Re: [SPICE] Informal Meeting Notes (errata)
Orie Steele <orie@transmute.industries> Fri, 05 January 2024 16:12 UTC
Return-Path: <orie@transmute.industries>
X-Original-To: spice@ietfa.amsl.com
Delivered-To: spice@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 81A6AC14F69F for <spice@ietfa.amsl.com>; Fri, 5 Jan 2024 08:12:35 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.085
X-Spam-Level:
X-Spam-Status: No, score=-2.085 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, T_REMOTE_IMAGE=0.01, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=transmute.industries
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Fi54bEdgualD for <spice@ietfa.amsl.com>; Fri, 5 Jan 2024 08:12:31 -0800 (PST)
Received: from mail-pj1-x102a.google.com (mail-pj1-x102a.google.com [IPv6:2607:f8b0:4864:20::102a]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2C536C14F698 for <spice@ietf.org>; Fri, 5 Jan 2024 08:12:31 -0800 (PST)
Received: by mail-pj1-x102a.google.com with SMTP id 98e67ed59e1d1-28ca63fd071so999846a91.3 for <spice@ietf.org>; Fri, 05 Jan 2024 08:12:31 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=transmute.industries; s=google; t=1704471150; x=1705075950; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=TBAYFO/mopWvH3Gq3IP6lbiPtXbrzgyUafwHDnyTJrU=; b=L4c/7LUrFUNzfQYZsKkQGZJyY97ip2Q7cz4NtrFiXIzhBsY3tS6YIGVJ/ZfPTu+g4G w8TJiCt6lU3AlhPsVbOO+akAJNV9j0bqn64/JqqwNWhPtVa5Xen9pH6UkhpLpUXT4WPW GEi/n/TQxEdr6tKBIgeIdgBR620ONoyfzkO+L23TbN1mFuXd9rFIxEToOhbwkubGKHRs 508XyzYm6tqfczvhumozKBW428TAmkDzz0FABKd6FR2hUmGKHBSg8CJjVmGToQbjpoCy EVSajP2AhiFrBWR9n22/L9f1HbF6EWUmg7M7Xpd+tPQKFUGuSC9c+WyZ7nOdiJwWE43n Trsw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1704471150; x=1705075950; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=TBAYFO/mopWvH3Gq3IP6lbiPtXbrzgyUafwHDnyTJrU=; b=IZLI7hyY3Iw+Bc2Ao8GR//9Ck1JJuiVlSHwTlwFuROBIzDBGY2K0bM8meWziVEfC5J Pc5Ew+geybzI6eAOgqNvq8tpK+hhK27bI/REF+zcR/q+mPlFXYKso4LvtuTRemQmc86e 62yB4f8moGHUAqoOSgeoQR4jqQQZvSre1qD1INkRfo4UiW1qCjsd2zoTfIoNrsEStZqD F11vgm3WBF2OECjeDIyeo9h7UOIFYgyxE/oXIWGziYfBcHY4Rf3JHAbtqwi5M450JWTR qg8gxS3LGeaLmwQpaQ2i8P13Cj05cW8SWveggkXEluCLMEAI2TClYxa+m29BBNwSgEOA CyDA==
X-Gm-Message-State: AOJu0YzNuDnorwF7shPzJJObWpGkYFVXNys0vEfQ9PEqGxWPg8KoxUvf uQF0kFDm5lmKFVAQnIu75sRrh+wmUobDw9VnmAn9NtbrNndrPA==
X-Google-Smtp-Source: AGHT+IH+Mq/JyVEezBf8ilWXdpB+m/v47yQyrJbAWixoMLUAmy+6i4hOn4F1NQiE/+jMsqsacSEhOcbtB/9VurVVssY=
X-Received: by 2002:a17:90a:128c:b0:28c:f1f3:4dcb with SMTP id g12-20020a17090a128c00b0028cf1f34dcbmr2152502pja.69.1704471150492; Fri, 05 Jan 2024 08:12:30 -0800 (PST)
MIME-Version: 1.0
References: <CAN8C-_JF81-sZ4dQB7_Ma7_UfAwgc8UhZ-trRHQY1TCk+t7iKg@mail.gmail.com> <9b385dd2-bc5a-c7bc-d131-0bffb4fe8d26@free.fr> <59bc594d-9539-1597-d4da-983f38dd1b49@free.fr> <CAN8C-_JrAFHRSQ7tP=+RFsVNj=6a9tRb+v4ST3r3zxp_urNHaA@mail.gmail.com> <f7bf2593-35b1-5fc0-935e-12c692357506@free.fr> <CAN8C-_KiK84KKPZJnnbvHyzPB6q8x5cEJXEGYeVxiv6ru3frHQ@mail.gmail.com> <CAGJKSNSZsUE7=qCnQHtPJnkhCOiXNcomFmaFCsaYaPa4cN4q2A@mail.gmail.com> <9f9c0854-dff8-96f2-6d25-d225a36172a0@free.fr>
In-Reply-To: <9f9c0854-dff8-96f2-6d25-d225a36172a0@free.fr>
From: Orie Steele <orie@transmute.industries>
Date: Fri, 05 Jan 2024 10:12:19 -0600
Message-ID: <CAN8C-_LGE2c7-VXjc5+ijS9-+tsPmb+=MY+XEJvrgDt6oLSWnw@mail.gmail.com>
To: Denis <denis.ietf@free.fr>
Cc: Hannes Tschofenig <hannes.tschofenig@gmail.com>, spice@ietf.org, Michael Prorock <mprorock@mesur.io>
Content-Type: multipart/alternative; boundary="000000000000749d4b060e351d6a"
Archived-At: <https://mailarchive.ietf.org/arch/msg/spice/FpClGBxIUBta7qzZ2tb0TZrgKf0>
Subject: Re: [SPICE] Informal Meeting Notes (errata)
X-BeenThere: spice@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Secure Patterns for Internet CrEdentials <spice.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spice>, <mailto:spice-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spice/>
List-Post: <mailto:spice@ietf.org>
List-Help: <mailto:spice-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spice>, <mailto:spice-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 05 Jan 2024 16:12:35 -0000
Do you consider "keys" metadata regarding "issuers" or "data" regarding an issuers? Based on some of your comments, you might be interested in the following references as well: - https://openid.net/specs/openid-connect-federation-1_0-29.html#name-metadata-type-identifiers OS On Fri, Jan 5, 2024 at 8:34 AM Denis <denis.ietf@free.fr> wrote: > Orie, > > The right wording would then be : "Data and metadata discovery", since > metadata alone without data does not make sense. > In the example you provide, we have XXXX Metadata, i.e, JWT Issuer > Metadata. > > Secondly, what about the removal of the word "issuers" ? > > Denis > > > I fall in line with Orie on this one. I think use of the term metadata is > helpful here and aligns with other uses of the term elsewhere im ietf docs > > Mike Prorock > CTO - mesur.io > > On Fri, Jan 5, 2024, 07:03 Orie Steele <orie@transmute.industries> > <orie@transmute.industries> wrote: > >> Issuer metadata discovery is key to understanding "what kind of >> credentials can I get" and "what formats are coming in" and "how can I get >> them". >> >> The word metadata is a generic term to describe data... about data... In >> this case that solves the problem of "what (meta)data is discoverable about >> issuers, holders and verifiers". >> >> And all the examples we provide such as keys, claims, credentials and >> proofs, are examples of data which we might want to retrieve additional >> information (metadata) regarding. >> >> Our use of the word, is consistent with other IETF working groups, for >> example: >> >> >> https://datatracker.ietf.org/doc/html/draft-ietf-oauth-sd-jwt-vc-01#name-jwt-issuer-metadata >> >> I don't agree with your proposal. >> >> OS >> >> On Fri, Jan 5, 2024 at 1:53 AM Denis <denis.ietf@free.fr> wrote: >> >>> Hi Orie and all, >>> >>> I rephrased your suggestion here: >>> >>> >>> https://github.com/transmute-industries/ietf-spice-charter/commit/3848dac6c5b7b2ab5d91c0bb909c3f959eb2b197 >>> >>> The new sentence is : >>> >>> A meta-data discovery document enabling issuers, holders and verifiers >>> to discover supported protocols and formats for keys, claims, >>> credentials and proofs. >>> >>> I would propose to drop the words "meta-data" and "issuers,". As >>> mentioned earlier, an issuer does not need to discover anything. >>> >>> A discovery document enabling holders and verifiers to discover >>> supported protocols and formats for keys, claims, credentials and >>> proofs. >>> >>> Denis >>> >>> I don't know what a "credential request format" is but I assume it's >>> some protocol (possibly one of many) for issuance (delivering a credential >>> from an issuer to a holder). >>> >>> You also did not include "presentation request format", which would be >>> some protocol (possibly one of many) for delivering a proof (or >>> presentation) from a holder to a verifier. >>> >>> I used "supported protocols and formats" to capture these requirements. >>> >>> You might consider data URIs presented through animated QR Codes to be >>> an example of part of a presentation protocol. >>> >>> I suspect that commenting on "supported protocols" might raise the >>> question of if SPICE will define issuance or presentation protocols. >>> >>> I think it's ok to keep it as is and not define any protocols under the >>> first charter, even if we enable discovery of OIDC4VC, OIDC4VP, mDoc >>> Request API, etc... >>> >>> If you think that we MUST define protocols for issuance and presentation >>> under the first charter, we will need to add more milestones, but I don't >>> want to do that. >>> >>> OS >>> >>> >>> On Thu, Jan 4, 2024 at 4:24 PM Denis <denis.ietf@free.fr> wrote: >>> >>>> Error: >>>> >>>> Instead of "Verifiable Credential formats", please read: "Verifiable >>>> Presentation formats" >>>> >>>> Denis >>>> >>>> Hi Orie, >>>> >>>> The second document is defined as follows: >>>> >>>> A meta-data discovery document focusing on the scalable, Internet-wide >>>> discovery of keys, credential formats and meta-data for issuers, holders >>>> and verifiers. >>>> >>>> During the meeting, I was looking for a wording better than "key >>>> discovery" or "meta-data discovery"and I could not find it. >>>> After the meeting, I believe that "formats discovery" would be more >>>> appropriate. >>>> In the list, "credential request formats", "proof formats" (i.e.; >>>> Verifiable Credential formats - using the W3C vocabulary) are "claims >>>> formats" are missing. >>>> >>>> Below is my proposal: >>>> >>>> A "formats discovery" document focusing on the scalable, Internet-wide >>>> discovery of credential formats, >>>> * credential request formats, proof formats*, *claims formats* and >>>> keys for holders and verifiers. >>>> >>>> I dropped "issuers" from the list, since an issuer does not need to >>>> "discover" anything. >>>> >>>> Denis >>>> >>>> Hello Spice Enthusiasts, >>>> >>>> Call attendance: >>>> >>>> - Orie Steele >>>> - Alexander Stein >>>> - Brent Zundel >>>> - Denis >>>> - Henk Birkholtz >>>> - Heather Flanagan >>>> - Justin Richer >>>> - Pam Dingle >>>> - Rifaat Shekh-Yusef >>>> >>>> Call agenda: >>>> >>>> - Charter Text Revisions >>>> - https://github.com/transmute-industries/ietf-spice-charter/pull/17 >>>> >>>> Minute Summary: >>>> >>>> We discussed recent feedback on the MLS charter, and decided to remove >>>> the "history section" except for the 3rd paragraph, which was proposed by @Hannes >>>> Tschofenig <hannes.tschofenig@gmail.com> . >>>> >>>> We discussed the "Key Discovery" milestone deliverable, and revised it >>>> to be "meta data discovery" and include, keys, issuer, holder, verifier >>>> metadata including supported "formats". >>>> >>>> We discussed the possibility of including an informative use cases >>>> document. There was rough consensus to omit this document from the official >>>> milestones, but comments that it still might be useful as the group >>>> developed the architecture, and a suggestion to perhaps put it on the wiki >>>> when we have one. >>>> >>>> We had unanimous agreement that the 3 proposed milestones are the right >>>> starting point for the charter. >>>> >>>> We had no additional milestones or recommendations proposed. >>>> >>>> There remains some concern the initial charter text is too long, see >>>> the latest text here: >>>> >>>> >>>> https://github.com/transmute-industries/ietf-spice-charter/blob/main/charter.md >>>> >>>> The call time remains the same until we announce otherwise, everyone is >>>> welcome to attend (we are not a formal working group yet): >>>> >>>> >>>> https://github.com/transmute-industries/ietf-spice-charter?tab=readme-ov-file#meetings >>>> >>>> Regards, >>>> >>>> OS >>>> >>>> -- >>>> >>>> >>>> ORIE STEELE Chief Technology Officer www.transmute.industries >>>> >>>> <https://transmute.industries> >>>> >>>> >>>> >>>> >>>> >>> >>> -- >>> >>> >>> ORIE STEELE Chief Technology Officer www.transmute.industries >>> >>> <https://transmute.industries> >>> >>> >>> >> >> -- >> >> >> ORIE STEELE Chief Technology Officer www.transmute.industries >> >> <https://transmute.industries> >> -- >> SPICE mailing list >> SPICE@ietf.org >> https://www.ietf.org/mailman/listinfo/spice >> > > -- ORIE STEELE Chief Technology Officer www.transmute.industries <https://transmute.industries>
- [SPICE] Informal Meeting Notes Orie Steele
- Re: [SPICE] Informal Meeting Notes Denis
- Re: [SPICE] Informal Meeting Notes (errata) Denis
- Re: [SPICE] Informal Meeting Notes (errata) Orie Steele
- Re: [SPICE] Informal Meeting Notes (errata) Denis
- Re: [SPICE] Informal Meeting Notes (errata) Orie Steele
- Re: [SPICE] Informal Meeting Notes (errata) Michael Prorock
- Re: [SPICE] Informal Meeting Notes (errata) Denis
- Re: [SPICE] Informal Meeting Notes (errata) Orie Steele
- Re: [SPICE] Informal Meeting Notes (errata) Denis