Thursday April 1
Time | Item | Who |
---|---|---|
2 min | Welcome & Antitrust Policy Notice | Chair & PM |
5 min | Introductions | Chair & PM |
5 min | Backgrounder | Chair |
+ | Open Discussion | Group |
2 min | Wrap up | Chair & PM |
Suggested registering the apps that issue as a possible approach
There are a lot of existing networks/lists - don’t we need to connect these up. We will likely have a network of networks
From 30 MAR 2021 meeting - input from Marcos: What form can practical trusted registries take? - Centralized - Decentralized (Permissioned, Permissionless, Federated) - Other? Which information is necessary to register in a trusted registry by an issuer when a verifiable credential is issued? - Hash of the content - Status of the credential - Link to the issuer (DID + digital signature) - Link to the subject Which information is necessary to verify against a trusted registry when they are presented to verifiers? - The issuer as an authorized entity - The status of the credential - The content/claims of the credential Who is responsible for defining or maintaining lists of entities authorized to be issuers of specific verifiable credentials in specific contexts or jurisdictions (i.e., the laboratories authorized to issue certificates of COVID-19 tests in Honduras) How do we specify in the verifiable credential the trusted registry where the proofs are registered? How do we establish a standard for both centralized and decentralized registries to store and make available the proofs in a way that is common to everyone, so once the verifier figures out the trusted ledger to be checked and the access point to it (which should be able to do directly from the credential), the protocol to accomplish verification is standardized |
Steve Magennis : I believe items 5-11 below is where our focus needs to be and where we can offer real value. Items 1-4 are deep, complex issues that need to be resolved well in advance of the actual act of verification. These decisions will almost certainly be fluid and driven by a complicated mix of policy makers, corporate lawyers, industry advocates, public health professionals and public opinion.
Looking at the processes associated with the act of Verification:
OR, if the issuer is not / cannot directly be deemed acceptable:
MUST have predetermined knowledge of which certifying authorities are acceptable to ‘vouch’ for the acceptability of an issuer as the source for the claims or credentials that are pre-determined to be acceptable
At the moment of verification:
Key Resources:
1. Welcome and Linux Foundation antitrust policy - http://www.linuxfoundation.org/antitrust-policy
2. Topic A
3. Topic B
4. Topic C
5. Wrap up
Action Items