Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Meeting Date

The GSWG meets bi-weekly on Thursdays at 11:00-12:00 PT / 19:00-20:00 UTC. Check the ToIP Calendar for meeting dates.

Zoom Meeting Link / Recording

Attendees


Main Goal of this Meeting

...

TimeAgenda ItemLeadNotes
5 min
  • Start recording
  • Welcome & antitrust notice
  • Introduction of new members
  • Agenda review
Chairs
  • Antitrust Policy Notice: Attendees are reminded to adhere to the meeting agenda and not participate in activities prohibited under antitrust and competition laws. Only members of ToIP who have signed the necessary agreements are permitted to participate in this activity beyond an observer role.
  • New Members:
5 minReview of action items from the previous meetingsChairs

(These are leftovers from previous meetings)

  •   Scott Perry  - Will solicit interest in creating a Verifier Requirements Guide
  •   Judith Fleenor  Follow-up on how to solicit feedback from the marketplace
    • How is Spec-up going to fit into the average members' workflow, or do we continue with Google Docs
    • Can we get Issuer Requirements Guide feedback from market Issuers'? Same for other docs in draft state and solicit feedback
5 minAnnouncements

TF Lead

 

News or events of interest to Governance Stack WG members:

Neil Thomson

10 minTask Force UpdatesChairs

Drummond Reed 

  • Second-generation ToIP Governance Specs: overall proposal and timeline
    • Terminology Tooling is nearly complete in Spec-Up
      • HTML Link to each definition/version
      • Generate version of glossary to GitHub
      • Term per GitHub page
      • Links to any referenced Spec-Up document with pop-up
    • Ready for revisions
    • Another generation of trust ecosystems will require glossary
    • What other tooling and guidance is required
    • Judith Fleenor
      • Karla @ GLEIF has offered feedback
      • Potential for C2PA Risk Assessment use
      • Gather feedback as requirements for updates
    • Scott Perry Promote use of ToIP tools
  • ToIP Trust Canvas Guide Book
    • A chapter per  working group
20 minIIW Updates


Scott Perry 

  • Governance Stack Model slides

Drummond Reed 

  • IIW Highlights 
10 minAny other business

Judith Fleenor 

  • Content Authenticity Group? Using the risk assessment tools to assess Creator Assertions or C2PA to validate and update the tool as needed
  • Try to get some of the people from those groups to participate
5 min
  • Review decisions/action items
  • Planning for the next meeting 


 

Meeting notes (using ChatGPT)

...

  • Verifier Requirements guide 
    Scott Perry  discussed the potential need for verifier requirements, especially in the context of bridging between X.509 certificates and decentralized identifiers (DIDs). He mentioned the importance of feedback from the market and noted that the X.509 task force could potentially drive the development of verifier requirements. Action items included reviewing feedback on the issuer requirements guide and initiating work on the verifier requirements guide. Scott highlighted the need for additional resources to work on verifier activities.
  •  Trust Establishment - DIF.
    The discussion revolved around a proposal by the DIF's Trust Establishment regarding a credential map aimed at documenting relationships within an ecosystem, such as those between educational institutions and credential issuers. Here are more technical details of the discussion:
    • Credential Map Proposal: The proposal involves defining a standard format for a verifiable document, referred to as the "base verifiable document." This document would contain signed information, simplifying the process of verifying credentials within an ecosystem.

    • Purpose of the Proposal: The primary objective of the proposal is to establish a mechanism for cataloging relationships between entities within an ecosystem. For example, it could document the authority relationships within an educational institution's ecosystem, tracing from federal accreditation bodies down to individual certificates issued by the institution.

    • Metadata and Verifiability: The proposal emphasises the use of verifiable credentials and metadata to establish and trace relationships. Each entity's authority and relationships within the ecosystem would be documented in a signed, verifiable manner.

    • Trust Registries and Governance: There was discussion about how this proposal relates to trust registries and governance. While not explicitly labeled as a trust registry, the proposal shares similarities with the concept. It aims to provide a mechanism for capturing and storing trust-related information in a secure manner.

    • Trust Chaining and Roots of Trust: Questions were raised about whether this proposal could facilitate trust chaining and establish roots of trust within an ecosystem. Trust chaining involves establishing a chain of trust from one entity to another, while roots of trust represent authoritative sources within the ecosystem.

    • Clarification: Drummond Reed  clarified that the proposal aligns with the concept of a trust registry. He shared a diagram illustrating how different sources of trust information could interact using a trust registry protocol. This protocol would enable various entities to access and share trust-related information effectively.

  • Attraction Pass and its future direction
    There is a concern the interest in Attraction Pass has waned and the discussion centred around the reasons for it and what needed to be done next. Here's a summary of the main points discussed:
    • Original Intent: The original goal was to create a model or case study for implementing an Attraction Pass using techniques learned within the group.
    • Lack of Interest: Interest in the project seems to have waned, possibly due to misunderstandings about the scope, expectations of software development, or other business priorities taking precedence.
    • Proposal for Outreach: There's a suggestion to reach out to industry stakeholders to gauge interest in sponsoring the completion of the study.
    • Shift in Focus: 

...

    • There's also discussion about potentially shifting focus to using Trust over IP tools for content authenticity rather than pursuing the Attraction Pass project further.
    • Future action: There's a desire to either move forward with it by engaging with similar WGs in DIF or pivot to other initiatives.
  • 2nd Generation ToIP Governance Specs (Glossary):
    • Drummond discussed the progress made in developing the Trust over IP (ToIP) glossary and the associated tooling for referencing definitions. Here are the key details:

      • Tooling for Referencing Definitions: Drummond mentioned that they were nearly done with the tooling required for the ToIP glossary. This tooling would enable easy referencing of definitions within documents and specifications.

      • Published as Spec-Up Document Format: The glossary would be published in the Spec-Up document format, which allows for easy accessibility and reference.

      • Web Linking to Definitions: One of the capabilities of the tooling would be to generate standard web links directly to specific definitions within the glossary. This would allow users to easily access and reference definitions online.

      • Version Control for Definitions: Users would have the ability to link to either the current version of a definition or to specific historical versions. This would ensure that references remain consistent even if definitions are updated over time.

      • Persistent Links: Drummond emphasized that all links to specific versions of definitions would be persistent, meaning they would remain valid even if the glossary is updated in the future.

      • Individual File for Each Term: Each term within the glossary would have its own file on GitHub, allowing for version control at the granular level. This means that updates to individual terms could be managed separately from updates to the entire glossary.

  • Automating parts of governance
    Explored the idea of using machine-readable policies for automating certain aspects of governance and discussed the need for clear rules and guidelines as in blockchain and distributed ledger technology (DLT) systems. Scott Perry emphasized the importance of judgment in governance processes and highlighted the spectrum from fully human-mediated to fully automated governance. 
  • Decisions
  • Action Items
  •   

...

  • Scott Perry  Get & respond to feedback in Issure Requirements Guide
  •  Scott Perry See if we can find other resources to provide input for Verifiers Requirements GuideExplore 
  •  Neil Thomson , Judith Fleenor , Scott Perry Explore Attraction Pass TF interest in continuing. ToIP is the only place to implement Governance
  •  Judith Fleenor Ask Karla @GLEIF to provide ToIP tooling feedback, Content Authenticity. Create Risk Assessment Task Force for August?