Zoom Logo

Secure Data Storage - WG - Shared screen with gallery view
Dmitri Zagidulin
04:36
https://hackmd.io/XLrU_rN0TrOIHrvnc6kblg
Dmitri Zagidulin
06:35
https://hackmd.io/XLrU_rN0TrOIHrvnc6kblg
Kaliya Identity Woman
08:25
Go Canada!!
Dmitri Zagidulin
09:43
https://hackmd.io/XLrU_rN0TrOIHrvnc6kblg
Dmitri Zagidulin
09:52
https://docs.google.com/presentation/d/1QEHSs4XJ05yQl2mvpiqbM80-MySxlVI9cNDLPq_XkkY/edit#slide=id.g8a2289ca98_0_0
Michael Shea
10:19
where do you want attendance list?
Manu
11:30
link in chat? I joined late :(
sumita
11:40
https://hackmd.io/XLrU_rN0TrOIHrvnc6kblg
https://docs.google.com/presentation/d/1QEHSs4XJ05yQl2mvpiqbM80-MySxlVI9cNDLPq_XkkY/edit#slide=id.g8a2289ca98_0_0
Manu
11:49
Thank you Sumita! :)
cwebber
13:07
+1 for the carrier pigeon :)
Manu
13:32
... encoded on a small scroll and attached to the foot of a carrier pigeon for safe keeping...
cwebber
15:58
q+ to ask about client location
cwebber
16:11
maybe it's pre-empting :)
Daniel Buchner
16:15
use hands
Kaliya Identity Woman
16:37
https://hackmd.io/XLrU_rN0TrOIHrvnc6kblg
https://docs.google.com/presentation/d/1QEHSs4XJ05yQl2mvpiqbM80-MySxlVI9cNDLPq_XkkY/edit#slide=id.g8a2289ca98_0_0
Daniel Buchner
17:27
Hub can live on your device
Daniel Buchner
17:39
just think of a Hub as an instance, which can run anywhere
Dave Longley
17:39
that client also points off to another EDV that might live somewhere else
Daniel Buchner
17:45
remote versions of it would not have keys
Daniel Buchner
18:01
they would just sync the data from other key-powered instances
Adrian Gropper
18:36
Why are we doing SDS?
Orie Steele (Transmute)
18:50
Please use the que
cwebber
19:46
I guess hub just partly feels "vague" terminology wise, it's not clear to me what role they perform by the name
Dave Longley
19:49
i imagine a hub could also *not* have the server piece in it and totally externalize that.
Orie Steele (Transmute)
20:08
Correct ^
Manu
21:27
"Oh, 'Identity Hub'... that clears it up!" :P
Dave Longley
21:31
:)
Serge Wroclawski
21:44
Good question. I have many of the same questions, because there are so many things coming in att different levels
Orie Steele (Transmute)
22:45
Yep, fitting 2 things together, requires understanding both, and seeing how they can be built on each other and where they overlap, and where they don't.
Manu
22:47
/me chuckles at the "shout out to <INSERT_STANDARD_HERE>" :)
Manu
23:01
only in this group.
Orie Steele (Transmute)
23:29
Hubs have access to plaintext…. That’s the main difference from a security perspective.
cwebber
24:08
so is all identity hub information public
Daniel Buchner
24:38
no
Daniel Buchner
24:55
An identity hub serves objects
Daniel Buchner
25:03
some may be encrypted, some aren't
Daniel Buchner
25:12
you choose which to encrypt as the user
Orie Steele (Transmute)
25:15
No, and thats part of what is so confusing about Daniels explanations… because hubs are meant to support both encrypted and plaintext…. But they ALWAYS have plaintext meta data, regardless of if the content in encrypted.
Michael Shea
25:23
Identity is not a good name.
Orie Steele (Transmute)
25:29
correct
Dave Longley
25:32
:)
Daniel Buchner
25:52
Identity is everything you say, do, interact with, type into an app, or think in your entire life
Daniel Buchner
25:57
that's why I called them that
Daniel Buchner
26:14
I guess we could call them Literally Everything On Earth Hubs
Daniel Buchner
26:21
need some word for that
Juan Caballero
26:27
totality hubs
Manu
26:42
Singularity Hubs
Daniel Buchner
26:57
http://www.backalleycoder.com/2018/01/25/identity-is-the-dark-matter-energy-of-our-world/
Daniel Buchner
31:15
Some things a Hub will allow you to store within the EDV inside it, in either private (encrypted just for you), semi-private (you plus N other), or in the clear: textual, vocal, or visual communications, licenses, permits, certificates, blog posts, shopping reviews, comments, music, paintings, novels, photos, sales, offers, events, tickets, bids, asks, product data objects, documents, grocery lists.
Dave Longley
31:55
+1 to putting edv clients into those different components
Orie Steele (Transmute)
32:26
+1
Daniel Buchner
32:29
Just think of it this way: EDV has no way to act as a useful decentralized app datastore. But adding a Hub's interfaces as the entry, you can now use an EDV to do useful app/service stuff
Orie Steele (Transmute)
35:16
@Daniel please be more respectful
Daniel Buchner
35:26
What do you mean?
Daniel Buchner
35:49
I am not clear how what I said is controversial
Orie Steele (Transmute)
35:56
Both EDVs and Hubs have interfaces that developers want to use.. please don’t assert something else.
Orie Steele (Transmute)
36:08
It harms collaborativity
Daniel Buchner
36:09
Everything I said was empirical and factual
Daniel Buchner
36:29
No, you cannot build a cohesive decentralized app across users with EDV alone
Daniel Buchner
36:48
literally impossible to call a random person's EDV and say "Please give me MusicPlaylists"
Daniel Buchner
36:56
it literally will not have the logic to respond to that
Daniel Buchner
36:59
by design
Daniel Buchner
37:06
so it needs that added above it
Daniel Buchner
37:19
This is not a controversial statement, it's fact
Orie Steele (Transmute)
37:36
Yes regarding music, but no regarding, will some people want to use use EDVs, and not care to expose plaintext documents or meta data
Orie Steele (Transmute)
37:57
I am one of the developers who will use EDVs as is for some things
Orie Steele (Transmute)
38:04
I will use hubs as well
Orie Steele (Transmute)
38:15
But I find both valuable as a developer.
Daniel Buchner
38:16
sure, if you are addressing your own EDV and all you want to do is get some of your own encrypted objects that you specifically have awareness of on some client mapping you hold, sure
Orie Steele (Transmute)
38:44
Thats correct, there are use cases which support “its my dev and its my data".
Daniel Buchner
38:46
but I can't just dial up Bob's DID, get his EDV endpoint, and send a query that would be understood by one of his remote EDV instances
Dave Longley
38:53
i generally agree with your point Daniel (that we want higher layers), but you could make a request, using an EDV client only, for all data that has been indexed with a type of "MusicPlayList"
Dave Longley
39:07
and get back N documents that contain those things.
Orie Steele (Transmute)
39:35
And in fact, we do this today for a number of categories of data… including wallet contents.
Dave Longley
39:41
yes.
Daniel Buchner
39:56
Dave, my name is Alice, I just met Bob. I know Bob's DID now. I want to look up an active, online version of his personal datastore to ask for his resume data
Daniel Buchner
40:02
this data is public
Daniel Buchner
40:10
Bob wants literally everyone to be able to see it
Orie Steele (Transmute)
40:18
If its public data, use a hub.
Daniel Buchner
40:36
Yes, if you want to go find like 90% of data on earth, use a Hub, I agree
sumita
40:43
What if you wanted Bob’s credit report? How’s that flow?
Daniel Buchner
40:49
if you want to do app interop for 90% of use cases on the planet, correct
Dave Longley
41:15
for sumita's flow, you could use CHAPI and ask for a zcap to access a particular document that contains their credit report.
Daniel Buchner
41:32
If you want to see Bot's credit report, you would send his remote Hub an ecrypted request for access
Dave Longley
41:41
then you could use that zcap to get that document from Bob's EDV.
Daniel Buchner
41:42
it would be relayed to one of Bob's local hub instances
Daniel Buchner
41:53
his local instances would have keys to allow you access
Daniel Buchner
42:06
he would then push up a modified state to his remote hub
Daniel Buchner
42:18
the remote hub could then serve that data, even though it is encrypted
sumita
42:19
But his credit report would be stored in the EDV yes? Sorry I must be conflating EDV and wallets… they seem to be the same thing in the diagram
tobiaslooker
42:26
q+
Daniel Buchner
42:36
Everything is stored in the EDV
Dave Longley
42:39
you could also ask for the credit report in the form of a VC over CHAPI ... and Bob's digital wallet could respond with the VC (after decrypting it locally) without directly giving access to the encrypted document.
Manu
42:44
Sumita is correct... credit report stored in EDV... not in wallet.
Daniel Buchner
42:44
because the EDV is inside the Hub
Orie Steele (Transmute)
42:57
The dev client is in the hub
Daniel Buchner
42:59
the EDV is kind of like a dumber encrypted database within the Hub
Manu
43:00
EDV is no longer inside Hub...
Daniel Buchner
43:03
and the hub makes sense of that
Daniel Buchner
43:19
Manu: it probably sits right next to it in most implementations
Manu
43:23
Hub has an EDV client and uses that to talk to storage.
Manu
43:30
Daniel: Yes, agree w/ taht.
Daniel Buchner
43:31
yes
Orie Steele (Transmute)
43:38
agree
Daniel Buchner
43:39
exactly
Juan Caballero
43:40
+1
Dave Longley
44:22
"consent powerbox" :P (please don't use that term)
tobiaslooker
44:39
Haha!
sumita
45:13
What should I read to understand EDV, wallets and CHAPI?
tobiaslooker
45:17
What about just Authority?
tobiaslooker
45:35
Can be an authorisation server or a wallet accessed via CHAPI?
Manu
45:41
Sumita -- unfortunately, the specs, which are not in a good state... :(
Manu
45:56
Sumita - EDV spec is readable
Orie Steele (Transmute)
45:58
Sumita: we have a demo of them working together
Daniel Buchner
46:00
Why should I be forced to go to an authorization server to read someone's public tweets, resume, or blog posts?
sumita
46:01
https://digitalbazaar.github.io/encrypted-data-vaults/#why-do-we-need-encrypted-data-vaults. — this?
Manu
46:12
Sumita, finding a link for you... one sec.
Daniel Buchner
46:20
that's not how the web works today, and it would be terrible to force that on decentralized apps
sumita
46:36
Orie- can you share demo link?
Orie Steele (Transmute)
46:37
Can’t promise its still working: https://did-edv.web.app/
Manu
46:40
Sumita - EDV and Identity Hubs -- https://identity.foundation/secure-data-store/
Orie Steele (Transmute)
46:48
With: https://wallet.interop.transmute.world/
Orie Steele (Transmute)
47:05
See also: https://w3c-ccg.github.io/credential-handler-api/
sumita
47:12
thanks!
Manu
48:32
haha!
tobiaslooker
48:39
Well, they often do though, you can’t view a lot of tweets without being logged in?
Manu
48:44
q+
Dave Longley
48:45
perhaps a hub should be thought of as having access to *many* different EDVs -- and it helps you manage them and a set of rules around responding to particular requests related to the data in those EDVs.
tobiaslooker
49:02
Which requirers hitting an AuthZ server
Daniel Buchner
49:05
I did not realize me having a publicly accessible blog was me victimizing myself via surveillance capitalism
Manu
49:07
+1 to that above ^
Orie Steele (Transmute)
49:14
+1 ^
Daniel Buchner
49:16
Please come surveil this post: http://www.backalleycoder.com/2018/01/25/identity-is-the-dark-matter-energy-of-our-world/
cwebber
49:31
https://datashards.gitlab.io/datashards-specs/overview.html#layers
Orie Steele (Transmute)
49:35
+1 to time to data shards
Dave Longley
49:45
which thing(s) were people +1ing :)?
Manu
50:01
I was +1'ing what you said.
George Aristy
50:05
I'm confused with this diagram. It's an SDS Architecture diagram. But I only see Identity Hub + EDV (+ some other bits). Is the SDS essentially just a configuration of an Identity Hub with EDVs? Or is the Identity Hub about to be renamed to SDS?
Manu
50:46
George - SDS is a bad name :) -- we're still working on that... SDS ~= EDV + Identity Hub ... but even that is problematic.
Orie Steele (Transmute)
51:37
Its useful in that its not one of the existing input documents, and both sides hate it :)
Orie Steele (Transmute)
51:55
But I agree its problematic
Manu
52:21
+1
Dave Longley
52:27
George -- an EDV can be thought of as a "new primitive" based on client-side encryption and encrypted indexes ... that changes the trust characteristics around storage providers. An "identity hub"...
Dave Longley
52:49
is a thing that helps you manage N EDVs ... and also has a set of rules for responding to queries about the data residing on those EDVs.
Daniel Buchner
52:59
Correct
Orie Steele (Transmute)
53:18
Can we get that added to the spec asap ^
Orie Steele (Transmute)
53:33
like… open an issue and paste what there was agreement on
Daniel Buchner
53:34
and some Hubs of yours, depending on whether they reside with you or on a remote host, have keys the remote ones don't
George Aristy
53:41
@Dave: yep, I got that. I'm just confused by the naming.
Daniel Buchner
54:08
Remote hubs can only serve things, they can't modify things they don't have keys too
Daniel Buchner
54:26
they are more or less app-level servers, because they don't have key-powers
Dave Longley
56:19
orie: https://github.com/decentralized-identity/secure-data-store/issues/85 ... daniel, feel free to add more there.
Dave Longley
57:05
daniel, sounds like those remote hubs have read-only access vs. no access at all.
Daniel Buchner
57:46
yes, a remote hub has read access to only what is absolutely stored with it as an intended-public object
Daniel Buchner
58:04
other than that, it just serves encrypted objects from the EDV that it cannot read
Daniel Buchner
58:19
all it may have for some objects is a type name "MusicPlaylist"
Daniel Buchner
58:27
and the playlist itself is encrypted
George Aristy
59:11
It's a good idea to make that very explicit. Initially I fell into the trap of interpreting the diagram that way.
Daniel Buchner
59:52
basically, any objects can be stored via a Hub that range from totally encrypted with 0 metadata at all, to fully public, and everywhere in between
Daniel Buchner
01:00:10
it's up to the user and the apps to decide what
Manu
01:01:47
I have questions, but for next time :)