...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
Summary
Excerpt |
---|
|
Call Link: https://zoom
...
.us/j/97954159540?pwd=WWk3WmQ3MVh1SXBYZGVreGl0QllGdz09
Recording:
- https://youtu.be/sUcstipdEm8
- 2023 06 19 Hyperledger AnonCreds Specification Working Group Chat.txt
- 2023 06 19 Hyperledger AnonCreds Specification Working Group.transcript.txt
Notices:
This specification creating group operates under the Linux Foundation Community Specification License v1.0.
Hyperledger is committed to creating a safe and welcoming community for all. For more information please visit the Hyperledger Code of Conduct. |
---|
Meeting Attendees
Stephen Curran (BC Gov / Cloud Compass Computing Inc.) <swcurran@cloudcompass.ca>
Related Repositories:
- AnonCreds Specification: https://hyperledger.github.io/anoncreds-spec/
- AnonCreds Methods Registry: https://hyperledger.github.io/anoncreds-methods-registry
- AnonCreds Rust Open Source Code: https://github.com/hyperledger/anoncreds-rs
- Ledger Agnostic AnonCreds Project Page: https://github.com/orgs/hyperledger/projects/16
Meeting Preliminaries:
- Welcome and Introductions
- Announcements
- AnonCreds 0.1.0 Rust Implementation officially released!
- Currently reviewing applications for Welcome Aritra Bhaduri a Hyperledger Mentorship to work Mentor working on the AnonCreds – Specification
- Documenting the
- cryptography and aligning it with the implementation.
- Update on the AnonCreds V2.0 Working Group
- Last Week: How the model supports multiple underlying cryptographic signatures
- Next weekWeek: Presentation Data Models
- Any updates to the Agenda?
Agenda
Open Issue
- NEW ZOOM LINK!!!
- Celebration!! AnonCreds 0.1.0 Release finalized!
- AnonCreds Workshop Report
- Mentorship Update
- Perhaps: Patrick St-Louis about AnonCreds with did:web and CHAPI
- Perhaps: AnonCreds Specification: To Do ListDeferred: AnonCreds Specification: To Do List
- Deferred: AnonCreds Specification: Mixing overview/flow information with cryptographic details
- Presentation: AnonCreds Revocation Options
- AnonCreds v1.0 — CKS Signature with tails file
- ALLOSAUR— Revocation Managers contacted at presentation time
- LVVC— Linked Validity Verifiable Credential -- Revocation Manager issues a VC about the revocation state of a credential.
- zk-SAM — Signed Accumulator Membership - publication of full revocation state
- Open Discussion
Future Calls
To Dos:
- Issue to talking about what AnonCreds verifies and what is left to the issuer to verify.
- Issue #137 added regarding further investigation into what happens to the issuance data flow nonce(s) by Belsy – definition completed, to be added to the spec. Stephen Curran
- Issue #140 should WQL be allowed in a Presentation Request?
- WQL is supported currently in the Indy SDK, but not in the Aries Frameworks
- Should it be in the specification?
- If so, in what form. From Sam Curren — don't call it WQL if we do include it – just describe it.
- Not used and it is not clear there is a good reason to support it.
- Complicates the specification and the implementation.
- Decision:
- Not supported in the specification – let's keep it out in this version
- Revocation Interval
- Approach to determine if the holder used an acceptable RevRegistry – see this Issue comment
- Who calls the AnonCreds method to get the Revocation Registry from the ledger for verification
- Verifier
or AnonCreds?
- Verifier
- To set "validation" to true/false based on the RevRegEntry timestamp in relation to the revocation interval? Presentation
- Key points:
- 1. an RevRegEntry is “current” from the time it is written, to the time of the next RevRegEntry
- 2. “within the interval” is based on when a RevRegEntry is “current” (see 1.), not its timestamp.
- 3. AnonCreds or the Verifier (calling AnonCreds) should calculate “within interval” (using 2.) and mark verification true if the RevRegEntry used by the Prover is within the interval, else false.
- Dangers:
- False-Negatives: If a strict "timestamp used is between from, to" and not based on when a RevReg is "current" (per 2.), we will get "not verified" incorrectly.
- False-Positives: If we don't do any checking of the timestamp and the interval, the holder could incorrectly use an old RevRegEntry.
- Dangers:
- 4. General point: AnonCreds should return both a summary (true/false) and if false, additional data about why it was false.
- Decision – add an optional `at_from_ts` set of entries, one per NRP, that AnonCreds can use for determining if the holder_ts is within the Presentation Request interval.
Action items
- Adding support for W3C Format AnonCreds to the anoncreds implementation and the spec.
- Links to be referenced in the spec and used where needed:
...