2023-03-09 GSWG Meeting Notes
Meeting Date
The GSWG meets bi-weekly on Thursdays at 11:00-12:00 PT / 18:00-19:00 UTC. Check the ToIP Calendar for meeting dates.
Zoom Meeting Link / Recording
- Zoom Link
(This link will be replaced with a link to the recording of the meeting as soon as it is available)
Attendees
- Drummond Reed
- Scott Perry
- Neil Thomson
- Mary Lacity
- Rene Solorzano
- Savita Farooqui
- Carly
- Judith Fleenor
- Darrell O'Donnell
- Daniel Bachenheimer
- Steven Milstein
Main Goal of this Meeting
Understand the opportunity to create a governance framework for dual-stack interoperability.
Agenda Items and Notes (including all relevant links)
Time | Agenda Item | Lead | Notes |
5 min |
| Chairs |
|
5 mins | Review of action items from previous meeting | Chairs | |
5 mins | Announcements | TF Leads | News or events of interest to Governance Stack WG members:
|
20 mins | Dual Stack Interoperability & Governance | Darrel | Darrel O'Donnell will discuss dual-stack interoperability and the potential role for another governance framework to play. Savita Farooqui shared screenshot #1 below which provides greater detail about what needs to be governed at each layer. Neil Thomson shared |
15 mins | Advancing the Museum Pass Case Study | Scott | Scott will walk through what work has been done on creating a Museum Pass case study for use by ToIP Working Groups. |
5 mins | Any other business | ||
5 mins |
| Chairs |
Screenshots/Diagrams (numbered for reference in notes above)
#1
Meeting Minutes
(Courtesy of ChatGPT)
Introductions: Scott Perry welcomed everyone to the meeting and introduced Renee Solorzano as a new member to the meeting.
Rene Solorzano introduced themself and explained that he is from the company Entera and has been part of the ecosystem task force for a couple of years now. He also mentioned that he knows a few faces from the meeting.
Scott Perry then discussed the Governance Stack working group and explained that they are waiting for the technology and other groups to catch up and provide more information. He also mentioned his participation in the Trust Registry, where he has an active voice, but has been passive on the Trust Spanning Protocol.
He highlighted the importance of trust and mentioned that it is the best place for people to be, to figure things out on a global scale. He encouraged attendees to attend Trust over IP meetings, and acknowledged the efforts of Drummond, Darrell, and the team.
Trust Registry:
Scott Perry requested Darrell to attend the meeting to provide feedback on the trust registry side. He emphasized the need for actively participating in the Trust Registry architecture task force and requested Darrell’s feedback on how they can jointly attack trust registries.
Announcements:
Scott Perry started the meeting by stating his interest in advancing the Museum Pass Development as a use case. He mentioned that Savita was also passionate about it and proposed a dedicated session in two weeks to work on it.
While waiting for Darrell, Neil Thomson announced that Sam had volunteered to do a presentation on the modeling and representation working group’s experience with authentic data Providence change at DC and Kerry calls. He explained that the plumbing used for traceability from someone making a decision in an organization that is traceable back to the root of data is going to be an important part of governance. Neil also mentioned that he would post the invitation in the slack channel in a week’s time for the 20th of March.
Trust Registry:
Darrell O’Donnell thanked Scott for inviting him to the meeting and proposed to show two different diagrams. He began with the one they were discussing that morning. He apologized for rearranging his screen and mentioned that he had been busy running around between meetings all over town.
Darrell explained that they were trying to ensure that they understand the difference between a few things, namely their scope at Trust over IP, which includes technology and governance. He added that they recently discussed operations but that it is out of scope for their remit. In his view, organizations should be able to pick their own operational processes to accomplish their governance goals.
The group then discussed the role of operations, the technology, and governance, and tried to delineate them. Darrell mentioned that the governance authority would be creating the ecosystem governance frameworks, which would define the roles of operations, technology, and governance.
Darrell also spoke about assurance levels and roles that are defined in the governance framework. He mentioned that it was important for the ecosystem to understand how things are done and why.
Scott Perry explained that there is a fundamental process involved in entering a record on a trust registry, and it is a secret governance question. He added that trust registries are driven by different ecosystems, and there is a process associated with it, which is run by a governing authority and an administrative authority.
He further explained that a process needs to be developed for governance within the trust registry, which should be flexible depending on the risk associated with it. He also emphasized the need to define the process of how a governing authority creates and endorses a record to be put on a trust registry.
Judith Fleenor informed that two hands were raised, and Scott Perry asked Savita Farooqui to share her screen. Savita Farooqui shared a slide that explained the governance process at each layer.
Drummond clarified that Darrell’s work was a collective effort of multiple task forces in the technology stack working group. They had to revise the conceptual diagram after the first public working draft of the technology architecture.
Drummond then explained the key issue they were addressing with the chart was trust registries. He elaborated that trust registries were a general concept and that there were specialized types of trust registries known as verifiable data registries or DID registries.
Drummond highlighted that trust registries varied at each layer of the conceptual diagram. He emphasized that the Trust registry column in the middle was the glue between governance and technology. This column was explicit in the third generation of the conceptual stack.
Drummond concluded by stating that they were trying to come up with a creative way to indicate that the trust registry column was how the whole diagram came together.
Neil Thomson discussed trust checkpoints and trust registry. Neil shared his screen and presented a series checkpoints that a call must go through from Layer 1 up through Layer 4. Neil stated that there are a series of questions that need to be asked, particularly if Alice calls Bob. The first thing that needs to happen is the exchange of identifiers, followed by the exchange of lowest level trust spanning information, such as an identifier for a destination and source.
Neil observed that the trust registry is asking a basket of questions, some of which will be answered electronically, such as getting cryptographic answers to proofs. Other questions will be answered by a governance step, where someone agrees that a particular process has been followed for the trust registry or putting a verifier into the trusted verifier list.
Neil stated that a lot of due diligence happens behind this, and there is a need to store the results of asking questions, some of which may be done by humans and some by electronic means. Neil argued that there are also a whole series of different trust services which are a set of conveniences that know what questions to ask.
Savita had presented a list of things that need to be asked, including what identifier to use, how good the key management is, whether it is signed, whether it is an authority, and what method is used. Neil said that a lot of these questions will be the same kind of thing.
Savita raised her hand and shared that the middle section of the diagram was labeled as just the registry, but she believed it was more than that. Neil also mentioned that establishing trust was not just about the registry. Savita suggested that the protocol or the handshake or data exchange that is part of the technology also plays a vital role. She suggested that the registry should list only those items that are trusted. Scott agreed with Savita’s comments and suggested that their group participates in the trust registry task force to help them with that.
Scott shared his personal perspective on the objectives of the trust registry. He believed that trust registries have two overriding objectives. The first is to define the valid roles to participate within the e-ecosystem. The second is to identify the data points needed to be collected within the trust registry to ensure interoperability can occur.
Neil shared that he had a good conversation with Steven about the trust registry, and he stated that it comes down to whether he trusts the entity and its technical governance framework for that purpose and context.
Action Items: [ ] [ ] The group will brainstorm on the data points that need to be added to the trust registry to ensure interoperability.
Action Items
- Advance the Museum Pass Development use case
- Participants to join the trust registry task force to help define its objectives.
- The group will brainstorm on the data points that need to be added to the trust registry to ensure interoperability