...
...
The ToIP Technology Stack WG originally created the TRTF in June 2021 in response to the market gap identified during the work on the Good Health Pass Interoperability Blueprint. The first-generation TRTF worked quickly to create a first-generation ToIP Trust Registry Protocol specification, which it published in September 2021 for community review. At that point, the attention of the TSWG moved to the Technology Architecture Task Force (TATF) to develop the ToIP Technology Architecture V1.0 Specification (TAS). With the publication of the first public review draft of the TAS in December 2022, and with market demand increasing for decentralized trust registries (aka trust lists), the TSWG started up the second generation of the TRTF in December 2022 to produce a complete, production-ready ToIP Trust Registry Query Protocol Specification that can then be submitted to a formal SDO such as ISO. Furthermore, as related work has is now underway at the Decentralized Identity Foundation, the second-generation TRTF will be working in collaboration with the DIF Claims and Credentials Working Group work on Trust Establishment.
...
The primary objective of this Task Force is to develop the ToIP Trust ToIP Trust Registry Query Protocol (TRQP) as a ToIP SpecificationToIP Specification. The purpose of this deliverable to enable interoperability between ToIPbetween ToIP-compliant trust registries.
Context
The mission One of the ToIP Foundation is to define a complete architecture for Internet-scale digital trust that combines cryptographic trust at the machine layer with human trust at the business, legal, and social layers. The ToIP stack has two parallel halves—a technical stack and a governance stack—operating at four layers 1) Utility (DLT Blockchain), 2) Agent/Wallet, 3) Credential Exchange (Issuer/Verifier/Holder) and 4) Ecosystem (Application). See further details in the ToIP white paper.A core role within ToIP Layer 4 is a trust registry (previously known as a member directory). This is primary uses of decentralized digital trust infrastructure is digital wallets and digital credentials. The primary roles involved in a digital trust ecosystem focused on the exchange of digital credentials are shown in the diagram below (see further details in the ToIP white paper):
As this diagram illustrates, the heart of this ecosystem is a trust registry: a network service that enables a governing authority for an body—typically the publisher of an ecosystem governance framework (EGF) to —to specify what what governed parties are authorized to perform what actions under the EGF. For example:
- What issuers are authorized to issue what types of verifiable credentials.
- What verifiers are authorized to request what types of verifiable presentations.
- What other trust registries (and their governing authorities) are trusted by a host trust registry.
In most case this means answering one of two main questions:
- Does Entity X have Authorization Y under Governance Framework Z?
- This question allows a system to ask about what rights (authorizations) a particular entity has, according to an authority (governed by a governance framework). For example, "Is hospital X authorized to issue vaccination credential Y under governance framework Z?"
- Does this trust registry recognize another trust registry X?
- This question establishes peer relationships between trust registries (often called a "registry of registries" or "metaregistry" capability).
As with all layers of the ToIP stack, the purpose of a ToIP specification a ToIP specification is to enable the technical interoperability necessary to support transitive support transitive trust across different trust different trust communities implementing the ToIP stack. In this case, the desired interoperability outcome is a common protocol that works between any number of decentralized of decentralized trust registries operated by independent governing authorities representing multiple bodies representing multiple legal and business jurisdictions. One specific example of this need is the digital trust ecosystem defined by the Interoperability Working Group for Good Health Pass (GHP). The GHP Trust Registries Drafting Group produced an extensive set of recommended requirements for a GHP-compliant trust registry.business jurisdictions.
Leadership
The leads of the second-generation TRTF are:
...
- Drummond Reed, Gen
- sankarshan
- Vitor Pamplona, PathCheck Foundation
- Ken Adler (Deactivated)
- Jim StClair
- John Walker
- Michael Boyd
- Eric Drury
- Mike Richardson
- Daniel Bachenheimer
- Savita Farooqui
- Antti Kettunen
- Vikas Malhotra
- Jacques Latour , CIRA
- sumapnair
- Thomas Besore
- Christine Martin
- Scott Whitmire
- Neil Thomson
- Steve McCown , Anonyome Labs
- Judith Fleenor
- mathieu , Northern Block
- TANER DURSUN , TUBITAK BZLab
- Samuel Rinnetmäki, Findynet
- Fabrice Rochette, 2060
- Marcus Ubani
- Salvatore D'Agostino
- Jon Bauer
- Andrew Escobar
- Roberto Carvajal
- Alex Tweeddale , cheqd
Deliverables
- ToIP Trust Registry Query Protocol Specification. This is a formal specification of a protocol for interactions with a ToIP-compliant trust registry service.
- OpenAPI 3.0 API (managed in GitHub).
- X.509 DID Interop guidance.
GitHub Repository
...
Intellectual Property Rights (Copyright, Patent, Source Code)
As a Task a Task Force (TF) of the Technical the Technology Stack WG (TSWG), the GSWG P&R TF inherits TRTF inherits the IPR terms from the the TSWG JDF Charter. These include:
- Copyright mode: Creative Commons Attribution 4.0. OWFa 1.0 (available at https://www.openwebfoundation.org/the-agreements/the-owf-1-0-agreements-granted-claims/owfa-1-0)
- Patent mode: W3C Mode (based on the W3C Patent Policy). OWFa 1.0 (available at https://www.openwebfoundation.org/the-agreements/the-owf-1-0-agreements-granted-claims/owfa-1-0)
- Source code: Apache 2.0 , (available at at http://www.apache.org/licenses/LICENSE-2.0.html. )
- This Task Force is not currently expected to produce source code.
...
- Publication of the first Draft Deliverable via a GitHub repo.
- Publication of the final Draft Deliverable.
- Approval of the Draft Deliverable as a Working Group Approved Deliverable.
The work of the this Task Force will be complete when the Working the Working Group Approved Deliverable is approved by the TSWG.
...
- This TF SHALL build on the trust registry requirements developed by the Trust Registries Drafting Group of the Interoperability Working Group for Good Health Pass.
- The requirements for governance of a ToIP trust registry MUST be coordinated with the Governance Stack Working Group.
Meeting Schedule and Notes
The TRTF holds two meetings — one on NA/EU time zones and one for APAC time zones — every Thursday. Please see the ToIP Calendar for the exact meeting times and Zoom links.
See the Meeting Page for links to the meeting agenda and notes for each meeting (including the Zoom links for joining a meeting and for listening to a recording of the meeting).
...
- Slack: #tswg-trust-registry-tf <== This channel encouraged for regular comms.
- Mailing List: There is currently no separate mailing list; this task force uses the main TSWG mailing list: technical-stack-wg@lists.trustoverip.org.
FAQ
- Q: Why can't we simply use VCs instead of a TR? A: At some point you MUST step out of a VC to say “and who says you are the authority”