Chairs

This is to discuss what implementation projects are underway and what others we might attract.

Wenjing Chu began by sharing that his team is working on an open source implementation that they plan to contribute to the OpenWallet Foundation. He plans to have more info on the repos and project structure shortly. There is more info in the Internet Identity Workshop proceedings. 

ACTION: Wenjing Chu to post more information in our Slack channel about proposing an open source implementation of the Trust Spanning Protocol as a new project at the OpenWallet Foundation.

The question before us is who else is interested in implementing and what development resources would be most helpful.

For example, it is helpful to know which VID types there is demand for implementing. Wenjing's team is currently focused on did:web and its variants, plus did:peer.

The other area of interest is trust task protocols: which of these are in highest demand:

• Consent
• Verifiable credential exchange
• Basic messaging/chat

Another area is transport protocols: which bindings are most needed? Which ones are most needing standardization & implementation (usually the latter is a good basis for the former).

Samuel Smith said that he's working on a Python implementation and would welcome additional development resources.

Wenjing Chu also mentioned interop test suites. Drummond Reed said this is an area he may be able to find resources.

This is another discussion that is helpful both for the spec and implementations.

 Suggestion: Use Github discussions to have one discussion per protocol.

Judith Fleenor suggested then one blog post per "family" of other protocols, summarizing our conclusions.

She suggested that it will be very helpful to compare TSP to protocols that are outside of digital identity.

Wenjing Chu suggested that we start with digital identity & credential protocols for EIC.

ACTION: Drummond Reed to start Github discussion on the following topics: 1) OID4VC family, 2) DIDComm, 3) 0ther secure Messaging protocol(s), 4) ACDC protocols (all of which leverage the key state mechanisms based on KERI and bind the messages in transaction set to a seal for security).

Samuel Smith explained the reasons for the security features in the ACDC protocols. A hash (SAID) of each transaction is added to a transaction event log which is signed to bind it to the key state. Each transaction event log is a secure chained.

In the KERI stack, the TSP is a tunneling protocol that enables protection of confidentiality and metadata privacy. The authenticity comes via the VID type. The stronger the authenticity of the VID type, the stronger the security of the stack above it.

Sam shared a statistic that, for every U.S. FBI agent, there are 50 cybersecurity attackers.

Now that we are to Implementers Draft stage, we propose to switch to a bi-weekly meeting schedule and make more use of GitHub for asynchronous discussions. Bi-weekly meetings would focus primarily on issue resolution.

DECISION: We will switch the TSPTF to a bi-weekly meeting schedule starting immediately. Our next meeting will be Wednesday May 15.

ACTION ITEM: Drummond Reed to have Michelle update the schedule for TSPTF meetings to every other week.

Since we are switching to bi-weekly meetings, the next meeting will be Wednesday May 15.

Judith Fleenor suggested that during the month of May, let's use the alternate weeks to finish the second public review draft of the ToIP Technology Architecture Specification and update the ToIP website pages covering these artifacts. Unfortunately Drummond Reed and Wenjing Chu have a conflict with the meeting on May 8, so we will aim for a meeting on the ToIP Technology Architecture Specification on May 22.

ACTION: Drummond Reed to share via Slack and the ToIP mailing list that the May 22 TSPTF meeting will be devoted to finishing the second public review draft of the ToIP Technology Architecture Specification and updating the ToIP website pages covering these artifacts.