Time

Agenda Item

Lead

Notes

3 min

• Start recording

• Welcome & antitrust notice

• New member introductions

• Agenda review

Chairs

• Antitrust Policy Notice: Attendees are reminded to adhere to the meeting agenda and not participate in activities prohibited under antitrust and competition laws. Only members of ToIP who have signed the necessary agreements are permitted to participate in this activity beyond an observer role

•  

20 min

Daniel Hardman has presented some challenges to the approach of the spec and wants to take the time to explain his rationale.

 Chairs

See comment in Section 3. Architecture Overview.

Will start off with this discussion.

Daniel’s original comment:

I am very much in favor of the goal you are trying to achieve. However, I convinced that sharing keys in different cryptographic methods is a VERY BAD idea. I am not hung up on the issue you might expect (that sharing keys is bad) -- though that is itself a moderately good argument. Rather, I have other issues with this:

1. If you use the same keys in multiple ecosystems, the security of all the ecosystems drops to the lowest common denominator among those ecosystems.

2. Different ecosystems have different lifecycles and lifespans. A certificate has a cryptoperiod of 3 months (current letsencrypt practice) or less (recommended letsencrypt practice; they're pushing for 1 month). Using that same key in a long-lived DID gives the false idea that the key has a longer-lived cryptoperiod there, but it actually doesn't. It's a recipe for mistakes.

3. Bridges are attack points. We are increasing attack surfaces and maintenance duties.

4. Identifiers in different ecosystems typically correspond to different roles. Trying to equate them usually means you're collapsing logistical roles in a way that is unhealthy for governance (which also leaks back and forth over the bridge).

I'd like to come present on this topic to see if I can convince this group to abandon cryptographic bridges (or else define them very differently). Can you please invite me to an upcoming WG meeting and give me 20 or 30 min to make my case?

20 min

Review action items:

• Any changes made to the spec

• New comments

• Begin closing comments

Chairs

Link to spec: https://docs.google.com/document/d/1BVmciUxNsolRMknz3dws0dgYFfgwKLOTHRKuVb-Vazo/edit?tab=t.0#heading=h.u9t084b0ygnz

• Key notes:

  • We should be both careful and mindful of promoting a 'cryptographic bridge' that could create misalignment between both sides of the bridge

  • While governance isn't necessarily the goal of the spec, we should be mindful of the fragilities that an implementer may come across when building these bridges

  • We should consider 'cross-endorsement' as a term rather than 'non-cryptographic bridge'

  • We should consider having stronger requirements that complement the cryptographic bridge (if it remains), to ensure that it isn't misapprorpated

  • We should probably be clearer in the goals for the spec:

    • Asserting a legal identity for identifiers

    • Creating common patterns for cross-endorsement of keys for the same entity

 For everyone’s reference

Link to diagrams: https://miro.com/app/board/uXjVIftecII=/

5 min

Deadline for WG review draft

Do we want to set an informal deadline to get to a v1.0?

10 min

Trust over IP Showcase (Oct 15th - 16th)

• Discuss plan of attack for the showcase