2022-12-08 TRTF Meeting Notes

Meeting Date

  • The ToIP Trust Registry Task Force (TRTF) meets weekly every Thursday at the following times (to cover global time zones - see the Calendar of ToIP Meetings):
    • NA/EU 07:00-8:00 PT / 15:00-16:00 UTC 
    • APAC 18:00-19:00 PT / 02:00-03:00 UTC

Zoom Meeting Link / Recording

Attendees

NA/EU Meeting

APAC Meeting

Main Goal of this Meeting

1) Review TRTF Home Page
2) Review DIF DIF Trust Establishment materials
3) Presentation from Jacques around TR 
4) Determine some initial working items

Main Working Link

Agenda Items and Notes (including all relevant links)

TimeAgenda ItemLeadNotes
5 min
  • Start recording
  • Welcome & antitrust notice
  • Introduction of new members
  • Agenda review
Chairs
  • Antitrust Policy Notice: Attendees are reminded to adhere to the meeting agenda and not participate in activities prohibited under antitrust and competition laws. Only members of ToIP who have signed the necessary agreements are permitted to participate in this activity beyond an observer role.
  • New Members:
5 min Review updates to the meeting timesChairs

TAFT will be moving to another time slot. TRTF will be taking up this time slot. No TAFT this week. Proposal by Drummond Reed to move to off-week slot of the Technology Stack WG meeting. That slot is Mondays 08:00-09:00 PT / 16:00-17:00 UTC. First meeting 19th of December.

- thomsona provided feedback to Drummond that Monday at 8am PST does not work. Other time slot is required if possible.

5 minReview of previous action itemsChairs
  • ACTION: Darrell O'Donnell to send out a Doodle poll for ad hoc working sessions for the Trust Registry TF (at both NA/EU and APAC-friendly times) for the next couple weeks.
  • ACTION: Andor to coordinate with DIF and TOIP to figure out the process to collaborate and send some proposals.
  • ACTION: Drummond Reed sets up a Slack DM with the the leads of both the Technology Architecture TF and the Trust Registry TF to figure out how the TRTF time slot is chosen & other things.
5 minsReview updated TRTF Home PageAll

Please review the TRTF Home Page updated yesterday by Drummond Reed to include a background section, updated leadership list, etc.

  • thomsona what are the general requirements. Generate a list for the Trust Registry. Most likely some existing work.  
10 minsReview DIF Trust Establishment 0.0.1 spec and Prior ArtAndor Yesterday, the ToIP Steering Committee approved the memo of collaboration with DIF on trust registry work. In preparation for this collaboration, TRTF members should review the DIF Trust Establishment 0.0.1 spec and their Prior Art for Trust Establishment GitHub page.
10 minsSpecial topic #3

@Jacques Latour to give preso on TR definitions. 

  • DIACC 
    • Cira: Issuer - Holder - Verifier
      • Allowed to issue credentials
      • Allowed to hold credentials
      • Allowed to verify credentails
  • Digital Identity Ecosystem : 
    • Digital Identification and Authentication Council of Canada
  • Governance, Operation, and registration management
    • Governing authority: CUA
    • Academia trust registries
    • Victor: Is the global identifier necessary for the credential?
      • Jacques Latour Yes.
      • @Victor: Doesn't need to solve for impersonation to be effective.
      • Darrell O'Donnell DNS might be one of the best solutions on rigid heirarchy. 
      • Darrell O'Donnell Global trust anchor may be an island
      • @Victor   Not all formats have top anchors.
        • 3 jurisdictions.
        • 3 laws and governance structures.
    • thomsona 
      • Trust registries are setup by ecosystems that are set together.
        • Don't want trust registries connected. 
      • Missing peer to peer / arbitrary relationships
        • should use the same technologies that trust registries support
      • Andor village connection
    • Daniel Bachenheimer 
      • E-passports
        • Global uniqueness is hard
      • Trust Framework
        • Going back to wallets found it interesting.
    • Darrell O'Donnell 
      • WHO learned that the ICAO model is no longer feasible. Nation states are no longer willing to defer to the UN.
    • Daniel Bachenheimer 
      • Levels of trust
      • Granularity
    • @Victor. TRAIN allows viability. 
    • Chain of trust

APAC Discussion:

  • Andor shared that there was a lot of great discussion in the NA/EU meeting based on Jacques Latour's presentation about DNS-based trust registries.
  • Drummond Reed
    • Initial thought about decentralized, but open to learning more about DNSSEC and how it would work
    • Direct parallel: Technology Architecture Spec has three classes of identifiers. 
      • Verifiable Identifiers is the broadest category of identifiers, which intentionally includes HTTPS URLs
      • Decentralized Identifiers ← broadened the aperture to handle DNS
    • 1st Generation Work: Semantic interoperability 
      • Challenge for digital trust ecosystems
      • Can't rely on a statement from a TR unless you have agreement on the semantics.
        • Triple of identifiers (all 3 are URIs)
          • Governance should be an id
          • Verifier also an id
          • Credential type for issuers or presentation type for verifier.
  • Daniel Bachenheimer 
    • Metadata and granularity. What are they allowed to issue. 
  • Drummond Reed :
    • EU LOAs (levels of assurance) High, Substantial, Low
    • Judith Fleenor US: 3 levels defined by NIST 800-63 specifications
    • Drummond Reed that spec defines two types of LOA
      • Identity assurance
      • Authentication assurance
  • @Andor 
    • Blank slate or work with existing system
    • Drummond Reed we shouldn't be redefining levels of assurance.
      • Provide a standard for framework, but leave it up to the governance framework 
      • ToIP ends at description of process\
    • Judith Fleenor 
      • What we provide, needs to have provisions for different choices.
    • Drummond Reed Enable interoperability with legacy infra w/o constraining new models. 
    • Judith Fleenor Needs to follow design principles
    • Listening sessions Drummond Reed 
    • Judith Fleenor DIF should come to ToIP to present and vise versa. 
    • Judith Fleenor rule: make sure that everyone is a member of DIF or ToIP
      • DIF: No EasyCLA
      • In lockstep and not cloned
    • Drummond Reed 
      • What are their proposed deliverables
      • Task Force: need to revisit 
    • Judith Fleenor 
      • Precursor deliverables. 
      • Prioritize the work items. 
10 minsSpecial topic #4

5 mins
  • Review decisions/action items
  • Planning for next meeting 
Chairs
  • PROPOSAL: Create comparison table of various Trust registry / Trust list / Trust chain models.
    • Figure out if ToIP TR Spec could cover them all or if there are scoping/boundaries to set.

Screenshots/Diagrams (numbered for reference in notes above)

#1


Decisions

  • Sample Decision Item

Action Items

  • Andor to investigate bad calendar invite on wiki.
  • Everyone: Start outlining the requirements and constraints 
    • Add requirements from the v1 spec into the new req doc
  • Andor Darrell O'Donnell to push forward the DIF collaboration. 
  • Think about how we can scope and facilitate a collaboration with DIF better.