myself replied to that two years ago. that person is gone. is this just based on an example that we have that is not matching a check sum and… Dave Longley:
Wesley_Smith: Yeah, it looks like on one of the examples,…
Dave Longley: so yeah so it seems like we just have an example we should fix.
Wesley_Smith: one of the numbers in the MRZ should be different to be a correct check sum,…
Dave Longley: I'm sure we don't want to have an example that has an incorrect check sum.
Wesley_Smith: right? Yeah.
Dave Longley: So we will want to do that.
Wesley_Smith: And we need to check if that actually is still true or if as you say a version of myself from two years ago fixed that and then didn't say anything on this issue. that is that a bug?
Ivan_Herman: It's about
Wesley_Smith: Is that a bug?
Dave Longley: Yeah.
Wesley_Smith: That is a bug. Dave Longley from 2024. The same previous Dave Longley.
Dave Longley: He's not on the call.
Wesley_Smith: Yeah, right.
Wesley_Smith: Can you speak to what you're saying here, Dave Long?
Dave Longley: I believe at some point during the development of the contexts here,…
Dave Longley: a context was produced that was a later version from what is currently in the spec. and that later version had an error in it or was doing something that the group decided not to do. and we might just want a note somewhere that says don't use version two. I think these are all marked as I hope they're all marked as RC something something anyway.
Dave Longley: But this is my vague memory that we published something and then we were like no actually that was a bad idea. Let's just keep version one.
Wesley_Smith: Yeah. So that's for the VDL context…
Wesley_Smith: which is why this is linked into the Update examples to use proper tur. So I think the tur bit string stat list was the term incorrectly added to the VDL vocab when we decided this actually live in the VC barcodes space. That is my understanding. that's…
Dave Longley: And that might already have been fixed.
Wesley_Smith: what I'm looking at as well.
Dave Longley: If you didn't see or hear it though, Avon's hand went
Wesley_Smith: Ivonne go ahead. Thank you.
Ivan_Herman: For me this raises a separate issue.
Ivan_Herman: So it is related to this but finish what you started.
Wesley_Smith: …
Wesley_Smith: we have a pages issue.
Ivan_Herman: So that raises to me the
Wesley_Smith: There's an example that uses the incorrect version. Okay, there are two examples. I know that the test vectors should not do that. Yeah, so the test vectors are correct but some of the previous examples in the specification use the incorrect definition. go ahead Ivon.
Ivan_Herman: question which we may not want to answer right now. But in which vocabulary and which context file will the terms that we define here land?
Wesley_Smith: Yeah. …
Wesley_Smith: they currently live at…
Ivan_Herman: No, but that's not My question is where it will be.
Wesley_Smith: where it actually didn't work. I'm not sure I totally understand the question.
Ivan_Herman: Will we extend the current vocabularies that we have already or not? I mean again we don't have to answer that but at some point in time we will have to answer that.
Wesley_Smith: So, currently the VC barcodes spec has its own data model that includes these definitions.
Wesley_Smith: Are you talking about are you suggesting that some of the terms defined in that data model such as tur bit strings tless entry would be better to live elsewhere.
Ivan_Herman: I question I am asking I mean we have already a vocabulary for VC we have a vocabulary for DI we can extend those things I am not sure that adding new vocabularies all the time is really good for usage so that's…
<Dave Longley> `Verifiable Credential Barcodes v1.0
Wesley_Smith: Right. Go ahead.
Ivan_Herman: what I'm asking that's
Dave Longley: So we do have some URLs that are defined the URL for example for the tur bitstring status list entry lives at w3id.org. This is a similar situation with some of the data integrity terms and some other ones that happened in the space that went to production systems before we had a working group that was able to handle the spec and do something with the vocabulary. So, I do expect that we're going to at least say that these URLs are at these locations where we talk about the definitions of them.
Dave Longley: I don't remember exactly what we did for that Ivon, but we have similar URLs elsewhere in VC space if you understand what I'm saying. Yeah.
Ivan_Herman: Yeah. No,…
Ivan_Herman: I understand what you say. We will have to check. I don't remember either. I remember that we had this. It's in the DI area because in the VCDM it's clear it's W3C URLs all along. But for the DI indeed we have this. We will have to check that and again I'm not saying we have to do it right now but that has to be cleanly done and in the same spirit as it is done elsewhere.
Ivan_Herman: All right.
Dave Longley: Just so we're clear, Wes, what you're typing there, you're saying it has the correct vocabulary, but the link there is to a context, not the vocabulary.
Wesley_Smith: Right. Thank you.
Wesley_Smith: Okay. this is important but not critical. That sounds good first issue. Very true.
Wesley_Smith: If anybody wants to fix this, this would be, control F vdlv2 and put in VC barcodes v1. I think that is good.
Wesley_Smith: Priority two and good first issue.
Dave Longley: Yeah, the thing you just said …
Dave Longley: if there is someone who wants to do a first issue, if you copy and paste those two URLs in there and say that's what needs to happen, it's more likely that someone could grab it as a first issue.
Wesley_Smith: As a first issue that Jason LDBC
Wesley_Smith: Easy text.
Wesley_Smith: How's that look?
Dave Longley: Yeah, I think that's right.
<Dave Longley> https://
Wesley_Smith: for all the hundreds of people on this call desperate to get their hands dirty, that would be a great place to start. All right. next issue, outdated R to bitstring conversion. Again from 2024, the new definition of fishing status entry includes the status size and status messages that cannot be derived from Tur Manu said, "Yep, that's not supported. Does this create a problem?" It does create a problem so that's reiterating the issue.
Wesley_Smith: I guess the only way to fix is either to put them back into the bitst string status list or pass them as an input of the conversion algorithm. But then the verifier needs to know those parameters in advance. there's some historical context here that I'm missing about the status, no pun intended, changes of these properties in vision set entry. anybody have context to share about those properties. Stay long.
Wesley_Smith: Go ahead.
Dave Longley: Those are some optional properties that are part of the spec for bitstring statusless entry that I think they made it into the spec. There might have been two implementers that were interested in using those properties…
Ivan_Herman: You mean the B string pack?
Dave Longley: but they were kept as optional. in the bitstring status list spec they don't make any sense for bitstring statusless entry and they would definitely cause size problems for those entries defeating the purpose of having it be tur and small. I think the spec should just say that those properties aren't supported by TUR bitstring status lists. And so if you have a bitstring status list that you want to express as a TUR one and it has status size and status message then that's not supported because you'll lose that information.
Wesley_Smith: What's close?
Ivan_Herman: In the Bitspring spec,…
Ivan_Herman: the official one, the word Tur does not arise at all.
Dave Longley: That's right.
Dave Longley: The tur bitstring status list entry is new and introduced by VC barcodes. it's a way to express status list information in a barcode in a very tur or…
Ivan_Herman: Okay. But…
Dave Longley: very small concise way.
Ivan_Herman: then the question which maybe that's what you were raising is that this should be added to the bitstring status and…
Ivan_Herman: not the barcode specific thing. Isn't that correct?
Dave Longley: …
Dave Longley: where it lands and that might be a better place for it to land certainly. where it lands is a separate question from if you use this it must also have status size and…
Wesley_Smith: All right.
Dave Longley: status message. I don't see any reason why it must have those optional properties. And it would defeat the purpose of using it if it did.
Wesley_Smith: So, it sounds like we're essentially on the same page. Agreed that potentially down the line there are better places for this term to be defined than here. But right now it is defined here and that is a separate question from what the issue is asking. I think that we just need to add a sentence to the specification that says they're not supported and then close this issue. so I will add this comment to that effect and tag it similarly as a good first issue. Wow. And prior is there a priority three? no. Okay.
Wesley_Smith: I'll just call it a good first issue. I don't think that's super critical. All right. anything else anyone want to say on that topic? Sorry, I'm very hyper aware that I can't hear if people have their hands up. It's stressing me out.
Dave Longley: There are no hands up.
Wesley_Smith: All right. So, let's go ahead and maybe do one more issue. this is my issue from 2024. allow multibase encoding for driver's license VCBs. yeah, this is the issue that I just raised a PR for last night. So, we don't need to talk about it. It will close when that is I lied. one more issue from 1025. It's possible to put a bare bp in a QR code.
Wesley_Smith: This is an issue from a time where the specification did not allow the use case where you just stick a VC in a barcode. So, it looks like Manu this PR got merged.
Ivan_Herman: new kid.
Wesley_Smith: Manu just didn't use the keyword to close this issue. I think this issue can be closed. anybody disagree or feel differently?
Wesley_Smith: Nuke it for more of it discussed on 28 issue is outdated and no longer applies back explicitly supports this use case in both session. All right. we are about out of time. Remind me folks, this is supposed to end at five minutes to the hour, It's not supposed to go to the hour. All right. we're about out of time. thank you everyone for the time and effort today. had some good discussion and I will see you folks next week. Meeting ended after 00:55:08 👋 This editable transcript was computer generated and might contain errors. People can also change the text after it was created.