...
Time | Agenda Item | Lead | Notes |
3 min |
| Chairs |
|
2 min | Review of previous action items | Chairs |
|
5 mins | Update on the Identifier Traits topic | At our 2024-06-26 meeting, we discussed the topic of "Identifier Traits" raised at DICE raised by Jan Christoph Ebersbach (known as "JC"). See this Github Gist page for a summary. We agreed at that meeting that the TSPTF focus was on appraisability frameworks for dynamic appraisability of a VID, but that we would welcome work on a generalized set identifier traits that could feed into our appraisability framework. Drummond will give a brief updated on the Identifier Traits work going to the DIF Identifiers and Discovery Working Group co-chaired by Markus Sabadello. | |
40 mins | KERI example of dynamic risk assessment of a VID | Sam Smith | Sam presented a use case for how real-time appraisal of a VID can work using KERI, highlighting why dynamic appraisability is important and how it enables a validator to make a live appraisal thereby protecting themselves from a compromised or malicious controller. Screenshots #1 thru #9 below capture selected slides from Sam's presentation. In the Q&A, Sam clarified that key event logs (KELs) that use interaction events and key delegation are the ways that key management infrastructure can be scaled to millions of transactions in a short period. Sam explained how the current bearer-token-based code signing used by companies by Microsoft is subject to (and has been) compromised by an attack on a bearer token. With KERI key management, the exact key that was compromised (and the exact key controller) can be identified and recovered. Neil Thomson: "This suggests that on any interaction between VIDs (2 party) that they regularly perform a Live Assessment (e.g. once a day, every XX transactions)". Drummond agreed. |
5 mins |
| Chairs |
...