2024-05-28 KERI/ACDC Meeting Notes

Zoom Meeting Link / Recording

Attendees

Agenda Items and Notes (including all relevant links)

TimeAgenda ItemLeadNotes
5 min
  • Start recording
  • Welcome & antitrust notice
  • Introduction of new members
  • Agenda review
Chairs
  • Antitrust Policy Notice: Attendees are reminded to adhere to the meeting agenda and not participate in activities prohibited under antitrust and competition laws. Only members of ToIP who have signed the necessary agreements are permitted to participate in this activity beyond an observer role.
  • New Members:
5 minsReview of action items from previous meetingChairs
  • Discuss the new potential threads of discussions and categorize them into topics that would could address.
  • Philip Feairheller to create an issue and PR in KERIA for event processing of delegables.
5 minsAnnouncementsTF Leads

News or events of interest to members:

5 mins

Reports

Open
  • KeriPy/Keria Delegables pushes. Added Process Escrows Delegables (default to local vs remote source)
    • Additional step to manually approve delegation.
    • Endpoint post
  • KERI/ACDC/CESR specs - no new PRs.
25 minsDiscussionOpen

Why Local vs Remote source son processing of events. History.

  • User Experience

Question of Asad Khan: How does FIDO2 relate to KERI, can KERI be integrated into FIDO2 or the other way around?

Answer Sam: FIDO2 could be used for authentication of witnesses and in OOBIs. FIDO2 is mostly to do more secure authentication factor to federated identifiers like OIDC. The problem is the use of barer tokens, they are vulnerable to known attacks. KERI AID replaces FIDO2 key pairs. KERI is better with key rotation. Even the blockchain-based solution did not solve key rotation in a safe way.

5 minsAny other businessOpenThe meeting chat partly copied over to accommodate newcomers:

Judith Fleenor (Trust Over IP) to Everyone (28 May 2024, 16:24) : ToIP Presence at EIC and Beyond https://www.trustoverip.org/blog/2024/05/23/toip-at-eic-and-beyond-a-summer-of-not-to-be-missed-sessions/

Henk to Everyone (28 May 2024, 16:29): Now that we have four new members on board: what questions do you have or what do you expect to hear / to learn here?

Asad Khan to Everyone (28 May 2024, 16:31) : Big part for me is just getting deeper into the nuts and bolts of KERI. Outside of documentation, getting to hear the context and the “why” behind certain design or functions/features is incredibly helpful. Not to mention just keeping up to date with what is happening in the community from a dev perspective.

Henk to Everyone (28 May 2024, 16:35):

@Asad Khan For those who have a chatGPT account we have a special channel there called the KERI wizzard : https://chatgpt.com/g/g-mTlHjxQCp-keri-wizzard but be careful, chatGPT could hallucinate.

Another source that might answer “why” questions are the recorded presentations of Sam of a few years ago. Look at https://keri.one/keri-resources/ . I personally like this one very much: https://www.youtube.com/watch?v=L82O9nqHjRE 40 minutes at 1.5 speed, then you get where he comes from in detail.

The last resource for the why question are the Q&A’s here: https://weboftrust.github.io/WOT-terms/docs/education/q-and-a-security?level=2 and https://weboftrust.github.io/WOT-terms/docs/education/q-and-a?level=2 The disclaimer here is that they’re not updated for a while, but still handle many fundamental questions people have.

5 mins
  • Review decisions/action items
  • Planning for next meeting 
Chairs
  • Topics for discussion
    • User Experience
      • OOBI exchanges
    • Watcher Network
    • Fido2 integration