Minutes IETF115: tigress: Thu 17:00
minutes-115-tigress-202211101700-00
Meeting Minutes | Transfer dIGital cREdentialS Securely (tigress) WG | |
---|---|---|
Date and time | 2022-11-10 17:00 | |
Title | Minutes IETF115: tigress: Thu 17:00 | |
State | Active | |
Other versions | markdown | |
Last updated | 2022-11-10 |
Tigress at IETF 115
- Note well
- Info about recordings, sign in etc
Tigress introduction
Requirements
Slide 11 : Security and privacy
- Question: Michael B - do you mean authentication?
- Response: It's not strong authentication
Slide 13: Intermediary Server Requirements
Yaron Sheffer: Privacy is not covered well enough in the drafts. If I
lend someone my car, I don't want anyone else to know. In the hotel
situation, the hotel is required to know.
Answer: There's only one current standard for car key transfer.
Yaron: If a requirement is to follow the CCC standard, it needs to be
clarified in the requirements.
Yaron: If the publisher of a credential needs to be in control of the
key sharing is per use case, not overall
Slide 14: Intermediare Server Requirements 2
Discussion about wallets being in control of selection of intermediary
services.
Michael B: Will it be possible to use this protocol without an
intermediary?
Answer: In theory an intermediary could be implemented on the device
itself.
Where we are
- a requirements draft
- a sample implementation
- all on github (link)
Chairs:
- Time to start moving documents to WG adoption
- Planning and succeeding in a hackathon would be a good idea
Tommy Pauly: How do we migrate implementations from the current early
implementation to the finished published IETF version?
Bradford: Thinking about reliable versioning of the protocol early on in
the doc would be helpful.
Alex: Currently the sharing URL is used for versioning
Yaron: If the URL implies the version, doesn't that imply that you have
the intermediary server?
answer: Good question
Nick: The current solution doesn't use a URL at all...
Chairs: Closing the meeting - have a great IETF week!