Thursday April 1
...
- Marcos Allende Lopez (LACChain/IADB),
- Stephan Baur (Kaiser Permanente),
- RJ Reiser (Liquid Avatar Tech)
- Sid Mishra
- Steve Megennis
- Marcos Loiez
- Sankarshan Mukhopadhyay
- Drummond Reed
- Julian Ranger
- Savita Farooqi
- Scott Perry
- Kaliya Young
Agenda Items
Time | Item | Who |
---|---|---|
2 min | Welcome & Antitrust Policy Notice | Chair & PM |
5 min | Introductions | Chair & PM |
5 min | Backgrounder | Chair |
Good Health Pass Blueprint Review
TBC
Tooling
+ | Open Discussion | Group |
2 min | Wrap up | Chair & PM |
Meeting Notes
- [Darrell] Anti-trust and membership policy introduction
- [Todd] Work at this group and GHP was reflected in conversations at the WHO call of 31Mar
- Key interoperability questions - [Darrell] some opening remarks on the topic of trust registries as a solution and where they fit in (are they a solution or a challenge?)
- Is there a way to establish transitive trust between different parts of the GHP digital trust ecosystem
- [Todd] establishing a globally scalable, jurisdiction specific registry is a challenge eg. X.509 trust registries - how do we work with those?
- [Darrell] analogy of lanes/queues to describe the nub of the issue
- [Julian] ‘who is being registered in these registry’ - assumption is people making the tests and vaccines (this massive trust registry is impossible) a short term solution is that the people who provide the trust (the app providers) provide it directly when presenting credentials.
...
There are a lot of existing networks/lists - don’t we need to connect these up. We will likely have a network of networks
From 30 MAR 2021 meeting - input from Marcos: What form can practical trusted registries take? - Centralized - Decentralized (Permissioned, Permissionless, Federated) - Other? Which information is necessary to register in a trusted registry by an issuer when a verifiable credential is issued? - Hash of the content - Status of the credential - Link to the issuer (DID + digital signature) - Link to the subject Which information is necessary to verify against a trusted registry when they are presented to verifiers? - The issuer as an authorized entity - The status of the credential - The content/claims of the credential Who is responsible for defining or maintaining lists of entities authorized to be issuers of specific verifiable credentials in specific contexts or jurisdictions (i.e., the laboratories authorized to issue certificates of COVID-19 tests in Honduras) How do we specify in the verifiable credential the trusted registry where the proofs are registered? How do we establish a standard for both centralized and decentralized registries to store and make available the proofs in a way that is common to everyone, so once the verifier figures out the trusted ledger to be checked and the access point to it (which should be able to do directly from the credential), the protocol to accomplish verification is standardized |
Steve Magennis: I believe items 5-11 below is where our focus needs to be and where we can offer real value. Items 1-4 are deep, complex issues that need to be resolved well in advance of the actual act of verification. These decisions will almost certainly be fluid and driven by a complicated mix of policy makers, corporate lawyers, industry advocates, public health professionals and public opinion.
...