IETF Logo Mail Archive

Re: [SPICE] Informal Meeting Notes (errata)

Denis <denis.ietf@free.fr> Fri, 05 January 2024 14:35 UTC

Return-Path: <denis.ietf@free.fr>
X-Original-To: spice@ietfa.amsl.com
Delivered-To: spice@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AA013C14F6EE for <spice@ietfa.amsl.com>; Fri, 5 Jan 2024 06:35:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.973
X-Spam-Level:
X-Spam-Status: No, score=-1.973 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, NICE_REPLY_A=-0.091, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, T_REMOTE_IMAGE=0.01, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id r7LV39T4fF1T for <spice@ietfa.amsl.com>; Fri, 5 Jan 2024 06:34:59 -0800 (PST)
Received: from smtp6-g21.free.fr (smtp6-g21.free.fr [212.27.42.6]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 39BABC14F6B1 for <spice@ietf.org>; Fri, 5 Jan 2024 06:34:59 -0800 (PST)
Received: from [192.168.1.11] (unknown [90.91.46.145]) (Authenticated sender: pinkas@free.fr) by smtp6-g21.free.fr (Postfix) with ESMTPSA id AC4F5780507; Fri, 5 Jan 2024 15:34:52 +0100 (CET)
Content-Type: multipart/alternative; boundary="------------Jp0r7PY8QCszFiilUUDC6W29"
Message-ID: <9f9c0854-dff8-96f2-6d25-d225a36172a0@free.fr>
Date: Fri, 05 Jan 2024 15:34:49 +0100
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:102.0) Gecko/20100101 Thunderbird/102.15.1
Content-Language: en-GB
To: Orie Steele <orie@transmute.industries>
Cc: Hannes Tschofenig <hannes.tschofenig@gmail.com>, spice@ietf.org, Michael Prorock <mprorock@mesur.io>
References: <CAN8C-_JF81-sZ4dQB7_Ma7_UfAwgc8UhZ-trRHQY1TCk+t7iKg@mail.gmail.com> <9b385dd2-bc5a-c7bc-d131-0bffb4fe8d26@free.fr> <59bc594d-9539-1597-d4da-983f38dd1b49@free.fr> <CAN8C-_JrAFHRSQ7tP=+RFsVNj=6a9tRb+v4ST3r3zxp_urNHaA@mail.gmail.com> <f7bf2593-35b1-5fc0-935e-12c692357506@free.fr> <CAN8C-_KiK84KKPZJnnbvHyzPB6q8x5cEJXEGYeVxiv6ru3frHQ@mail.gmail.com> <CAGJKSNSZsUE7=qCnQHtPJnkhCOiXNcomFmaFCsaYaPa4cN4q2A@mail.gmail.com>
From: Denis <denis.ietf@free.fr>
In-Reply-To: <CAGJKSNSZsUE7=qCnQHtPJnkhCOiXNcomFmaFCsaYaPa4cN4q2A@mail.gmail.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/spice/7Gp5t4nLUnW7ytl0m6881vbqoro>
Subject: Re: [SPICE] Informal Meeting Notes (errata)
X-BeenThere: spice@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Secure Patterns for Internet CrEdentials <spice.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spice>, <mailto:spice-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spice/>
List-Post: <mailto:spice@ietf.org>
List-Help: <mailto:spice-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spice>, <mailto:spice-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 05 Jan 2024 14:35:03 -0000

Orie,

The right wording would then be : "Data and metadata discovery", since 
metadata alone without data does not make sense.
In the example you provide, we have XXXX Metadata, i.e, JWT Issuer Metadata.

Secondly, what about the removal of the word "issuers" ?

Denis


> I fall in line with Orie on this one.  I think use of the term 
> metadata is helpful here and aligns with other uses of the term 
> elsewhere im ietf docs
>
> Mike Prorock
> CTO - mesur.io <http://mesur.io>
>
> On Fri, Jan 5, 2024, 07:03 Orie Steele <orie@transmute.industries> wrote:
>
>     Issuer metadata discovery is key to understanding "what kind of
>     credentials can I get" and "what formats are coming in" and "how
>     can I get them".
>
>     The word metadata is a generic term to describe data...
>     about data... In this case that solves the problem of "what
>     (meta)data is discoverable about issuers, holders and verifiers".
>
>     And all the examples we provide such as keys, claims,
>     credentials and proofs, are examples of data which we might want
>     to retrieve additional information (metadata) regarding.
>
>     Our use of the word, is consistent with other IETF working groups,
>     for example:
>
>     https://datatracker.ietf.org/doc/html/draft-ietf-oauth-sd-jwt-vc-01#name-jwt-issuer-metadata
>
>     I don't agree with your proposal.
>
>     OS
>
>     On Fri, Jan 5, 2024 at 1:53 AM Denis <denis.ietf@free.fr> wrote:
>
>         Hi Orie and all,
>
>>         I rephrased your suggestion here:
>>
>>         https://github.com/transmute-industries/ietf-spice-charter/commit/3848dac6c5b7b2ab5d91c0bb909c3f959eb2b197
>>
>         The new sentence is :
>
>             A meta-data discovery document enabling issuers, holders
>             and verifiers to discover supported protocols and formats
>             for keys, claims, credentials and proofs.
>
>         I would propose to drop the words "meta-data" and "issuers,".
>         As mentioned earlier, an issuer does not need to discover
>         anything.
>
>             A  discovery document enabling holders and verifiers to
>             discover supported protocols and formats for keys, claims,
>             credentials and proofs.
>
>         Denis
>
>>         I don't know what a "credential request format" is but I
>>         assume it's some protocol (possibly one of many) for
>>         issuance (delivering a credential from an issuer to a holder).
>>
>>         You also did not include "presentation request format", which
>>         would be some protocol (possibly one of many) for delivering
>>         a proof (or presentation) from a holder to a verifier.
>>
>>         I used "supported protocols and formats" to capture these
>>         requirements.
>>
>>         You might consider data URIs presented through animated QR
>>         Codes to be an example of part of a presentation protocol.
>>
>>         I suspect that commenting on "supported protocols"
>>         might raise the question of if SPICE will define issuance or
>>         presentation protocols.
>>
>>         I think it's ok to keep it as is and not define any protocols
>>         under the first charter, even if we enable discovery of
>>         OIDC4VC, OIDC4VP, mDoc Request API, etc...
>>
>>         If you think that we MUST define protocols for issuance and
>>         presentation under the first charter, we will need to add
>>         more milestones, but I don't want to do that.
>>
>>         OS
>>
>>
>>         On Thu, Jan 4, 2024 at 4:24 PM Denis <denis.ietf@free.fr> wrote:
>>
>>             Error:
>>
>>             Instead of "Verifiable Credential formats", please read:
>>             "Verifiable Presentation formats"
>>
>>             Denis
>>
>>>             Hi Orie,
>>>
>>>             The second document is defined as follows:
>>>
>>>                 A meta-data discovery document focusing on the
>>>                 scalable, Internet-wide discovery of keys,
>>>                 credential formats and meta-data for issuers,
>>>                 holders and verifiers.
>>>
>>>             During the meeting, I was looking for a wording better
>>>             than "key discovery" or "meta-data discovery"and I could
>>>             not find it.
>>>             After the meeting, I believe that "formats discovery"
>>>             would be more appropriate.
>>>             In the list, "credential request formats", "proof
>>>             formats" (i.e.; Verifiable Credential formats - using
>>>             the W3C vocabulary) are "claims formats" are missing.
>>>
>>>             Below is my proposal:
>>>
>>>                 A "formats discovery" document focusing on the
>>>                 scalable, Internet-wide discovery of credential
>>>                 formats, *
>>>                 credential request formats, proof formats*, *claims
>>>                 formats* and keys for holders and verifiers.
>>>
>>>             I dropped "issuers" from the list, since an issuer does
>>>             not need to "discover" anything.
>>>
>>>             Denis
>>>
>>>>             Hello Spice Enthusiasts,
>>>>
>>>>             Call attendance:
>>>>
>>>>             - Orie Steele
>>>>             - Alexander Stein
>>>>             - Brent Zundel
>>>>             - Denis
>>>>             - Henk Birkholtz
>>>>             - Heather Flanagan
>>>>             - Justin Richer
>>>>             - Pam Dingle
>>>>             - Rifaat Shekh-Yusef
>>>>
>>>>             Call agenda:
>>>>
>>>>             - Charter Text Revisions
>>>>             -
>>>>             https://github.com/transmute-industries/ietf-spice-charter/pull/17
>>>>
>>>>             Minute Summary:
>>>>
>>>>             We discussed recent feedback on the MLS charter, and
>>>>             decided to remove the "history section" except for the
>>>>             3rd paragraph, which was proposed by @Hannes Tschofenig
>>>>             <mailto:hannes.tschofenig@gmail.com> .
>>>>
>>>>             We discussed the "Key Discovery" milestone deliverable,
>>>>             and revised it to be "meta data discovery" and include,
>>>>             keys, issuer, holder, verifier metadata including
>>>>             supported "formats".
>>>>
>>>>             We discussed the possibility of including an
>>>>             informative use cases document. There was rough
>>>>             consensus to omit this document from the official
>>>>             milestones, but comments that it still might be useful
>>>>             as the group developed the architecture, and a
>>>>             suggestion to perhaps put it on the wiki when we have one.
>>>>
>>>>             We had unanimous agreement that the 3 proposed
>>>>             milestones are the right starting point for the charter.
>>>>
>>>>             We had no additional milestones or recommendations
>>>>             proposed.
>>>>
>>>>             There remains some concern the initial charter text is
>>>>             too long, see the latest text here:
>>>>
>>>>             https://github.com/transmute-industries/ietf-spice-charter/blob/main/charter.md
>>>>
>>>>             The call time remains the same until we announce
>>>>             otherwise, everyone is welcome to attend (we are not a
>>>>             formal working group yet):
>>>>
>>>>             https://github.com/transmute-industries/ietf-spice-charter?tab=readme-ov-file#meetings
>>>>
>>>>             Regards,
>>>>
>>>>             OS
>>>>
>>>>             -- 
>>>>
>>>>
>>>>             ORIE STEELEChief Technology
>>>>             Officerwww.transmute.industries
>>>>             <http://www.transmute.industries>
>>>>
>>>>             <https://transmute.industries>
>>>>
>>>>
>>>
>>>
>>
>>
>>
>>         -- 
>>
>>
>>         ORIE STEELEChief Technology Officerwww.transmute.industries
>>         <http://www.transmute.industries>
>>
>>         <https://transmute.industries>
>>
>
>
>
>     -- 
>
>
>     ORIE STEELEChief Technology Officerwww.transmute.industries
>
>     <https://transmute.industries>
>
>     -- 
>     SPICE mailing list
>     SPICE@ietf.org
>     https://www.ietf.org/mailman/listinfo/spice
>

v2.23.0 | Report a Bug | By Email