Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 5 Next »

Meeting Date & Time

This Task Force meets every ________________. There are two meetings to serve different time zones:

  • NA/EU meeting: 08:30-09:30 PT / 16:30-17:30 UTC
  • APAC meeting: XX:00-XX:00 PT / XX:00-XX:00 UTC

See the Calendar of ToIP Meetings for exact meeting dates, times and Zoom links.

Zoom Meeting Links / Recordings

  • NA/EU Meeting:  <insert Zoom link from ToIP Calendar entry here>
  • APAC Meeting:  <insert Zoom link from ToIP Calendar entry here>

NOTE: These Zoom meeting links will be replaced by links to recordings of the meetings once they are available.

Attendees

NA/EU:

APAC:

Agenda Items and Notes (including all relevant links)

TimeAgenda ItemLeadNotes
3 min
  • Start recording
  • Welcome & antitrust notice
  • New member introductions
  • Agenda review
Leads
  • Antitrust Policy Notice: Attendees are reminded to adhere to the meeting agenda and not participate in activities prohibited under antitrust and competition laws. Only members of ToIP who have signed the necessary agreements are permitted to participate in this activity beyond an observer role.
  • New Members:
2 minReview of previous action itemsLeads
5 minsUpdate on Microsoft did:x509 spec

Eric Scouten spoke with Maik Richards at Microsoft, who expressed support for our TF taking over this work but is unable to join us. Working with Judith Fleenor to ensure IPR is compatible.

20 minsArtifacts for X.509 DID at CIRA. DNS records, TLS, etc.

Anchor identifiers in DNS names. We all use them. Goal is to map X.509 cert to a domain name. SAN field can perform that mapping.

did:web is similar; there's a domain name that can be trusted to be unique and it contains a public key. Can map public key component (or hash thereof) of X.509 to a TLSA record.

An X.509 field with a SAN field can be matched to the public key in the DNS. If so, the VID can be considered authentic.

DNS is useful because it is global today. DNS can host trust registry affiliation. VID can be identified as part of a specific trust registry (C2PA, etc.).

Jacques Latour working with Jesse Carter  to build a demo.

A document/blob is signed by an did:x509 VID and identify the trust registry affiliation.

Work that is being done on did:web applies in the same manner and can provide an additional layer of authenticity.

DNSSEC answers concern about (plain) DNS being clear-text and thus easily tampered with. DNSSEC adds an RRSIG signature to DNS replies that ensures trust chains back to IANA (trust root for top-level domains).

(Watch recording starting at about 15 minutes for Jacques' slides.)

did:x509 should really be about answering the question can you trace a did:x509 through to the X.509 itself to a trust registry?

Will ask Jesse Carter to do a demo in an upcoming meeting.

Question raised about comparison to did:web – are they meaningfully different?

A: Conceptually similar, but shift in emphasis on where the identity is expressed.

Example of did web https://trustregistry.ca/.well-known/did.json/

15 minsTopic #3 (open)

5 mins
  • Review decisions/action items
  • Planning for next meeting 
Leads

Screenshots/Diagrams (numbered for reference in notes above)

#1


Decisions

  • Sample Decision Item

Action Items

  • ACTION: Eric to summarize Drummond's e-mail with his feedback on the MSFT spec and add to meeting notes here. (Carried over from 2024-01-11.)
  •  


  • No labels