Kick-off Meeting

Thursday, May 28 — 11:00-12:00 PT / 18:00-19:00 UTC

Send an email to governance-stack-wg@lists.trustoverip.org to request a calendar invite (you can subscribe to the mailing list at lists.trustoverip.org).

Agenda

See this Google Slides presentation for the full agenda. Summary:

  1. Welcome from the conveners (Scott, Tom, Drummond—5 min)
  2. Introductions (15 min)
    1. Natarajan (Nat) Chandrasekhar – Cambridge, UK – individual contributor
    2. Dan Bachenheimer – Washington, DC, US – Accenture Digital Identity group
    3. Stu Vaeth – Boston, MA, US – Mastercard
    4. Bryn Robinson-Morgan – UK – Mastercard
    5. Arjun Govind – Philadelphia, PA, US (Bangalore for the moment) – Digital identity at R3
    6. Catherine Nabbala – Bangkok – Finema
    7. Dan Gisolfi – New York, NY – IBM
    8. Elizabeth Cronan – Washington, DC – Geoguard
    9. Eric Welton – Northern Thailand – Individual contributor
    10. Gregor Jehle – Stuttgart, Germany – P3KI
    11. Jim StClair – Mississippi – Dinocates
    12. Jan Lindquist – Stockholm – Hyperledger
    13. John Jordan – British Columbia – Province of British Columbia
    14. Mark Lizar – Toronto, Canada / UK – Open Consent
    15. Mark Scott – San Diego, CA – Individual contributor
    16. Mary Lacity – Fayetteville, AK – Sam Walton College of Business
    17. Matt Davies – Salt Lake City, UT – Finicity
    18. Paul Knowles – Switzerland – Human Colossus Foundation
    19. Robin Alexander – Vancouver, BC – Geoguard
    20. Steve Magennis – Seattle, WA, US – Polywug
    21. Steven Milstein – Montreal, CA – Collab Ventures
    22. Sankarshan Mukhopadhyay – Bengaluru, India – Dhiway
    23. Vinod Panicker – India – Wipro
    24. Vipin Bharathan – New York, NY, US – dlt.nyc
    25. Wenjing Chu – Santa Clara, CA, US – Futureway Technologies
    26. Will Groah
    27. Xinxin Fan – San Francisco Bay Area, US – IoTeX
    28. Chris Ingrao – Seattle, WA, US – LUMEDIC
  3. Mission and scope of this WG (Tom—10 min)
  4. Real-world example of a full-stack GF (John Jordan—5 min)
    1. British Columbia government challenges include digital identity of individuals, corporations, legal entities, etc. Many times, when an online service is offered, the identity field is simply treated as a freeform text field, creating serious issues with misidentification, fraud, and others. 
    2. BC may lay out a set of policies at the Layer 4 level to make it clear who the recognized authorities are, in BC and elsewhere, for issuing identities (like drivers licenses). 
    3. At Level 3, BC could also recognize registries for verified person credentials, permits, licenses, etc.
    4.  BC might also recognize software solutions for citizens at Levels 2 and 1.
  5. Discussion of potential initial work items (Scott—15 min)
    1. Survey of existing governance framework models
      1. E.g., FATF, Pan-Canadian Trust Framework
    2. Classes of use cases and boundaries required for governance
      1. Levels of assurance that drive decisions along the stack. For example, government clearance may require high quantity and quality of sources, while employment confirmation may require less-strong assurance. Scott suggests:
        1. Untrusted class – no governance at all, status quo for the internet
        2. Internet Grade – a minimum standard of assurance with governance, a key missing piece
        3. Asset Grade
        4. Classified Grade 
      2. Need to understand use cases that government bodies might be asking of organizations such as ours. FATF example: is the digital ID system authorized by the government for use in customer due diligence (CDD)?
    3. Architectural Model for ToIP governance frameworks
      1. Required, recommended, and optional components at each layer
      2. Templates at each layer
    4. ToIP stack and verifiable credentials risk model
      1. See Confluence page that Scott has set up: Identity and Verifiable Credential Risks
    5. Contributions to ToIP glossary
  6. Logistics (Drummond—10 min)
    1. Mailing list
    2. Wiki
    3. Github repo structure (repository of best practices)
    4. Task Forces
    5. Chairs
    6. Meeting schedule

Meeting Notes