DIF F2F Virtual community meeting — Follow up, 6/16/2020
To the 100+ attendees who came, thank you for joining us at the DIF F2F Virtual Community meeting last week. For everyone else reading this, thank you as well, and we hope that if you find something interesting below, you’ll feel welcome to our future events, working groups, and conversations.
🎉 During the 5+ hours, we spent together over zoom, we discussed ethics, technology, community, and collaboration. We heard from current DIF members, newcomers to the decentralized identity space, and DIF-curious veterans curious what our working groups have been up to. Particularly well-attended were the community-wide interoperability session and the solid three hours of working group introductions and updated, chock full of wide-ranging Q&A and even a few announcements about projects soon to be open-sourced!
📝 This update condenses the essential takeaways and announcements from each session of the meeting, as well as listing links shared in chat and links to video recordings of the entire session. Before jumping in, let us announce two on-ramps to future discussions:
here is a sign up form for our open call for cross-community interoperability coordination, taking place June 26th at 12 ET, and
here is another sign-up form for the hourlong sync meetings, also open to the public, that we hold every other Wednesday at 11 ET.
We started off bright and early at 8 am for the Pacific time zones of California, Vancouver and Washington with a little icebreaker exercise: everyone willing to do so marked themselves on a public google map while many newcomers introduced themselves over Zoom and chat. After that, executive director Rouven Heck gave some opening remarks and there was a brief housekeeping Q&A session.
- DHS S&T SVIP Call — CFP
- W3C CCG work item to standardize on HTTP APIs (this extends the API standardization for the DHS SVIP plugfest; see also did:actor and did:web)
- About the controversial comments around ION project (Coindesk hit piece)
- A project introduction from Adrian in healthcare use-cases, privacy issues, and ethics
📓Code of Conduct
approved version: on github
Between #IIW29 and #IIW30, a DIF ad hoc committee worked weekly to define and iterate a new Code of Conduct for DIF working groups, mailing lists, GitHub repos, and events. In this brief update, we presented the completed and approved draft document. We also outlined a new DIF initiative taking shape to offer workshops for people interested in cultivating responsive and empathetic convening skills and conflict resolution skills application to contexts like ours. Creating an open, healthy, and productive culture where members and the community can build and grow together is an important part of any organization, and we are putting money and time behind our commitment to making that the case here at DIF.
☂️Interoperability WG — Cross Community effort
This session proposed pivoting the existing DIF Interoperability Project to a more coordinating and project-managing paradigm. Previously, the project primary work has been building and adopting testing infrastructure, but while that work is important and much of it will still be done in other DIF WGs, the new interoperability working group charter is scoped to only for identifying roadblocks to and gaps in a widely-interoperable decentralized identity stack. Once identified, these needs will be analyzed consultatively to avoid redundant work and route them to the best (and most collaborative) working context, in or outside of DIF.
The meetings of this group will be a fully open, non-IPR protected meeting so all parties with skin in the game are warmly welcomed to attend, to listen in, or to watch the recording afterward. A (draft) charter can be seen here for scope: Interop WG and the inaugural Community kick-off meeting will take place on June 26th at 9 am PST / 12 pm ET / 6 pm CET. Sign up here (you will receive a calendar invite with dial-in details). Or join the mailing list here.
- Precedents and inputs: Aries Connect-a-thon ; DHS SVIP Plug-fest
- Kaliya’s precedent further back of community coordination: OSIS
- Anil and Pamela discussed test suite maintenance — this is now on the agenda for the interop WG Friday
- Darrell: Until the community sees the deep value in test suites — and what it means (no vendors pointing fingers; ability to avoid the worst of vendor lock-in; etc.) it will be hard. OGC is a great working example of how interop suites built an industry while breaking down the barriers that were driving (insane) costs.
- Adrian’s question about Service Endpoints and privacy: “Neither DID or VCs or wallets need to do anything standard with the service endpoints.” — Adrian’s point and his use-case are now on the agenda for the interop WG
- Haardik’s question about wallet portability segued nicely into Orie’s W3C work item
- DanielB’s feedback on ^: DID Contexts was one portion of the data that I was hoping to have in a wallet portability standard I’ve been sketching out
🔎DID & Protocol layer Groups:
💡ID & Discovery WG, 🌱Sidetree WG & others
Highlights: ID & Discovery talked about Universal Resolver CI/CD project and in-kind donation from IBM (of Dan and Kapil’s time and cloud credits) to host and productionize the Universal Resolver along with Philip and Bernhard from DanubeTech. Markus also updated everyone on the three key recovery schemes recently open-sourced by Microsoft Research, Veridium, and ConsenSys. DID:Peer is being open-sourced and well-known DIDs are being deployed to production by MSFT. Updates were given on the various members of the Sidetree family, with the editor of the Sidetree spec Orie Steele of Transmute inviting GitHub issues (including documentation issues) to push the specifications closer to v1.
- DanielB: Note: MSFT will be implementing Well-Known DID Configuration for customers to connect DIDs to domains within 100 days from today
- Ajay — https://github.com/trustbloc
- Overview of KERI by Sam
- Andreas volunteered to help Sidetree WG with “Anchor contract” logistics to make it more ready for Eth mainnet (ref impl only works on Ropsten testnet, based on v0 spec; v1 spec needs to be finished before refactoring it )
- Dan — WEF Future of Security and Travel task force has been working on interesting stuff worth looking into here → KTDI.org
🛠️App-layer & Functional Groups:
🔓 DID Auth, 📦 Secure Data Storage, 📚 Glossary & others
Oliver Terbu introduced two great demonstrations from member projects that had been reviewed, iterated, specified, and documented by the DID Auth WG in the last six months. Validated-ID showcased it’s Self-Issued OpenID Provider (SIOP) protocol for using a DID to sign in to an OpenID website. The authorization libraries complement other projects presented above and below to bootstrap OIDC architecture for DIDs, as well as ongoing open-source work bridging the European Commission’s ESSIF project to traditional eIDAS PKI via OpenID. New members Radical Ledger also showcased another lightweight SIOP-compliant authentication system intended for deployment in e-commerce settings. Kyle den Hartog, co-chair of the group, also briefly presented on the “key ID issue” (what to do about a parameter named ‘kid’), an ongoing multi-layer complication requiring extensive coordination between DIDAuth, DIDComm, and various WGs elsewhere.
Dmitri Zangulin introduced the Secure Data Storage WG, jointly operated with the W3C, which conveniently allows the same group to consolidate two existing specifications and reference implementations and then move that consolidated specification to a W3C recommendation without having to recharter or move to a new venue. As the group is still in early days of that consolidation, member Daniel Buchner presented the PWA/app-storage use case that could lay valuable foundations for data portability across applications and platforms.
Lastly, Kaliya Young presented the results of the Glossary Project she co-chaired with Drummond Reed and Margo Johnson, which in many ways informed the interoperability project’s methodology and foci for identifying architectural discrepancies encoded in divergent terminology. The report is in final revisions and will be released soon along with executive summary and reflections.
- Upcoming OIDC meetup on SIOP on June 25th — register
- Iain Henderson: Yes, the MyData operators work would be one great start point for SDS:
🛡️ Claims & Credentials, 📻 DID Comm & others
Wayne Chang introduced and gave updates on the main work items of the Credentials and Claims WG, starting from the least technical one, the Credential Taxonomy. This ongoing effort seeks to gather and analyze real-world credentials data dictionaries so as to create guidance for newcomers to the space on harmonization, semantic discovery and interoperability. Out of this evolved the Credential Presentation work item, which was a kind of minimalist or lightweight specification for a widely-interoperable credential exchange, done in parallel to DIDComm, for an overlapping but different set of cross-platform wallet-to-wallet use cases. Wayne also mentioned three work items happening primarily outside of DIF for now that C&C is watching closely with an eye to aligning or contributing were appropriate:
- Mattr Global’s BBS+/ZKP-LD prototypes to make upcoming Ursa cryptography universally accessible via JSON-LD
- Mattr Global’s client-bound assertions, a proposal for aligning emerging OIDC standards with the SSI world’s credential exchange requirements
- Transmute’s Universal Wallet 2020 project, an attempt at specifying a minimal protocol for wallets that might simplify the addition of VC storage and wallet-to-wallet communications to cryptocurrency wallets, the addition of cryptocurrency to SSI wallets, and most promising of all, the linking (or “correlation,” for now!) of the two kinds of functions of such a joint wallet.
Sam Curren introduced the DIDComm working group, which works on the wallet-to-wallet communication protocol at the core of the Hyperledger Aries project in a somewhat narrower, focused-scope way while staying in dialogue with the larger Aries vision of DIDComm. Sam gave updates on two recent milestones of which DIF is particularly proud: the group reached a v1 specification of the JWM envelope and submitted it to IETF so it could be approved while other parts of the specification continued in parallel. Also, the group moved to ECDH-1PU signature suites for greater acceptance and alignment with contemporary IETF recommendations. Sam also reported on some [deeply technical] topics that have been the focus of most DIDComm discussion and progress since the last semi-annual DIF meeting: repudiable-by-default signature design, a core set of four transport modalities (including qR codes), key type support, and most recently, rotation-on-first-use capabilities and “upgrading” of ephemeral keys.
- C&C WG notion page
- DIDComm meeting agendas & repo
- Dmitri: Digital Bazaar is working on another QR code communication project
- Gabe: You can always use Workday’s cred-exch stuff :)
- Repo & Reference implementation of BBS+ JSONLD; also a Reference implementation of just the signature suite
The meeting ended with a heartfelt thanks from the organizers, steering committee members, and Executive Director Rouven Heck. The main call to action was simple: please stay involved, and bring others.
Sign up for DIF bi-weekly F2F style one-hour meetings:
Sign up for Interoperability WG Kickoff meeting (26th June, 12 ET)
Here is the master presentation we used during the meeting: Link