The GSWG meets bi-weekly on Thursdays at 11:00-12:00 PT / 18:00-19:00 UTC. Check the ToIP Calendarfor meeting dates.
Zoom Meeting Link / Recording
...
Time
Agenda Item
Lead
Notes
5 min
Start recording
Welcome & antitrust notice
Introduction of new members
Agenda review
Chairs
Antitrust Policy Notice:Attendees are reminded to adhere to the meeting agenda and not participate in activities prohibited under antitrust and competition laws. Only members of ToIP who have signed the necessary agreements are permitted to participate in this activity beyond an observer role.
Drummond Reed mentioned that ToIP Glossary Workspace is a primarily aimed at helping trust registry and trust spanning protocol specs within Technology Stack WG. The aim is for these specifications to have a complete and hyper-linkable vocabulary similar to W3C specs.
To facilitate this, they have created a workspace using Google Docs to compile and track the terms they are using. The workspace contains a glossary of terms with definitions and sources. The terms are hyperlinked within the document, allowing easy navigation and reference. The glossary has been continuously expanding with contributions from Drummond Reed, Neil, and Reeks, among others.
Most of the terms (80%) refer to external resources.
Drummond wants the GSWG to also contribute to this glossary document.
End goal is that this glossary works for all of the specs/WGs. If a mark-up is used, then specification specific glossary can be produced.
Discussion
Neil Thomson mentioned that there are whole bunch of terms that needs to be made more crisp/clear (e.g. trust) from a governance perspective. The importance of looking at issues from an overall perspective, considering both technical and governance aspects. He also discussed about different types of trust including two extremes of trust: the mathematically provable trust and administrative trust. Overall, Neil seems to emphasise the importance of clarifying and standardising concepts, governance models, and trust mechanisms within ecosystems to enable better interoperability and comparison between different systems.
Drummond Reed highlighted that comparing governance frameworks can be challenging, especially when considering different components of the stack or different types of blockchains.
Savita Farooqui concurred that comparisons of governance frameworks can only be limited to if whether or not they contain the core elements, such as decision-making processes, people, policies, practices, and incentives, the implementations can vary significantly.
Carly described a set of conditions for trust registry: 1. Interchange Std (e.g. API) 2. CRUDA rules of the list (Create; Read; Update; Delete; Archive) 3. Governance Authority (GA) Identifier 4. Peer GA endorsements
Action Items
Scott Perry along with Drummond to craft an email to WGs to solicit volunteers for this task
Drummond Reed coming from attending recent conferences (EIC, Identiverse) he felt there has been some progress in adoption, especially with the first generation governance frameworks, templates and the tooling that were developed earlier.
Digital wallets and and verifiable credentials are starting to make some serious progress in in the market.
Drummond received a message from a partner who mentioned that for the ecosystem to scale, 'a very thoughtfully designed Trust Framework' is required While previously the industry was not so keen, it appears the industry is now getting around the trust framework which is essentially the governance framework.
Drummond also shared a slide from a talk by Steve Wilson about the history of digital wallets (see Fig.1 below). Drummond also pointed out that Steve emphasised the importance of 'acceptance networks' or verifiers in the ecosystem and how they rely on trust decisions based on the backing of a governance framework.
Discussion
Drummond Reed : Although, the concept of 'acceptance networks' comes from the payment industry and it applies to acceptance or verification of payment cards, it has parallels to verification of credentials. In both cases, whether payment cards or verifiable credentials, a risk assessment is made. The verifiers are the risk owners and they need an acceptance network but this is actually the governance framework.
Scott Perry : in the payment model they have the risk mitigation for acceptance or non-acceptance of payment charges and they have a mechanism to say who ultimately pays, similarly, this needs to be explored in the VC governance model i.e. where is the risk and how does it get mitigated, who is responsible when a VC for legitimate reasons shouldn't have been accepted.
Drummond Reed there is no need to change in the current governance framework as Steve was messaging to a different audience to make it more relatable to them. Steve used an example of a DMV and age verification at a liquor store.
Scott Perry in the payment card industry, they have a very robust accreditation and audit model (over 20 years).
Savita Farooqui is working with California DMV and has similar challenges.
Neil Thomson this diagram (FIg.1) is a support network, the processes and trust chain behind the issuer. Savita Farooqui agrees it also relates to the reputation of the issuer and we need to look at it at one level but this can be recursive.
Drummond Reed the key takeaway is to do things efficiently and to combine and do things at scale rather than a fragmented approach for governance i.e. instead of having 50 DMV governance frameworks, trust registries at federal level, can there be a single framework and trust registry at the national level. Neil Thomson suggested since provinces and federal government are known to work together, maybe can we learn and apply their cooperation mechanism.