The ToIP Trust Registry Task Force (TRTF) meets weekly twice every Thursday at the following times (to cover global time zones - see the Calendar of ToIP Meetings for full meeting info including Zoom links):
Agenda Items and Notes (including all relevant links)
Time
Agenda Item
Lead
Notes
5 min
Start recording
Welcome & antitrust notice
Introduction of new members
Agenda review
Chairs
Antitrust Policy Notice:Attendees are reminded to adhere to the meeting agenda and not participate in activities prohibited under antitrust and competition laws. Only members of ToIP who have signed the necessary agreements are permitted to participate in this activity beyond an observer role.
New Members:
5 min
Review of previous action items
Chairs
The action items from the 2022-12-23 meeting all appeared to be agenda items for this meeting.
5 min
Heads up on W3C Credentials Community Group work item
Should pay attention to European identity requirements to inform the Trust Registry spec.
Savita Farooqui : TRAIN (using DNS-based trust) is another input
mathieu : Projects referenced in the paper that I’m assuming all need good understanding/alignment: EBSI Trusted Issuer Registry, ETSI TS 119 612, eSSIF-Lab TRAIN, the Trust over IP Foundation Trust Registry Protocol
DNS being brought up frequently.
Neil Thomson : Projects referenced in the paper that I’m assuming all need good understanding/alignment: EBSI Trusted Issuer Registry, ETSI TS 119 612, eSSIF-Lab TRAIN, the Trust over IP Foundation Trust Registry Protocol
Drummond Reed interesting to consider how DNS will inform TR work.
Savita Farooqui : All registries and the overlap with TR are to consider.
Drummond Reed : AIDs (Autonomous Identifiers ): You can discover an AID anywhere and independently verify it.
Proposal: Work off Github issues and discussions or continue to work on google docs * Propose options to the group. Let's settle this soon?
Drummond Reed concerned about async and dominant work.
+1
Darrell: OK but be careful about things that are "churning and burning"
Drummond Reed Trust decision and modeling a good start.
Github Discussions
Goals of the Task Force? * What are the ambitions of the task force. * Audience? * To be discussed. See the deliverable doc. * Scope: * Proposal: Scope of this task force is to build a model that supports $c_{\text{trust services}}$ and allows additional $c$ to be incorporated in the data models. * Adoption * How will the work we do become adopted? What are the challenges? Make this into an discussion we can iterate over. * Deliverables
Primary models and basic evolution approach for future versions
Tim Bouma :Transfer function: Time and utility preference. ( Trust decision framework mapping )
Drummond Reed v1 spec: * Verifiable issuers vs. Verifiable verifiers. * @Darrell: Context was required to authorize issuers vs. verifiers. RWOT: naive. Assurance framework not the whole picture.
Tim Bouma : risk transfer vs. accountability transfer. Risk management function.
* **Trust Action Model**: $h(g(f(C, x)))$ * where: * $f(C, x)$ is a trust embedding * $g(f(C, x))$ is a trust decision * $h(g(f(C, x))) = z$ represents an action (or effect) based upon a trust decision. It chooses $z_i \in \mathbb{Z}$ where $\mathbb{Z}$ represents a set of possible effects from a trust decision. * $C$ is the decision context * $x$ is the set of claims * Scope: This task force is focused on supporting system around $c_{\text{trust services}}$ and the data models in $x$, which represent claims. While recommendations may be provided on the other functions, anything outside of $c_{\text{trust services}}$ and $x$ is considered non-normative and out of scope. Some ways this translates within the deliverable: * Specification Deliverable * Service Discovery * Containers * Data Models * APIs * Companion Guide: * Recommendations and best practices * $\{c_i, c_j\} \in C$ where C is the decision context and $c_i, c_j$, are different data contexts. * $x$ represents claim data