...
Zoom Meeting Link / Recording
- NA/EU MEETING:
Attendees
...
- @Subhasis Ojha
- Eric Drury
- @Jesse Carter
- Tim Bouma
- Drummond Reed
- @Dave
- Jon Bauer
- Hadrien Seymour-Provencher
- @Fabrice
- Antti Kettunen
- Andor Kesselman
- Judith Fleenor
Agenda Items and Notes (including all relevant links)
Time | Agenda Item | Lead | Notes |
5 min |
| Chairs |
|
5 min | Review of previous action items | Chairs | |
15 mins | Improving the TRQP | Andor | Trust Registry Query Protocol Improvements and Suggestions Opportunities of Improvement The following describes opportunities for improving the Trust Registry Query Protocol.
|
10 mins | |||
10 mins | |||
5 mins |
| Chairs |
Screenshots/Diagrams (numbered for reference in notes above)
- Motivations and Use Cases: Timing and Use Cases.
- Requirements:
- How do we fit the TRQP to fit the requirements.
- Is X Authorized Y to do Z.
- Drummond Reed: GAN Network Credentials. This fits to the model.
- For *Motivations and Use cases*, I think Is X authorized Y to do Z should be flexible enough for being able to do that kind of queries: https://verana-labs.github.io/decentralized-trust-spec/#tr-resol-verification-of-permission-in-decentralized-trust-registries
- so maybe we should add “in context C”
- Requirements:
- Interaction Pattern Documentation : Develop and include documentation on interaction patterns for working with a Trust Registry using TRQP. These guides should address common use cases and provide practical examples to facilitate integration.
- Abstract Data Model Formalization Introduce an abstract data model that serves as a foundation for formalizing implementations. This model will standardize core concepts and provide a consistent framework for compliant systems and variants.
- Needs a simple and clear way to traverse trust networks.
- Tim Bouma Context. Represented by an identifier. Signature is applied to context. Tuple.
- Fabrice Rochette: @Drummond Reed agree, that’s why we should keep it simple, and maybe focus on authorization queries first.
- Has Z granted Y to X.
- Drummond Reed: Context: Governance Framework. Authorization can expressed as an identifier in a way that other systems don't need to understand semantics.
- Tim Bouma : Simplicity of the spec
- Clean the OpenAPI Specification : Perform a comprehensive review and overhaul of the OpenAPI specification. Simplify and clean up the API endpoints to ensure accuracy, consistency, and ease of implementation.
- Incorporate Data Models into the Specification
- Blocked by Abstract Data Model Formalization but need to happen to bind spec to concrete data types.
- @Jesse and @Drummond +1
- Reference Implementation and Implementation Guide Create a reference implementation of the TRQP to serve as a baseline for community evaluation. Prioritize simplicity and clarity to make it an accessible resource for developers
- Learning tool.
- Antti Kettunen
- Trust List
- More refined authorization query.
- More complex ones people will customize their work.
- Drummond Reed:
- Trust List is a trivial form of the triple.
- Tim Bouma:
- Trust list lives in a context. Trust List can sign the context.
- Recursive property needs to be built into the Abstract Data Model.
- Antti Kettunen:
- Asset test can be given.
- Consolidation happens. Commission : List of Trusted Lists.
- Can we model the EU Trust Model using Data Model and Implementations
- Drummond Reed:
- Antti Kettunen might be able to help increase gradient to learn about requirements.
- TRQP needs to be accepted to the EU.
- Tim Bouma:
- Usually TL imply a hierarchical thing.
- Antti Kettunen:
- Where do we anchor this?
- Drummond Reed:
- Requirements to traverse the graph in a Authority neutral way.
- @Dave Poltorak:
- Layer above the trust establishment to communicate.
- How does data move across the trust graph using TRQP?
- Antti Kettunen:
- Doesn't matter how you implement your trust framework
- Common Data Model is requirement
- Conformance Test Kit: Develop a conformance test kit to establish clear criteria for TRQP compatibility. This tool will help implementers verify their adherence to the specification and improve interoperability across implementations.
- Tim Bouma: Whatever we do needs to be machine readable.
- Grant of rights.
- Improve the Review Process
Right now the review process is rough. We need it to be cleaner and have more formal reviewers/editors to the specification.- Prioritizing the changes / implementer feedback
- Editors:
- Volunteers:
- Fabrice Rochette
- @Dave Poltorak : PR Review Next week.
- Add Security and Privacy Considerations Introduce a dedicated section in the specification to outline security and privacy considerations. This section should detail potential attack surfaces using the TRQP.
- We should evaluate Unlinkability
- The whole point of a TR is for Linkability....but something to consider
Decisions
- Sample Decision Item
...