Time

Agenda Item

Lead

Notes

5 min

• Start recording

• Welcome & antitrust notice

• Introduction of new members

• Agenda review

Chairs

• Antitrust Policy Notice: Attendees are reminded to adhere to the meeting agenda and not participate in activities prohibited under antitrust and competition laws. Only members of ToIP who have signed the necessary agreements are permitted to participate in this activity beyond an observer role.

• New Members:

5 min

Announcements

All

Updates of general interest to TATF members.

• Design Principles for the ToIP Stack in the All-Member meeting

• DID Conference Korea 2022 next Monday Korean Time - registration link: https://www.eventbrite.com/e/did-conference-korea-2022-tickets-262517044547?aff=ebdssbdestsearch

• @Daniel Bachenheimer reminded us that a ToIP blog entry went live yesterday about digital identity and governments (inspired by the controversy over IRS and ID.me).

  • Another blog will be going up next week on zero-trust architecture

  • Thank you to Dan and @Jim StClair

• EU Digital Identity Wallet Tender is coming, Feb 22 2022 - https://bit.ly/3JBBeQU. Scope is around implementation of the revised eIDAS regulatory framework by public and private sector service providers to exchange digital ID credentials in several member states and (at least) 4 large scale pilots to test the deployment of the European Digital Identity Wallet in priority use cases and regarding the once-only principle under the Single Digital Gateway regulation. These pilots will deploy the European Digital Identity Wallet in national eID ecosystems by Member States.

5 min

Review of previous action items

Chairs

20 mins

Update on stack diagrams

Chairs

We discussed the proposed consolidated technical protocol stack diagrams:

• Communication View (and #1 below)

• Data View (and #2 below)

• Consolidated Primitives View (#3 below)

Discussion notes:

• @Wenjing Chu offered to write a "reference view" 

• ACTION: @Wenjing Chu to prepare a "reference view" diagram of the ToIP stack to present next week

• @Daniel Bachenheimer pointed out that the term "key management" really only applies to Layer 2 because that is where the digital wallets live that handle key generation and local storage and the digital agents that then call the Layer 1 interface protocols (e.g., DID resolution or KERI tunnels) to register key material with Layer 1 verifiable data registries (VDRs).

• @Antti Kettunen pointed out that Layer 1, in the third view, could start to look like a "trash pile" of different ways to store the cryptographic primitives.

• @Drummond Reed explained about the DID URL Resource Parameter Specification.

  • This can standardize the interface for Layer 1 to return any necessary cryptographic primitive

• @Bart Suichies looks at the layers from a different perspective.

  • In the EU there is a discussion about certification of 450K endpoints

  • Layer 1 should not be just a storage layer

  • Does key management really reside at Layer 2?

  • Drummond asked Bart if he wants to create a "view" of the stack

• @Wenjing Chu advocated that our job is to define the standard interface to Layer 1 and then let the market decide which implementations will survive in the market

• @Daniel Bachenheimer said "If Layer 1 (VDR) is to cover CENTRALIZED schemes as well (e.g., Certification Authorities) then Key Management would fit"

• @Darrell O'Donnell agreed with Dan on that point — that the ToIP stack can accommodate the existing PKI solutions

• ACTION: @Drummond Reed will add the point about "accommodating legacy approaches" into the narrative of the storyline deck (see below).

APAC

• Other ways of doing key management (e.g. sidetree protocol). @Rodolfo Mirandaworked on Cardano Sidetree (sidetree-cardano repo: https://github.com/rodolfomiranda/sidetree-cardano)

• "are we dependent on KERI" - no, but there are pieces in KERI that are valuable.

• @Wenjing Chu We need to look at decomposing the pieces and then look at what problems each component are trying to solve - what have they solved, what problems have been introduced.

• @Alex Tweeddale "could you use KERI ACDC credential on top of another ledger"

• @Wenjing Chu look at Layer 2 - what is the bare minimum there (e.g. can you do an untrusted Layer 2 and make progress)

• @Neil Thomson Define the architecture by interfaces, driven by "what problem does this solve". What are the atomic "services" which are used to compose solutions.

20 mins

Review start of storyline format structure of spec

@Drummond Reed

See this Google Slides deck which is a storyline treatment of the ToIP Technology Architecture Specification (also a Google doc at this stage). Drummond walked us through this format and the starting sections he has drafted.

• ACTION: @Drummond Reed — and any other TATF members — to fill in more sections of the storyline deck for next week's call.

5 mins

• Review decisions/action items

• Planning for next meeting 

Chairs