Recording
Attendees
Sam Smith Philip Feairheller Henk van Cann Rodolfo Miranda Lance Byrd Ruth Choueka Charles Lanahan Nuttawut Kongsuwan Petteri Stenius @ Cole DavisKent Bull Steven Milstein Trent Larson Alex AndreiMichal Pietrus
@Arshdeep SinghNeil Thomson
Agenda Items and Notes (including all relevant links)
| Time | Agenda Item | Lead | Notes |
| 5 min | - Start recording
- Welcome & antitrust notice
- Introduction of new members
- Agenda review
| Chairs | - Antitrust Policy Notice: Attendees are reminded to adhere to the meeting agenda and not participate in activities prohibited under antitrust and competition laws. Only members of ToIP who have signed the necessary agreements are permitted to participate in this activity beyond an observer role.
- New Members:
|
| 5 mins | Review of action items from previous meeting | Chairs | Moved to next week |
| 5 mins | Announcements | TF Leads | News or events of interest to members: |
| 5 mins | Reports | Open | - KERIA
- Added support for admit message
- SignifyPy
- Added support for admit
- Added a script exercising multisig holder.
- KERIpy
- Upcoming database migration
- Upcoming witness migration
- GLEIF will be upgrading and managing keys for Root AID
- did:webs
- discussion around whois directory
- domain name permissions for a did:webs - Sam elaborated on issue in spec repo
- discussion about signatures in the did doc, one new did method is doing so.
|
| 25 mins | Discussion | Open | - Nuttawut Kongsuwan : GLEIF's release was NOT Python, it is the TypeScript SDK.
- Securing x.509 Certificates with KERI:
- Schneier Article:
- Other articles
- Certificate Transparency - It can tell you there exists more than one for a domain name.
- DNS and BGP hijack to compromise the CA credential issuance flow
- Based on an Administrative Root of Trust vs a Cryptographic Root of Trust (like KERI)
- Adding alternative identifiers to x509 certificates in a non-normative manner.
- Could add KERI AID
- This would add a cryptographic root of trust to an x509
- Diffee-Helman(sp?) key exchange (shared secret) used in place of out-of-band key exchange.
- Good idea 30 years ago, not good now that we have PKI
|
| 5 mins | Any other business | Open | Henk van Cann Following-up on Sam's explanation of the relation between identity assurance, reputational trust and attributional trust I added these glossary terms. Please feel free to comment / amend the glossary items: https://github.com/weboftrust/WOT-terms/wiki/identity-assurance https://github.com/weboftrust/WOT-terms/wiki/attributional-trust https://github.com/weboftrust/WOT-terms/wiki/reputational-trust
|
| 5 mins | - Review decisions/action items
- Planning for next meeting
| Chairs | |