Time

Agenda Item

Lead

Notes

5 min

• Start recording

• Welcome & antitrust notice

• Introduction of new members

• Agenda review

Chairs

• Antitrust Policy Notice: Attendees are reminded to adhere to the meeting agenda and not participate in activities prohibited under antitrust and competition laws. Only members of ToIP who have signed the necessary agreements are permitted to participate in this activity beyond an observer role.

• New Members:

1 min

Reminder - TSWG2 Mailing List

Chairs

Reminder that the Technology Stack Working Group has a new mailing list. You need to join this as it involves the new charter that TSWG is operating under. You can do that here:

• https://lists.trustoverip.org/g/technology-stack-wg-2

  Scroll to the Bottom
  Click Green Button to log-in to the mailing list
  Then Click Blue Button to +Join the list

5 min

Review of previous action items

Chairs

1 min

Special topic #1

10 mins

Cross-Ecosystem/Org Collabs

@Darrell O'Donnell 

Discuss what we can/should/may do with other initiatives, such as:

• DIF Trust Establishment - data format/file

• OpenID Federation - spec 

• EU Trusted List (aka List of Trusted Lists)

Implementations:

• codebase TRAIN - TRust mAnage INfrastructure - @Lucy Yang is deep in this one. Has an API for Verifiers.

  • federates across systems by using the specs (above)

  • https://essif-lab.eu/essif-train-by-fraunhofer-gesellschaft/

• service  EBSI - EBSI trust model/list (ETSI TS 119 612)

• TRAIN also does the metadata...

  • /metadata - "source=URL; type=TRAIN"

What questions are these other protocols answering?

• EU Trusted Lists: Is this party a qualified trust service (limited list of types) provider?

• OpenID Federation: Is this entity in the "bubble" of this trust list?

How do we approach this?

• metamodel - 

• understanding trust - 

Jon

• query for available formats...

  • current support: only namespaces  - "eu.driverlicense.train" 

    • "bubba" 

  • .type of native source

10 mins

Special topic #3

briefing 

https://trustoverip.github.io/tswg-trust-registry-protocol/ 

UNIFYING CONCEPT: Does Entity X, have Authorization Y, under EGF Z?

• Does RegistryX, have (also_driver_license), under EGF Z

what is the context of EGF Z?

working example - AAMVA + (Canadian Equivalent - CCMTA) - unpack

ICAO - has passport for air travel (and border entry - NOT citizenship)

• do we have sufficient metadata so someone can follow back to the authorization of that trust registry?

  • explicit - you may be told, under an EGF, that a particular TR is the source.

  • implicit - walk back The Org Book's authority is backed by many regulatory artifacts (acts, regulations, policies, etc.)

Legal Effect - "what is the legal effect?"

• underpinned by legislation - e.g. "you can drive" 

5 mins

• Review decisions/action items

• Planning for next meeting 

Chairs