2024-11-21 TRTF Meeting Notes
- Andor Kesselman
Meeting Date
Nov 6, 2023 The ToIP Trust Registry Task Force (TRTF) meets weekly twice every Thursday at the following times (to cover global time zones - see the Calendar of ToIP Meetings for full meeting info including Zoom links):
NA/EU 07:00-8:00 PT / 15:00-16:00 UTC
APAC 18:00-19:00 PT / 02:00-03:00 UTC
Zoom Meeting Link / Recording
NA/EU MEETING:
@Darrell O'Donnell
@Tim Bouma
@David Poltorak
@Jesse Carter
@Drummond Reed
@Markus Sabadello
@Fabrice Rochette
@Subhasis
@Eric Drury
Agenda Items and Notes (including all relevant links)
Time | Agenda Item | Lead | Notes |
|
5 min |
| Chairs |
|
|
5 min | Review of previous action items | Chairs |
|
|
15 mins | Issue/PR Review | @Dave Poltorak | Issue/PR Review |
|
10 mins | Previous TRTF Call Review | Andor |
| |
10 mins | TRQP Common Data Model Work | Andor | https://gist.github.com/andorsk/3c1f1d869644d4d0c58f9cb3f78028b5 |
|
5 mins |
| Chairs |
|
|
Notes:
@Jesse Carter : TRQP and OIDF
@Darrell O'Donnell : Do they fall into the specification itself.
Supporting material
@Antti Kettunen
@TODO: Folder
Focuses
Motivations : Spec and needs cleanup
Use Cases : Supporting material
Interaction Pattern Documentation : Supporting but informs spec. Non-normative.
Interaction Patterns: Other ecosystems.
2 interaction patterns:
How do I use the TRQP?
How do I support the TRQP, so what do I need?
@Tim Bouma : For implementers, knowing how it is implemented in the context of building is really important to use it. Needs to internalize the model before implement it.
@Antti Kettunen : More abstraction the more complexity. The model is simple, but complexity in interpreting it.
Implementers guide would be a document to help people to understand how to start to work the abstract data model.
@Subhasis :
Looking at it from an implementers side.
Really struggling on how to implement the specification on both sides.
Governance side : everything is governed as strings, not sure how to use it.
OIDF Side: Diagram with bridge to OIDF, not sure how to do it.
Implementers guide: Extremely important to support the statements being made.
@Darrell O'Donnell :
Agreed. Critically important.
If someone is waiting for the implementation guide, might not be for them right now.
@Subhasis : Can be two separate documents, but specification without implementers guide is difficult to interpret.
@Darrell O'Donnell :
@Dave Poltorak : What’s the state of the spec?
@Darrell O'Donnell : On Implementers Draft
Jesse shared this document : TRQP
Drummond: Implementers leading to an implementers guide is a good thing
@Tim Bouma : API first vs. Protocol first models.
Document isn’t the deliverable. Community is the deliverable.
Ecosystems are discovered out of band
DON’T assume you’re using the TRQP to “discover” new systems to trust (i.e. new EGFs). That is out-of-band.
DO assume that the EGFs that you are aware of create a simple web.
Bhutan :
Credential in bhutan
Member of EGF
Multi-hop question vs. discovery question
This is not a data modeling question.
This is a business question.
A lot of different questions, and clumping them.
with OID federation,
Do we have a common root?
Are you authorized to issue attestations?
Do we share a governance framework that governs this authorization
Do we have a common ancestor?
Multiple small questions
@Drummond Reed It seems like we have two categories of queries: graph traversal queries (to get to the authoritative TR) and then authorization queries (once you have located the authoritative TR).
@Antti Kettunen What about “provide me a certificate I can use to verify a signature”? Is that an authorisation query?
Drummond: Needs to be as general as we can.
TRTF Next Week
Validity status / revocation?
Screenshots/Diagrams (numbered for reference in notes above)
Decisions
Action Items