...
- This Task Force holds TWO meetings weekly every Thursday at the following times (to cover global time zones - see the Calendar of ToIP Meetings):
- NA/EU 07:00-8:00 PT / 14:00-15:00 UTC
- APAC 18:00-19:00 PT / 01:00-02:00 UTC
Zoom Meeting
...
Recordings
- NA/EU Meeting: https://zoom.us/j/99376159509?pwd=UlNyZWFNbDBnanFPeVBablNzdXpBZz09rec/share/4Fo7kBCPKow0njI-S3AhSplfHy0OHQF9m0z5q07-7ABds79EJrz6PpOXc6RKzyKG.D1JsGlpatWmMdNNI
- APAC Meeting: https://zoom.us/rec/j/99851532700?pwd=b0dvM0QxdXlCUHBwd21najlNSUN6UT09
(This links will be replaced with links to the recordings of the meetings as soon as they are available)share/_kQmxIU8ci96HHz8ws09MZRVVIRySeryPRkyVk9Ks5ohCbJDnGQndCyVrHnXyGWS.2baavUzx4tatan4a
Attendees
NA/EU Meeting
- Drummond Reed
- Darrell O'Donnell
- Wenjing Chu
- Daniel Bachenheimer
- Neil Thomson
- Kevin Dean
- Tim Bouma
- Vikas Malhotra
- Judith Fleenor
- thomsona
- Jacques Latour
- Antti Kettunen
APAC Meeting
- Drummond Reed
- Darrell O'Donnell
- Wenjing Chu
- Daniel BachenheimerJo Spencer
- Ken Woodruff
- Neil Thomson
- Kevin Dean
- Tim Bouma
- Judith FleenorDima Postnikov
- Jo Spencer
Main Goal of this Meeting
...
Time | Agenda Item | Lead | Notes |
3 min |
| Chairs |
|
5 min | Announcements | AllUpdates | of general interest to TATF membersSkipped due to time constraints. |
2 min | Review of previous action items | Chairs |
|
ToIP Technology Architecture Specification Review Topics | Discussion of progress on the working draft of the ToIP Technology Architecture Specification (TAS). Links to relevant documents and diagrams:
| ||
5 min | EasyCLA Process | It's easy! Read the EasyCLA Guide and follow it. Drummond explained how easy it was for him to activate for Avast/Norton. He encouraged all TATF members to activate EasyCLA ASAP. | |
5 min | Issue #44 and PR #50 — License File | Antti's PR is stuck on a DCO problem. Antti said the PR is now #52. The DCO issue is an attestation from the developer. Antti has made an issue assigned to Elisa. We then discussed the actual license that we need to attach. For copyright, it is Text is CC-BY-SA-4.0. This is all in our WG charter; we can just copy it from there. The other source would be the Good Health Pass. Judith: "Once EasyCLA is fully implemented you can most likely turn off DCO. DCO was turned on because we didn't have EasyCLA in place yet." ACTION: Drummond Reed will close on this with Scott Nicholas issue #44 by checking with LF counsel Scott Nicholas as to what license should be stated in the LICENSE.MD file. | |
5 mins | Closing PR #49 — PR Contribution Process | Two of the four assigned editors have approved this PR. Can we merge it? Description: Initial governance files of CODEOWNERS, CONTRIBUTING.md, and GOVERNANCE.md. Related to issues: Antti believes this is ready to merge; Andor agrees. DECISION: PR #49 was labelled as last call. | |
10 mins | Issue #31 — Four Layer Diagram | Review Allan's proposed new version of Figure 4. See this evolution of the previous version. Allan presented a new diagram (see screenshot #1 below) as a model diagram to convey the key concepts of what is in and out of scope for ToIP. He also showed Jo Spencer 's diagram that conveys many of the same concepts. Darrell liked Allan's diagram for how it communicates the big picture. Wenjing Chu likes Allan's diagram but said that Figure 4 is the scope of just a single Endpoint System. Jacques Latour likes the diagram but feels it is still too high-level for his own purposes, which need to get into lower-level systems such as DNS. Allan agreed that the model diagram could be more detailed and specific, with a more detailed diagram. Comments:
ACTION: Drummond Reed to propose a structure storyline for a storyline that provides that storylineconcluding section (or Appendix) that can incorporate all of the proposed diagrams in way that communicates the overall picture of the ToIP architecture from several views. | |
15 mins | Issue #10: Definition of "authenticity" (is "integrity" needed?) | Neil will update us on his work on this issue — see this Google doc. Neil explained that there are different definitions of these terms, and they are usually specific to particular contexts. He has also been talking to Henk van Cann about the same issues with related to KERI and ACDC. Drummond had a long talk with Sam Smith and wrote up the following: This paragraph in Neil’s writeup goes to the heart of it: Dan Bachenheimer points out that many readers with security backgrounds will expect to see integrity listed alongside authenticity because they are considered separate security properties. For example, a message could have been sent by an authentic sender, but tampered with in transit so its integrity is lost. Sam’s first point was very simple: if the message was “tampered with it transit”, then it is no longer from the authentic sender. At that point it is from the attacker (who of course will endeaver to make it the message still look like it is from the authentic sender). Sam put it to me this way: There is no concept of data transmission over the Internet where you can establish the authenticity of the data — secure attribution to a source — without having confirmed the integrity of the data. So the resolution seems simple: the definition of “authenticity” when it comes to the ToIP stack and the Layer 2 Trust Spanning Protocol can essentially be: A communication is authentic at ToIP Layer 2 when the receiver can cryptographically verify that it has been digitally signed by the private key bound to the sender’s identifier. Because this form of authenticity is conveyed via a digital signature over a body of content, by definition that digital signature is only valid if the body of content has not been tampered with in transmission. Therefore this form of authenticity inherently includes integrity. If we agree on this point, then all we need to discuss is the PR that is needed to actually close the issue.
ACTION: Drummond Reed will work with Wenjing Chu and Neil Thomson to propose any revisions to the spec text and/or footnotes to explain how, from a ToIP context, "message integrity" is inherent in "authenticity". | |
10 mins | Trust Registry | Key efforts beginning on the Trust Registry Protocol Specification v2.0. See screenshot #2 below for his opening slide. Darrell also share this link to the webinar that he and Christine Martin gave last month: https://www.continuumloop.com/trust-registries-beyond-the-basics/.
| |
5 mins |
| Chairs | ACTION: Drummond Reed to ask Elisa Trevino to cancel the TATF meetings on Thursday Nov 17 due to Internet Identity Workshop. |
Screenshots/Diagrams (numbered for reference in notes above)
#1
...
#2
Decisions
- Sample Decision Item
Action Items
- Sample Action Item
- DECISION: PR #49 was labelled as last call.
Action Items
- ACTION: ALL TATF members need to read the EasyCLA process document and decide on the CLA manager assignment for your organization in order to continue to make contributions to the TAS. You can also set it up to provide wildcard support for all representatives of your org (based on your email domain). See Elisa Trevino for access/help.
- ACTION: Drummond Reed will close issue #44 by checking with LF counsel Scott Nicholas as to what license should be stated in the LICENSE.MD file.
- ACTION: Drummond Reed to begin a draft of a blog post announcing release of the Public Review Draft of the TAS.
- ACTION: Drummond Reed to propose a storyline for a concluding section (or Appendix) that can incorporate all of the proposed diagrams in way that communicates the overall picture of the ToIP architecture from several views.
- ACTION: Drummond Reed will work with Wenjing Chu and Neil Thomson to propose any revisions to the spec text and/or footnotes to explain how, from a ToIP context, "message integrity" is inherent in "authenticity".
- ACTION: Darrell O'Donnell to create a document (Google doc or Google Slides) in the ToIP Google Drive to begin collaboration on the Trust Registry Task Force 2.0.
- ACTION: Drummond Reed to ask Elisa Trevino to cancel the TATF meetings on Thursday Nov 17 due to Internet Identity Workshop.