Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Meeting Date

  • The ToIP Trust Registry Task Force (TRTF) meets weekly twice every Thursday at the following times (to cover global time zones - see the Calendar of ToIP Meetings for full meeting info including Zoom links):

    • NA/EU 07:00-8:00 PT / 15:00-16:00 UTC 

    • APAC 18:00-19:00 PT / 02:00-03:00 UTC

Zoom Meeting Link / Recording

Agenda Items and Notes (including all relevant links)

Time

Agenda Item

Lead

Notes

5 min

  • Start recording

  • Welcome & antitrust notice

  • Introduction of new members

  • Agenda review

Chairs

  • Antitrust Policy Notice: Attendees are reminded to adhere to the meeting agenda and not participate in activities prohibited under antitrust and competition laws. Only members of ToIP who have signed the necessary agreements are permitted to participate in this activity beyond an observer role.

  • New Members:

5 min

Review of previous action items

Chairs

15 mins

Issue/PR Review

@Dave Poltorak

Issue/PR Review

https://docs.google.com/spreadsheets/d/1UTzCvFr8np652cnyt-WB3R3TjYjZdL0egw5wX5b5Pf0/edit?usp=sharing

10 mins

Previous TRTF Call Review

Andor

2024-11-14 TRTF Meeting Notes

10 mins

TRQP Common Data Model Work 

Andor

https://gist.github.com/andorsk/3c1f1d869644d4d0c58f9cb3f78028b5

5 mins

  • Review decisions/action items

  • Planning for next meeting 

Chairs

Notes:

  • Jesse Carter : TRQP and OIDF

  • Darrell O'Donnell : Do they fall into the specification itself.

    • Supporting material

  • Antti Kettunen

  • @TODO: Folder

  • Focuses

    • Motivations : Spec and needs cleanup

    • Use Cases : Supporting material

    • Interaction Pattern Documentation : Supporting but informs spec. Non-normative.

      • Interaction Patterns: Other ecosystems.

      • 2 interaction patterns:

        • How do I use the TRQP?

        • How do I support the TRQP, so what do I need?

      • Tim Bouma : For implementers, knowing how it is implemented in the context of building is really important to use it. Needs to internalize the model before implement it.

      • Antti Kettunen : More abstraction the more complexity. The model is simple, but complexity in interpreting it.

        • Implementers guide would be a document to help people to understand how to start to work the abstract data model.

      • @Subhasis :

        • Looking at it from an implementers side.

        • Really struggling on how to implement the specification on both sides.

          • Governance side : everything is governed as strings, not sure how to use it.

          • OIDF Side: Diagram with bridge to OIDF, not sure how to do it.

          • Implementers guide: Extremely important to support the statements being made.

      • Darrell O'Donnell :

        • Agreed. Critically important.

        • If someone is waiting for the implementation guide, might not be for them right now.

      • @Subhasis : Can be two separate documents, but specification without implementers guide is difficult to interpret.

      • Darrell O'Donnell :

      • 9A03721E-D3F8-4356-8271-C50B98F7CFC6-20241121-152931.jpgImage Added

      • @Dave Poltorak : What’s the state of the spec?

      • Darrell O'Donnell : On Implementers Draft

      • Jesse shared this document : https://docs.google.com/document/d/1E6lj8NdpNmScFKYMK3P9em1riJCx3c5H8y-lgqgwU4s/edit?usp=sharing

      • Drummond: Implementers leading to an implementers guide is a good thing

      • Tim Bouma : API first vs. Protocol first models.

      • Document isn’t the deliverable. Community is the deliverable.

  • Ecosystems are discovered out of band

    • DON’T assume you’re using the TRQP to “discover” new systems to trust (i.e. new EGFs). That is out-of-band. 

    • DO assume that the EGFs that you are aware of create a simple web.

  • Bhutan :

    • Credential in bhutan

    • Member of EGF

      • Multi-hop question vs. discovery question

      • This is not a data modeling question.

      • This is a business question.

    • A lot of different questions, and clumping them.

    • with OID federation,

      • Do we have a common root?

      • Are you authorized to issue attestations?

      • Do we share a governance framework that governs this authorization

      • Do we have a common ancestor?

      • Multiple small questions

    • Drummond Reed It seems like we have two categories of queries: graph traversal queries (to get to the authoritative TR) and then authorization queries (once you have located the authoritative TR).

      • Antti Kettunen What about “provide me a certificate I can use to verify a signature”? Is that an authorisation query?

    • Drummond: Needs to be as general as we can.

    • TRTF Next Week

      • Validity status / revocation?

Screenshots/Diagrams (numbered for reference in notes above)

Decisions

...

Action Items

  •  Sample Action Item