/
2025-05-16 TRTF APAC Meeting Notes

2025-05-16 TRTF APAC Meeting Notes

Owned by John Phillips
Last updated: May 16, 2025

Meeting Date

  • May 16, 2025 AEST This meeting was set up in response to interest and activity on Trust Registries in the APAC region.

Zoom Meeting Link / Recording

Video Conferencing, Web Conferencing, Webinars, Screen Sharing

  • APAC MEETING: 

    • @John Phillips

    • @Jo Spencer

    • @sankarshan

    • @Darrell O'Donnell

Agenda Items and Notes (including all relevant links)

Time

Agenda Item

Lead

Notes

 

5 min

  • Start recording

  • Welcome & antitrust notice

  • Introduction of new members

  • Agenda review

Chairs

  • Antitrust Policy Notice: Attendees are reminded to adhere to the meeting agenda and not participate in activities prohibited under antitrust and competition laws. Only members of ToIP who have signed the necessary agreements are permitted to participate in this activity beyond an observer role.

  • New Members: None

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

5 mins

  • Review decisions/action items

  • Planning for next meeting 

Chairs

 

 

 

 

 

 

 

Notes:

Minutes generated by notebookLM from the meeting transcript and chat. [Minor tweaks by John to correct the errors that I could see].

Meeting Minutes Date:

15 May 2025 (Based on file name timestamp). APAC experienced date: 16 May AEST

Attendees:

  • Sankarshan Mukhopadhyay (Dhiway Networks Private Limited)

  • Jo Spencer (Sezoo)

  • John Phillips (Sezoo)

  • Darrell O'Donnell (Continuum Loop Inc.)

Summary of Key Points:

The meeting began with participants joining, noting the early time for Sankarshan in India [1-3]. John Phillips joined later and explained he was delayed by working on a post about a report on the use of facial recognition technology by the TSA [4-6].

Discussion on Facial Recognition, Privacy, and Security:

John Phillips discussed a 125-page report from the Privacy and Civil Liberties Oversight Board (PC.Lob) regarding the use of facial recognition technology by the TSA [6-8]. This report was six years in the making [6, 9]. The PC.Lob is described as a bipartisan board established by the U.S. Government to review government activities from a civil liberties standpoint [10, 11]. John noted the report is dispassionate, well-written, well-researched, and includes 13 recommendations considered very sensible and sound [8, 12]. However, he mentioned that since the project started in 2019, the board has become partisan, as all Democratic members were sacked [11, 13]. Despite being published multiple times with different filenames recently, John believes the contents haven't changed [14].

John expressed growing concern about the authenticity and provenance of information encountered [15]. He highlighted findings in the report, such as facial recognition systems being 10 times faster and more accurate than humans for one-to-one matching against documents, citing Orlando Airport's experience [16, 17]. Systems used in Australia for one-to-one matching are reportedly local and do not retain data, but this relies on trust as there is no evidence [18].

A commentary in the report observes that the facial recognition initiative, partly stemming from the 9/11 problems, does not involve checking identity documents against a terrorist register [19, 20]. John questioned why checks wouldn't occur earlier, such as when airline tickets are purchased [20]. Jo Spencer related this to anti-money laundering efforts, suggesting that individuals attempting fraud might avoid formal channels [21]. Sankarshan Mukhopadhyay noted that in India, domestic ticketing involves binding Aadhaar (India's identity system), whereas typically, ticketing systems only perform checks if a visa or passport is associated [22].

John mentioned a letter within the report by "Beth," who linked 9/11 issues to U.S. departments knowing things but not communicating effectively, implying better checking might have prevented the attacks [23]. John questioned this, stating that some perpetrators might not have been on a register before committing the act, highlighting the grey area of preventing travel based on suspicion [24]. Sankarshan agreed that the idea of insufficient information access being a cause is prevalent in law enforcement thinking post-9/11, acknowledging that hindsight is always clear [25, 26].

John argued that extensive cross-linking and sharing of information could lead to a "panopticon police state" [26]. Sankarshan challenged this, asking how it aligns with advocating for individual agency and autonomy [27, 28]. John acknowledged the tension between upholding civil liberties (like the right to carry weapons) and implementing controls for safety and security [29, 30]. Sankarshan pointed out that this tension is often overlooked when designing governance, failing to consider the contextual placement within civil liberties and individual autonomy [31, 32].

Darrell O'Donnell commented on the civil liberties aspect, observing that in business and governance, rights are being "degraded" and "chipped away" [7]. He shared his experience with the Global Entry/Nexus system, where facial recognition became instantaneous, making him feel he was being surveyed unexpectedly [33, 34].

Discussion on Trust Registry Query Language (TRQL) and Protocol (TRQP)

Darrell O'Donnell mentioned the separation of GitHub repositories for the Trust Registry Protocol (TRQP) and the Trust Registry Query Language (TRQL) [35]. He noted that the authentication string is referred to as an "opaque string" [9]. The query language has been named "Trql" or "Turkle" by Alex Tweedale [9, 36].

John Phillips' understanding is that the query language defines the syntax for expressing queries, while the protocol defines how messages are sent, received, signed, and processed [10]. Darrell confirmed this, explaining the protocol handles the transmission of query variables (like entity, authorization, and governance frameworks) [8].

The goal of TRQL is to build a query language [13]. Darrell expressed personal doubt about the necessity of a query language for hitting a single trust registry, which would ideally inform you what it's authoritative for [13]. Sankarshan described a personal experience filling a form requiring data verification against multiple distinct sources (Aadhaar, passport, PAN) [37, 38]. He noted the system seemed to rely on predetermined agreements and API calls for verification, which conflicted with his mental model and made him wonder where a generic query language would fit [39]. Darrell aligned with Sankarshan's view that registries likely have predetermined agreements and won't allow snooping via a query language . He suggested a query language might be more relevant for systems aggregating data from multiple sources .

John Phillips drew parallels to his past work in the 1990s on the Catalogue Interoperability Protocol (CIP) for the European Space Agency, based on Z39.50 and its Contextual Query Language (CQL) [40-42]. He felt the current effort risks reinventing existing wheels [43]. Darrell recalled Z39.50 being used in the geospatial world for metadata and cascading servers, noting the latter was a "horrific" business pattern [44]. John suggested building on existing concepts for the trust registry query language rather than starting from scratch .

Darrell explained the origin of the TRQL concept from discussions at Ira (Internet Identity Workshop), where the need for a standard way to name things, initially using ABNF structures for guidance (e.g., issue:country:sub-admin-area:thing), evolved into the idea of a query language [45]. He remains unconvinced it's a true query language rather than a naming convention . A positive aspect is the separation of the protocol and language specifications .

Darrell expressed concern that focusing on TRQL could delay getting TRQP published . A decision was made in the North America/Europe call that the Trust Registry Task Force will prioritise getting TRQP to a second public review and published state in the coming weeks . TRQP is intended to remain stable for about a year once published . Both TRQP and TRQL are being worked on by the same Trust Registry Task Force .

Discussion on GitBook for Documentation:

John Phillips inquired about using GitBook for documentation, particularly for the Global Trust Registry project, given concerns about licensing fees . Darrell O'Donnell confirmed that Ira uses GitBook and receives it for free as a non-profit organisation . He is impressed with the tool, especially its value when free .

John asked if GitBook is suitable for formal specification writing like Spec Up . Darrell stated it is good for general rigorous documentation and has a change request process . However, he noted that Spec Up has advantages for formal specs due to its automated linking of glossaries and external references, which would require manual steps in GitBook . Darrell recommended Spec Up for formal specs and GitBook for governance documents or looser guidance where rigor is less critical .

Addressing John's dilemma with experts accustomed to Microsoft Word rather than GitHub pull requests , Darrell stated that GitBook is a better tool than raw GitHub . He mentioned GitBook has a live edit mode similar to Google Docs, allowing multiple people to work on a document simultaneously before it's published and locked down . Darrell feels GitBook is a "pretty darn good tool" and a blend .

Discussion on Task Forces and Participation:

Sankarshan Mukhopadhyay commented on the proliferation of task forces within Trust over IP and expressed concern that the same people are spread thin across multiple groups . Darrell O'Donnell agreed but noted that the push towards public review for TRQP has increased participation, with new voices and names appearing in the calls .

Sankarshan asked about groups from Affinidi [ed: Rewriting the Rules of Trust | Affinidi ] who were mentioned as wanting to join the calls . Darrell knows Glenn from "affinidi" . Darrell and Glenn met recently, and Glenn is engaging with the trust registry work . Glenn reached out to Drummond, who questioned why Glenn hadn't reached out to Darrell directly . Affinidi reportedly has ideas for simplifying the API . Jo Spencer and Sankarshan noted they usually see them in DIF calls [46]. Affinidi is described as a "hardcore DIDComm 2.1 shop" .

Discussion on GLEIF and vLEI Issuing Organisations:

John Phillips searched the GLEIF website for Qualified vLEI Issuing Organizations and initially found a list of only five [42]. He questioned if the website was up to date . Jo Spencer clarified the organisation Sankarshan mentioned was Finema, not affinity . Darrell found this interesting, as GLEIF/Zoned's LinkedIn had announced more than five in the past four months, speculating some might not be approved yet . Sankarshan confirmed Finema's activity on vLEI [42]. John noted Finema's qualification date was February 21st . They discussed how often such lists are updated and if they are automated [30]. Darrell later found a page ('Access by Cal') listing more, noting it was last changed in August 2023 but seems to be changing daily .

Discussion on PDFs and Data Accessibility:

Sankarshan Mukhopadhyay humorously defended PDFs as the "bestest most beautiful document format" [42] but then acknowledged they are poor for internationalisation (i18n) [47] and a difficult structure to use . He cited the example of payment aggregators' historical key rotation lists in India being published publicly, but only in hard-to-search PDF format [48]. John Phillips noted that PDFs are not accessible for blind users . Darrell O'Donnell explained this is because PDFs focus on layout rather than true text structure . John mentioned encountering government accessibility groups advocating aggressively against PDFs . Darrell shared an example of a "trust registry" PDF used by the Towards Sustainable Mining initiative in Canada that contained personal contact information, illustrating an informal system before they adopted a more formal solution like Northern Block .

Discussion on UNCEFACT Expert Registration:

John Phillips encouraged Sankarshan Mukhopadhyay and Darrell O'Donnell to apply for UN CEFACT expert status if they wish to participate in the Global Trust Registry project [49]. He stated that he aims to balance the technology focus with the perspective of people operating registries [50]. He is seeking involvement from registry operators from various countries [50]. Darrell asked about BC (British Columbia) representation via Nancy Morris . John confirmed Nancy chairs a bureau and he can ask her to suggest someone from the corporate registries . Darrell noted the BC corporate registries team knows Northern Block well and would likely be interested in the Global Trust Registry project . He stressed the distinct knowledge of operational registrars compared to IT personnel . Sankarshan explained he hadn't applied because India didn't have a delegate [51]. John confirmed India is interested and that the process is moving forward [52]. John suggested applying might still be possible by providing name and email address [53]. Sankarshan agreed to apply and inform John [54]. Darrell also agreed to apply [54].

Meeting Minutes & Transcription Process:

Darrell O'Donnell mentioned that issues being moved from the TRQP repository to the TRQL repository should be properly dispositioned in the original repository to maintain a record, especially during public review periods [55]. John Phillips inquired who was responsible for converting the meeting recording into minutes [56]. Darrell suggested John take on the task [57]. John agreed to use the recording to test transcription software [57]. Darrell shared his positive experience using the web version of Word to transcribe audio files, though he noted it can sometimes add unusual speaker labels [58, 59]. John acknowledged Sankarshan's earlier point that the formal discussion had likely concluded [49]. John was nominated to create the minutes [36, 60]. Darrell had already added notes about Z39.50 and Contextual Query Language to the minutes [60].

Other Notes:

Sankarshan Mukhopadhyay informed the group he would be on vacation for approximately 25 days starting the upcoming weekend and would miss some meetings [47, 61]. Darrell O'Donnell shared a brief observation about the China-India border interface involving brawls with sticks instead of guns, viewing it as an interesting geopolitical quirk [62, 63].

Actions and Decisions:

Decision: The Trust Registry Task Force will prioritize achieving a published state for the Trust Registry Query Protocol (TRQP) before dedicating full focus to the Trust Registry Query Language (TRQL) .

Action: Darrell O'Donnell is to ensure that issues moved from the TRQP GitHub repository to the TRQL repository are formally closed in the TRQP repository, indicating they have been moved, to maintain a clear record [55].

Action: John Phillips is to compile the meeting minutes from the recording [36, 57, 60]. [DONE, yey!]

Action: Sankarshan Mukhopadhyay is to complete the UN CEFACT expert registration form and inform John Phillips once done [54].

Action: Darrell O'Donnell is to complete the UN CEFACT expert registration form and inform John Phillips if he chooses to do so [54].

Action: John Phillips is to ask Nancy Morris about the possibility of involving someone from the British Columbia government's corporate registries in the Global Trust Registry project .

Action: John Phillips is to pursue involving registrars from Australia in the Global Trust Registry project .

Action: Darrell O'Donnell is to add asking the BC corporate registries team about their involvement in the Global Trust Registry project to his discussion points for his upcoming call with them .

Meeting Chat

00:18:05 sankarshan mukhopadhyay (Dhiway Networks Private Limited): GitHub - trustoverip/tswg-trust-registry-query-language: Trust Registry Query Language
00:21:29 John Phillips (Sezoo): I should declare that I have some long-ago history of looking at query languages for networked sets of data. Back in the 90's I was working for a while on a catalogue interoperability protocol (CIP) for the European Space Agency based on Z39.50. An example explainer here: https://www.niso.org/sites/default/files/2017-08/Z3950_primer.pdf
00:23:53 John Phillips (Sezoo): Here is the Wikipedia article: Z39.50

The article also references the "Contextual Query Language" - see here: Contextual Query Language
00:41:01 John Phillips (Sezoo): Get a vLEI: List of Qualified vLEI Issuing Organizations - Organizational Identity – GLEIF
00:41:31 sankarshan mukhopadhyay (Dhiway Networks Private Limited): FINEMA <— they are active on vLEI
00:44:38 sankarshan mukhopadhyay (Dhiway Networks Private Limited): Don’t throw shade on PDF. The bestest most beautiful document format 😄
00:45:08 sankarshan mukhopadhyay (Dhiway Networks Private Limited): PDFs suck for i18n as well
00:48:22 sankarshan mukhopadhyay (Dhiway Networks Private Limited): AI has reached that point where it can do a narrator voice of evil laugh
00:49:06 sankarshan mukhopadhyay (Dhiway Networks Private Limited): https://uncefact.unece.org/display/uncefactpublic/UNCEFACT+Expert+Registration
00:49:13 Jo Spencer (Sezoo): https://uncefact.unece.org/display/uncefactpublic/UNCEFACT+Expert+Registration
00:51:29 sankarshan mukhopadhyay (Dhiway Networks Private Limited): Last thing before we log off - I’ll be off (on vacation) for around 25 days starting this weekend. So, I’ll be absent at a couple of these and GATF meetings.