Time

Agenda Item

Lead

Notes

3 min

• Start recording

• Welcome & antitrust notice

• Introduction of new members

• Agenda review

Chairs

• Antitrust Policy Notice: Attendees are reminded to adhere to the meeting agenda and not participate in activities prohibited under antitrust and competition laws. Only members of ToIP who have signed the necessary agreements are permitted to participate in this activity beyond an observer role.

• New Members:

  • Pratyaksh Gupta is a student from India working on multiple blockchain projects.

5 min

General announcements

All

Updates from TSWG members of general interest to the group.

• Updates from Rebooting the Web of Trust (held last week in The Hague)

  • Major progress on a credential profile comparison tool (work started by @Andre Kudra, Torsten Lodderstedt, and Paul Bastion).

    • Link to the Google Sheet

  • Progress on AnonCreds becoming ledger-independent. The goal is convergence (at some point) with W3C VCs.

  • Progress on more formats uniting under W3C Verifiable Credentials 2.0

  • ACTION: @Darrell O'Donnell to work with @Andre Kudra to get links for the most relevant papers from last week's Rebooting the Web of Trust (RWOT) conference.

2 min

Review of Action Items from the previous meeting

Chairs

15 min

Task Force Reports

TF Leads

Trust Registry TF — @Darrell O'Donnell

• The plan is to set a new weekly or bi-weekly date/time for meetings. The goal will be to cover multiple time zones.

• Darrell and @Sam Curren had a 1-on-1 meeting to harmonize on how to move forward.

• @Judith Fleenor (Deactivated) asked about the potential that this work could be a joint TF between ToIP and DIF.

  • Darrell said that the goal is for the two orgs to be aligned on this topic and to deliver a joint document.

  • More work needs to go into which org will do which work.

• Darrell hopes to have the subject ready for discussion at Fall Internet Identity Workshop.

ACDC TF — @Sam Smith @Philip Feairheller 

• No one from ACDC was able to attend.

Technology Architecture TF — @Wenjing Chu  @Drummond Reed

• Darrell said that there has been a focus on process and procedure now that the TAS spec has been moved to GitHub.

AI & Metaverse (AIM) Technology TF — @Wenjing Chu @Vikas Malhotra 

• No one from AIM was able to attend.

W3C Concept Development TF (W3TF) — @Darrell O'Donnell 

• Currently this group is still waiting to spin up until the Trust Registry TF is moving.

5 min

Process & WG Update

@Darrell O'Donnell 

2 procedural updates

• Creation Process - Update on formalizing our content-creation and specification development.

  • We have been proceeding fairly informally, but now with the work to complete the ToIP Technology Architecture Specification — for which we want to move into the SDO community at some point — we need more formal process.

  • See screenshot #2 below for a description of how Darrell proposes to evolve our process.

  • The key point is the transition from early-stage development which we want to keep very lightweight and easy to participate into having a formal and rigorous system-of-record based on GitHub and pull requests (PRs).

  • In that formal process, PRs are always reviewed and approved by others.

  • We will also have a process for publishing a very human-friendly version of a GitHub deliverable such as a PDF.

  • Major changes in a GitHub document can be moved to Google docs (or another user-friendly editing tool) and then moved back to GitHub.

  • We need to concentrate on the transition process between the two modes. The key lesson is to have a solid freeze on the Google doc version and a quick turnaround into GitHub.

  • Abbie added that the editor's job is to dispose of comments as determined by a consensus of the WG members.

  • ACTION: @Judith Fleenor (Deactivated) to work with @Darrell O'Donnell and @Elisa Trevino and the rest of the TSWG to define and put in place a process for how a Working Group or Task Force can transition from early-stage development using lightweight collaboration tools like Google docs to a formal and rigorous system-of-record based on GitHub and pull requests (PRs).

• Co-Chair - consider adding new co-chair(s).

  • Darrell raised that he would very much like to see volunteers for a co-chair of the group. 

  • Drummond also brought up the role of vice-chairs — it could be a good way to help spread the role.

  • @Antti Kettunen also expressed the value of the vice-chair role as it helps to spread the work.

  • ACTION: @Darrell O'Donnell to connect with @Drummond Reed, @Antti Kettunen and @Judith Fleenor (Deactivated) to discuss a plan for recruiting: a) additional co-chair(s), and b) vice-chairs for the Technology Stack Working Group.

5 min

X.509 & DID Intro

@Drummond Reed 

See screenshot #1 below for a high-level diagram that Drummond prepared for an ETSI presentation showing how X.509 & DID architecture fit together.

20 min

X.509 & DID Deep Dive

@Markus Sabadello 

Related to this Slack thread about DID/X.509 interop, Markus wants to share a demonstration that his company (Danube Tech) has built as part of our work with the DHS Silicon Valley Innovation Program. See this description of the setup and demonstration.

• Markus showed examples of how DID documents and DID resolution that can return the results of evaluating an X.509 certificate chain. See screenshot #3 below.

• Several of the necessary DID document properties and DID resolution parameters have been registered in the W3C DID Spec Registries.

• Here is the summary of the DHS demonstration of these capabilities.

• There was also a Rebooting the Web of Trust paper produced on this subject.

• @Steve McCown added, "This is really cool … X.509 <-> DIDs is a really powerful method for bridging verification methods."

• @Scott Perry added that ADIA is using both FIDO and DIDs.

• Darrell added that "DIDs and X.509 PKI trust chains reinforce each other" and "A similar pattern exists with DIDs and DNSSEC where DNS can act as a trust registry endpoint."

• We briefly discussed about the relationship of FIDO and DIDs. Abbie said that FIDO is really limited to authentication, and doesn't really handle identity or identification. There is no binding with an end-user. And Abbie believes there isn't interest in FIDO about increasing their scope. The current interest is in figuring out how FIDO passkeys can be used in a digital identity wallet.

5 min

• Review decisions/action items

• Planning for next meeting 

Chairs