The TSWG holds a plenary meeting once every four weeks onTuesdays. The 2024 meeting dates are: 23 Jan, 20 Feb, 19 Mar, 16 Apr, 14 May, 11 June, 9 July, 6 Aug, 3 Sept, 1 Oct, 29 Oct, and 26 Nov.
The meeting is at 08:00-09:00 PT / 15:00-16:00 UTC.
The TSWG holds an APAC meeting every Wednesday at 18:00-19:00 PT / 01:00-02:00 UTC. This meeting is a consolidated report-out and discussion across all TSWG Task Forces.
See the ToIP Calendar for all meeting dates, times and logistics, including Zoom links.
Agenda Items and Notes (including all relevant links)
Time
Agenda Item
Lead
Notes
3 min
Start recording
Welcome & antitrust notice
Introduction of new members
Agenda review
Chairs
Antitrust Policy Notice:Attendees are reminded to adhere to the meeting agenda and not participate in activities prohibited under antitrust and competition laws. Only members of ToIP who have signed the necessary agreements are permitted to participate in this activity beyond an observer role.
New Members:
10 min
General announcements
All
Updates from TSWG members of general interest to the group.
Work on this was delayed until after IIW. Drummond Reed is going to be back on the job of converting it to Spec-Up and publishing Public Review Draft 2 before EIC.
No direct feedback at the moment—some conversations with Animo.
Judith asked why an API-based registry vs. a downloaded file such as specified by the DIF Trust Establishment specification.
Darrell O'Donnell explained that the API model is more flexible and can handle more use cases, including non-credential based use cases.
The API model also enables existing registries to expose the registry data that they already have in a standard way.
Judith also asked about how the OpenID Federation compared with the TRP? Darrell confirmed that an OpenID federation should also be able to expose their data via the TRP.
Judith also asked about the Open Identity Exchange proposal for a "policy resolver" that could read and resolve what needs to be done to apply policies from one ecosystem to another.
This could apply to producing derived credentials.
Jo asked the question about whether the TRP will be implemented as a trust task protocol that runs over the TSP.
We discussed the various reasons it might be helpful to have a TSP relationship with a trust registry:
For strong security.
For privileged access.
For privacy-protected access.
For a persistent connection, such as for push updates.
Eric, Drummond, and Scott Perry held a session to discuss the technical and business case for CAs adding a DID or VID to the Subject Alternative Name field of an X.509 certificate. There was a high degree of interest in "building that bridge"—including from one CA attending (Lori Groth of Digicert - https://www.linkedin.com/in/loriegroth/).