Meeting Date
The GSWG meets bi-weekly on Thursdays at 11:00-12:00 PT / 18:00-19:00 UTC. Check the ToIP Calendar for meeting dates.
Zoom Meeting Link / Recording
- Zoom Link
(This link will be replaced with a link to the recording of the meeting as soon as it is available)
Attendees
- Scott Perry
- Drummond Reed
- Carly
- Neil Thomson
- Keerthi Thomas
- Clare Nelson
- Daniel Bachenheimer
- Savita Farooqui
- Bree Blazicevic
- Steven Milstein
Main Goal of this Meeting
Understand the opportunity to create a governance framework for dual-stack interoperability.
Agenda Items and Notes (including all relevant links)
Time | Agenda Item | Lead | Notes |
5 min |
| Chairs |
|
5 mins | Review of action items from previous meeting | Chairs | |
5 mins | Announcements | TF Leads | News or events of interest to Governance Stack WG members: Scott Perry published a blog about 'How Do Humans Trust', (it received 2,700 views on LinkedIn and many positive feedback).
|
10 mins | Governance takeaways from Bhutan’s presentation on NFID given at Ecosystem Foundry WG | Drummond | Jacques von Benecke, the CTO of Druk Holdings and Investments (DHI), the company in-charge implementing Bhutan's National Foundational Id or NFID, gave their first ever public presentation, the recording of the talk can be accessed at the Ecosystem Foundry WG link. Drummond Reed got involved in the project fairly early on and that the switch over to SSI was due to the Drummond's book which was picked by Jacques and his team. He explains that Bhutan skipped federated Ids and went straight to SSI and it was similar to how developing countries skipped over conventional telecom systems and leapfrogged straight into mobile. He mentioned how Bhutan took governance seriously and drafted a National Digital Identity Act to root their project in law. Although the act has not been passed yet, it is in Parliament, and they hope it will be passed in the next session. Although, the National Digital Identity Act was drafted with the help of outside experts, the act is meant to provide a legal framework for digital identity in the country and ensure governance and regulation of the system. The act follows the Meta model, which designates a governing authority and an administering body, with the administering body responsible for implementing policies and frameworks. The act also includes a public review period and follows many of the recommendations made by Drummond and other SSI experts. Scott Perry discussed his work with Bhutan on governance, compliance, and accreditation. He mentioned that they have already made decisions on their technical stack and that they need to figure out what rules they want to hold themselves accountable to. Scott notes that the ecosystems of digital trust and identity will require some kind of oversight governance rules and trust assurance schemes, but there are still interoperability issues associated with it. He also said that there is still work to be done on the governance structure, and there are many rules that need to be established. Neil Thomson was concerned that if the government does not keep a copy of the credential, then how will they check it for expiry or updates in the future. Drummond explained that the credential issuer will have the underlying data, but once issued, the data is given to the holder, and they will not track the usage of that credential. He clarified that the selective disclosure and privacy features are important, and the financial format is the non-credit one that supports not just selective disclosure but also zero-knowledge proof-based disclosure. |
10 mins | Takeaways from Steering Committee Call - Viky Manila presentation | Drummond, Scott | Drummond Reed and Scott Perry provided takeaways from the Steering Committee Call where Viky Manaila presented on eIDAS-2. Viky gave a presentation on the state of play of the European digital identity Wallets initiative under eIDAS-2 and the governance around it, specifically trust services. initiative, and one of the primary reasons she is involved is that she sees ToIP as the primary place where the hard problems on interoperability as a whole are being worked. She believes the Trust Spanning Protocol will be essential to interoperability between wallets. The governance of the initiative will largely be in the regulation, with member states and industry-specific frameworks working within that overall ecosystem. The role of trust services is significant, and Viky works for a trust service provider in Italy. |
15 mins | Creating two new TFs | Scott | Scott Perry explored the creation of two task forces: 1) Museum Pass TF and 2) Credential Issuer Governance TF. Carly mentioned about GATF structuring their work into a series of documents:
The Museum Pass use-case can help in shaping the requirements and specification, perhaps expanding this further with the help of other from the Ecosystem Foundry. Carly mentioned these components could be developed mapped into the four levels of governance for the ToIP Stack. Credential Issuer TF Scott Perry stated that the group needs to focus on use cases with governance applicability and identify how they apply to the Trust over IP stack. He mentioned the need to consolidate thinking on a model case similar to Contoso and Microsoft, which demonstrated governance concepts. He also stated that requirements for issuers of X.509 certificates is similar to VC issuers and he had previously worked on X.509 issuer governance model three years ago. Scott mentions that the same categories used to issue X.509 certificates are also applicable in verifying credentials. Scott will lead the Credential Issuer TF and he needs volunteers to work on the Museum Pass use case. Neil Thomson mentioned the challenges of person-to-person exchange of credentials in SSI. Neil raises some use cases related to workflows where Bob calls Alice, and they need to exchange verifiable credentials and trust each other's identities and wallets. He also highlighted that SSI is different from the P2B2P model of OpenID Connect, and there are unique challenges to two people trusting each other, and perhaps this can be explored here. Museum TF Savita Farooqui has already done some work on this use-case but is constrained for time. Savita would like to see volunteers get involved so it doesn't end up just being her own idea. Scott Perry indicated he would post both these TFs on the Slack channel to attract volunteers and will go ahead if there are sufficient interest. |
5 mins | Any other business | ||
5 mins |
| Chairs |
Screenshots/Diagrams (numbered for reference in notes above)
Action Items
- Publicise the Museum Pass TF and Credential Issuer TF on Slack and invite others to participate