# Interoperability WG Rolling Agenda & Minutes [](https://hackmd.io/K5BWQ_rvSTKJ-BxeWINYfw) [DIF Website][dif] | [*GitHub repo & Issues*][repo] | [Mailing list][maillist] | [Reference shelf][reference] | [Potential future topics][parking-lot] ## Join the call! The Interoperability Working Group meets every 2 weeks via Zoom: [Join 0800PDT/1700CET/2200ICT call][eu-zoom] | [Visualization of timezones](https://www.timeanddate.com/worldclock/converter.html?iso=20210802T150000&p1=37&p2=224&p3=179&p4=220&p5=56&p6=44&p7=28&p8=240&p9=22) [Meeting recordings][recordings] _For this call, you are encouraged to turn your video on. This is a good way to build rapport given we are a large, disparate group with constant new members._ _This document is live-edited DURING each call for minutes, while a stable copy lives on our [GitHub repo][repo]. Feel free to propose agenda items either via issues or by messaging on DIF Slack._ ## December 14, 2022 ### Announcements - None today! ### Agenda - Sharon Leu - Jobs For the Future Foundation - Interop Plugfest - Slides: - JFF seeks to provide equitable economic advancement. - How might credentials lead to socioeconomic mobility - Produced a thesis earlier this year on VC Wallets JFF.org/digitalwallets - Learning and Employment Records (LER) as a collection of digital records that document learning and skills - Often, candidates with some education but no degree are immediately screen from opportunities because of the binary of "Do you have a degree?" - Credentials can enable a more nuanced and complete view of individuals eligibility for a position by having credentials showing the candidate has the skills required. - Goals of plugfest - Broaden participation, get incumbent education and workforce solution providers involved in the VC universe - Introduce VC solution providers - ... - Series of Plugfests, starting in June 2022 with more planned into 2023 - Takeaways from recent Plugfests - Broad tech interop was only possible because of human relationships - Standards development requires broad participation ## Upcoming meetings - December 28, 2022 - NO MEETING - January 11, 2023 - Stephen Curran, Cloud Compass CA, Multi-ledger AnonCreds and AnonCreds in W3C Format --- ## Past Meetings ### November 2, 2022 - Peter Langenkamp presenting about a cluster of interoperabilty centered on TNO EASSI. - https://eassi.ssi-lab.nl/ - https://eassi.ssi-lab.nl/docs/about ### October 19, 2022 - Hello from the New Chairs! Brent Shambaugh & Daniel Bluhm - Review Survey on Interop so far - [Slide Deck](https://docs.google.com/presentation/d/1lRxa49ZJjrSiWx-4ldLAwWvin5wukenEIXjK5Rj9l24/edit?usp=sharing) - Get Community Input on what the Interop group should do this "year" (the one that aligns with the school year) Survey Feedback: - Insights into who participated would be interesting. (We've since added a field for leaving an email). Rough minutes from the Discussion and other Suggestions: - Find the pockets of interop - Which companies interop with what other companies; build bridges between the pockets - Interop testing - Don't boil the ocean. Start with small targets. Let the question "what are we trying to accomplish with interop?" guide the targets. - Interested in a public assessment framework. - Bonnie Yau of IDLab mentioned they're working on a framework, starting from (or modelled after) the Aries Agent Test Harness. - Approaches to Localization - BC Gov gave a demo of a localized wallet app with credential localization using OCA. (Link to demo pending) - Other approaches? - What does "interoperable" mean to different communities? - Often gets thrown around in marketing jargon but what are some real metrics for defining whether something is "interoperable?" - Wallet UX - There might be some other working groups focused on UX already. There might be some overlap with interop. ### 5th of October 2022 - EU Time - Decoupling AnonCreds from Hyperledger Indy and creating extensible resources on-ledger with DID URLs by Ankur Banerjee - Wanted to support primatives of both AnonCreds and other credential format. - Found that this was relevant not only for AnonCreds primatives but other resources as well. - Centralized services (like schema.org) are a single point of failure. - "Linkrot" breaks links on the web all the time. - Decentralized resources are tamper-evident and censorship resistant. - Types of resources that benefit from being on-ledger - Schemas - Overlay Capture Architecture - Revocation Registries (whether W3C revocation lists or AnonCreds) - Logos and other brand elements - How do we solve the problem? - DID Spec allows for paths - DID URLs to resources stored on ledger - Resources signed by DID - Demo of Animo + Cheqd using AnonCreds resources: https://www.youtube.com/watch?v=QILE98VMwZw - CLI Demo: https://www.youtube.com/watch?v=PkAJe2ayaJU - Blog post: https://cheqd.io/blog/anoncreds-indy-pendence-1 - DID URLs discussion on TOIP wiki: https://wiki.trustoverip.org/display/HOME/DID+URLs+for+Digital+Resources+Specification - More info on Cheqd: https://learn.cheqd.io/overview/cheqd-101 ### 15th of June 2022 - EU Time Andrew Hughes comes for a round two, EU friendly time and talks about MDL and the work he is doing for that standard. He was very active during IIW April 2022 and had some great sessions on MDL then. Lets hope we can discuss much of the outcome of those sessions https://lists.identity.foundation/g/interop-wg/message/148 #### Notes Notes doc: https://docs.google.com/document/d/1vWZrxDVYeXMjZEevgcll5KUA-R-sCJ_NusTY3WXSEIk/edit#bookmark=id.ooi00xbr9col ### 8th of June 2022 - US Time Andrew Hughes comes and talks about MDL and the work he is doing for that standard. He was very active during IIW April 2022 and had some great sessions on MDL then. Lets hope we can discuss much of the outcome of those sessions Note docs: https://docs.google.com/document/d/1vWZrxDVYeXMjZEevgcll5KUA-R-sCJ_NusTY3WXSEIk/edit#bookmark=id.mm2zhc120mad ### 1st of June 2022 - EU Time [Validated ID](https://www.validatedid.com/) comes and presents to us what it means to be EBSI conformant. We discuss how this is aiding interoperability https://ec.europa.eu/digital-building-blocks/wikis/display/EBSI/Become+conformant# ### 25th of May 2022 - US Time Cancelled ### 18th of May 2022 - EU Time Cancelled ### 11th of May 2022 - US Time Cancelled ### 4th of May 2022 - EU Time IIW recap on interoperability, roundtable style to review what everyone joined in on We need to socialize the new meeting format for DID Com Usergroup happening on Discord. Invite: https://discord.gg/eNN4Wns6Jb Format: https://hackmd.io/@dhh1128/Sk5_Gb2J9 Mailing list: https://lists.identity.foundation/g/didcomm-usergroup ### 27th of April 2022 - EU Time Cancelled due to IIW focus ### 20th of April 2022 - EU Time (NOTICE EU TIME) Cancelled due to issues with time changes ### 13th of April 2022 - EU Time CCG Roadmap discussion part 2 ### 6th of April 2022 - US Time CCG Roadmap discussion - https://docs.google.com/spreadsheets/d/1wgccmMvIImx30qVE9GhRKWWv3vmL2ZyUauuKx3IfRmA/edit#gid=2146749098&range=B99 ### 30th of March 2022 - EU Time Missunderstanding of responsibilities and time frames, this meeting was cancelled ### 23rd of March 2022 - US Time Trust Alliance New Zealand - https://trustalliance.co.nz/ Who are they, how do they support the ecosystem in a good way and what are their view on interoperability ### 16th of March 2022 - EU Time Timezone issues created a bunch of confusion, so we rescheduled ### 9th of March 2022 - US Time CANCELLED ### 23rd of Feburary 2022 - US Time CANCELLED, join the DIF F2F Meeting -https://www.eventbrite.com/e/difcon-f2f-virtual-3-tickets-162786327287 ### 16th of Feburary 2022 - EU Time CANCELLED ### 9th of Feburary 2022 - US Time Bob Blakely is coming to share with us an reflection of the SAML interop work. So we can learn from history ### 2nd of February 2022 - EU Time QR Code part 2, see agenda 8th of december for context ### 26th of January 2022 - US Time ### 19th of January 2022 - EU Time We will have a new year kickstart discussion. Revolving recent interop movements happening the last couple of months. Preparing us for real interop for IIW 34 - April 26th-28th Our perspective on potential interop targets: We believe that it could be possible to have interop testing around JSON-LD ZKP with BBS+. We are also interested in interop around exchange protocols and seee WACI-PEX as haveing a lot of potential as the exchange protocol as it was designed to bridge between the Aries world and SVIP world. ***Lets discuss both these proposisions.*** We believe test suites should be built, how? What is needed to get to JSON-LD ZKP with BBS+ interop? Where are they bottle necks? What are the key groups that are or will be working on key parts. What is needed to get to WACI-PEX interop?Where are they bottle necks? What are the key groups that are or will be working on key parts. ### Scope * WACIPex * JSON-LD * ZKP with BBS+ #### Summary Profile of interoperability, it has been used alot of before to land something acknowledgeble. Profile are useful to drive interoperability to a flexible spec that can drive things forward. WACIPex is a profile What other profiles to others have? German community says it is a bit complex question. Issues with BBS+ signatures as of today. AIP Interoperability Testing: https://aries-interop.info/ AIP profile v1.0: https://github.com/hyperledger/aries-rfcs/tree/main/concepts/0302-aries-interop-profile#aries-interop-profile-version-10 AIP profile v1.0: https://github.com/hyperledger/aries-rfcs/tree/main/concepts/0302-aries-interop-profile#aries-interop-profile-version-20 See recording and chat for further intro ### NEW YEAR BREAK - 12th of January 2022 ### CHRISTMAS BREAK - 5th of January 2022 ### CHRISTMAS BREAK - 29th of December ### CHRISTMAS BREAK - 22th of December ### Agenda - 15 Dec - US time Transmute and Karyl comes and talks about what are the interop views they are selling to investors to We are inviting Transmute with Karyl to talk about their last funding round to discuss how investors are triggering on their case and what level of interop is sold to the investors. They will join and sharing that journey with us in the scope of how interop is valuable, it would be great! ### Agenda - 8 Dec - EU time Slides: https://docs.google.com/presentation/d/1ki2VMtW1yZnWlomyeoYCIfrkLhb2Qb7Kb5sNQOiLYnY/edit#slide=id.p Dmitri Zagidulin will come and start discussion a common QR-code initiation. See where that shall go and how it can work QR code limitations are starting to drop of. Thanks to certain events we recently had and technology improvements. Size limitation is still there 4 ways to share a credential VP, depending on if it is offline or online. Is it an either or, or can we switch between them. Microsoft introduces some new potential ways of looking at sharing, and will be shared after meeting. WebShareAPI, Microsoft Cable project - https://docs.google.com/presentation/d/1ki2VMtW1yZnWlomyeoYCIfrkLhb2Qb7Kb5sNQOiLYnY/edit#slide=id.gf8d555be24_0_23 #### Deeplinking Universal App linkes or custom protocol schema. We have two deeplinkg actors, iOS & Android. But there are multiple fallacies here, that comes down to the user on boarding. And how to make sure that we are protecting the user at the start, versus keeping it sleek. #### Option to consider ### Agenda - 1 Dec - US time Cancelled ### Agenda - 24 Nov - EU time Recording: https://us02web.zoom.us/rec/share/T56nah0ObZFk7J5eck4bu9A_qzJDvmGW7Ze9bgjsG_A8OJ2rnyedjkJqQAfXOUlB.yo0_Kyo0lUQ3e2Z4 * We want to be able to be nimble but still showcase that this group provides value. The success criterias are great! * Review "charter" and make it lean to reflect a more agile form. In the sense that we cannot predefine what we are doing now. Because the ecosystem is everchanging and new players come in. * Showcase current action points and direction to go and get some discussions and thumbs up. ##### Summary Do we want to define an interop profile for the community? How do we attack this task? We want need a clearer map We have drafted a shorter cleaner version: https://docs.google.com/document/d/11EKZZ0sSqOrXmdtDEtts4OrIVtQRSLB8mA3VxFLFgEw/edit inspiration from the older one https://docs.google.com/document/d/1a01GQVtZB7tDVcm9avS8zuYPHQzEEDtTOEh4Bqu-8Bs/edit We will announce and get feedback from the mailing list and slack! ### Agenda - 17 Nov - US time EU meeting recap and action points from the outcom of that meeting ### Agenda - 10 Nov - EU time This week we are getting a visit from the German community and hear how they have gone about interop. This conversation started during IIW and has been pulled through to have a introduction in DIF interop, and see what we learn and take from their approach. This meeting is on Wednesday, 10th of November, Europe time 3PM. Have a look how that looks for your timezone here: https://www.timeanddate.com/worldclock/converter.html?iso=20211104T140000&p1=137&p2=179&p3=187&p4=44&p5=28&p6=22 Or just add the DIF whole DIF calender to your calender: https://bit.ly/dif-calendar Look forward to seeing you there, I believe it is going to be a great introduction! Presentation from Hakan, Andreas and Eugene ### Questions More questsions was asked in the recording, have a look at that: https://docs.google.com/spreadsheets/d/1wgccmMvIImx30qVE9GhRKWWv3vmL2ZyUauuKx3IfRmA/edit#gid=2146749098&range=C82 **Tests? How have you guys gone about it?** Not yet, but it is one of our next priorties. Taking inspiration from the Aries test harness and how that should and could work. **What is the core connector for interoperability?** One profile that works acrosss the consortias would help to begin with. Instead of multiple profiles that did not work together. **How does this work with EU initatives? Meaning all countries should deliver a wallet that is interoperable** Not afraid not exctied, very netural on what will happen. Look forward to see what is going to be in the toolbox. **The interoperability matrix they are working on** https://docs.google.com/spreadsheets/d/1R0Y4ec1KVYErkcEgC3Qww7VR4CsCY2Lv2Bt-gfryEdw/edit#gid=1316375328 ### Agenda - 3 Nov - US time Rechartering, take inspiration from this: https://www.notion.so/dif/HOSPITALITY-TRAVEL-SIG-242105321e1747f8bce776bf634a55b3. Pr [this older PDF](https://s3.us-west-2.amazonaws.com/secure.notion-static.com/eb432fe8-da02-469e-aeb6-9affd920d646/DIF_HandT_SIG_overview.pdf?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAT73L2G45O3KS52Y5%2F20211101%2Fus-west-2%2Fs3%2Faws4_request&X-Amz-Date=20211101T141153Z&X-Amz-Expires=86400&X-Amz-Signature=75a7b9625d76d72b206d73249a79ea80f3afd06e6cf95928d37cc06dea783e1d&X-Amz-SignedHeaders=host&response-content-disposition=filename%20%3D%22DIF%2520HandT%2520SIG%2520overview.pdf%22). Since interop group is not IP protected and our current charter is just a draft: https://docs.google.com/document/d/1a01GQVtZB7tDVcm9avS8zuYPHQzEEDtTOEh4Bqu-8Bs/edit Balaz proposed to rename the group to something else. (WG name is confusing for many companies as this group is not IPR protected) Lets hear from Balaz on what is thoughts are to get a better understanding. Suggestions are: Interoperability (X)Cross Community Group.(WG name is confusing for many companies as this group is not IPR protected) Where do we need to rename things? ### Questions How does it all fit into the other groups? The SIGs(Health and travel) and discussion groups(Africa and Asia)? IS this the place to build and discuss test infratructures for interop? ### Agenda - 27 Oct - EU time No agenda, cancelled ## Agenda - 20 Oct - US time Internet Identity Workshop Recap, with the focus on interoperability. Did anyone hear anything really cool about interoperability during IIW? Anything worth taking notice of? @DW (Ping Identity) - do you have a summary of what interests came up for the interop group? Talk abit about the future of library polooza if time allows. IIW Highlights Adrian: Two orthoganal axises - KERI - innovation and thought about security and privacy from an academic perspective but completely ignoring everything that has gone on for 6 years. DIDComm and relatives - that keep plowing ahead in a series of protocol decisions that are self referential. This is where at - now we just have to get to agree. Some people think we are already "done" KERI camp working from first principciples and do right. Noted they are not talking to each other. Darrell - premature interoperability premature standardization - we are not "there yet" which is why we see KERI DIDComm trying to align - governments taking Hyperledger Aries/Indy going to market. Interoperabiliy is not a term that is well defined. Overall good news - everyone agress we are heading in the right directions - How key rotation happens. Answer that happens in time. DIDComm world moves ahead - executable working code - those executing running along in the same direction. Describes why it is really messy. ([Lets find a link -to Darrell's session](https://continuumloop.s3.amazonaws.com/PrematureInterop-ContinuumLoop-Strategy-Standards-and-Interop.pdf)) Who is implementing KERI? - who is impelmenting - KERI is implementing - GLEIF - Sam: Seemed less rushed an panicy Fewer sessions that were more engaged in. Mike Ebert - opener question what proud of what afraid of. Where things are? Thinking a lot about IIW kinda used to be about Federated Identity - now about SSI the federated ID people less interested in the conversation. KERI - DIDComm not talking to each other - the appropriate form is to talk to each other in DIDs. Not opposed to KERI. Related - No one has throughly plugged them together. Vitorio talk on end of day 2. DIDComm - OpenIDConnect tension exists and draws out important things. What is it important that it draws out - do they realize the vision of DIDComm - bigger then passing credentials. Helps to draw out the assuptions people are starting with. A lot of things about identity - are things about people = credentials. Holders some times involved not always involved. Things about me - DIDComm is communicating "with me" not about me. Distiction about the two. Do I use DIDComm or do I use SIOP - not accurate to pit them against each other. They are in some areas - there is a lot of get along-ness and likely path to get along - can go from OIDC-SIOP -> to DIDComm connection. Todd: The last two IIWs I have attended fewer of technical sesisons - role not working with software developers- more to choose from on the non-technical philosphoical discussions. Try to listen closely to what people are saying one of the big challenges is adoption - and getting outside this community- good to see new people - they are very enthusiastic - how does it help everything move forward. A lot of technical barriers - Sam & Sam - understand the competing agendas of the various protocols - at the end of the day looking at the consumer side- who is going to be using it. Post listening to recordings. What do we need to we get the word out. ID2020 - felt that it was less technical then in the past. Looked at calendar and daily agendas. working with NGOs - very interesting - open to broader crowd. Adrian: Another impression - that the reality around SSI are actually to start to come to light. After a long period (2 years) of Kymbaya. Given by focus on DHS and closely related projects and interop from there. What I am seeing at this IIW and like 4-5 really key issues coming to light. 1) LD vs JWT -> seemed to have a collaborative solution. Driven by MSFT VCI. [Data Rights Protocol org](https://datarightsprotocol.org/) working with Sandy Pentland - building on JWTs 2nd genration identity. [YouTube ](https://docs.google.com/document/d/1xrBPmK3Oc98t8FzJCBMRE57Yl2JygJZds1pmydoHfCk/edit) They imagine - 7-8 different startups class of businesse act as service providers to consumer businesse that collect data - how are these service providers gonig to manage GDPR/CCPA data rights? approach from the commercial perspective - said from the beginning - they said there would be a 4th party involved where individual is proxied by an agent relative to a service provider (daza greenwood) working with credit unions and cooperative model and this includes it. 5 specific end points - Make this commercial offering - they can go to us as the service providers to verify identity of people and manage their data rights. Class of service providers selling B2B to and then - but they are there to offload the job of mandated to GDPR/CCPR around data rights that affect these businesses. In HealthCare we had this same thing service providers. MSFT build whole msft health strategy on it working properly. 2) Issue of Fedreation - OIDC google app/mozilla/apple formal objection to DIDs - peace is not made with federation 3) Trying to square verifiable data registries of various sorts - roll of private blockchains and role of hyperledger 4) custocial wallets/agents - Diwhala/Kiva - work with custocial wallets - seeing fragmentation. So much of what has been happening - every action is an authenitcation action like a FIDO-secure element - delegation to an agent - custodial wallets. "SSI we" has been living in tihs lala land of our own making having to face the market reality. Keith: hear about things about VCs being in production - I don't see it. Was on a call with an analyist. Am I missing something. People in production? Is there a big use-case that I'm missing. Adrian: VCs are clearly inevitable - what is not inevitable - is the subject identifeir and the schema's for VCs. That is why there is a duality between mDL and W3C standard track stuff. Education folks driving themselves nuts - running ragged - VC SSI model. What is driving them crazy - what they have done with Open Badges and tryign to include SSI standards into their market - where they service providers are institutions (and people) purity difficult to adopt Hyperldeger and DHS model. MSFT is fighting the good fight - they are in the identity hub/secure secure data storage - we have a band of catholicism that is not open to the relaities on the ground from the other perspective - IMSGlobal CLR - OpenBadges willingness to move towards VC model - we didn't want to be in a world where we are implementing all of the above. they will happen. How schema and subject identiifers. The most interesting move away from schema's towards types. I didn't see a lot of negativity. Who are the verifiers - them is us. They educational institutions accept credentials from other educational institutions. Guardianship - Signing relesases and getting inforamtoin directly from the institutions. They want the credentials directly from the instutions. They don't have the same prolem of "calling home" anything that complicates revocation. ## Agenda - 13 Oct - EU time No call due to [Internet Identity Workshop][iiw]. Look at notes for potential sessions. ## Agenda - 6 Oct - US time ### Items * Library polooza followup meeting * 5 min for IIW dicsussions, anything we need to discuss prepp for IIW ### More info #### Polooza The second-part followup to the “Library interop-polooza” discussion two weeks prior, which had participation from Aries, MATTR, Spruce and Veramo. Agenda working doc is here for history keepings: https://docs.google.com/document/d/1wWl442DQK0dHhtL8HHsbdtbpMxRL-_mjCPpb3RDQo3M/edit# * Introductions * Stack diagram, any missing layers relevant to interoperability? https://docs.google.com/spreadsheets/d/12_03m8QU1J0VaskBEnA97aUXz38kSTskvM7DwfSAPFg/edit#gid=0 * How invested are people in getting interoperability? * What is the high level roadmap for interoperability? * Where do we start testing on this? * Can we carve out a small piece that everyone feel they have in place to start aligning interop? * Structured credential data model https://github.com/w3c/vc-data-model/pull/788#issuecomment-896734277  #### IIW We should present the work going on and get more people to engange in this future work at IIW. So lets think about a session. How do we make sure this work differentiates from the whimsical diagram, or atleast stays up to date? https://whimsical.com/decentralized-mapping-exercise-clustered-LJJ1rizUQcYcL7MUwqWbTn # Previous meetings ## Agenda - 29 Sep - EU time Authentic Data & KERI and Certificate Transparency - Dave Huseby organized by Kaliya ## Agenda - 22 Sep - US time *Meeting postponed to a later date* The second-part followup to the "Library interop-polooza" discussion two weeks prior, which had participation from Aries, MATTR, Spruce and Veramo. follow up - Agenda worked on here. Will be posted when last comments are resolved: https://docs.google.com/document/d/1wWl442DQK0dHhtL8HHsbdtbpMxRL-_mjCPpb3RDQo3M/edit# 1. Introductions 2. Stack diagram, any missing layers relevant to interoperability? https://docs.google.com/spreadsheets/d/12_03m8QU1J0VaskBEnA97aUXz38kSTskvM7DwfSAPFg/edit#gid=0 3. Structured credential data model https://github.com/w3c/vc-data-model/pull/788#issuecomment-896734277 4. How invested are people in getting interoperability? 5. What is the high level roadmap for interoperability? 6. Where do we start testing on this? 7. Can we carve out a small piece that everyone feel they have in place to start aligning interop? ## Agenda - 15 Sep - EU time Mozilla objection we talk about what that is, what are potential ways forward and what the DID WG thinks about this Brent Zundel comes and shares. The objection can be seen here: https://lists.w3.org/Archives/Public/public-new-work/2021Sep/0000.html ``` Why public vs private objection: Mozilla pressed the wrong button. Formal objections happen, and response should come from WG group chairs. Not requiring specific DID method: out of scope in charter from start. Compare to HTML img tag - no specific image format required Having DID document shows interoperability Divergence: comparison with 300+ URI schemes, 78 URN schemes But underlying common data format About centralization: Cannot define misuse of the technology. But have rubric to facilitate subjective evaluations. About multiple data formats (JSON, JSON-LD): potentially valid complaint, but inappropriate timing. We could have just picked one - the group had hours and hours of conversation about how to and whether or not to do it. Objectors could have raised this 8 months ago and we could have officially addressed it. Cannot do anything about it now except note the concern and apologize. Proof-of-work (PoW) blockchains vs. ethical web principals (EWP). EWP is great but not recommendation / normative guidance - don't reflect consensus of W3C and not part of the process - are a set of what one group thought were good ideas. They are indeed good ideas, but there is no requirement that we adhere to them. Encouraging low energy consumption, attacking existence of DID methods requiring on PoW blockchains. Assume PoW is a horrendous waste of energy: begins with statement as though it is fact, but a lot of people don't agree with it. Wanting the DID WG to make a formal position about all PoW blockchains and enforce that no PoW blockchains be allowed to support the back-end of a DID method... We can define the technology but not how people use it. That is assuming PoW is as bad as claimed. Complaint asks us to stick to a document that is not official. DID Spec does not require verifiable data registries, blockchains, distributed ledgers, Bitcoin, Proof of Work - not statements about these things. It's possible we could say you shouldn't do that - but the WG doesn't feel it would be appropriate to try to normatively define what a DID method is and isn't allowed to do - especially in light of the ongoing debate about PoW - if it is the only way to pay for the level of decentralization that some security stories call for. We would like to put something in out implementation guidance saying you should be aware of these concerns - but we may not be able to come to consensus on it. May be a red herring... some of the objectors in the past have publicly supported blockchains that use PoW. The public statement by Mozilla names other groups. Microsoft did not formally object to the specification - they joined the WG and were relatively active in it. You can't assume what the other formal objections were based on the contents of this one. But they do echo those points. There were three formal objections, all of which made the same sort of set of points. Mozilla's was the only one that they pushed the wrong button on. What to do: what DIF and ToIP have done: statement of support for decentralized identifiers. If people say "it's dead now", point out that it's not - has objections, ongoing debate. In our opinion, the objections don't have a leg to stand on. Combating the FUD. We'll just have to live in anxiety for a while. Snoore: Are there any anxiety-removing elements that one can do? Brent: not really. Process doc is explicit about there being no time limit on the director's deliberation. Call for Review for when we went to Proposed Recommendation ended. At that point, 3 formal objections had come in. Now we have this undefined period of time - takes s long as it needs to take - for the director to hear both sides, gather evidence, and learn about things. That process, unfortunately, takes a long time. We at the DID WG would really prefer if the director had gotten on the phone with us immmediately - and said, these objections are baseless and here are the reasons - we really would have liked that, and it would have been done. I hope in next few weeks, chairs of the WG will get to meet with the director. Then we'll find a time when we can all meet with the director, and hopefully get a decision. THis is probably going to take at least another month, and it's going to be uncomfortable. We can reflect on the fact that process-wise, we have done everything we were supposed to - and we can back that up with documents. Not much else we can do. Snoore: Hours of talk on this point...? Brent: The JSON-LD one. Our actually only official face-to-face (F2F) meeting was in Amsterdam. It was January 2020. The bulk of conversation was around how to deal with these two very similar but subtly different representations of a DID document. The conversations that we had while in Amsterdam were what gave birth to the "abstract data model" that we introduced in to the specification - which for a time gave birth to the idea of serializing into CBOR. Unfortunately, the CBOR serialization wasn't able to mature well enough to end up inside the spec - but it was there for months. Not a conversation we have had, but a conversation that if the objectors felt was really important to have, they could have jumped in and had it with us. Snoore: Other questions? Kaliya: You are responding with a lot of process points, which I agree with , but is there also responses about the technical - not just about the process - that are actually trying to rebut the technical things they are saying? Brent: We do have some. With the requirement that we normatively define a number of DID methods, apart from being completely out of scope, the question is then, which 3, 2 - which set of DID methods would be most appropriate for the WWW to say, "these are the official ones". That conversation has kindof been going on in the background for a while. e.g. some people think we may be able to get agreement to define did:key, did:web. But then there is the irony that if you have did:web, you are probably relying on DNS - not really very decentralized. Beyond that, nearly every other DID methods relies on some particular distributed ledger or blockchain - and they all have different security characteristics, different requirements on how we resolve them. For the commmunity to come together and say "this is the one" that we all agree on well enough to define normatively - on a technical level, what they are requiring it may be impossible for a QG to come to consensus - not only the DID method specifications themselves, but on which ones to start with in the first place. The other rebuttal there is, are you actually going to participate this time around? How dare you suggest there is more work to be done and you go off and do it? That's not how process works, how specifications are written. That's "go find a rock" - "no that rock is too grey" - "no that rock is too small". If there are members that have opinions on what ought to go in a spec or not - or ought to be worked on by a group or not - then the appropriate course of action is for that member company to join the working group and participate. For them to complain we haven't done the work, and also not participate in the work in the future, really means that, because they haven't claimed that we are doing is harmful in any real way, they really can't back up the statements. Like at DIF, if people want to create a work item, if someone outside the WG says, "hey C&C WG, you should really work on X, Y, Z" - C&C WG would say, "good to know, would you like to join us, submit a work item and get someone to work with you? W3C also recognizes it as an absurd notion - to say a WG should do something, and then disappear and not participate. Chris Kelly: I get Kaliya’s angle… it seems youa re trying to circumvent the technical arguments with the process arguemnts… but it’s not the case… the charter has been fulfilled and delivered upon. If it shold have looked differently, that should have been clear from the start. It’s too late yo move the goal post… Brent: It’s possible to disagree on technical solutions. “We think it should be JSON”, “We think it should be JSON-LD”… it’s harder to disagree on Process. The reason we are basing everything on a process argument… They can claim that we don’t have interoperability… But we can, according to the process, show that we have done everything we are supposed to do to show interoperability. We did what we said we would do in the charter… at least two implementations for each normative statement. They are saying “real interoperability requires more than that” - like Chris said, they are trying to move the goal posts. Chris: Also important to remember that the standards track is a long and winding road, but not a definite endpoint. v1. Hopefully will mature… But having a clearly defined start point is important. Brent: Couldn’t have said it better myself. Kaliya: great. Snoore: Has this objection shaken other groups’ reliance on DIDs? Brent: At first yes, some groups not familiar with process. Thought “Oh, it’s dead”. Back up… it’s not dead, not even dying. Some things need to be addressed - or even how appropriate it is to bring up those things. Then it goes to the director. We rely on process… pretty unlikely it will not be a rec. Possible it will be delayed. Very unlikely to disappear. Snoore: So if back to draft… two more years? Brent: It’s possible director will agree with concerns and say yes, need to recharter for two more years. But conversation in advance of that decision will need to be, exactly what does the new charter look like - and are you going to participate. It’s one thing to say we have concerns and go back draft… … We’d love to have Mozilla on board. We would like to engage with others. … No valid reason we shouldn’t make it a recommendation and then move forward. … If you want to participate in defining scope of work, you can do so. Snoore: thanks for sharing. Core foundation for a lot of things. Good to know you guys have it under control. Interesting times. Brent: For me the worst part of it is the waiting. I’m confident in what the resolution will be, and what the next steps for me to take will be - but there are steps othe rpeople need to take before I can take those - and I’m just sitting here waiting for the next step to have - and it’s oncomfruatebl. I appreciate the support from DIF and this group in particular. Snoore: We appreciate your work. Chris: I also want to thank Brent for taking us through this. This is the process. It’s important people refute statements about it being the end. We don’t need to be making big statements - but it’s important to remain positive, say good statements. Process is ongoing, we feel positive about it, believe in our work, watch this space. ``` ## Agenda - 8 Sep - US time Library interop polooza with Aries, Mattr, Spruce and Veramo 1. Aries presentation - aries protocols and test suite 2. Veramo presentation - work done towards did com and potentially credential exchange 3. Spruce presentation - unsure what would be different from veramo? 4. Mattr presentation - Talk about how they tackle introp in SVIP and participation of VC http api ### Announcements Juan (Spruce) on new interoperability efforts: - [JWS cross-conformance with JSON-LD](https://blog.identity.foundation/dif-grant-1-jws-test-suite/), work item within DIF under Claims & Credentials group - [Proposed LD-JWT interop work](https://github.com/w3c-ccg/community/issues/198) item within W3C Credential CG ### Presentations #### Aries by Stephen Curran Aries: introduction, implementations, interoperability and test harness https://docs.google.com/presentation/d/1QzE0wBSZyYSCcwbU6huEDfspRKqnokE2WEwi-RitHVc/edit?usp=sharing Interop test suite information at https://aries-interop.info - Biggest concerns w.r.t interoperability getting more implementations to participate in interoperability and publish results #### Veramo by Oliver Terbu #### Spruce by Juan Caballero Web documentation at https://spruceid.dev/docs/didkit-packages/cli * command-line and HTTP API tooling for various decentralized identity mechanisms * focused on LD tooling first #### MATTR Update on DHS/SVIP plug-face web-based documentation at https://learn.mattr.global/api-reference/v1.0.1 Goal is to enable primitives to exist to compose for use cases like interoperability testing ### Layers needing interoperability Model from Oliver: * VP/VCs -> Data Model, Crypto (Which curves? Do we need to touch upon this now), DID methods * VP request protocols (aka present-proof etc) + Data Model (e.g. Presentation Exchange) * VC issuance protocols (aka issue-creds etc.) + Data Model (e.g. Presentation Exchange) * VC revocation ### Questions to ask ourselves during layer discussion * What functionality have each library(company) implemented and tested and used? * What part of this layer interop is DIDCom solving? * What part of this layer interop is WACI PEX solving? * What part of this layer interop is PE exchange solving * What part of this layer interop is VC http api solving? * What part of this layer interop is the Aries protocols solving, Aries Protocols in general, the set of protocols in AIP 1.0 and AIP 2.0 in particular? * What part of this layer are the mentioned tools stepping on each others feet? * What part of this layer are we not seeing or mentioning where interoperability is needed? * Are we remembering that the same interop has to happen on a browser as well as a mobile phone? What layers need to be set in motion to have that ready? ### Diagram of various kinds of credentials https://github.com/w3c/vc-data-model/pull/788#issuecomment-896734277 ### Goal Make sure that we are having the right efforts in place and we believe these efforts will move things forward in the right direction. Highlight where there might be missing efforts. #### Appendix Working doc: https://docs.google.com/document/d/1wWl442DQK0dHhtL8HHsbdtbpMxRL-_mjCPpb3RDQo3M/edit# ## Archive Older agendas and minutes moved to separate files: * [agenda2021.md](https://github.com/decentralized-identity/interoperability/agenda2021.md) * [agenda2020.md](https://github.com/decentralized-identity/interoperability/agenda2020.md) <!-- footnote links for prettier linking --> [edit-minutes]: https://hackmd.io/K5BWQ_rvSTKJ-BxeWINYfw [eu-zoom]: https://us02web.zoom.us/j/88984209816?pwd=ek9oRXRwSFlQOXhiQzNCTUE3TG91Zz09 [dif]: https://identity.foundation/interoperability/ [repo]: https://github.com/decentralized-identity/interoperability [maillist]: https://dif.groups.io/g/interop-wg [reference]: https://www.notion.so/dif/be6763341a014d248f655aea187d7890?v=c9ac48a07f3d411c9a1bea32b55f7e76 [recordings]: https://docs.google.com/spreadsheets/d/1wgccmMvIImx30qVE9GhRKWWv3vmL2ZyUauuKx3IfRmA/edit#gid=2146749098 [parking-lot]: https://github.com/decentralized-identity/interoperability/blob/master/parking-lot.md [iiw]: https://internetidentityworkshop.com