Merge pull request #172 from swcurran/agenda-20250130

agenda-20250130

agenda.md

@@ -2,14 +2,17 @@
 
 Zoom Link: [https://us02web.zoom.us/j/83119969275?pwd=IZTuXgGLtdLPjPLuB6q8zHXazxHSsU.1](https://us02web.zoom.us/j/83119969275?pwd=IZTuXgGLtdLPjPLuB6q8zHXazxHSsU.1)
 
-Agenda: [HackMD](https://hackmd.io/k4cIK9vQSlaeg2pdHE51IQ), [did:webvh Repository](https://github.com/decentralized-identity/trustdidweb/blob/main/agenda.md) (synchronized after each meeting)
+Agenda: [did:webvh Info Site](https://didwebvh.info/latest/agenda/), [HackMD](https://hackmd.io/k4cIK9vQSlaeg2pdHE51IQ), [did:webvh Repository](https://github.com/decentralized-identity/didwebvh/blob/main/agenda.md) (synchronized after each meeting)
 
 [**WG projects**](https://github.com/decentralized-identity?q=wg-cc&type=&language=) | [DIF page](https://identity.foundation/working-groups/claims-credentials.html) | [Mailing list and Wiki](https://lists.identity.foundation/g/cc-wg) | [Meeting recordings](https://docs.google.com/spreadsheets/d/1wgccmMvIImx30qVE9GhRKWWv3vmL2ZyUauuKx3IfRmA/edit?gid=111226877#gid=111226877)
 
+[did:webvh Specification license]: https://github.com/decentralized-identity/didwebvh/blob/main/LICENSE.md
+
 ## Table of Contents<!-- omit in toc -->
 
 - [Meeting Information](#meeting-information)
 - [Future Topics](#future-topics)
+- [Meeting - 30 Jan 2025](#meeting---30-jan-2025)
 - [Meeting - 16 Jan 2025](#meeting---16-jan-2025)
 - [Meeting - 19 Dec 2024](#meeting---19-dec-2024)
 - [Meeting - 05 Dec 2024](#meeting---05-dec-2024)
@@ -55,6 +58,103 @@ _This document is live-edited DURING each call, and stable/authoritative copies
 - A did:webvh test suite -- such as proposed [here](https://github.com/nuts-foundation/trustdidweb-go/pull/1)
 
 ============================================
+## Meeting - 30 Jan 2025
+
+Time: 9:00 Pacific / 18:00 Central Europe
+
+Recording: [Zoom Recording and Chat Transcript](https://us02web.zoom.us/rec/share/8qcxIyRud7lXp3u0w91W5SMA93jGalWy4SBeLOHYLim3Y6BeWe_IDayV9ZhSEUN3.9xHC7NSWXEWoHyWx)
+
+### To Do's from this Meeting (as generated by Zoom):<!-- omit in toc -->
+
+1. Andrew to detail the verification algorithm, including error handling.
+2. Stephen to add issue on watchers to the specification or implementers guide.
+3. All implementers to review and provide feedback on any necessary changes or additions to the spec based on their implementation experiences.
+4. Stephen to go through all open issues and post messages about them, closing them where possible.
+5. All team members to consider what changes are necessary before moving to version 1.0.
+
+### Attendees:<!-- omit in toc -->
+
+- Stephen Curran
+- Brian Richter
+- Andrew Whitehead
+- Patrick St. Louis
+- Emiliano Sune
+- Alexander Shenshin
+- Jamie Hale
+- Phillip Long
+- Sylvain Martel
+- Dmitri Zagidulin
+- Markus Sabadello
+- Ben Taylor
+
+### Agenda and Notes<!-- omit in toc -->
+
+1. Welcome and Adminstrivia
+    1. Recording on?
+    2. Please make sure you: [join DIF], [sign the WG Charter], and follow the [DIF Code of Conduct]. Questions? Please contact [operations@identity.foundation].
+    3. [did:webvh Specification license] -- W3C Mode
+    4. Introductions and requests for additional Agenda Topics
+
+2. Announcements:
+
+3. Status updates on the implementations
+    1. TS -- At v0.5 and deployed to npm as didwebvh-ts. Next up testing the NPM package.
+    2. PY -- At v0.5 on PyPi. Compatible with the TS version based on some minimal testing. Plan a tweak to the witness verification approach. Planning some interop tests that can be run across all implementations.  A few test cases are needed - especially around witness cases.
+    3. Server -- Gave a demo of AnonCreds objects published and resolved to implement a full credential flow. Developed with the ACA-Py plugin. Main focus security and loading/resolving. Working on revocation flow.
+    4. did:webvh AnonCreds Method -- to be discussed.
+    5. [did:webvh Static](https://github.com/OpSecId/webvh-static) -- no change. Next might be to add creating AnonCreds resources to show "real" examples.
+
+4. To Do's from Last Meeting:
+    1. DONE - Daniel/Stephen to collaborate on a best practices document for key references in DID documents, focusing on keeping valid keys in the current DID document now published on the [https://didwebvh.info](https://didwebvh.info/latest/implementers-guide/did-valid-keys/) site.
+    2. DONE - Stephen has added the agenda link in the meeting information [here](https://didwebvh.info/latest/agenda/) on the [https://didwebvh.info](https://didwebvh.info) site.
+    3. DONE - Brian to complete implementation of files resolution and witness functionality for v0.5 spec.
+    4. DONE - Andrew to finish updates to the resolver for collecting witness rules and verifying proofs for v0.5 spec.
+    5. PROGRESS - Patrick to focus on implementing uploading of an AnonCreds object on the web server. Internal demo given of a full issue-present-verify flow using credentials rooted in a did:webvh DID. Next up: including revocation.
+    6. PROGRESS - Jamie to work on DIDComm protocol for requesting witness signatures. In ACA-Py plugin.
+    7. PROGRESS - Patrick to implement witness and DID rotation features for the server.
+    9. RESOLVED -- WON'T DO - did:webvh team to consider implementing the witness proofs as VCs in the`/whois` VP in a future version (v0.6 or later). See notes below on resolution.
+    10. DONE - did:webvh team to further discuss and decide on the implementation of revocation registry entries.
+
+5. Discussion: the path to v1.0?
+    1. [Current Issues](https://github.com/decentralized-identity/didwebvh/issues)
+    2. Resolved [Issue 165 - Using /whois for witness proofs](https://github.com/decentralized-identity/didwebvh/issues/165) and agreed we wouldn't use `/whois` for witness proofs. It might be used by a witness to attest to the DID itself (not in the spec -- perhaps implementer's guide), but not for proofs on specific versions of the DID.
+    3. Potential change - @andrewwhitehead wants to reevaluate witnesses and weights.
+    4. Portability -- is it solid enough? @PatStLouis is considering this and may raise an issue.
+    5. Watchers -- some thoughts were generated at the meeting and in issues raised. Specific issues with defined actions may follow.
+    6. Clarification -- the step-by-step details of the verification, based on the experience of implementations, at a  general level. Likely for the implementers guide.
+
+6. Revisiting DID Key references for rotated keys
+    1. [Best practices document](https://didwebvh.info/latest/implementers-guide/did-valid-keys/) from Daniel Bluhm and Char Howland added to the [info site](https://didwebvh.info).
+
+7. Progress on DID Resources using AnonCreds objects -- document: 
+    1. Define the `attestedResource` object -- JSON, with an identified resource, a proof, with the resource (file) name the multihash of the resource `base58(multihash(JCS(resource)))`, with the file located using the (implicit or explicit) `#files` service -- e.g., by default relative to the root of the DID.
+    2. Schema, CredDef are `attestedResources`. Their IDs are DID URLs calculated during generation and shared to other parties (e.g. `schemaID` is in the CredDef, `credDefId` is in the Credential).
+        1. Does/can the resource name include the components of the object -- e.g. `schemaName`, `schemaVersion`, `tag`? Presumably, the controller can make that part of the DID URLs. Should we consider formalizing it?  E.g. `<did>/anoncreds/schema/ver/<schemaname>/<schemaver>/<attestedresouce>.json`
+        2. Is there a way to get a list of all attestedResources, including their identifying metadata? What if the metadata is not part of the DID URLs?
+        3. Should did:webvh formalize that a folder can be resolved with a list of contents returned (e.g. `<did>/anoncreds/schema/ver/` returns a list of `<schemaNames>`).
+    3. RevRegDef is also an `attestedResource`, with its ID generated during creation, and shared from the Issuer to the Holder in the issued Credential.
+    4. The RevRegDef contains a current list (index) of its RevRegEntry `attestedResource`s. When a new RevRegEntry is created and published, the index is updated with the `timestamp` and `attestedResource` identifier, and the RevRegDef resource is republished.
+        1. The index is _outside_ of the resource that is attested. As such, the updates **do not** change the `attestedResource` name of the RevReg. The proof on the attested resource **DOES** get updated to include the index.
+    5. A client needing a RevRegEntry for an arbitrary or specific timestamp, must:
+        1. Retrieve the known associated `revRegDefId` `attestedResource`.
+            1. The Holder knows the `id` because it is in the Credential from the Issuer.
+            2. The Verifier knows the `id` because it is in the Presentation from the Holder.
+        2. Scan the timestamps in the list (index) for the one of interest:
+            1. Holder gets the one active at a given timestamp (or from/to period) from the verifier.
+            2. Verifier gets the associated with a specific timestamp in the Presentation from the Holder.
+        3. Use the `attestedResource` ID (DID URL) to get the RevRegEntry of interest.
+            1. The RevRegEntry contains the full state of the RevReg at the given `timestamp`.
+            2. The `did:webvh` AnonCreds method will not use deltas (as does Indy), but will use full state, as does Cheqd.
+    6. Evolving design document: [AnonCreds in did:webvh](https://hackmd.io/@SpWXgFH9Rbyoa0JW3agDcg/HJU-4azPJl)
+
+8. Plans for updates to the spec.
+    1. A ChatGPT pass, likely using the using the "Academic Assistant Pro" GPT. That should include DRYing the spec to remove duplication.
+    2. Cleaning up `[[spec]]` references -- Brian has enabled us to add our own spec references.
+    3. Security and Privacy sections. Anyone able to help?
+    4. Getting "spec to a standard" advice and applying those changes.
+
+9. [Spec. PRs and Issues](https://github.com/decentralized-identity/trustdidweb/issues)
+
 ## Meeting - 16 Jan 2025
 
 Time: 9:00 Pacific / 18:00 Central Europe