Zoom Logo

DIF Interoperability WG - A - Shared screen with gallery view
Juan Caballero
04:58
https://hackmd.io/K5BWQ_rvSTKJ-BxeWINYfw^ notes
Juan Caballero
05:44
https://wiki.trustoverip.org/display/HOME/GHP+Blueprint+Public+Review+Process
Kaliya Identity Woman
09:27
You can read the principles paper her - and the Outline for the blueprint that seeded key questions - https://www.goodhealthpass.org/
TallTed // Ted (he/him) Thibodeau
10:30
Can we also get a link to this deck, and to the feedback form(s)/site(s)?
Kaliya Identity Woman
10:48
Here is the document + feedback forms - https://www.goodhealthpass.org/
Kaliya Identity Woman
10:55
https://wiki.trustoverip.org/display/HOME/GHP+Blueprint+Public+Review+Process
TallTed // Ted (he/him) Thibodeau
11:16
Thank you!
Kaliya Identity Woman
13:19
Drummond was in charge of the Glossary.
Adrian Gropper
15:17
q+ for later to ask about crossing the domain-specific (public health) with the non-domain-specific (identity) in the same WG
Kaliya Identity Woman
16:49
Adrian please go look at the recommendations - especially the identity binding is just referencing existing industry practices in this area.
Keith Kowal
18:45
+q
Kaliya Identity Woman
19:21
Keith can you share your question please.
Juan Caballero
21:34
more info on the FHIR-OCA translation engine can be found here, at a recording from another DIF group:https://github.com/decentralized-identity/healthcare/blob/main/agenda.md#february-10-2021---note-new-time-7am-pacific-4pm-cet---fhir-and-oca-with-some-talk-about-cci-vci
Juan Caballero
22:23
https://github.com/decentralized-identity/waci-presentation-exchange
Keith Kowal
22:41
In the US context my feeling has been that the ship has sailed on being able to perform Identity binding to a COVID VC. In my town people got credentials from many many providers - I got mine at a local Safeway where they did verify my DL. How in the US can we ever do an identity binding when this info is spread over so many Healthcare provider record systems?
Kaliya Identity Woman
24:28
Great Question Keith - the identity binding can happen when the credential is issued.
Kaliya Identity Woman
25:23
The identity binding at the site of vaccination in the US is at different levels. I think have to go from where we are with information in the state level IIS system and - doing identity binding relative to that information is about all we can do now.
Adrian Gropper
26:33
q+ to ask about who specs the privacy requirements
Keith Kowal
26:45
Is my vaccine info in a California database? I thought it would only be in the database of the org who gave me the vaccine.
Kaliya Identity Woman
27:25
Throughout the US there are State level Immunization databases that record everyone who gets a vaccination.
Kristina Yasuda (US)
28:02
who is expected to take up the governing authority role?
Kaliya Identity Woman
30:33
for the governance of trust registries there won’t be any one governance authority - Lucy will cover some of this will be addressed by GCCN is planning on spinning up.
Kaliya Identity Woman
31:36
Governance Authorities can be jurisdictions and some can be companies - that list issuers that they are working with.
Daniel Buchner
31:50
I do have an agenda item I would like to put on the stack, if there is space
TallTed // Ted (he/him) Thibodeau
32:11
Plenty of time to digest all this to provide useful feedback... :-/
Kaliya Identity Woman
32:42
<3 yes
Adrian Gropper
37:48
IATA OneID link please?
Daniel Buchner
38:35
Just trying to figure out if the group was doing Yet Another Random Set of Objects Datastore
Daniel Buchner
38:49
vs Semantic Datastore That Handles Objects of All Types
Daniel Buchner
39:37
(trying to avoid a special object store for 30 different verticals of use cases, because users/providers will be hard up to run 30 different objects stores for users)
Kaliya Identity Woman
40:07
https://www.lfph.io/2021/06/08/gccn/
Kaliya Identity Woman
40:38
Press release - https://www.prnewswire.com/news-releases/linux-foundation-public-health-creates-the-global-covid-certificate-network-gccn-301307874.html
Adrian Gropper
41:16
What is centralized key management?
Drummond Reed
41:16
@Adrian - here’s a link to the IATA One ID initiative: https://www.iata.org/en/programs/passenger/one-id/
Adrian Gropper
41:39
TY!
Lucy Yang
41:43
https://ec.europa.eu/health/ehealth/covid-19_en
Drummond Reed
42:48
@Adrian: by “centralized key management”, this means a standard X.509 PKD (Public Key Directory) system
Adrian Gropper
43:46
Not clear @Drummond.
Adrian Gropper
44:47
MIT already runs a PGP key service. Keybase is another. What’s different about the EU one?
Kaliya Identity Woman
45:00
The EU runs it
Daniel Buchner
45:22
LOL
Daniel Buchner
45:48
We need an XKCD for "I have the one true key registry!"
Adrian Gropper
45:53
Sounds like a federation to me, not a key registry.
Daniel Buchner
46:07
***a 14th key registry was created***
Dan Burnett
46:10
Wheel, reinvented
Adrian Gropper
46:26
+1 DaNIEL
Sam Curren (TelegramSam)
46:36
Why isn't the Trust Registry just a data file that can be downloaded? What is gained by real time interaction?
Kaliya Identity Woman
46:46
@daniel just wait until folks from ToIP build 100,000s of trust registries for different governance frameworks
Daniel Buchner
46:49
I agree
Adrian Gropper
47:18
We need link secrets for federations
Daniel Buchner
47:21
I can't tell if you're joking, Kaliya
Kaliya Identity Woman
47:24
What is different then “just look up the keys” somewhere - and a governance framework is that - there is governance on if your keys can be the registry.
Kaliya Identity Woman
47:29
I’m not joking
Daniel Buchner
48:08
q+
TallTed // Ted (he/him) Thibodeau
48:48
Anything that's quickly recognized as a (to be) reinvented wheel should *immediately* be fed into the feedback site. This will help prevent further reinvention as well as help the best existing things be plugged in to the right spots...
Kristina Yasuda (US)
49:00
so the EU is building on GCCN? or are those separate?
Daniel Buchner
49:02
DID of Trust Framework org > DID Doc > Service Endpoint to Identity Hub > signed list of DIDs of member DIDs
Daniel Buchner
49:11
Solved it
Drummond Reed
49:38
@Daniel - you just described the basic trust registry protocol
Kaliya Identity Woman
49:43
@Daniel possibly which DIDs are in which registry.
Drummond Reed
50:02
There’s just a few more wrinkles to it
Daniel Buchner
50:03
Great - Hubs are a the ideal general substrate for this
Daniel Buchner
50:09
we should collab on this
Drummond Reed
51:02
I’m guessing it should be fairly trivial for a hub to process a trust registry query
Sam Curren (TelegramSam)
51:07
Why does the signed list of issuer DIDs need to live in a hub?
Daniel Buchner
51:09
Yep
Neil Thomson
51:43
+q
Neil Thomson
52:30
I understand that name, birthdate and pass/fail are the intended "final" pass information provided.
Neil Thomson
52:44
What is the rationale for a precise birthdate
Daniel Buchner
53:08
Drummond, others: https://imgflip.com/i/5dj3ty
Kristina Yasuda (US)
53:18
yes!
Drummond Reed
53:57
@Sam Curren: the point of a simple standard trust registry protocol is that anyone can implement the back-end for it any way they want. A hub would be fine but it could be as simple as an HTTPS server or even a DID document on a blockchain
Daniel Buchner
54:29
@Drummond that's what an Identity Hub is - you query data in a standard, inferentially discoverable way
Sam Curren (TelegramSam)
54:30
@drummond but why a protocol and not a data format? it isn't transactional in any way.
Drummond Reed
54:47
@Daniel - yes, come to the Dark Side! ;-)
TallTed // Ted (he/him) Thibodeau
55:23
q+
Adrian Gropper
55:30
@Daniel, you ask an essential question and we should definitely discuss
Drummond Reed
55:35
@Sam - the protocol is for the option that a governing authority wants to offer the trust registry at a network endpoint
Adrian Gropper
55:45
q+
Drummond Reed
56:00
But I totally agree that’s only one option. Chained credentials is another option. The ACDC Task Force at ToIP is one group working on that.
Daniel Buchner
56:10
@Sam, @Drummond, I'd argue it's both: a standard format for that kind of data (e.g. TrustFrameworkList), which you fetch by sending a server:{"@context": "https://identity.foundation/schemas/hub","@type": "CollectionsQuery","statements": [{"uri": "https://toip.org/TrustFrameworkList"}]}
Daniel Buchner
56:42
One little HTTP post to the ol' Hub, and you have your trusted DID list
Daniel Buchner
56:50
easy peasy lemon squeezy
Drummond Reed
56:51
@Daniel - yes, I like it. You should join us in the Trust Registry Task Force!
Adrian Gropper
57:04
+1 Neil
Daniel Buchner
57:25
Drummond, if I joined, would they consider using a common object store (e.g. Hubs) as the substrate?
Daniel Buchner
57:35
We have this work moving pretty quickly now
Kaliya Identity Woman
57:47
@Daniel I don’t think we have gone into detailed about how to build the trust registry yet
Drummond Reed
58:04
@Danile It’s a wide open question. It certainly sounds that should be one option.
Daniel Buchner
01:00:54
I will be your Hubby, Drummond
Drummond Reed
01:01:25
ToIP Trust Registry Task Force page: https://wiki.trustoverip.org/display/HOME/Trust+Registry+Task+Force
Daniel Buchner
01:02:04
To butcher a quote from another famous person who held the designation of captain in his younger years: "As certain as night succeeds the day, without Hubs we can do nothing definitive, and with them, everything honorable and glorious!" – George Hubington
TallTed // Ted (he/him) Thibodeau
01:03:37
s/Hubs/Open-Hubs-Source-APIs-DataModels-etc/ :-)
Daniel Buchner
01:04:39
https://identity.foundation/presentation-exchange/playground
Juan Caballero
01:04:53
Daniel!
Juan Caballero
01:05:03
bring this next week for WACIPEx update :D