[{"author": "Hannes Tschofenig", "text": "
Thanks Kay
", "time": "2023-03-28T04:03:33Z"}, {"author": "Roy Williams", "text": "Hello Hannes.
", "time": "2023-03-28T04:07:46Z"}, {"author": "Hannes Tschofenig", "text": "Everyone is welcome to join the note taking tool. Here is the link: https://notes.ietf.org/notes-ietf-116-scitt?edit
", "time": "2023-03-28T04:10:46Z"}, {"author": "Hannes Tschofenig", "text": "We should share the links to the code, if public
", "time": "2023-03-28T04:39:17Z"}, {"author": "Hannes Tschofenig", "text": "The message flows can be found in these slides here: https://datatracker.ietf.org/meeting/116/materials/slides-116-scitt-session-slides
", "time": "2023-03-28T04:41:20Z"}, {"author": "Hannes Tschofenig", "text": "Q: Is it necessary to standardize/register policies?
", "time": "2023-03-28T04:55:52Z"}, {"author": "Orie Steele", "text": "There some basic requirements, that make sense to standardize, but there are also potentially a lot of technical details, rego / open policy agent... Some policies might not be portable... Some might be.
", "time": "2023-03-28T04:58:06Z"}, {"author": "Henk Birkholz", "text": "There are very popular policy languages, \"content typing\" them would be an option. Standardizing policy statements seems to be a whole own sdo
", "time": "2023-03-28T04:58:20Z"}, {"author": "Michael Prorock", "text": "I would say policy stuff is going to have to be in it's own spec, otherwise the architecture is going to be way too unwieldy
", "time": "2023-03-28T05:03:29Z"}, {"author": "Hannes Tschofenig", "text": "I would like to better understand what needs to be standardized for interoperability and what is an implementation-specific choice
", "time": "2023-03-28T05:04:03Z"}, {"author": "Michael Prorock", "text": "Note in the architecture that we expect definition of policies around registration and any other applicable areas
", "time": "2023-03-28T05:04:10Z"}, {"author": "Orie Steele", "text": "the registration info parameter in this signed statement, is the battle ground for some of this debate
", "time": "2023-03-28T05:04:10Z"}, {"author": "Hannes Tschofenig", "text": "It is fine to use policies but in most cases there is no need to standardize them.
", "time": "2023-03-28T05:05:00Z"}, {"author": "Michael Prorock", "text": "I think showing where the hook in is important
\nThat followed by maybe how you describe them
We go much further than the highest level on this it will eat a ton of time and be wrong anyways
", "time": "2023-03-28T05:07:10Z"}, {"author": "Orie Steele", "text": "Content Addressing is really interesting when combined with transparent statements
", "time": "2023-03-28T05:10:50Z"}, {"author": "Orie Steele", "text": "There are a lot of systems that use hashes as natural identifiers for \"Objects\" or statements about objects
", "time": "2023-03-28T05:11:32Z"}, {"author": "Michael Prorock", "text": "+1 Orie - we do that on crawled resources, etc a lot. Including hashes of uris as well as content and combinations of things like timestamp, uri, and content to detect changes
", "time": "2023-03-28T05:15:17Z"}, {"author": "Jon Geater", "text": "We've got 4 more slides to cover and only 12 minutes in this slot so I've closed the queue for now. If you really have a burning desire to comment on scalability LMK
", "time": "2023-03-28T05:18:59Z"}, {"author": "Michael Prorock", "text": "I think with scalability, setting some informative text around benchmark approaches (e.g. what kinds of problems could matter) is not a bad idea based on similar scalability issues I have been seeing in other sign/verify architectures and approaches for other problem sets
", "time": "2023-03-28T05:21:06Z"}, {"author": "Michael Prorock", "text": "But that is totally a list item later as we get more refined
", "time": "2023-03-28T05:21:30Z"}, {"author": "Hannes Tschofenig", "text": "I think a missing point with scalability is to consider the distributed nature of transparency services.
", "time": "2023-03-28T05:22:18Z"}, {"author": "Michael Prorock", "text": "Could be federated more than truly decentralized - discussion with the activitypub folks (implementation side) is not a bad idea
", "time": "2023-03-28T05:26:42Z"}, {"author": "Hannes Tschofenig", "text": "Thanks, Michael. Sounds interesting.
", "time": "2023-03-28T05:28:58Z"}, {"author": "Roy Williams", "text": "I have gone through the architecture document and plan to submit PR's and raise issues in a few areas. Just need time.
", "time": "2023-03-28T05:52:06Z"}, {"author": "Shigeya Suzuki", "text": "+1
", "time": "2023-03-28T05:54:04Z"}]