Agenda Items and Notes (including all relevant links)
Time
Agenda Item
Lead
Notes
3 min
Start recording
Welcome & antitrust notice
Introduction of new members
Agenda review
Chairs
Antitrust Policy Notice:Attendees are reminded to adhere to the meeting agenda and not participate in activities prohibited under antitrust and competition laws. Only members of ToIP who have signed the necessary agreements are permitted to participate in this activity beyond an observer role.
New Members:
Charles Lanahan has been a data scientist at Trust Science until recently and a new ToIP member.
5 min
General announcements
All
News and updates of general interest to CTWG members:
Neil Thomson shared a GSWG conversation about how issuers and trust registries are related.
A trust registry is a qualified object list.
The qualifying authority for a trust registry is a registrar.
Neil's point is that the jobs of qualifying authorities, from a governance standpoint, are similar for an issuer and a trust registry.
Rieks Joosten agreed. He said it reminds him of a data exchange project in the EU, where similar decisions need to be made about registries of semantic data, such as schemas, and also product offerings, identity services, and other related services. All of these services share three things:
First, a provider of the service needs to provision and operate the service at runtime.
Secondly, there is a management layer that applies the governance policies under which the service operates.
Thirdly, there is the governance layer that establishes the policies.
Rieks felt this was a good model that could be defined by the Governance Stack. He made the analogy to how CAs (certificate authorities) operate in conventional PKI. It is a good scaffolding for registries of all kinds.
Neil agreed that governance and operations are different roles, and whether the same party performs them or not is a matter of choice.
Rieks said that trust communities can get up and running by choosing the initial set of services they will offer.
2 min
Review of previous action items
Chairs
ACTION: Drummond Reed to follow up with Judith Fleenor with regard to Henk's draft document to see how we can address these GitHub issues much more efficiently and effectively, including who/where we might be able to request budget.
TNO is looking to develop tools for the TEv2 toolbox in TypeScript. The TRRT had some setbacks, but we expect it te be fully working at the end of this month. Progress can be followed in the TRRT-repo.
TNO is planning on a template repo that other tool developers can use to make other tools (in TypeScript), and that can be documented using the TEv2 tools (when they're up and running).
These will include terminology design methodologies.
Some experiments are under way, including with the W3C Verifiable Credentials Working Group terminology.
Rieks hopes this will help terms communities justify doing terminology work earlier and more productively in their project.
Brian Richter hasn't been doing a lot — too busy. The ingress tools have been progressing, the rest is still tbd. It might be a good idea to create HRGT-tools in the TNO repo, using the templates, and reusing parts of the TRRT code.
The MRGT (in Java) is giving some operational problems. It seems appropriate to leave it as it is, as TNO expects a TypeScript version to become a available in Q4 of this year.
10 min
Update on the ACDC and Web of Trust (WoT) Glossary
On 2023-07-11 in the ToIP Slack, Henk posted this update:
In the KERI meeting today we voted for the move of our “source of terms truth” known as theACDC-wiki: it’s going to beWOT-terms wiki:https://github.com/WebOfTrust/WOT-terms/wikifrom today. We will still be able to sync between the glossaries at ToIP user acdc repo and WebofTrust WOT-terms repo.
The reason for the move is a practical one: more control over our own data and functionality while maintaining the symbiotic properties between ToIP and WoT. More info and acknowledgements in KERISSE sectionhow we did.
The most recent update of the glossary in ToIP format can now be foundherebut will most probably also be hosted from ToIP github space (here) soon.
Neil Thomson noted that the work on the Trust Spanning Protocol TF on climbing a "spiral staircase" of higher levels of trust, each of which corresponds to a different protocol.
Rieks Joosten said he didn't see a web server treating a customer differently depending on how many visits you have made, unless there are rules that make it explicit. The rules may change for the provisioning and management, but the web service will remain quite stable.
Neil gave the example of opening a bank account and the KYC data that must be shared by a consumer. Once the account is established, it is easier to move to a higher level of trust faster.
Rieks: the bank's web server will follow a decision tree that has a set of rules that can result in clear outcomes for the consumer. Those rules will be in machine-readable policies. Some of them may call for human intervention / review. These decision trees could be shared within a trust community.