Zoom Meeting Link / Recording
Main Goal of this Meeting
To catch up after the holidays and discuss the progress of the Technology Architecture TF and our priorities for Q1.
Agenda Items and Notes (including all relevant links)
- Start recording
- Welcome & antitrust notice
- Introduction of new members
- Agenda review
- Antitrust Policy Notice: Attendees are reminded to adhere to the meeting agenda and not participate in activities prohibited under antitrust and competition laws. Only members of ToIP who have signed the necessary agreements are permitted to participate in this activity beyond an observer role.
- New Members:
- Bart Suichies, former SICPA, currently independent
- Dann Toliver, co-founder and Chief Architect, TODAQ
|1 mins||Review of Action Items from the previous meeting||Chairs||No action items from the last meeting.|
|15 mins||General updates||All|
Announcements and updates of any kind that WG members want to share.
- Drummond Reed shared that Evernym was acquired by Avast
- Tim Bouma is now Director of Verification Assessment at the CIO Council of Canada
- Antti Kettunen is a member of the for drafting a European Digital Identity Wallet interface for general purposes
- "Establishment of a CEN TC 224 Ad Hoc Group on European Digital Identity Wallets
TC 224 establishes an Ad Hoc Group on European Digital Identity Wallets."
- Subgroup of ISO that is still in the beginning stages
- Currently having meetings exploring what decentralized identity standards in this space should be included so it is not just focused in the ISO mDL model
- Bart referenced: https://nextcloud.idunion.org/s/D2cbMi6w8t3nPYj
- Daniel Bachenheimer is also working at ISO in SC 17 on identity documents
- Antti said they are comparing the different efforts in standardization of digital credentials
- Tim Bouma said that in his work for the Canadian government on digital credentials was more on the management than the technical side.
- Daniel Bachenheimer said that the ISO work touched on a whole lot of areas, including security and biometrics
- Darrell O'Donnell said that the security questions are very important and challenging
- Tim Bouma said this is why the ToIP stack is important in terms of bringing this all together. We have moved from documents to instances to verifiable credentials. The Pan-Canadian Trust Framework tries to distill down the vital pieces. One of the big learnings of the provinces is that a holistic thinking is needed; fragmented approaches won't work.
- Bart Suichies believes that the document paradigm is limiting. Certain credentials are special. So document-centric thinking is holding us back. Tim agrees that "the winds are blowing back in that direction" and we need to be careful about that. We need more greenfield thinking. For example, the question with driver's licenses also involves car registration. The document-centric paradigm is around establishing the authenticity of a document vs establishing an identity.
- Antti Kettunen: eIDAS is a challenge to what Tim said earlier, because a lot of the role-definitions and requirements are now becoming part of the regulation.
- Daniel Bachenheimer: that clerk is supposed to follow ICAO TRIP for issuance and Canada (IRCC) performs deduplication to establish uniqueness within the population (Identity Proofing)
- Darrell O'Donnell recommends the Northern Block podcast with Phil Windley.
|15 mins||Task Force Reports||TF Leads|
Trust Registry TF — Darrell O'Donnell
- Darrell has moved the specification into a private GitHub repo and next needs to move into a ToIP repo.
- ACTION; Darrell O'Donnell to talk to Elisa Trevino about that conversion.
ACDC TF — Samuel Smith Phil Feairheller
Design Principles TF — Drummond Reed
- This task force is now complete update on the publication of the Design Principles for the ToIP Stack deliverable.
- Drummond said that the final PDF document following the ToIP Style Guide should be ready this week.
Technology Architecture TF — Darrell O'Donnell & Drummond Reed
- This task force is cooking with gas. The goal is to produce the ToIP Technology Architecture Specification by the end of Q1.
- We are down to the specifics of diagrams and protocols.
- Is there agreement this is our top priority for the quarter? Yes!
- Antti Kettunen brought up the "revelation" in the last meeting last year about reusable patterns.
- Wenjing suggested that it should be based on reusable patterns.
- Antti said that there is a reusable pattern around issuance of credentials that includes not just the signature but the process of issuance and how it is bound to the holder.
- Bart added that how the credential is bound to a governance process or framework is key. The trend is that we're seeing the power being at the verifier.
- Tim agrees about the composability of the full process. It can be helpful to actually separate the verifier from the relying party, and the issuer from the provisioner. So it's important that the ToIP model embrace the full holistic process.
- Bart agrees: the cryptographic process is important, but the process of issuance is equally important.
- Tim gave the example of an artifact that may be acceptable at the Canadian border, but not internally in the provinces. Verifiers need to decide what they trust.
|15 mins||Update on KERI and DIDComm|
Drummond will report on one day meeting he was able to have over the holidays with Sam Smith and Daniel Hardman on KERI and DIDComm and their respective roles in the ToIP stack.
|5 mins||Any other business||All|
- Review decisions/action items
- Planning for next meeting
Screenshots/Diagrams (numbered for reference in notes above)