Page Comparison

• Antitrust Policy Notice: Attendees are reminded to adhere to the meeting agenda and not participate in activities prohibited under antitrust and competition laws. Only members of ToIP who have signed the necessary agreements are permitted to participate in this activity beyond an observer role.
• New Members — APAC call:
  • Allan Thomson introduced himself as Chief Architect Threat Defense Technology at Avast. He's also been a co-chair of several OASIS Technical Committees, including STIX/TAXII 2.x Interoperability. It turns out that he and Wenjing Chu also worked together at a company called Airspace. Allan explained that Airspace was a big proponent of standardization, particularly around 802.11.

Updates of general interest to TATF members.

• Tim Bouma said that the Canadian federal government budget will come out later today and he will report how much they will be spending on digital identity.
  • We had a short discussion about the relative investment levels in the EU, Canada, and the USA.
  • Daniel Bachenheimer shared that governments should invest in just enough digital identity infrastructure to support self-sovereign identity for citizens.
  • Tim Bouma shared the view that government should provide foundational identity and then let the market provide the rest.
  • Neil Thomson felt that government should not be the only issuer of foundational identity—and should not require the use of such foundational identities. And that the government could also certify other legal entities to be issuers of foundational identity.
  • Daniel Bachenheimer said that foundational identities do one thing very useful: establish uniqueness within a population. Government-issued foundational identities also confer legal rights within a country.
  • Tim Bouma pointed out that the issue is that there is no legal definition of foundational identity, which creates an issue for policy development.
  • Vikas Malhotra added that there was a discussion at UNDP about that definition of legal identity and the role of SSI. 

Per the second action item above, we want to gather inputs about scope limitations for the first version of the ToIP stack.

• Wenjing Chu encouraged everyone on the Task Force to contribute their thoughts about canonical use cases.
• ACTION: Drummond Reed to add a section to the ToIP Technology Architecture Specification on Canonical Use Cases and Scope Limitation.

Per the last action item above, Drummond has prepared a new version of the Google doc that is now a full Working Draft and started filling in content that needs review and feedback.

• ACTION: Drummond Reed to finish conversion of the storyline slide deck text into the ToIP Technology Architecture Specification and then post to the TATF Slack channel that it is ready for review of those portions of content. 

Wenjing Chu
Drummond Reed
Sam Smith

This is to recap a discussion between Wenjing Chu and Sam Smith from last week—which Drummond listened to on the recording and has already reflected in the Working Draft 01 outline.

• Wenjing summarized the NA/EU discussion that the core requirement of the trust spanning layer is similar to the goal of the TCP/IP spanning layer (the IP layer). That means we want the ToIP trust spanning layer to be "as simple as possible but no simpler".
• By those two notions, the only thing that the trust spanning layer needs to be able to do is provide autonomous, cryptographic verifiable identifiers that can support non-repudiable communications.
• Anything that is needed to support Layer 2 is in Layer 1. Anything that is a higher layer protocol is L3 or L4.
• John Jordan asked if L1 was always needed. There was a consensus that it is not except for IP connectivity.
• Darrell O'Donnell explained that we have recast the public utilities at L1 because they can support different functions needed at all higher.
• Drummond Reed added that this means L1 public utilities can support all the higher layers in different ways.
• Judith Fleenor said that we might want to look depicting public utilities in different ways in the ToIP stack.
• Wenjing Chu suggested that we may want to actually choose a better name for it, such as "supporting infrastructure".
• Judith suggests that the TSWG needs to do a "road show" with this spec and the layer definitions in order to get consensus all the way around.

APAC CALL ONLY—Sam would like to explain the ACDC concept of chain-link confidentiality and how it provides a different type of privacy protection/preservation that selective disclosure and zero-knowledge proofs.

Here is a link to the slides Sam presented (PDF).

• Sam started with the PAC theorem—slide #1 below.
• He then gave the definitions he's working with—#2 below.
• Sam contended that strong privacy is essentially impossible if the primary party is going to share authentic content with other parties.
• So the only way that the goal of real privacy can be realized by incorporating an exchange of value. 
• A solution to the kinds of exploitation in slide #5 below is chain-link confidentiality.

ACTION: Sam Smith to post to the Meeting Notes and TATF Slack channel a link to his paper and/or slides on chain-link confidentiality.