[Openid-specs-digital-credentials-protocols] Minutes from 16th May 2024 DCP WG call

Sat May 18 23:19:09 UTC 2024

Brian did not seem to understand when I made the same point in a prior
meeting.
A query needs to be as simple as possible at the outer layer.
I suggested a simpler envelope earlier, but got no traction.
If we consider local presentations, a simpler envelope will be required
IMHO.
https://docs.google.com/document/d/1keHesvQHrCdbNPavI3imleBm4i9ymXM_/edit?usp=sharing&ouid=109794657323597753486&rtpof=true&sd=true

Be the change you want to see in the world ..tom

On Sat, May 18, 2024 at 1:33 PM Brian Campbell via
Openid-specs-digital-credentials-protocols <
openid-specs-digital-credentials-protocols at lists.openid.net> wrote:

>
>
> On Sat, May 18, 2024 at 9:56 AM Orie Steele <orie at transmute.industries>
> wrote:
>
>> <snip>
>>
>
> <snip>
>
>
>> If the VCWG sees value in securing holder supplied claims with JWT, I
>> don't see why it would not make sense to secure them with SD-JWT,
>>
>
>>> Mostly because it doesn't make sense and there's a real cost to having
>>> yet another option in an arena where there are arguably way too many
>>> options already.
>>>
>>
>> If you are processing an application/vp+ld+json+jwt (sigh)... of an
>> application/vc+ld+json (data integrity) and an
>> application/vc+ld+json+sd-jwt (sd-jwt+kb) and an
>> application/vc+ld+json+cose....
>> Yes, you're paying (in CPU cycles and CVE attack surface) for the
>> indecision of the W3C VCWG... but I don't think limiting the securing
>> formats of a VP saves you much... That's like $5 off a $10k purchase.
>>
>
> Just to be clear, the cost I was referring to was about the costs incurred
> by the larger community of people trying to work in and understand this
> space - developers, deployers, etc., and even folks involved in the
> standards development.
>
> <snip>
>
> *CONFIDENTIALITY NOTICE: This email may contain confidential and
> privileged material for the sole use of the intended recipient(s). Any
> review, use, distribution or disclosure by others is strictly prohibited.
> If you have received this communication in error, please notify the sender
> immediately by e-mail and delete the message and any file attachments from
> your computer. Thank you.*--
> Openid-specs-digital-credentials-protocols mailing list
> Openid-specs-digital-credentials-protocols at lists.openid.net
>
> https://lists.openid.net/mailman/listinfo/openid-specs-digital-credentials-protocols
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-digital-credentials-protocols/attachments/20240518/0a5e8163/attachment.html>