Page tree
Skip to end of metadata
Go to start of metadata

Meeting Date



Main Goal of this Meeting:

Discuss any updates or changes that are required for the API and specification.


  • Start recording
  • Welcome
  • Antitrust Policy Notice: Attendees are reminded to adhere to the meeting agenda and not participate in activities prohibited under antitrust and competition laws. Only members of ToIP who have signed the necessary agreements are permitted to participate in this activity beyond an observer role.
  • Introduction of New Members
  • Review of decisions and action items from last meeting
  • Agenda review
20 mins

Discuss API & Specification - any recommendations/changes?

  • Ken Adler His main question is whether the API needs authentication.
    • If the list is not public, how do you protect it?
    • If it needs to be protected, what is the best way
    • Darrell O'Donnell said the current proposal is a bearer token using OAuth
    • He said the Bonifii trust registry is in MS Azure and uses its native bearer auth token
    • Tomislav Markovski recommended that bearer auth should be an option, but there should be others
    • Drummond Reed share the POV that the TR protocol MUST:
      • support authorization using VCs at some point in time (but not immediately)
      • Specify the standard types of authentication
    • Tomislav Markovski suggested that we establish a registry of options for authentication methods that are listed in the TR DID document
    • Drummond Reed strongly seconded that idea, endorsing that the spec defines a registry of standard authentication methods and authentication method URIs
    • He also suggested that we don't even have to create a new registry—we can registered a set of authentication method URIs
  • We had a long discussion about how to bridge to X.509 PKDs
    • We all agree that X.509 PKDs will not change to accommodate the TR protocol, so we need to build the bridge to network of TRs that speak the TR protocol
    • At the end of the discussion, we agreed that a TR endpoint that speaks the TR protocol (supports the TR API) will need to serve as a bridge to talk to an X.509 PKD.
    • ACTION: John Walker to provide a link (in the #tswg-trust-registry-tf channel) to the EU Gateway technical documentation and APIs so we have a good example of "what's at the other end of the X.509 PKD bridge".
    • ACTION: Drummond Reed to add more detail to the writeup on the X.509 PKD Interop wiki page.
    • ACTION: Drummond Reed and Darrell O'Donnell to add a basic description of the protocol design on the ToIP Trust Registry Protocol wiki page. 

10 min

Discuss the "core triple" for TR entries: GF DID, Type URI, Governed Party DID

  1. For issuer verification:
    1. GF DID, Credential Type URI, Authorized Issuer DID
  2. For verifier verification
    1. GF DID, Presentation Definition Type URI, Authorized Verifier DID
  3. For trust registry cross-certification
    1. GF DID, TR Protocol Version URI, Trusted Peer GF DID

5 mins

Past Action Items:

  • Darrell O'Donnell Focus on a definition of the MVP
  • John Walker the set of user stories that will give us the requirements for the "absolutely bare bones"
  • Lucy Yang will share a diagram of the user flow from a GCCN standpoint

5 minsReview of decisions and action items and planning for next meeting Chairs



  • None

Action Items

  • No labels