Zoom Meeting Link / Recording
https://zoom.us/rec/share/kjVClDaww8Wplx-RCMYrUi4jJHmqGJ3iogLbrGphYhWJWjRc53Ye6326G9YGPZue.UeiOxqrstslEq-fo
Attendees
Sam Smith Lance ByrdEd Eykholt Tim Bouma Ruth Choueka Henk van Cann Cole Davis Charles Lanahan Petteri Stenius Rodolfo Miranda Daniel Hardman Nuttawut Kongsuwan Michael Palage Steven Milstein Judith Fleenor Arshdeep Singh Edyta P P Subrahmanyam
Agenda Items and Notes (including all relevant links)
Time | Agenda Item | Lead | Notes |
5 min | - Start recording
- Welcome & antitrust notice
- Introduction of new members
- Agenda review
| Chairs | - Antitrust Policy Notice: Attendees are reminded to adhere to the meeting agenda and not participate in activities prohibited under antitrust and competition laws. Only members of ToIP who have signed the necessary agreements are permitted to participate in this activity beyond an observer role.
- New Members:
|
5 mins | Review of action items from previous meeting | Chairs | - Sam Smith and Philip Feairheller to review KERIpy issues as a first step in creating a 2024 roadmap
- Sam Smith IANA Registry for CESR
- Philip Feairheller to add rotation script demo and "How to create IPEX message to perform a "presentation"" to dev meeting agenda
- Will be for the dev meeting 2024-01-11
|
5 mins | Announcements | TF Leads | News or events of interest to members: - IIW Super early bird ~10 tickets
|
5 mins | Reports | Open | Spec content has been migration to the ToIP format!
There are a lot of open issues across the board - this is a call to arms for the TF! We have a lot to do to try start public review. Lance: did:webs public review underway 1.0. We have completed the 30 day period but are wrapping up some formatting and refactoring for a better spec. Henk: Kerific https://weboftrust.github.io/WOT-terms/docs/glossary/kerific?level=2 Henk is co-chair of the concepts and terminology WG now. How can we reuse the terminology across specs/repos? Kerific scrapes the current specs and should be helpful to identity current definitions and will help us avoid creating new/overlapping/conflicting definitions. Henk can help anyone with questions. Kerific is more focused on the glossaries, KERISSE is focused on development how-to.
Implementations: Work continues on on KERIA/KERIpy/Signify-TS. There has been some regression in the repos regarding broken tests, etc. Some mentions of KERI/ACDC https://www.researchgate.net/publication/377069842_Self-Sovereign_Identity_for_Organizations_Requirements_for_Enterprise_Software Ed Eykholt is working on UML diagrams for KERI. The latest is for the IPEX protocol. https://lucid.app/documents/view/747aee2b-120e-4d7e-971c-df8954874ce1 |
25 mins | Discussion | Open | - Recovery Rotation rules
- see recording starting: 34 minutes.
- Logging in with ACDC. During the dev call the Signify Browser Extension was shown. We discussed logging in with AID and/or ACDC credentials.
- Signed with AID for authentication
- In the extension the headers are signed
- Submitted credentials for authorization.
- If an AID is whitelisted, anything that AID signs is authentic. Then credentials are providing authorization
- Signed credential
- Use the IPEX protocol to present credentials
- Signing the presentation to prevent a replay attack using something like a date-time stamp
- Admit message provides proof of receipt.
- Similarly, connecting passkey with identity. Future log in is signed using the passkey.
- A vLEI credential can provide the identity assurance... This AID comes from a company and we have a relationship, so they are 'pre-registered'.
- Signing only show control of a private key, for more context we need identity information like credentials.
- In the EBA PoC a signed report is being submitted. This is separate from access control, which has timeliness issues.
- Banks are whitelisted and manage their delegation via the Document Submitter credential (bearer token)
- EBA is not the identity service provider
- EBA trusts the banks are managing the issuance of the Document Submitter ECR credential. EBA verifies the validity of the credential at the time of submission and the signature on the report.
- If reports are versioned that provides replay attack protection
- It doesn't hurt to sign the presentation, it is an additional layer of security but possibly over-complex for the use case.
- Keeping the semantics of the role credential narrow is important for avoiding BOLA attacks. Signing the presentation of the credential is advised in use cases where the semantics vary.
- Two types of interactions:
- Setup/Registration interaction, new AID and authorization to establish access control. You present a vLEI credential. You don't want that captured and misused. Narrowing the scope to a certain role (like Document Submitter) is a pre-registration via delegatable authority.
- Credential is like a bearer token. Does it matter if the credential was delivered by the issuee? The token is proof of the authorization, but does the delivery require the issuee signature? Depends on the context. If it is an idempotent process resubmission has no effect.
- Access controlled actions like submitting the report. Replay attacks are less of a concern, other than DDoS attack using resubmissions. If you already have that report then load balancer needs a mechanism to drop repeated requests.
|
5 mins | Any other business | Open |
|
5 mins | - Review decisions/action items
- Planning for next meeting
| Chairs |
|