Updates of general interest to TATF members.

• Drummond Reed is speaking on a panel on the topic of "SSI and web3"
• Vikas Malhotra said that NIST has published a new document on "Engineering Trustworthy Secure Systems": https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-160v1r1.fpd.pdf
• Tim Bouma pointed out that Apple announced their FIDO2 support for "passkeys". This includes device-specific keys that will manage the sharing of passkeys across multiple devices. So now you can use your secure enclave on different devices to do that sharing.
  • Samuel Smith said that the secure enclave can protect the keys on each device. Apple never sees the keys in the same way as password managers like 1Password.
  • Apple uses biometrics to unlock the passkeys on each device. This would be like Ubiqui moving keys across its devices.
  • Samuel Smith doesn't believe the protocol used by Apple can be used across other OSes. What FIDO2 and WebAuthn standardizes is how the device talks to a website.
  • Tim points out that the EU is mandating USB-C for Apple, so regulators are starting to mandate more constraints on interoperability for BigTech.

Drummond Reed Neil Thomson 

The TSWG terms wiki and glossary has now been set up (huge HT to Daniel Hardman).

• https://github.com/trustoverip/tswg
• https://trustoverip.github.io/tswg/glossary

Drummond and Neil will discuss the plan of action to begin populating it.

• Drummond explained the work of the Concepts and Terminology WG

Discussion of progress on the working draft of the ToIP Technical Architecture Spec and work on issue resolution.

• Wenjing proposed to divide our issues into three buckets
• The first bucket is "meta-issues" about what the document should cover.
• We began with discussion about a diagram suggested by Tim.
• Wenjing proposed that this spec is a technology architecture spec that only covers that subject—it doesn't get into specific protocols yet (that will come in a subsequent spec). It also doesn't cover larger questions of how to explain the stack from a conceptual and policy standpoint.
  • Drummond agreed and described a way to think about three levels: conceptual, architecture, protocol specifics.
  • Tim agreed about the specifics of this document, and the need for a different document the regulators, policymakers and business people.
  • Drummond suggested that we formally name that other deliverable.
  • ACTION: Tim Bouma and Drummond Reed to prepare a proposed name and scope for this other deliverable and document it in a wiki page for next week's meeting.
  • Neil Thomson suggested that we start a "catalog" of our other deliverables. Drummond agreed that we should list them on the wiki page for this TF.
  • Allan had brought up test cases.
  • ACTION: 
• Wenjing also suggested that use cases need to be added. We have discussed passwordless authentication and other aspects of digital identity.
  • ACTION: All members of the Technology Architecture TF need to add their use case to the Google doc.
• Wenjing's second bucket is "intermediaries". His proposal is that we limit the term to the relaying of messages and not other functions that should be considered supporting systems.
  • Jo Spencer has expressed strong views about intermediaries. 
  • Drummond suggested that we discuss that question with Jo in the APAC meeting.
  • Wenjing suggested that the term should be defined that the role of an intermediary.
  • Sam suggested that intermediaries play no role in the trust basis.
• Wenjing's third bucket is interoperability.
• We also briefly discussed Kaliya's comment about the ToIP stack being very "Hyperledger Aries architecture focused" and thus not friendly to other "stacks".
  • ACTION: Drummond Reed to see if Kaliya would like to present about this perspective in an upcoming meeting.