Zoom Logo

Secure Data Storage - WG - Shared screen with gallery view
Dmitri Zagidulin
03:32
Attendance list: https://hackmd.io/cPC54deJTQSsT2KTTIeM2Q
Dmitri Zagidulin
05:03
https://hackmd.io/cPC54deJTQSsT2KTTIeM2Q
Manu Sporny
07:03
Welcome Chris! Glad to see you here! :)
Chris Were
08:06
https://docs.datastore.verida.io/
Chris Were
08:09
Thanks Manu :)
Chris Were
08:26
https://medium.com/@verida/introducing-verida-datastore-an-encrypted-client-side-database-solution-for-dapps-2ad41c8b4242
Dmitri Zagidulin
10:05
https://hackmd.io/cPC54deJTQSsT2KTTIeM2Q
Dmitri Zagidulin
10:13
RESOLVED: This group would love to ship SDS with only one MUST-implement key scheme (insert your parameter name here). There may be more MAY/SHOULDs.
Dmitri Zagidulin
10:43
PROPOSAL: You MUST implement zcaps+httpsignatures, but you MAY implement X, Y, or Z.
Adrian Gropper
10:53
What is the relationship of the MUST to Service Endpoints?
Chris Were
12:27
Yes, why capabilities based?
Manu Sporny
12:30
q+ to ask about "authorization at what layer?"
Dmitri Zagidulin
13:02
q+ to answer Chris’s question.
Adrian Gropper
13:08
q+ to answer Chris
Dmitri Zagidulin
14:20
Layer Diagram in our spec: https://identity.foundation/secure-data-store/#ecosystem-overview
Orie Steele (Transmute)
14:30
Logical Storage layer
Orie Steele (Transmute)
15:17
q+
Manu Sporny
17:09
That's an excellent answer, Adrian -- we need to write that down in the spec...
Chris Were
17:13
Thank you Adrian
Dmitri Zagidulin
17:24
+1 to writing down Adrian’s answer in the spec!
Manu Sporny
17:27
because it's a different take from the technical reason.
Manu Sporny
17:29
+1
Manu Sporny
17:46
(and fundamentally, Adrians reason is a more compelling reason from the technical reason)
Manu Sporny
19:38
someone tie a line to Chris so that when he gets to level 89 of the cave and is attacked by a Beholder, we can pull him out.
Dave Longley
19:38
+1 to that answer... don't put identity everywhere -- only where it needs to be; requiring the PEP to know identities and the related ACL policy is unnecessary information leakage
Dave Longley
19:59
instead, grant a capability to access the data from the storage server (PEP)
Chris Were
20:50
I’m assuming Authentication doesn’t cover replication / sync layer?
Manu Sporny
20:53
q+ to argue against ZCAPS! :P
Kaliya Identity Woman
21:04
so do we put an issue to put Adrians answer in the speck
Manu Sporny
21:30
I feel like Ories "Great" wasn't heartfelt. :P
Andreas Freund
21:30
have we discussed the trust assumptions required and resulting consequences to separate the policy decision from the policy enforcement point?
Dmitri Zagidulin
22:15
Orie’s proposal from last call: PROPOSAL: You MUST implement zcaps+httpsignatures, but you MAY implement X, Y, or Z.
Orie Steele (Transmute)
22:23
q+ to propose OIDC as the authorization mechanism
Dmitri Zagidulin
22:35
@Kaliya - yes, let’s open an issue, re adrian’s comment in the spec
Oliver Terbu
22:51
I am not sure if consensys signed the SDS charter? Could someone check?
Dave Longley
24:06
some downsides to OAuth2: bearer tokens, no delegation, centralized auth servers/client registration
Adrian Gropper
24:26
Which is more uphill- ZCAps or GNAP?
Dmitri Zagidulin
24:37
@Kaliya - can you check, re Consensys & charter?
Dave Longley
24:55
ZCAPs are a CCG work item, just like SDS is -- we can directly work on both, GNAP is out of our control
Manu Sporny
26:27
Adrian, GNAP feels like it's more uphill... we barely know where it's going and we have no control of it.
Manu Sporny
27:23
yes, that's true
Adrian Gropper
27:27
q+
Manu Sporny
27:30
+1 to what Orie said
Dave Longley
27:33
+1 to what Orie said
Manu Sporny
27:57
q+ to note what implementers implement today.
Juan Caballero
28:47
Oliver you're good
Juan Caballero
29:04
nothing about a "Mesh" tho ;)
Dmitri Zagidulin
29:32
q+ to mention the tension between “only one” vs many Authorization schemes, in the spec.
Orie Steele (Transmute)
29:44
I agree with Adrian…. higher level APIs will have different authorization…. The same thing applies to Hubs
Manu Sporny
29:51
q- later
Oliver Terbu
30:35
q+
Andreas Freund
30:52
will do
Chris Were
31:55
q+
Manu Sporny
32:08
q+ sooner! :P
Adrian Gropper
32:37
q+
Adrian Gropper
32:49
to answer to poeratbility
Dave Longley
33:33
+1 to one MUST implement and then MAY implements are permitted
Dmitri Zagidulin
34:13
q+ to ask “if OAuth2, then what data model (of the token)”
Manu Sporny
36:31
Yes, and I"m so happy that Juan has volunteered to write that delegation use case! :P
Dmitri Zagidulin
36:40
wohoooo! :) thanks Juan
Manu Sporny
36:48
Such a great guy!
Juan Caballero
36:59
ahem
Manu Sporny
37:02
:P
Manu Sporny
37:38
Agree with Adrian
Dmitri Zagidulin
37:43
+1
Manu Sporny
37:57
We don't want to assume that Data Subject is the one acting on the EDV... we need to support delegation/guardianship
Dave Longley
38:05
+1 no assumptions as to "who "control the keys/client
Manu Sporny
38:48
(and dictators, of course... /especially/ dictatorial regimes)... My people! I will manage your data for you.
Manu Sporny
39:21
+1 perhaps the delegation use case is the healthcare one?
Michael Shea
39:28
or large trillion dollar organizations….
Dmitri Zagidulin
39:34
(q+ to mention interplay of authorization + moving data)
Manu Sporny
40:04
Well, clearly Michael... they wouldn't have all that money if people didn't trust them with it :)
Michael Shea
40:52
is it just me, or does Jeff Bezos look like Dr. Evil….
Manu Sporny
42:20
/me sideways glances at Zoom data channels moving over AWS... shuffles away from Michael. :P
Adrian Gropper
43:15
q+ to discuss scope
Dave Longley
44:12
(dmitri's point is a good one -- either way we have some amount of inventing to do)
Manu Sporny
44:30
+1 to Dmitri's point.
Dmitri Zagidulin
45:23
q+ to ask about scopes.
Manu Sporny
45:57
q+ to call Orie's original proposal, see where we are.
Chris Were
47:19
+1 data streams are important to consider
Dmitri Zagidulin
48:47
@Chris and @Adrian - it would be great to open an issue and bring up the subject of Streams. (since we don’t have a concept of those defined so far)
Orie Steele (Transmute)
48:53
Sounds good
Dmitri Zagidulin
49:16
Straw Poll: PROPOSAL: You MUST implement zcaps+httpsignatures, but you MAY implement X, Y, or Z.
Manu Sporny
49:23
+1
Orie Steele (Transmute)
49:25
+1
Dave Longley
49:25
+1
Chris Were
49:44
-1
Adrian Gropper
49:50
+0 because I don’t understand the tech
Oliver Terbu
49:58
-1
Juan Caballero
50:15
+0 but i would like to hear what constraints/requirements would be imposed on non-ZCap implementations?
Manu Sporny
50:54
q+ to attempt after hearing from Chris and Oliver.
Orie Steele (Transmute)
51:12
Its just a different value for the Authorization header… we already have working interop for HTTP Signatures… we can get it with extra work for other values…
Dave Longley
51:44
q+ to say you can't block anyone anyway
jonathan
51:48
-0.5
Oliver Terbu
53:18
I do like ZCaps though
Chris Were
54:09
Dave: Yep, good point.
Nader Helmy
54:10
+1 for an object capabilities approach, also +1 to the point that we’ll need to invent things so developing zcap in parallel almost seems like a way to manage risk
Orie Steele (Transmute)
54:15
Agree with Dave… we can’t control what people do with HTTP headers.
Manu Sporny
54:57
We don't have consensus... :) -- so we need to talk more
Manu Sporny
55:17
q+
Oliver Terbu
55:32
I think it would help if someone could clarify the current state of the zcaps spec
Orie Steele (Transmute)
56:36
@Oliver https://github.com/decentralized-identity/secure-data-store/runs/1081890056?check_suite_focus=true
Orie Steele (Transmute)
56:50
https://github.com/digitalbazaar/http-signature-zcap-invoke
Nader Helmy
56:54
perhaps someone from GNAP could present at some point?
Orie Steele (Transmute)
56:58
https://github.com/digitalbazaar/http-signature-zcap-verify
Orie Steele (Transmute)
57:08
These work, we use them.
Manu Sporny
57:16
q+ "current state" of spec.
Dave Longley
57:52
So the current state of the spec is that it lags behind interoperable implementatinos.
Dave Longley
58:03
The spec needs to be updated to match those implementations -- we already have the same problem with the EDV spec.
Juan Caballero
58:18
q+
Juan Caballero
58:19
https://github.com/decentralized-identity/secure-data-store/issues/80
Dmitri Zagidulin
58:38
time has no meaning these days anyways
Manu Sporny
58:45
it's true
Manu Sporny
58:52
we'll get it done during this pandemic.
Chris Were
58:56
On that note, is there a timeframe for the SDS spec? I assume not.
Manu Sporny
59:15
We'll get the SDS spec ready for official WG during this pandemic :P
Adrian Gropper
59:51
how many protocols do you need for herd immunity?
Juan Caballero
59:52
held up by missing use cases
Manu Sporny
59:53
more seriously, we don't know yet
Manu Sporny
01:00:08
we need to figure all of this stuff out
Manu Sporny
01:00:20
and it'll take as long as it takes for us to more or less get on the same page.
Manu Sporny
01:00:30
We have working implementations, which is a good place to be.
Juan Caballero
01:00:33
herd specificity?
Juan Caballero
01:00:40
can we record it?
Juan Caballero
01:00:42
or rather
Juan Caballero
01:00:50
can we publish an edited subset of the rec?
Manu Sporny
01:00:54
Thanks all! :)