2022-12-01 TATF/TRTF Meeting Notes

Owned by Darrell O'Donnell
Last updated: Dec 05, 2022 by Drummond Reed
9 min read

Meeting Date & Time

  •   This Task Force holds TWO meetings weekly every Thursday at the following times (to cover global time zones - see the Calendar of ToIP Meetings):
    • NA/EU 07:00-8:00 PT / 14:00-15:00 UTC 
    • APAC 18:00-19:00 PT / 02:00-03:00 UTC

Zoom Meeting Recordings

Attendees

NA/EU Meeting

APAC Meeting

Main Goals of this Meeting

1) Establish new policy RE moving general announcements to the plenary TSWG meetings
2) Technology Architecture TF work review
3) Trust Registry TF work review
4) Group work on highest priority items 

Agenda Items and Notes (including all relevant links)

TimeAgenda ItemLeadNotes
2 min
  • Start recording
  • Welcome & antitrust notice
  • Introduction of new members
  • Agenda review
Chairs
  • Antitrust Policy Notice: Attendees are reminded to adhere to the meeting agenda and not participate in activities prohibited under antitrust and competition laws. Only members of ToIP who have signed the necessary agreements are permitted to participate in this activity beyond an observer role.
  • New Members: none
1 minAnnouncementsAll

We will no longer be doing general announcements at Task Force meetings — those will be reserved for the plenary TSWG bi-weekly meeting. This will give us more time to do the work of the TF.

DECISION: At Task Force meetings, we will skip doing general announcements at the start of the meeting and instead encourage them to be shared either: 1) at the bi-weeklyTechnology Stack Working Group meeting, OR 2) at the end of the meeting if there is time.

2 minReview of previous action itemsChairs
  • ACTION: Drummond Reed will close issue #44 by checking with LF counsel Scott Nicholas as to what license should be stated in the LICENSE.MD file.
    • Scott is preparing an answer for Drummond.
  • ACTION: Drummond Reed to begin a draft of a blog post announcing release of the Public Review Draft of the TAS.
10 mins

Tech Architecture Task Force Work Review

Drummond Reed and/or Wenjing Chu 

Review work items on the ToIP Technology Architecture V1.0 Specification (TAS) that require group participation

  • open items 
  • close items as feasible
  • new work?

NA/EU Discussion:

  • Allan asked about what is our track to interoperability. Should we look at the list of component specs that actually need interoperability?
  • Darrell explained that we were proposing to share this time slot simply because there is intense interest in trust registry work and we started it here at ToIP.
  • Michael Palage shared that he joined the group because he feels that trust registry work is critical to interoperability work. 
  • Neil Thomson felt that the biggest issue is lack of alignment by non-tech (governance) players on committing to interop, which causes a problem tech can't solve.
  • Drummond Reed noted that there is also the question of whether ToIP is going to start a separate Interoperability WG.
  • Wenjing Chu wondered if having separate meetings or alternating meetings might be more effective.
  • Secondly, Wenjing thinks the question of whether the use of a trust registry is necessary or the best way to handle the question.
  • Tim Bouma said, "Mission accomplished on the issuer/holder/verifier model with digital credentials. The piece that is missing is the trust registry component. We need to equip policy makers to understand this new piece."
  • Antti Kettunen agreed with Tim. The trust registry piece — and govenance in general — needs attention.
10 minsTrust Registry Task Force Work Review

Darrell O'Donnell and/or Antti Kettunen 

Review work items that require group participation

First, we had a call for volunteers to join Darrell O'Donnell in leading the Trust Registry TF. Antti Kettunen had already volunteered in a previous meeting.

  • Andor volunteered to be a third lead.

DECISION: The leads of the Trust Registry TF will be Darrell O'Donnell, Antti Kettunen, and Andor.

We then went into a discussion about starting up the work of the Trust Registry Task Force.

  • Jacques Latour I could do a brief presentation at next meeting on our progress so far on Trust Registry terminology definition with DIACC, I'm leading the TR WG and we kind of agreed on top down on the scope of a TR and TR ecosystem (need DIACC approval)
    * what registration and scope
    • Requirement: Global interoperability & unique identifiers
  • Andor spin up a repo and start a discussion : "the definition of trust"
  • thomsona said that we needed to start out by reaching agreement on high level requirements 
    • how are requirements manifested
    • Trust Registry: 
      • major security considerations
      • identity mindset, not security mindset
      • how will you use the technology in a secure ecosystem. 
  • Antti Kettunen 
    1. Terminology is critical (RE: Jacques point above)
    2. How trust registries are the Interfaces at layer 4. Determining where and when we are interfacing with trust registries is critical. So we need to understand where our boundaries might be. 
    3. Trust registries are the actual glue between Tech & Governance stack & different ecosystems, like industry-ecosystems, eIDAS, etc. I personally believes this is going to be a bigger topic than just "let's have trust registries". TR's are the glue also to policy.
  • Darrell O'Donnell 
  • Tim Bouma 
    • First principles
      • Prefers to use Public Registrar instead of TR
      • Currently this is Tim's main concern
  • Drummond Reed 
    • +1 to Allan's point about taking a security mindset as much as an identity mindset
    • We need to look at trust registry topics now through the lens of the TAS. It will make it much clearer where trust registries sit and what interfaces they need to expose to whom, both within and across digital trust ecosystems.
  • thomsona 
    • We must recognize that our solutions MUST integrate with the security models already in place today
  • Andor
    • Trust is a very maleable concept. It is not necessarily binary. He is interested in dynamic trust decisionmaking, that takes into account multiple inputs.
    • Use case: rural village with a local trust network. and no internet. 
  • Antti Kettunen
    • Trust can also be a community concept, where digital trust ecosystems function as communities where you can get multiple trust inputs. However that mechanism is hard to recognize in many policies today, except for cases like voting. So we need to figure out if community-trust is a use case within Credential ecosystem, or a TR function.
  • Andor
  • Judith Fleenor about the collaboration with DIF:
    • LICENSE is the same
    • MOU is in process now but should be done within a week.
    • We need to work out how we want to work together. 
  • Darrell O'Donnell had concerns about DIF viewpoint on being narrower as compared with ToIP TR. 

APAC discussion:

  • We talked about how the GSWG meeting today talked about how trust registries end out being a major intersection point between tech and governance.
  • Andor shared that the collaboration with DIF will be focused with this group: https://identity.foundation/trust-establishment/
    • We discussed the proposed collaboration schedules.
    • Darrell felt strongly that we need to get our arms around the full scope first. That's going to take some time.
    • Jo Spencer is fine with separate groups tackling different parts of the problem and then loosely cooperating to ensure it all meshes together.
      • He feels that "governance must come first". Governance is needed to design, build, run, and evolve a digital trust ecosystem.
      • "If you don't have interoperability at the governance level, you will never get it at the technical level".
      • ToIP is the best place to coordinate that, but not all the work needs to be done here. DIF can tackle specific parts of it.
      • In Jo's experience with payment systems, you have a tech side, an operations side, and a business side, and they all need to coordinate as necessary.
      • W3C will also have a role.
      • We have to be seen as making progress, with quarterly outcomes, that add up to a consistent story.
    • Judith Fleenor is worried that we're backing off from a high-level of collaboration and joint deliverables between ToIP and DIF.
      • Jo felt that each group has to "handle their own stuff".
      • But Darrell felt that there will be some common, joint deliverables.
      • Drummond agreed that DIF and ToIP are getting steadily closer and more aligned, and that will continue, so we don't have to "force".
    • Dima Postnikov pointed out that OIX has been doing work on governance for years now, and they are already collaborating with ToIP.
    • Andor, who has been quite active in the Trust Establishment work at DIF, gave the following summary points about it:
      • They meet once a week at 1PM Eastern on Mondays.
      • The work there on Trust Establishment is different than the work on machine-readable governance.
        • Darrell has reached out to Sam Curren to figure out more about the relationship of the two.
      • The work is being led by Gabe ________ and Sam Curren.
      • They want to be aligned with ToIP.
      • Their work has a stronger technical bent, and thus is more issue-oriented than "principle" or "stack" oriented.
      • Darrell again felt that there will be some joint deliverables.
    • Neil Thomson reinforced that there will not be any interop unless their are ground rules that everyone is working to — a common standard for interchange. They also have to agree on semantics. Otherwise it just won't work. This has to be tackled by governance.
      • Jo Spencer agreed with Neil, but pointed out that interop occurs at multiple layers.
      • Drummond said it was "depressing" how true that is. He suggested that a new deliverable might be a white paper about the issue of interoperable semantics and how it must be solved via governance.
    • Andor asked the group's view on us producing code as examples of the specs.
      • Darrell said that historically we haven't done as much on the code side, with the exception that are charter includes the requirement to develop an interoperability certification framework.
      • Judith said that we can work together with DIF on code under the MOU.
      • Andor is leaning towards the implementations / example code living at DIF.
      • We discussed that ToIP is the natural home for the interop test suite. 
    • Darrell O'Donnell closed by sharing two diagrams he put together of the Trust Registry Task Force 2.0 focus and the collaboration with DIF. See screenshots #1 and #2 below.
25 minsDecisions regarding the two TFs going forwardAll

DECISION: We will establish separate meetings — either at different times, or alternating bi-weekly meetings — for the Technology Architecture TF and the Trust Registry TF.

APAC:

  • At the end of the meeting, the sentiment was to cede the current Thursday weekly NA/EU and APAC time slots back to the Trust Registry TF (who owned them originally, and who definitely need to meet at least weekly), and then find a new time slot and cadence for the Technology Architecture TF and interoperability certification framework work.

ACTION: Drummond Reed sets up a Slack DM with the the leads of both the Technology Architecture TF and the Trust Registry TF to propose  to cede the current Thursday weekly NA/EU and APAC time slots back to the Trust Registry TF (who owned them originally) and then figure out how the TRTF time slot and cadence will be chosen.

ACTION: Darrell O'Donnell to send out a Doodle poll for ad hoc working sessions for the Trust Registry TF (at both NA/EU and APAC-friendly times) for the next couple weeks. DONE: https://doodle.com/meeting/participate/id/elxlE3Je 

ACTION: Andor to coordinate with DIF and TOIP to figure out the process to collaborate and send some proposals about potential collaboration.

5 mins
  • Review decisions/action items
  • Planning for next meeting 
Chairs

Screenshots/Diagrams (Numbered for Reference)

#1

#2



Decisions

  • DECISION: At Task Force meetings, we will skip doing general announcements at the start of the meeting and instead encourage them to be shared either: 1) at the bi-weeklyTechnology Stack Working Group meeting, OR 2) at the end of the meeting if there is time.

  • DECISION: The leads of the Trust Registry TF will be Darrell O'Donnell, Antti Kettunen, and Andor.

  • DECISION: We will establish separate meetings — either at different times, or alternating bi-weekly meetings — for the Technology Architecture TF and the Trust Registry TF.

Action Items

  • ACTION: Drummond Reed will close issue #44 by checking with LF counsel Scott Nicholas as to what license should be stated in the LICENSE.MD file.

  • ACTION: Drummond Reed sets up a Slack DM with the the leads of both the Technology Architecture TF and the Trust Registry TF to propose  to cede the current Thursday weekly NA/EU and APAC time slots back to the Trust Registry TF (who owned them originally) and then figure out how the TRTF time slot and cadence will be chosen.

  • ACTION: Darrell O'Donnell to send out a Doodle poll for ad hoc working sessions for the Trust Registry TF (at both NA/EU and APAC-friendly times) for the next couple weeks. DONE: https://doodle.com/meeting/participate/id/elxlE3Je 

  • ACTION: Andor to coordinate with DIF and TOIP to figure out the process to collaborate and send some proposals about potential collaboration.