2024-01-17 TSPTF Meeting Notes

Meeting Date & Time

This Task Force meets every Wednesday. There are two meetings to serve different time zones:

  • NA/EU meeting: 08:00-09:00 PT / 16:00-17:00 UTC
  • APAC meeting: 18:00-19:00 PT / 02:00-03:00 UTC

See the Calendar of ToIP Meetings for exact meeting dates, times and Zoom links.

Zoom Meeting Recordings

Attendees

NA/EU:

APAC:

Agenda Items and Notes (including all relevant links)

TimeAgenda ItemLeadNotes
3 min
  • Start recording
  • Welcome &Ā antitrust notice
  • New member introductions
  • Agenda review
Chairs
  • Antitrust Policy Notice: Attendees are reminded to adhere to the meeting agenda and not participate in activities prohibited under antitrust and competition laws. Only members ofĀ ToIP who have signed the necessary agreements are permitted to participate in this activity beyond an observer role.
  • New Members:
    • Andy Woodruff, joined ToIP a few months ago; part of the Atala Prism project.
2 minReview of previous action itemsChairs
  • ACTION:Ā Sam SmithĀ andĀ Wenjing ChuĀ to have an offline discussion on the topic of protocol versioning and come up with a proposal to add to the Working Draft.
  • ACTION:Ā Drummond ReedĀ to add "Working Draft Feedback Review" to the agenda for next week's meeting.
  • ACTION:Ā Drummond ReedĀ to add "Prepare for Implementers Kickoff Meeting" to the agenda for the next meeting.
5 minVID Decision Review

ALL

Reviewing these two decisions about VIDs made at the last meeting to make sure everyone is aware of them:

  1. DECISION: Section 3 of the TSP spec, Verifiable Identifiers, will be the "mini-spec" for VIDs, including the ABNF. We will not break it out into a separate specification because it is so integral to the TSP (just as the spec for IP addresses was integral to the Internet Protocol specification).

  2. DECISION: Our baseline approach to VID appraisability will be an optionalĀ VID type propertyĀ that a verifier can use in conjunction with the VID value to make a baseline trust decision about the VID. In addition, to enable extensibility, the VID ABNF should also allow any URN, which includes DIDs.

5 minProtocol Versioning

Sam has started a GitHub discussion on the options about versioning. Here is the issue discussion. See screenshot #1 below.Ā 

The discussion was about how the versioning representation and content in CESR should work. The current CESR spec is here

ACTION: Sam Smith to add a version for TSP.

The options are:

  1. One version type for all of TSP.
  2. One version type for each message type within the protocol.

ACTION: ALL ā€” review the discussion on the protocol version identifier and share any feedback (positive, negative, or alternative).

APAC:

We further discussed protocol versioning. Wenjing Chu proposed that one version for the TSP as a whole was the most practical approach. After much discussion there, was a consensus that was the best approach, mostly because of our goal of keeping the protocol as simple (and stable) as possible.

PROPOSED DECISION: The TSP shall have one version number for the specification and the protocol as a whole, and not separate version numbers for the nested protocol layers that are defined by the specification.

30 minWorking Draft Feedback ReviewALL

Per second action item above. All references are to the current Working Draft in Google docs.

Wenjing started out discussing section 7.1.1. The key question is about the behavior of the two VIDs in creating a direct connection. What should happen when a VID does not verify?

Ed Eykholt asked the question of whether this error would involve a change in key state that the other party does not know yet. Would that be a common example?

Sam Smith clarified that, with KERI, all key state messages are asynchronous, so the messages may be delivered out of order, so receivers of messages need to decide if they want to escrow messages. If so, the receiver could decide to be silent or could decide to respond with an error.

Neil Thomson asked, if the VID verification fails, why the receiver doesn't just reply "Fail"? Sam Smith explained that even a fail message gives an attacker info.

This led to a discussion about synchronous vs. asynchronous protocols.

There was agreement that the options for what the receiving party to a TSP message that does not verify are up to the receiving party and may depend on the context of the relationship (possibly as established by the OOBI). For example, the receiver might escrow the message in order to verify it with a subsequent key state for the sender's VID.

Drummond Reed suggested it could be resolved via an OOBER (Out-of-Band-Error-Resolution) approach (about which we can make a note).

ACTION: Drummond Reed and Ed Eykholt to meet offline and discuss the major questions Ed has about areas of the spec that might frustrate initial implementers, and then start a GitHub discussion with their conclusions and recommendations.

We also discussed the tradeoffs of what should be in the TSP vs. in the layers above or below. Our goal is to keep the TSP as simple as possible so it is as widely useful as possible.

APAC:

In our discussion of section 7.1.1, there was agreement that we want to keep the TSP as simple as possible, and so questions about synchronous vs. asynchronous messaging should be tackled by higher-layer (trust task) protocols.

Jo Spencer suggested that the spec should say that explicitly so that implementers understand why certain protocol features they might be looking for/expecting are not in the TSP spec.

5 minPrepare for Implementers Kickoff MeetingChairs

We agreed that we're still on course to prepare for a Implementer's Draft and kickoff meeting by early February.

ACTION: Drummond Reed to check with Darrell O'Donnell and Kevin Griffin about progress on a ToIP Technical Specification Template (presumably using the Spec-Up tooling from DIF) so that Wenjing Chu has a clear path to take once we are ready to convert the Working Draft from Google docs to GitHub Markdown (which is what the Spec-Up tooling produces).

5 minNew Combined APAC MeetingChairs

The TSPTF, Trust Registry TF, and X.509 VID TF are combining their APAC meetings into one slot (Wednesdays 18:00-19:00 PT / 02:00-03:00 UTC) to leverage time and encourage attendance.

ACTION: Drummond Reed to drop a note to Michelle Janata to add the Trust Registry TF to the calendar invite description for the combined APAC meetings on Wednesdays 18:00-19:00 PT / 02:00-03:00 UTC.

5 mins
  • Review decisions/action items
  • Planning for next meetingĀ 
Chairs

Screenshots/Diagrams (numbered for reference in notes above)

#1

Decisions

  • PROPOSED DECISION: The TSP shall have one version number for the specification and the protocol as a whole, and not separate version numbers for the nested protocol layers that are defined by the specification.

Action Items

  • ACTION: Drummond Reed to check with Darrell O'Donnell and Kevin Griffin about progress on a ToIP Technical Specification Template (presumably using the Spec-Up tooling from DIF) so that Wenjing Chu has a clear path to take once we are ready to convert the Working Draft from Google docs to GitHub Markdown (which is what the Spec-Up tooling produces).
  • ACTION: Drummond Reed to drop a note to Michelle Janata to add the Trust Registry TF to the calendar invite description for the combined APAC meetings on Wednesdays 18:00-19:00 PT / 02:00-03:00 UTC.