24 June 2024

Attendees

  • Andy Rosen

  • Candice Ward

  • Cole Davis, Switchchord

  • David Bigsby, Government of British Columbia

  • Drummond Reed, Gen Digital

  • Eric Scouten, Adobe

  • Hodari McClain, Capitol One

  • Jacques Latour, CIRA

  • Jesse Carter, CIRA

  • Karen Kilroy, FileBaby

  • Konrad Bleyer-Simon, Global Media Registry

  • Loren Hart, Noosphere Technologies

  • Michael Becker, Identity Praxis

  • Pamela Dingle, Microsoft

  • Peleus Uhley, Adobe

  • Peter Black, Switchchord

  • Richard W. Kroon, EIDR

  • Will Kreth, HAND (Human & Digital) Identity

Notes

New members introduction

  • πŸŽ₯ 1'18": David Bigsby, Government of British Columbia

  • πŸŽ₯ 2'18": Peter Black, Switchchord

  • πŸŽ₯ 2'35": Richard W. Kroon, EIDR

Review PR #119: Change the definition of expected_countersigners to require the expected signer_payload for other identity assertions

πŸŽ₯ 4'55": Review PR #119: Change the definition of expected_countersigners to require the expected signer_payload for other identity assertions.

ACTION: Eric to follow up with Paul England for final review. Otherwise ready to merge

Review PR #125: Define human trust vs technical trust

πŸŽ₯ 7'13": Review PR #125: Define human trust vs technical trust.

ACTION (βœ…): Eric to call a special meeting with interested members to discuss terminology and revise the PR to clarify that credential issuance needs a home in this framework. Note that we will use the CIRA language as the basis for our work in favor of the Trust Over IP language. Currently scheduled for Wednesday 10:45am US Pacific / 1:45pm US Eastern.

Review PR #127: Best practices for avoiding parsing/validation attacks are outside scope

πŸŽ₯ 15'36": Review PR #127: Best practices for avoiding parsing/validation attacks are outside scope.

ACTION (βœ…): Eric to merge this PR.

Review PR #128: Homoglyph attacks may not be directly solvable

πŸŽ₯ 17'21": Review PR #128: Homoglyph attacks may not be directly solvable.

ACTION (βœ…): Eric to remove discussion about homoglyph attacks in DNS.

ACTION (βœ…): Follow up meeting to be scheduled. Same meeting as for PR #125 above.

Review issue #129: Organization as named actor

πŸŽ₯ 24'44": Review Issue #129: Organization as named actor.

ACTION (βœ…): Eric to add wording to β€œnamed actor” definition to clarify that it can mean individual or organization. (See new PR #130: Clarify definition of "named actor".)

Review identity 1.x (W3C VC edition)

πŸŽ₯ 22'57": Review PR #126: Add VC schema description.

ACTION: Eric to follow up with Radu on the following feedback:

  • πŸŽ₯ 28'38": Consider stating some form of affiliation in the credential.

  • πŸŽ₯ 33'45": Consider renaming person field in VC to namedActor.

Road to 1.0 ratification

πŸŽ₯ 36'09": ACTION (all members): In next 2-3 weeks, please read the 1.0-draft spec closely and flag any items that feel like blockers to you. I’d like to move for ratification in July or have concrete issues and action items associated with any remaining blockers by then.

Reminder: No meeting next week

πŸŽ₯ 36'47": Due to national holidays in the US and Canada, we will not meet next Monday (1 July). We will resume on the following Monday (8 July).