/
2025-10-15 TRTF Meeting Notes

2025-10-15 TRTF Meeting Notes

Meeting Date

  • Oct 2, 2025 The ToIP Trust Registry Task Force (TRTF) meets weekly every Thursday at the following times (to cover global time zones - see the Calendar of ToIP Meetings for full meeting info including Zoom links):

    • NA/EU 07:00-8:00 PT / 15:00-16:00 UTC Zoom AI Notes

    • APAC 18:00-19:00 PT / 02:00-03:00 UTC

Zoom Meeting Link / Recording

  • See the ToIP Calendar for the Zoom link and also the link to the recording of the meeting (which will appear in the meeting calendar entry approximately an hour after the meeting ends).

Attendees

NA/EU Meeting

  • @Darrell O'Donnell

  •  

APAC Meeting

  • @Darrell O'Donnell

Agenda Items and Notes (including all relevant links)

Time

Agenda Item

Lead

Notes

5 min

  • Start recording

  • Welcome & antitrust notice

  • Introduction of new members

  • Agenda review

Chairs

  • Antitrust Policy Notice: Attendees are reminded to adhere to the meeting agenda and not participate in activities prohibited under antitrust and competition laws. Only members of ToIP who have signed the necessary agreements are permitted to participate in this activity beyond an observer role.

  • In addition to the licensing terms of this Working Group’s JDF charter, this Working Group operates under the official policy that any Working Group Participant who makes a contribution to a Draft Deliverable shall have a maximum of 45 days from the date of that contribution to exclude any Essential Claims pertaining to that contribution.

  • New Members:

05 min

Review of previous action items

Chairs

no particular actions from prior meeting today.

10 mins

Plan for PR02

Chairs

GOAL: Get Public Review 02 in play by mid-October (was end-September). General idea is to get the spec out and let it sit for a while as there are many implementors moving.

  • set date

  • get blog post going

  • heads up to Comms

  • what else is needed?

  • WHO can take point on these?

  • + comment on public blog (via github, Wiki has instructions)

Blog Posts - are now LFDT posts in a ToIP sub-blog - who is the LFDT person? Tomas?

Call out any special attention areas where they are needed.

30 mins

PARC model & ecosystem_id

@Drummond Reed and @Darrell O'Donnell

review https://github.com/trustoverip/tswg-trust-registry-protocol/issues/149

  • PARC model

    • assertion_idaction + resource

  • ecosystem_id

30 mins

Github Review - Pull Requests & Issues

@Darrell O'Donnell

OVERTAKEN BY EVENTS (see above)

PR Review.

Several Issues have been aligned and PR is under consideration:


PR https://github.com/trustoverip/tswg-trust-registry-protocol/pull/152

 

 

 

 

5 mins

ADMIN:

  • deprecation of TRP

  • Chairs needed in Future

 

After we push out PR02 there are two key things that should happen:

  1. Publish a DEPRECATION of TRP v1.

  2. Opportunity for TRTF Chair. There is going to be room for a refresh of the TRTF chairs.

  • Some folks need to move on (with massive thanks), and others can stay.

  • Consider who you know and start socializing.

  • An APAC chair would be helpful for logistics.

5 mins

  • Review decisions/action items

  • Planning for next meeting 

Chairs

 

  • DIAGRAM (referenced in Discord) added after discussion. We have lost the “scope” of the protocol. This diagram was what we were using - a cleaner version that appears to have been lost.

 

Overview

  • The team discussed adopting the PARC model (Principal, Action, Resource, Context) from Cedar (Amazon's authorization system) to improve the Trust Registry Query Protocol (TRQP)

  • Main changes include replacing "assertion ID" with "action" and "resource" components

  • Debate on removing Trust Registry ID and clarifying terminology around ecosystems and authorities

PARC Model Integration

  • The team agreed to adopt the PARC model which breaks down authorization into Principal, Action, Resource, and Context

  • This would replace the current "assertion ID" concept with separate "action" and "resource" components

  • Example: Action of "issue" + Resource of "Ohio driver's license"

  • This model is used by Amazon's Cedar authorization system that handles billions of queries daily

  • The change will simplify the protocol and eliminate the need for ABNF (Augmented Backus-Naur Form) specifications

Trust Registry ID Discussion

  • @Darrell O'Donnell proposed removing Trust Registry ID entirely, arguing it's redundant

  • The core query should focus on: "Does entity X have authorization Y within ecosystem Z?"

  • When connecting to a trust registry, you've already identified it through a URI or endpoint

  • @Drummond agreed that under the PARC model, a trust registry can simply be considered another resource type

Terminology Considerations

  • Discussion about whether to use "Authority ID" instead of "Ecosystem ID" for greater clarity

  • "Authority" is more widely understood across different domains than "Ecosystem"

  • Concern raised that changing terminology might confuse implementers who are already using "Ecosystem ID"

  • The team considered how implementation guides could bridge any terminology gaps

Multi-Registry Scenarios

  • Discussion of how the protocol would handle organizations with multiple systems of record

  • Two approaches: 1) route queries internally behind a single endpoint, or 2) use nested ecosystems/authorities with delegation

  • Universities were used as an example where colleges within a university might have their own authorization domains

Next Steps

  • [ ]

  • [ ]

  • [ ] Team to review the specification at IAW event with PARC model experts

  • [ ] Present the finalized specification at the symposium on November 19-20

  • [ ] Research proper procedure for deprecating the V1 TRP

Conclusion

  • Consensus reached on adopting the PARC model and simplifying the diagrams in the specification

  • The team emphasized the need for closure after years of discussion

  • The updated protocol should make implementation more straightforward while maintaining flexibility

Decisions

  •  

Action Items

 

r

review state/status of TRPv1 (PR? WG Published?)
@Drummond Reed to create draft text in Google Docs by end of day
@Darrell O'Donnell (with assist from @Andor ) to convert the draft into a PR
draft Google Doc blog with content and graphics - share with LFDT (like the graphics).
need Wiki “how to comment” linkage (https://lf-toip.atlassian.net/wiki/spaces/HOME/pages/22997524 )
Skeleton Storyboard deck @Darrell O'Donnell