PROPOSED Verifiable Credentials Working Group Charter
The mission of the Verifiable Credentials Working Group is to make expressing, exchanging, and verifying credentials easier and more secure on the web.
This proposed charter is available on GitHub. Feel free to raise issues.
| Start date | [dd monthname yyyy] (date of the "Call for Participation", when the charter is approved) |
|---|---|
| End date | [dd monthname yyyy] (Start date + 2 years) |
| Chairs |
Brent Zundel (Evernym) additional chair TBD |
| Team Contacts | Ivan Herman (0.1 FTE) |
| Meeting Schedule |
Teleconferences: 1-hour calls will be held weekly, plus additional special-topic calls as needed
Face-to-face: We will meet during the W3C's annual Technical Plenary week; additional face-to-face meetings may be scheduled by consent of the participants, usually no more than 3 per year. |
Scope
Building on the experience gained through implementation, deployment and usage of verifiable credentials (VC), this Working Group will extend VC foundations with new standardized technologies to improve the use of verifiable credentials on the Web.
The scope of the Verifiable Credentials Working Group is:
- Addressing errata found in previous versions of the Verifiable Credentials Data Model
- Data models for credentials, presentations, and proofs
- Registries for the data models
- Algorithms for the expression and verification of proofs that use existing cryptographic primitives
- Refining multilingual support in data models
Out of Scope
The following features are out of scope, and will not be addressed by the Verifiable Credentials Working group:
- The mandate of any specific style of supporting infrastructure (such as a DLT) for a verifiable credentials ecosystem
- The specification of new cryptographic primitives
Deliverables
Updated document status is available on the group publication status page.
Draft state indicates the state of the deliverable at the time of the charter approval. Expected completion indicates when the deliverable is projected to become a Recommendation, or otherwise reach a stable state.
Normative Specifications
The Working Group will deliver the following W3C normative specifications:
- Verifiable Credentials Data Model 2.0
-
This specification defines the Verifiable Credentials Data Model 2.0 along with serializations of that data model. It will replace the current VC Data Model 1.1 Recommendation.
Draft state: Editor's Draft
Expected completion: Q4 2023
-
Adopted Draft: Verifiable Credentials Data Model 1.1
Exclusion Draft: Verifiable Credentials Data Model 1.1 Exclusion period began 11 November 2021; Exclusion period ended 08 January 2022.
Other Charter: https://www.w3.org/2020/12/verifiable-credentials-wg-charter.html
-
- Verifiable Credential Data Integrity 1.0
-
This specification defines how to express proofs of integrity, such as digital signatures or proofs of existence, for bounded documents, such as verifiable credentials. Concrete serializations will be provided based on VC-JWT, the Ed25519 Cryptosuite, and the Secp256k1 Cryptosuite. Concrete serializations might be provided based on the BBS+ Cryptosuite, if an IETF BBS+ RFC is published in time. Concrete serializations might be provided for VC-JWP, if an IETF JWP RFC is published in time. The final output specifications might not map directly to the list of input drafts. Other output serializations covering cryptographic primitives published in IETF RFCs not mentioned in this paragraph might be produced.
Draft state: Data Integrity, VC-JWT, Ed25519 Cryptosuite, Secp256k1 Cryptosuite, BBS+ Cryptosuite
Expected completion: Q4 2023
Other Deliverables
Other non-normative documents may be created such as:
- Presentation Request Data Model
- Storage and Sharing of Verifiable Credentials
- Privacy Guidance for Verifiable Credentials
- An API for Verifiable Credential Exchange
- Guidance to enhance verifiable credential interoperability:
- VC Extension Vocabularies (e.g., ISO 18013-5 Mobile Driver's License)
- Implementation Guides
- Test Suites
- Test suites for verifiable credential proof types:
- VC Data Integrity - Ed25519
- VC Data Integrity - BBS+
- VC JSON Web Tokens
- Extensions for binding multilingual strings to GNU gettext-like localization files
The Working Group may also update Notes published under previous charters.
Timeline
- WG-START +1 month: First teleconference
- WG-START +2 months: FPWD for VCDM 2.0
- WG-START +5 months: First face-to-face meeting
- WG-START +6 months: FPWD for VCDI 1.0
- WG-START +14 months: CR for VCDM 2.0
- WG-START +18 months: CR for VCDI 1.0
- WG-START +24 months: REC for all standards-track documents
Success Criteria
In order to advance to Proposed Recommendation, each normative specification will fulfill the implementation experience required by the W3C Process as follows:
- The Working Group will seek evidence of independent interoperable uses from at least two independent implementations for each feature defined in the specification.
- The group will there are sections in the specifications detailing any known security or privacy implications for implementers, Web authors, and end users.
- The group will maintain and advance test suites enabling interoperability testing for the specifications.
Coordination
For all specifications, this Working Group will seek horizontal review for accessibility, internationalization, performance, privacy, and security with the relevant Working and Interest Groups, and with the TAG. Invitation for review must be issued during each major standards-track document transition, including FPWD. The Working Group is encouraged to engage collaboratively with the horizontal review groups throughout development of each specification. The Working Group is advised to seek a review at least 3 months before first entering CR and is encouraged to proactively notify the horizontal review groups when major changes occur in a specification following a review.
Additional technical coordination with the following Groups will be made, per the W3C Process Document:
W3C Groups
- RDF Canonicalization and Hashing Working Group Note: This WG is currently being chartered
- To synchronize on canonicalization output expression mechanisms that might be used by the VC Data Integrity specification.
- Decentralized Identifier Working Group
- To synchronize on cryptography-related vocabularies and definitions.
- Web of Things Working Group
- To synchronize on the needs and requirements of the WoT community, in particular on the subject of WoT Thing Descriptions, regarding digital signatures.
- Credentials Community Group
- Coordination on other specifications incubated by the Credentials Community Group that might utilize the output of this Working Group.
External Organizations
- Internet Engineering Task Force Security Area Directorate
- To coordinate broad horizontal reviews on the output of the Working Group among the security working groups at IETF.
- Internet Engineering Task Force Crypto Forum Research Group
- To perform broad horizontal reviews on the output of the Working Group and to ensure that new pairing-based and post-quantum cryptographic algorithms and parameters can be integrated into the Data Integrity ecosystem.
- National Institute of Standards and Technology, U.S. Department of Commerce
- To coordinate in ensuring that new pairing-based and post-quantum cryptographic algorithms and parameters can be integrated into the Data Integrity ecosystem.
- Hyperledger Aries
- To coordinate on broad horizontal reviews and implementations related to the specifications developed by the Working Group.
- Decentralized Identity Foundation Interoperability Working Group
- To coordinate on broad horizontal review and integration of the specifications developed by the Working Group into the Decentralized Identity Foundation's ecosystem.
- European Telecommunications Standards Institute - Electronic Signatures and Infrastructure Technical Committee
- To coordinate in ensuring that eIDAS-compliant systems can be built on top of the specifications developed by the Working Group.
- IMS Global
- Ensure that the badges being modeled and expressed by the Open Badges community are compatible with the Verifiable Credentials WG.
- ISO/IEC JTC 1/SC 17/WG 10
- Ensure that the mobile driving licenses being modeled and expressed by the ISO SC17 WG10 community are compatible with the work of the Verifiable Credentials WG.
- ISO/IEC JTC 1/SC 17/WG 4
- Ensure that the 23220-2 data model expressed by the ISO SC17 WG4 community is compatible with the work of the Verifiable Credentials WG.
Participation
To be successful, this Working Group is expected to have 6 or more active participants for its duration, including representatives from the key implementors of this specification, and active Editors and Test Leads for each specification. The Chairs, specification Editors, and Test Leads are expected to contribute half of a working day per week towards the Working Group. There is no minimum requirement for other Participants.
The group encourages questions, comments and issues on its public mailing lists and document repositories, as described in Communication.
The group also welcomes non-Members to contribute technical submissions for consideration upon their agreement to the terms of the W3C Patent Policy.
Participants in the group are required (by the W3C Process) to follow the W3C Code of Ethics and Professional Conduct.
Communication
Technical discussions for this Working Group are conducted in public: the meeting minutes from teleconference and face-to-face meetings will be archived for public review, and technical discussions and issue tracking will be conducted in a manner that can be both read and written to by the general public. Working Drafts and Editor's Drafts of specifications will be developed in public repositories and may permit direct public contribution requests. The meetings themselves are not open to public participation, however.
Information about the group (including details about deliverables, issues, actions, status, participants, and meetings) will be available from the Verifiable Credentials Working Group home page.
Most Verifiable Credentials Working Group teleconferences will focus on discussion of particular specifications, and will be conducted on an as-needed basis.
This group primarily conducts its technical work on the public mailing list public-vc-wg@w3.org (archive) or on GitHub issues (and specification-specific GitHub repositories and issue trackers). The public is invited to review, discuss and contribute to this work.
The group may use a Member-confidential mailing list for administrative purposes and, at the discretion of the Chairs and members of the group, for member-only discussions in special cases when a participant requests such a discussion.
The group will publish minutes for each teleconference at https://www.w3.org/2017/vc/WG/Meetings/Minutes/.
Decision Policy
This group will seek to make decisions through consensus and due process, per the W3C Process Document (section 3.3). Typically, an editor or other participant makes an initial proposal, which is then refined in discussion with members of the group and other reviewers, and consensus emerges with little formal voting being required.
However, if a decision is necessary for timely progress and consensus is not achieved after careful consideration of the range of views presented, the Chairs may call for a group vote and record a decision along with any objections.
To afford asynchronous decisions and organizational deliberation, any resolution (including publication decisions) taken in a face-to-face meeting or teleconference will be considered provisional. A call for consensus (CfC) will be issued for all resolutions (for example, via email, GitHub issue or web-based survey), with a response period of 1 week, depending on the chair's evaluation of the group consensus on the issue. If no objections are raised by the end of the response period, the resolution will be considered to have consensus as a resolution of the Working Group.
All decisions made by the group should be considered resolved unless and until new information becomes available or unless reopened at the discretion of the Chairs or the Director.
This charter is written in accordance with the W3C Process Document (Section 3.4, Votes) and includes no voting procedures beyond what the Process Document requires.
Patent Policy
This Working Group operates under the W3C Patent Policy (Version of 15 September 2020). To promote the widest adoption of Web standards, W3C seeks to issue Web specifications that can be implemented, according to this policy, on a Royalty-Free basis. For more information about disclosure obligations for this group, please see the W3C Patent Policy Implementation.
Licensing
This Working Group will use the W3C Software and Document license for all its deliverables.