IETF Logo Mail Archive

Re: [SPICE] Informal Meeting Notes (errata)

Orie Steele <orie@transmute.industries> Fri, 05 January 2024 16:12 UTC

Return-Path: <orie@transmute.industries>
X-Original-To: spice@ietfa.amsl.com
Delivered-To: spice@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 81A6AC14F69F for <spice@ietfa.amsl.com>; Fri, 5 Jan 2024 08:12:35 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.085
X-Spam-Level:
X-Spam-Status: No, score=-2.085 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, T_REMOTE_IMAGE=0.01, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=transmute.industries
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Fi54bEdgualD for <spice@ietfa.amsl.com>; Fri, 5 Jan 2024 08:12:31 -0800 (PST)
Received: from mail-pj1-x102a.google.com (mail-pj1-x102a.google.com [IPv6:2607:f8b0:4864:20::102a]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2C536C14F698 for <spice@ietf.org>; Fri, 5 Jan 2024 08:12:31 -0800 (PST)
Received: by mail-pj1-x102a.google.com with SMTP id 98e67ed59e1d1-28ca63fd071so999846a91.3 for <spice@ietf.org>; Fri, 05 Jan 2024 08:12:31 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=transmute.industries; s=google; t=1704471150; x=1705075950; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=TBAYFO/mopWvH3Gq3IP6lbiPtXbrzgyUafwHDnyTJrU=; b=L4c/7LUrFUNzfQYZsKkQGZJyY97ip2Q7cz4NtrFiXIzhBsY3tS6YIGVJ/ZfPTu+g4G w8TJiCt6lU3AlhPsVbOO+akAJNV9j0bqn64/JqqwNWhPtVa5Xen9pH6UkhpLpUXT4WPW GEi/n/TQxEdr6tKBIgeIdgBR620ONoyfzkO+L23TbN1mFuXd9rFIxEToOhbwkubGKHRs 508XyzYm6tqfczvhumozKBW428TAmkDzz0FABKd6FR2hUmGKHBSg8CJjVmGToQbjpoCy EVSajP2AhiFrBWR9n22/L9f1HbF6EWUmg7M7Xpd+tPQKFUGuSC9c+WyZ7nOdiJwWE43n Trsw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1704471150; x=1705075950; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=TBAYFO/mopWvH3Gq3IP6lbiPtXbrzgyUafwHDnyTJrU=; b=IZLI7hyY3Iw+Bc2Ao8GR//9Ck1JJuiVlSHwTlwFuROBIzDBGY2K0bM8meWziVEfC5J Pc5Ew+geybzI6eAOgqNvq8tpK+hhK27bI/REF+zcR/q+mPlFXYKso4LvtuTRemQmc86e 62yB4f8moGHUAqoOSgeoQR4jqQQZvSre1qD1INkRfo4UiW1qCjsd2zoTfIoNrsEStZqD F11vgm3WBF2OECjeDIyeo9h7UOIFYgyxE/oXIWGziYfBcHY4Rf3JHAbtqwi5M450JWTR qg8gxS3LGeaLmwQpaQ2i8P13Cj05cW8SWveggkXEluCLMEAI2TClYxa+m29BBNwSgEOA CyDA==
X-Gm-Message-State: AOJu0YzNuDnorwF7shPzJJObWpGkYFVXNys0vEfQ9PEqGxWPg8KoxUvf uQF0kFDm5lmKFVAQnIu75sRrh+wmUobDw9VnmAn9NtbrNndrPA==
X-Google-Smtp-Source: AGHT+IH+Mq/JyVEezBf8ilWXdpB+m/v47yQyrJbAWixoMLUAmy+6i4hOn4F1NQiE/+jMsqsacSEhOcbtB/9VurVVssY=
X-Received: by 2002:a17:90a:128c:b0:28c:f1f3:4dcb with SMTP id g12-20020a17090a128c00b0028cf1f34dcbmr2152502pja.69.1704471150492; Fri, 05 Jan 2024 08:12:30 -0800 (PST)
MIME-Version: 1.0
References: <CAN8C-_JF81-sZ4dQB7_Ma7_UfAwgc8UhZ-trRHQY1TCk+t7iKg@mail.gmail.com> <9b385dd2-bc5a-c7bc-d131-0bffb4fe8d26@free.fr> <59bc594d-9539-1597-d4da-983f38dd1b49@free.fr> <CAN8C-_JrAFHRSQ7tP=+RFsVNj=6a9tRb+v4ST3r3zxp_urNHaA@mail.gmail.com> <f7bf2593-35b1-5fc0-935e-12c692357506@free.fr> <CAN8C-_KiK84KKPZJnnbvHyzPB6q8x5cEJXEGYeVxiv6ru3frHQ@mail.gmail.com> <CAGJKSNSZsUE7=qCnQHtPJnkhCOiXNcomFmaFCsaYaPa4cN4q2A@mail.gmail.com> <9f9c0854-dff8-96f2-6d25-d225a36172a0@free.fr>
In-Reply-To: <9f9c0854-dff8-96f2-6d25-d225a36172a0@free.fr>
From: Orie Steele <orie@transmute.industries>
Date: Fri, 05 Jan 2024 10:12:19 -0600
Message-ID: <CAN8C-_LGE2c7-VXjc5+ijS9-+tsPmb+=MY+XEJvrgDt6oLSWnw@mail.gmail.com>
To: Denis <denis.ietf@free.fr>
Cc: Hannes Tschofenig <hannes.tschofenig@gmail.com>, spice@ietf.org, Michael Prorock <mprorock@mesur.io>
Content-Type: multipart/alternative; boundary="000000000000749d4b060e351d6a"
Archived-At: <https://mailarchive.ietf.org/arch/msg/spice/FpClGBxIUBta7qzZ2tb0TZrgKf0>
Subject: Re: [SPICE] Informal Meeting Notes (errata)
X-BeenThere: spice@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Secure Patterns for Internet CrEdentials <spice.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spice>, <mailto:spice-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spice/>
List-Post: <mailto:spice@ietf.org>
List-Help: <mailto:spice-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spice>, <mailto:spice-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 05 Jan 2024 16:12:35 -0000

Do you consider "keys" metadata regarding "issuers" or "data" regarding an
issuers?

Based on some of your comments, you might be interested in the following
references as well:

-
https://openid.net/specs/openid-connect-federation-1_0-29.html#name-metadata-type-identifiers

OS


On Fri, Jan 5, 2024 at 8:34 AM Denis <denis.ietf@free.fr> wrote:

> Orie,
>
> The right wording would then be : "Data and metadata discovery", since
> metadata alone without data does not make sense.
> In the example you provide, we have XXXX Metadata, i.e, JWT Issuer
> Metadata.
>
> Secondly, what about the removal of the word "issuers" ?
>
> Denis
>
>
> I fall in line with Orie on this one.  I think use of the term metadata is
> helpful here and aligns with other uses of the term elsewhere im ietf docs
>
> Mike Prorock
> CTO - mesur.io
>
> On Fri, Jan 5, 2024, 07:03 Orie Steele <orie@transmute.industries>
> <orie@transmute.industries> wrote:
>
>> Issuer metadata discovery is key to understanding "what kind of
>> credentials can I get" and "what formats are coming in" and "how can I get
>> them".
>>
>> The word metadata is a generic term to describe data... about data... In
>> this case that solves the problem of "what (meta)data is discoverable about
>> issuers, holders and verifiers".
>>
>> And all the examples we provide such as keys, claims, credentials and
>> proofs, are examples of data which we might want to retrieve additional
>> information (metadata) regarding.
>>
>> Our use of the word, is consistent with other IETF working groups, for
>> example:
>>
>>
>> https://datatracker.ietf.org/doc/html/draft-ietf-oauth-sd-jwt-vc-01#name-jwt-issuer-metadata
>>
>> I don't agree with your proposal.
>>
>> OS
>>
>> On Fri, Jan 5, 2024 at 1:53 AM Denis <denis.ietf@free.fr> wrote:
>>
>>> Hi Orie and all,
>>>
>>> I rephrased your suggestion here:
>>>
>>>
>>> https://github.com/transmute-industries/ietf-spice-charter/commit/3848dac6c5b7b2ab5d91c0bb909c3f959eb2b197
>>>
>>> The new sentence is :
>>>
>>> A meta-data discovery document enabling issuers, holders and verifiers
>>> to discover supported protocols and formats for keys, claims,
>>> credentials and proofs.
>>>
>>> I would propose to drop the words "meta-data" and "issuers,". As
>>> mentioned earlier, an issuer does not need to discover anything.
>>>
>>> A  discovery document enabling holders and verifiers to discover
>>> supported protocols and formats for keys, claims, credentials and
>>> proofs.
>>>
>>> Denis
>>>
>>> I don't know what a "credential request format" is but I assume it's
>>> some protocol (possibly one of many) for issuance (delivering a credential
>>> from an issuer to a holder).
>>>
>>> You also did not include "presentation request format", which would be
>>> some protocol (possibly one of many) for delivering a proof (or
>>> presentation) from a holder to a verifier.
>>>
>>> I used "supported protocols and formats" to capture these requirements.
>>>
>>> You might consider data URIs presented through animated QR Codes to be
>>> an example of part of a presentation protocol.
>>>
>>> I suspect that commenting on "supported protocols" might raise the
>>> question of if SPICE will define issuance or presentation protocols.
>>>
>>> I think it's ok to keep it as is and not define any protocols under the
>>> first charter, even if we enable discovery of OIDC4VC, OIDC4VP, mDoc
>>> Request API, etc...
>>>
>>> If you think that we MUST define protocols for issuance and presentation
>>> under the first charter, we will need to add more milestones, but I don't
>>> want to do that.
>>>
>>> OS
>>>
>>>
>>> On Thu, Jan 4, 2024 at 4:24 PM Denis <denis.ietf@free.fr> wrote:
>>>
>>>> Error:
>>>>
>>>> Instead of "Verifiable Credential formats", please read: "Verifiable
>>>> Presentation formats"
>>>>
>>>> Denis
>>>>
>>>> Hi Orie,
>>>>
>>>> The second document is defined as follows:
>>>>
>>>> A meta-data discovery document focusing on the scalable, Internet-wide
>>>> discovery of keys, credential formats and meta-data for issuers, holders
>>>> and verifiers.
>>>>
>>>> During the meeting, I was looking for a wording better than "key
>>>> discovery" or "meta-data discovery"and I could not find it.
>>>> After the meeting, I believe that "formats discovery" would be more
>>>> appropriate.
>>>> In the list, "credential request formats", "proof formats" (i.e.;
>>>> Verifiable Credential formats - using the W3C vocabulary) are "claims
>>>> formats" are missing.
>>>>
>>>> Below is my proposal:
>>>>
>>>> A "formats discovery" document focusing on the scalable, Internet-wide
>>>> discovery of credential formats,
>>>> * credential request formats, proof formats*, *claims formats* and
>>>> keys for holders and verifiers.
>>>>
>>>> I dropped "issuers" from the list, since an issuer does not need to
>>>> "discover" anything.
>>>>
>>>> Denis
>>>>
>>>> Hello Spice Enthusiasts,
>>>>
>>>> Call attendance:
>>>>
>>>> - Orie Steele
>>>> - Alexander Stein
>>>> - Brent Zundel
>>>> - Denis
>>>> - Henk Birkholtz
>>>> - Heather Flanagan
>>>> - Justin Richer
>>>> - Pam Dingle
>>>> - Rifaat Shekh-Yusef
>>>>
>>>> Call agenda:
>>>>
>>>> - Charter Text Revisions
>>>> - https://github.com/transmute-industries/ietf-spice-charter/pull/17
>>>>
>>>> Minute Summary:
>>>>
>>>> We discussed recent feedback on the MLS charter, and decided to remove
>>>> the "history section" except for the 3rd paragraph, which was proposed by @Hannes
>>>> Tschofenig <hannes.tschofenig@gmail.com> .
>>>>
>>>> We discussed the "Key Discovery" milestone deliverable, and revised it
>>>> to be "meta data discovery" and include, keys, issuer, holder, verifier
>>>> metadata including supported "formats".
>>>>
>>>> We discussed the possibility of including an informative use cases
>>>> document. There was rough consensus to omit this document from the official
>>>> milestones, but comments that it still might be useful as the group
>>>> developed the architecture, and a suggestion to perhaps put it on the wiki
>>>> when we have one.
>>>>
>>>> We had unanimous agreement that the 3 proposed milestones are the right
>>>> starting point for the charter.
>>>>
>>>> We had no additional milestones or recommendations proposed.
>>>>
>>>> There remains some concern the initial charter text is too long, see
>>>> the latest text here:
>>>>
>>>>
>>>> https://github.com/transmute-industries/ietf-spice-charter/blob/main/charter.md
>>>>
>>>> The call time remains the same until we announce otherwise, everyone is
>>>> welcome to attend (we are not a formal working group yet):
>>>>
>>>>
>>>> https://github.com/transmute-industries/ietf-spice-charter?tab=readme-ov-file#meetings
>>>>
>>>> Regards,
>>>>
>>>> OS
>>>>
>>>> --
>>>>
>>>>
>>>> ORIE STEELE Chief Technology Officer www.transmute.industries
>>>>
>>>> <https://transmute.industries>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>
>>> --
>>>
>>>
>>> ORIE STEELE Chief Technology Officer www.transmute.industries
>>>
>>> <https://transmute.industries>
>>>
>>>
>>>
>>
>> --
>>
>>
>> ORIE STEELE Chief Technology Officer www.transmute.industries
>>
>> <https://transmute.industries>
>> --
>> SPICE mailing list
>> SPICE@ietf.org
>> https://www.ietf.org/mailman/listinfo/spice
>>
>
>

-- 


ORIE STEELE
Chief Technology Officer
www.transmute.industries

<https://transmute.industries>

v2.23.0 | Report a Bug | By Email