...
A core role within ToIP Layer 4 is a trust registry (previously known as a member directory). This is a network service that enables a governing authority for an ecosystem governance framework (EGF) to specify what governed parties are authorized to perform what actions under the EGF. For example:
...
This really means answering two main questions:
- Does EntityX have AuthorizationY under GovernanceFrameworkZ?
- This question allows a system to ask about what rights (authorizations) a particular entity has, according to an authority (governed by a governance framework).
- Does this trust registry recognize (other) TrustRegistryX?
- This question establishes peer relationships between trust registries - creating the potential for a Registry of Registries?
As with all layers of the ToIP stack, the purpose of a ToIP specification is to enable the technical interoperability necessary to support transitive trust across different trust communities implementing the ToIP stack. In this case, the desired interoperability outcome is a common protocol that works between any number of decentralized trust registries operated by independent governing authorities representing multiple legal and business jurisdictions. One specific example of this need is the digital trust ecosystem defined by the Interoperability Working Group for Good Health Pass (GHP). The GHP Trust Registries Drafting Group produced an extensive set of recommended requirements for a GHP-compliant trust registry.
...