2024-07-10 TSPTF Meeting Notes

Meeting Date & Time

This Task Force meets every other Wednesday.Ā The first meeting (for the NA/EU time zones) is dedicated to the TSPTF. The second meeting, for the APAC time zones, is the joint weekly APAC meeting of all Task Forces in the ToIP Technology Stack Working Group.

  • NA/EU meeting: 08:00-09:00 PT / 15:00-16:00 UTC
  • TSWG Weekly APAC meeting: 18:00-19:00 PT / 01:00-02:00 UTC

See the Calendar of ToIP Meetings for exact meeting dates, times and Zoom links.

Zoom Meeting Recording

Attendees

Agenda Items and Notes (including all relevant links)

TimeAgenda ItemLeadNotes
3 min
  • Start recording
  • Welcome &Ā antitrust notice
  • New member introductions
  • Agenda review
Chairs
  • Antitrust Policy Notice: Attendees are reminded to adhere to the meeting agenda and not participate in activities prohibited under antitrust and competition laws. Only members ofĀ ToIP who have signed the necessary agreements are permitted to participate in this activity beyond an observer role.
  • New Members:
2 minReview of previous action itemsChairs
  • ACTION:Ā Drummond ReedĀ to put on the agenda of the next TSPTF meeting the topic ofĀ Samuel SmithĀ giving a full-length example of how dynamic risk assessment works using KERI.
5 minsUpdate on the Identifier Traits topic

At our 2024-06-26 meeting, we discussed the topic of "Identifier Traits" raised at DICE raised byĀ Jan Christoph EbersbachĀ (known as "JC"). SeeĀ this Github Gist page for a summary.

We agreed at that meeting that the TSPTF focus was on appraisability frameworks for dynamic appraisability of a VID, but that we would welcome work on a generalized set identifier traits that could feed into our appraisability framework.

Drummond will give a brief updated on the Identifier Traits work going to the DIF Identifiers and Discovery Working Group co-chaired by Markus Sabadello.

40 minsKERI example of dynamic risk assessment of a VIDSam SmithĀ 

The slides Sam presented are here:

https://github.com/SmithSamuelM/Papers/blob/master/presentations/KERI_Appraisal.pdf

Some of the slides are also captures as screenshots #1 thru #9 below.

Sam's presentation covered a lot of background about KERI architecture in order to build up to showing a use case for how real-time appraisal of a VID can work using KERI, highlighting why dynamic appraisability is important and how it enables a validator to make a live appraisal thereby protecting themselves from a compromised or malicious controller.

In the Q&A, Sam clarified that key event logs (KELs) that use interaction events and key delegation are the ways that key management infrastructure can be scaled to millions of transactions in a short period.

Sam explained how the current bearer-token-based code signing used by companies by Microsoft is subject to (and has been) compromised by an attack on a bearer token. With KERI key management, the exact key that was compromised (and the exact key controller) can be identified and recovered.

Neil Thomson: "This suggests that on any interaction between VIDs (2 party) that they regularly perform a Live Assessment (e.g. once a day, every XX transactions)". Drummond agreed.

5 mins
  • Review decisions/action items
  • Planning for next meetingĀ 
Chairs

Screenshots/Diagrams (numbered for reference in notes above)

#1


#2


#3


#4


#5


#6


#7


#8


#9


Decisions

  • None

Action Items

  • None