1) Do you support the charter text? Or do you have objections or blocking concerns (please describe what they might be and how you would propose addressing the concern)?
Not sure I support at this point, I understand the need for an architecture document with patterns and definitions, etc. There is a lot of work going on outside the IETF in this area such as the mDL work in ISO that already has patterns and definitions along with credential formats (mdoc) and transports (ble/http/nfc). I don’t believe the IETF should ignore these efforts since most of the driving licence and passport communities/companies are adopting this as one of the standards that issuers and verifiers will use. The same is true for W3C WebAuthn. The architecture, patterns and definitions should be free from technology, I don't know why W3C is mentioned in the introduction as the only technology, this should not be in the introduction but along with other technologies such as mDL/mdoc, webauthn, etc when describing profiles. As the goal would be for interested parties to produce profiles of other technologies to fit the architecture document with patterns and definitions. I believe that the WG if formed should also think about holder verification and patterns and attestations that can be used. Also there needs to be a notion of a "reader/wallet/etc" that can potentially store credentials (not necessarily the user or verifier) and release/store credentials upon "user" consent. There are other models than the 3 party that VCs use, so these also need to be considered in the architecture, patterns and definitions documents to enable profiles for other technologies. I believe in the 1st 3 items in Goals but I don't believe it would be in the best interest to define a metatdata protocol, as this sounds like this would be a protocol for obtaining DID documents, there are already many protocols out there for metadata retrieval, not sure there is a need for another one, if one is needed for DIDs then that may be better done in W3C as this does not seem to fit well with the charter This charter seems to be very scoped to W3C technology, I understand that interested parties will have to contribute if they want to have other technologies included but the charter in general does not seem to allow this, so removing specific technology will allow this to happen. I would be happy to give provide specific text changes to the charter. 2) If you do support the charter text: 3) Are you willing to author or participate in the developed of the WG drafts? yes • Are you willing to review the WG drafts? yes • Are you interested in implementing the WG drafts? I'm willing to see how we can use these outputs with the other industry technologies. _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
