2021-04-06 Governance Framework Drafting Group Meeting Notes

Attendees

Tuesday April 6 2021

  • Co-Leads:Drummond Reed
  • ID2020 PM: Todd Gehrke

Participants: 

  • Drummond
  • Sankarshan
  • Scott Perry
  • Savita Farooqui
  • Jacques BikoundouI
  • Chris Raczkowski
  • Kristina Yasuda
  • Sumiran
  • Victor (Syntez)

Agenda Items

TimeItemWho
2 minWelcome & Antitrust Policy NoticeChair
XY minTopic ATBC
XY min

Topic B

TBC

XY min Topic C TBC
3 minWrap upChair 

Presentations - 2021-04-06 Governance Framework DG Meeting.pdf

(PDFs posted)

Notes

1. Welcome and Linux Foundation antitrust policy

  1. [Drummond] shares the deck <link above>
  2. New member introductions
    1. Chris Raczkowski- Chairperson at The Sovrin Foundation 
    2. Kristina Yasuda - works at MSFT Identity Standards, around decentralized identity, governance work at ISO and OIX
    3. Victor - volunteer at ToIP and also involved in creating one of the Canadian credential networks
    4. Sumiran - Membership director at Sovrin & ToIP Volunteer
    5. Jacques - involved in CCI GF in addition to other interests in the blockchain and decentralized identity space
    6. Savita - co-chair at IEEE P2145; founder at Sacramento based startup - SymSoft Solutions
    7. Scott Perry - ‘friendly neighborhood identity auditor’
  3. [Drummond] provides a walkthrough of the ToIP stack diagram - member directory is now being represented by trust registries
    1. Ecosystem of Ecosystems is a pattern emerging from the GHPC work; it shows the diagram on the slide <add link to slide/see recording>. Digital Trust Ecosystem A, B and C are 3 unique digital trust ecosystems (DTEs). Also explaining this concept through an inheritance diagram (similar to OOPs). Ecosystems policies could be country specific (EU green certificate) , industry specific (IATA Travel Pass) and app specific (eg. digi.me app provider is the root of trust / GA for this ecosystem) All of these are possible specializations and other patterns might emerge as we go along as we define the policy of EoEGF
      1. [Drummond] any one GHP compliant credential is issued by an issuer authorized under at least one of the GFs. If digi.me signs a credential under its own GF, can the verifier make a decision to trust this GF and understand how to verify the credential?
      1. [Drummond] App specific policies indicate that the GF is an app. There is a specific example digi.me for this. The principle of transitive trust across GFs is applicable across ecosystems too (eg. digital trust ecosystem of passports run by ICAO). The GHP ecosystem from IATA could state that a passport will be trusted in a specific way. If a credential was issued under a specific GF then there is one point in the transitive trust approach.
      1. [Scott] Dependencies among the Drafting Groups are highlighted in the Slack channel #ghp-wg-get-it-together-group
      2. These GFs can be certified as GHP compliant. The concept of certifying GFs to be GHP compliant with the GHP Trust Mark is important in perspective of how it changes the way the market addresses the issue of trust at dispersed scale.
      3. [Savita] If the GHP policies interacting with industry specific policies - is that already considered or needs to be explored separately
      4. [Sumiran] Are there any nesting capabilities b/w app specific and country specific GF and How will different ecosystems of ecosystems interact with each other
    2. Key Questions document
    3. Good Health Pass Ecosystem Governance Framework V1 Draft (please see the last 20 minutes of the recording to follow with this section)
      1. There may not be any specialised or controlled documents and instead there will be a single document
      1. Substantive contributions are being sought out.
      2. Uses the MUST, SHOULD, MAY format (is built out on the ToIP MetaModel)
      3. Drummond does a quick walk through of the ToC and explains the sections
      4. [Scott] ‘GHP Compliant Ecosystem’ - it is important to identify if this is the aim and if yes, then there is a need to have clear ideas around trust marks and similar. Interlinked ecosystems are going to be applying the concepts of various elements of risks. To be GHP compliant there is a need to have a level of risk assessment - they may not have similar outcomes but the availability of of this is required in any future conversation around certification.
    1. Participant introductions
    2. Forming, Storming and Norming timeline <see deck>; break for IIW to present some of the formed ideas and product. Large portion of the work to be completed this month
    3. The role of the Governance Framework - existing 8 DGs are addressing the specific interoperability challenges at the ecosystem level this is where the business, legal and social rules are agreed upon by the participants. Trust Framework (federated identity systems) and Governance Framework (decentralized identity systems) are often used interchangeably. GF is a slight generalization which includes the TF. This will be a Layer 4 (see ToIP model) GF as defined by the GSWG at ToIP. 



2. Topic A

3. Topic B  

4. Topic C 

5. Wrap up 

  • Next steps

       

Action Items

  1. TBC