Attendees
- TBC
Agenda Items
...
Topic B
...
TBC
...
- Co-Leads: Drummond Reed
- ID2020 PM: Todd Gehrke
Participants:
- Scott Perry
- Darrell O’Donnell
- Jacques Bikoundou
- Sevita Farooqui
- Kaliya Young
Agenda Items
- Update on the IATA Q&A session earlier today
- Update on ToIP governance meta-model terminology
- Review the completed GHP EGF Primary Document sections
- Discuss the remaining Primary Document sections
- Discuss the Risk Assessment and Trust Assurance sections
- Agree on writing assignments for the next 72 hours to complete our draft by Monday
- Volunteers to review RFC 2119 statements in other DG reports
Presentations -
(PDFs posted)2021-04-29 Governance Framework DG Meeting.pdf
Recording - Link
Notes
1. Welcome and Linux Foundation antitrust policy
2. Topic A
3. Topic B
4. Topic C
...
IATA Feedback from call this morning. Didn’t get through all the questions. We will have another meeting.
Got some input on Trust Registries and Rules Engine.
[Darrell] High the pla for embracing the other formats such as EU and WHO certificates
Need to support recommendations
Other key takeaways -
- Seemed IOTA was overwhelmed by the diagram.
- Some IOTA people couldn’t make the call
- Mathew from IOTA data standards group was there and was able to address questions.
[Drummond] We are trying to publish a ToIP GF model for the airline industry. They are placed into the end of the document that contains the IATA questions.
IOTA and Tamatic might be hosting a TR but we are not sure that is true.
[Savita] Sensed hesitation to have IOTA host the rules but would rather have a go no-go result presented to the airlines.
[Kaliya] Document releases might be delayed
Pushing to have everything done by Tuesday
- [Drummond] Only so much we can do because we will be importing policies based on the other documents. Pretty sure we will be done by Monday
- Updates to the ToIP governance frameworks documents to include Mandates, Recommendations, and Options
- [Drummond] Leading document review section by section.
- Control documents are created when you need them to be modular
- So far the Glossary is the only control document being split out
- We will need to link some supporting documents from the main GHPC Governance document. - Such as those that include policies for lower level ecosystems
- It is best if a Governance authority can see a 100% of what they need to conform to in one document.
- More harmonization when the other drafting groups are done.
- Still need to work on general requirements Extensions and Revisions
- Revision quest is who is going to maintain this moving forward.
- We need to identify the governance authority. Who will maintain and enforce this moving forward.
- We can make recommendations for the process part but the structure part, the who needs to be identified.
- GHPC is being named as a placeholder with a process to pass this responsibility off to a long term organization.
- Charter
- By Laws
- GHPC needs to put this out to establish a collaborative
- [Savita] Present a spreadsheet that lays out roles and responsibilities of a GF. It also touches on incentive models. This was developed for interoperable goventance for blockchains. - A copy will be shared that we can modify or barrow content from.
- Talked about conformance reporting and auditing for the governance model.
- Can be a self asserted performance report
- May just be a site that host the reports
- This would indicate that a URL is dedicated to the governance framework.
- MUST Document if you conform to all the mandates
- MUST document why you don’t conform to recommendation
- If you use a option document why you chose that option.
- [Scott] We also need to focus on the revisions of the trust assurance framework. This is hard to do after the fact. - Learned from Sovrin.
- This can be bare bones minimum
- We need more recommendations for the general recommendation. This is typically a small set of general requirements.
- What belongs in the control document section.
- GHPC Risk assessment
- Need to tie risks to the must statements in the GF
- We are doing the 30, 90, 180 day recommendations as a separate document.
- We want to make sure the 30 day is a realistic goal that a vendor can comply with.
- [Scott] Shared the risk assessment process <Diagram> and document
- Midicate
- Avoidance
- Accept
- Full disclosure from a risk standpoint!
- Next steps
Action Items
...