22 April 2024
Attendees
-
Andy Parsons, Adobe
-
Andy Rosen
-
Carly Huitema, U of Guelph
-
Charlie Halford, BBC
-
Chris _, Verus
-
Christian Paquin, Microsoft
-
Clement Hecquet, Digimarc
-
Drummond Reed, Gen Digital
-
Eric Scouten, Adobe
-
Gavin Peacock, Adobe
-
Jesse Carter, CIRA
-
Krishna Sood, Microsoft
-
Loren Hart, Noosphere Technologies
-
Michael Becker, Identity Praxis
-
Nigel Earnshaw, BBC
-
Patrick Boehler, independent consultant
-
Peleus Uhley, Adobe
-
Pia Blumenthal, Adobe
-
Radu Ghiorghisor, Adobe
-
Will Kreth, HAND (Human & Digital) Identity
Agenda
5 min: Start meeting
-
Start recording
-
Welcome and community specification license reminder
-
Agenda review and call for agenda items
5 min: New members introduction
-
π₯ 2'22": Clement Hecquet, Digimarc
-
π₯ 2'58": Krishna Sood, Microsoft
-
π₯ 3'24": Loren Hart, Noosphere Technologies
Endorsement assertion
π₯ 2'22": Discussion about issue #1: Can there be more than one endorsement assertion per claim?. Conclusion: Yes, there are valid use cases for that.
π₯ 14'21": ACTION (existing issue #1): Eric to draft new wording to explicitly permit multiple endorsements per manifest.
π₯ 14'37": ACTION (new issue #4): Eric to draft new wording describing potential multi-CDN use case.
π₯ 16'09": ACTION (new issue #5, not a 1.0 blocker): Pia and Nick to work on UX guidance for interpreting endorsement assertions.
20 min: IIW readout and discussion
π₯ 17'31": Initial description of IIW and what it’s about. General sense that this was one of the more intense IIWs.
π₯ 20'47": I described the three CAI/C2PA/CAWG-related sessions that I led or co-led:
-
Tuesday: Content Authenticity 101, intended as a start-from-nothing introduction to the Content Authenticity space
-
Wednesday: Content Authenticity 201, a deeper dive on the CAWG identity assertion and some of the interesting challenges we’re facing in that space now
-
Thursday: Content Authenticity UX (co-led with Pia Blumenthal) describing current C2PA UX guidance and how forthcoming CAWG UX guidance will build upon that
π₯ 22'27": I walked through the slide deck of the Wednesday session and described some of the feedback I received. Summary, excerpted from my notes:
-
Broadcast application (slide 26): Encode as much as possible into the asset VC. This also helps mitigate the βphone homeβ at time of verification potential harm.
-
Interoperability (slide 29): Sam suggested to focus on major example DID methods. Thereβs an upcoming registry of DID methods supported by US gov. Pay attention to that. Also, someone recommended using the DIF Universal Resolver to address the DID interop issue. Universal Resolver understands about 60 methods, which is probably a good starting point for what to support.
-
Duplicate identity (slide 30): Perhaps the DID identifier is more important than the name.
-
Bulk signing (slide 31): As long as consent is there, authorization of each one is not important.
-
Social media (slide 32): No such standard exists today.
Scott Perry approached me after the session and encourged me to review the ToIP Issuer Requirements Guide for Governance Frameworks for Verifiable Credentials. This document provides guidances for several of the thorny questions I raised in the session.
π₯ 46'42": Pia gave a readout on the UX presentation that she led at IIW, focusing on how upcoming work in CAWG will build upon the progressive disclosure framework already established at C2PA. Some specific issues raised:
-
Provenance of identity information
-
Describing the different tiers of identity verification (also known as "levels of assurance")
More reading online:
-
ericscouten.dev: IIW 38 contains my notes for the overall conference, including the CAI/C2PA/CAWG-related sessions and their slide decks.
-
ericscouten.dev: Content Authenticity 101 contains a condensed version of the talk from Tuesday along with the slide deck I used for that talk.
-
northernblock.io: A Summary of Internet Identity Workshop #38 contains notes from Mathieu Glaude of Northern Block
30 min: Discussion on signer payload fixes PR
Walk through PR #96: Signer payload fixes and discuss potential updates to it.
π₯ 49'16": Briefly discussed and then tabled as Paul England (PR author) was not present today.
25 min: Discuss remaining issues for 1.0 specification
π₯ 52'04": Walk through Open issues for 1.0 milestone and explore how to resolve those issues.
-
Several remaining issues pertain to trust model. ACTION: Eric to distill discussion in the open issues into a new PR for identity assertion.