Zoom Logo

Secure Data Storage - WG - Shared screen with gallery view
Dmitri Zagidulin
13:37
Agenda link: https://hackmd.io/ooq3efoKQpiE1fyeXFsr3A
Michael Shea
14:40
anything you say, will be recorded, modified and used against you.....
Daniel Buchner
15:07
I nominate Dietrich
Dietrich Ayala
15:25
I intro’d a few calls ago, but happy to do it again!
Daniel Buchner
15:29
oh
Daniel Buchner
15:34
sorry, didn't remember
Evan Tedesco
16:54
“I take the requirements from the business… and I give them to the developers. I’m a people person!”
Orie Steele (Transmute)
18:07
lol
Dmitri Zagidulin
18:32
https://github.com/decentralized-identity/secure-data-store/issues/35#issuecomment-634108736
Dave Longley
21:34
I think every layer that involves some kind of resource usage will involve authorization to use those resources -- and we'll need to tease those things out with respect to what our particular scope is.
Daniel Buchner
22:03
Who is "we" again?
Dave Longley
22:09
The SDS WG.
Daniel Buchner
22:15
no, I mean them
Orie Steele (Transmute)
22:27
DataShards folks I assume
Nader Helmy
22:28
Yeah authorization seems perpendicular to the secure storage, important but needs a more general solution
Ganesh Annan
22:29
https://datashards.net/
Daniel Buchner
22:32
ah
Serge Wroclawski
22:43
Datashards (no camel case (that changed early on))
Serge Wroclawski
22:47
datashards.org
Nader Helmy
26:05
+1 Jonathan
Nader Helmy
26:09
access is very important
Daniel Buchner
26:12
Invite would be Hubbish, imo
Dmitri Zagidulin
26:33
+1 to invite being Hub-ish
Orie Steele (Transmute)
27:08
Use the que
Daniel Buchner
27:19
I think that would actually result in the opposite
Nader Helmy
28:52
So in Orie’s proposal a Hub would be a superset of an EDV
Michael Shea
28:56
thx!
Orie Steele (Transmute)
28:58
correct
Orie Steele (Transmute)
29:16
I don’t think they should be 2 specs
Orie Steele (Transmute)
30:29
I agree with Daniels comments, 1 spec with clear layering
Jack Ramey
30:41
+1
Michael Shea
30:45
i would agree with Daniel and Orie. I think two spec’s will get misinterpreted .
Orie Steele (Transmute)
31:01
And its pretty much why we created this join item to avoid that...
Nader Helmy
31:11
That all seems reasonable
Dave Longley
31:34
+1 start with one
Dmitri Zagidulin
31:43
q+
Jack Ramey
31:46
Can somebody please link the hackmd.io link for this meeting if there is one? I must have joined after it was posted.
Daniel Buchner
31:53
https://hackmd.io/ooq3efoKQpiE1fyeXFsr3A
Jack Ramey
31:58
thanks Daniel
Evan Tedesco
32:03
Aside from “speed to consensus” is there any other value for 2 specs?
Daniel Buchner
32:05
I aim to please
Daniel Buchner
33:10
Secure Encrypted Data Hubs
Jack Ramey
33:20
need "Vaults" in there somewhere
Dmitri Zagidulin
33:42
+1, S.E.D.H.V. - just rolls off the tongue.
Michael Shea
33:48
+1
Serge Wroclawski
34:18
+1 but must always be expanded to reduce confusion or possible collision
Orie Steele (Transmute)
34:18
Sounds like “naming the spec"
Orie Steele (Transmute)
34:25
Is the problem… not the layering
Juan Caballero
34:31
Secure Hub for Encrypted Data-- SHED all day
Nader Helmy
34:47
NASSA - Not a Secure Storage Architecture
Daniel Buchner
34:50
That is amazing
Daniel Buchner
34:55
bikeSHED
Daniel Buchner
34:58
love it
Manu Sporny
35:03
dammit, Daniel beat me to it! :P
Orie Steele (Transmute)
35:45
https://github.com/decentralized-identity/secure-data-store/issues/44
Dmitri Zagidulin
35:47
https://github.com/decentralized-identity/secure-data-store/issues/44
Orie Steele (Transmute)
35:53
https://github.com/decentralized-identity/secure-data-store/issues/74
Daniel Buchner
36:09
I know I was active on that thread, but I no longer care
Orie Steele (Transmute)
36:25
https://github.com/decentralized-identity/secure-data-store/issues/74#issuecomment-645676378
Daniel Buchner
36:45
(other than possibly using pokemon names in alphabetically ascending order)
Manu Sporny
37:05
I thought Pokemon names was for the software releases?
Dmitri Zagidulin
38:03
yesss software releases! (nintendo please don’t sue)
Manu Sporny
38:47
All we need to do is just get Nintendo to join the group :) ... I have a few contacts there from an earlier career in the games industry...
Dmitri Zagidulin
39:05
manu: perfect
Nader Helmy
39:35
1.0 = Abra
Manu Sporny
40:11
+1 to what Orie is proposing right now
Serge Wroclawski
40:16
+1 I support Orie's proposal at this stage
Dmitri Zagidulin
40:18
+1
Dave Longley
40:22
+1
Daniel Buchner
40:24
+1
Tobias
40:31
+1
Dave Longley
40:37
Orie wins!
Kyle Den Hartog
40:46
+1
Evan Tedesco
40:56
+1
Michael Shea
41:00
+1 the appropriate names will emerge
Adrian Gropper
41:01
+1
Ralf Knobloch
41:02
+1
jonathan holt
41:05
+1
Orie Steele (Transmute)
42:52
https://github.com/decentralized-identity/secure-data-store/issues/80
Juan Caballero
45:08
im here twice sorry
Juan Caballero
45:10
audio problems
Juan Caballero
45:11
good eye
Juan Caballero
45:24
+49 = germany, for future reference ;)
Manu Sporny
45:29
you can phase shift into two people!?
Dave Longley
45:38
which pokemon is that
Juan Caballero
45:39
bumblefudge is on the line
Manu Sporny
45:57
Don't know that particular pokemon... *opens his PokeDex*
Dmitri Zagidulin
48:01
q+ after adrian
Dmitri Zagidulin
49:55
+1 to what Serge said, listing the api/protocol to Layer A
Orie Steele (Transmute)
50:35
Please use the que :)
Steve Magennis
52:33
i.e. when the put/get is executed it just 'does it' and doesn't care who asks or for what purpose?
Steve Magennis
52:42
or what environment
Dmitri Zagidulin
52:49
Steve: +1, yeah
Adrian Gropper
53:01
So Layer A does not care about encryption at all
Dmitri Zagidulin
53:21
q+ after manu
Steve Magennis
53:55
ceramic engraver
Nader Helmy
55:20
So would it be accurate to say the spec will enable access in a top-down manner, i.e. highest layers first?
Nader Helmy
55:44
higher layers act as potential “gatekeepers” to lower layers?
Dmitri Zagidulin
56:18
nader: that’s the proposal so far, yeah
Manu Sporny
56:30
nader: yes, maybe -- but you may be able to enter at a non-top layer...
Manu Sporny
57:17
q+ maybe we're missing a layer -- the encryption layer...
Dmitri Zagidulin
57:30
manu: I think Layer A is supposed to be the encryption layer...
Manu Sporny
57:42
Then where does IPFS come in! :P
Orie Steele (Transmute)
57:48
I think encryption happens before layer A…
Dmitri Zagidulin
57:51
below layer A
Manu Sporny
57:56
above?
Manu Sporny
58:07
/me draws a hypercube.
Orie Steele (Transmute)
58:09
And layer A is used to store stuff… if its not encrypted… that’s obviously a privacy issue :)
Dmitri Zagidulin
58:11
sorry, was answering the ‘where does IPFS come in’. My thought was - below Layer A
Serge Wroclawski
58:12
@Manu - before layer A
Dave Longley
58:19
i think terms like "before" depend on a particular interaction :)
Serge Wroclawski
58:23
below/before
Manu Sporny
59:42
Layer A - Untrustworthy Byte Storage
Manu Sporny
59:51
Layer B - Encrypted Block Storage
Manu Sporny
01:00:06
Layer C - Logical Storage (Vault, Document, Index)
Manu Sporny
01:00:20
Layer D - Authorization
Dmitri Zagidulin
01:00:29
ohhh I see. I misread. I thought Orie was proposing: (Unnamed/don’t care) - Untrustworthy Byte Storage, Layer A - Encrypted Block,
Manu Sporny
01:00:36
Layer E - Synchronization
Manu Sporny
01:00:45
Layer F - Semantic Data Objects
Juan Caballero
01:01:10
good eye, again!
Dmitri Zagidulin
01:02:08
Serge - so it sounds like what Manu is saying is that Layer A is data shard’s “storage” layer below the chunks
Orie Steele (Transmute)
01:02:13
+1 to Manu’s point…
Dave Longley
01:02:33
clearly people were confused in the group, so let's be explicit
Orie Steele (Transmute)
01:02:40
I think we need to start with explicit untrustworthy byte storage
Dmitri Zagidulin
01:02:45
+1
Dmitri Zagidulin
01:03:22
q+ after Longley
Dmitri Zagidulin
01:05:14
q-
Serge Wroclawski
01:06:24
+1 Datashards doesn't concern itself where the bytes live, whether locally, on EC2, IPFS, etc. We only care about chunks.
Dave Longley
01:06:30
it depends on who "you" is :)
Juan Caballero
01:06:43
^ uhoh
Dmitri Zagidulin
01:06:44
serge: ok, so it sounds like in this proposed structure, Datashards would come in at Layer B
Dave Longley
01:06:44
We need to define interactions and roles.
Andreas Freund
01:07:25
are we talking about logical or physical datashards?
Serge Wroclawski
01:07:48
@Dmitry yeah that's 100% in line with our view of the world. We currently consider that an implementation detail, but if someone wants to define that, sounds good to me
Dmitri Zagidulin
01:07:58
serge: +1
Adrian Gropper
01:08:01
Is the DID service endpoint the entry point? See: https://github.com/w3c/did-core/issues/324
Dave Longley
01:08:05
If we define roles and say those roles "enter here", it can be clean.
Manu Sporny
01:08:25
+1 to what Dave just said
Orie Steele (Transmute)
01:08:39
+1 to what Daniel is saying.
Manu Sporny
01:10:17
+1 to what Jonathan just said... seems to be aligned with what Dave said above.
Orie Steele (Transmute)
01:11:53
Bring up entry, leads to attacking this in opposite order… which I worry will lead us to endless debate, but perhaps its easier for the group to tackle these layers starting at a did document...
Dmitri Zagidulin
01:12:10
interesting point, Orie
Juan Caballero
01:12:23
I'm with Orie