sry I am late
", "time": "2023-06-12T15:10:09Z"}, {"author": "Orie Steele", "text": "I've been looking at registration policies related to domain verification recently
", "time": "2023-06-12T15:12:57Z"}, {"author": "Orie Steele", "text": "https://mailarchive.ietf.org/arch/msg/dance/XALzTQEO-3JnJDbhzyAVlPkXdvU/
", "time": "2023-06-12T15:12:59Z"}, {"author": "Orie Steele", "text": "Yep Jon, thats correct, there were discussion about policy dependencies, and portability
", "time": "2023-06-12T15:14:19Z"}, {"author": "Orie Steele", "text": "I'm que'ed to summarize some of what was discussed
", "time": "2023-06-12T15:15:13Z"}, {"author": "Orie Steele", "text": "basically anytime you process a signed thing, you have to have a reason to trust the key.
", "time": "2023-06-12T15:18:08Z"}, {"author": "Orie Steele", "text": "could be you have an allow list, could be a CA thing.... could be \"trusted domains\" with \"key discovery\", etc..
", "time": "2023-06-12T15:18:39Z"}, {"author": "Orie Steele", "text": "if you have an iss field... you kinda need to discuss what its expected values are
+1 Yogesh, the question is, if there are minimal requirements regarding understanding references to transparent statements.
", "time": "2023-06-12T15:25:08Z"}, {"author": "Orie Steele", "text": "or not.
", "time": "2023-06-12T15:25:10Z"}, {"author": "Raymond Lutz", "text": "Sure it is prudent to think of this now esp. with regard to SW use case, but perhaps only to ensure that they can be accommodated by the scitt mahine.
", "time": "2023-06-12T15:32:16Z"}, {"author": "Steve Lasker", "text": "Please review notes, to assure we're capturing the thoughts, accurately
", "time": "2023-06-12T15:33:43Z"}, {"author": "Orie Steele", "text": "saudio issues
", "time": "2023-06-12T15:35:07Z"}, {"author": "Jon Geater", "text": "KISS @neil - +1
", "time": "2023-06-12T15:37:10Z"}, {"author": "Jon Geater", "text": "We need to hear out the concerns and needs of the WG but my leaning is to shed as much complexity as possible for our initial publication
", "time": "2023-06-12T15:38:09Z"}, {"author": "Orie Steele", "text": "its is because issuers are compromised, that you consider making transparent the registration policy that was applied when a signed statement is made transparent
", "time": "2023-06-12T15:38:44Z"}, {"author": "Orie Steele", "text": "sounds like you are talking about witnessed identifiers?
", "time": "2023-06-12T15:43:23Z"}, {"author": "Orie Steele", "text": "full circle... to my domain comment at the start : )
", "time": "2023-06-12T15:47:25Z"}, {"author": "Orie Steele", "text": "great comments regarding domain verification, but that seems to be a \"service specific\" policy
", "time": "2023-06-12T15:48:38Z"}, {"author": "Orie Steele", "text": "there could be lots of other policies related to assurance levels for the issuers.
", "time": "2023-06-12T15:49:09Z"}, {"author": "Orie Steele", "text": "consider a transparency service policy for processing passkey authenticators... some services might only accept certain platform authenticators
", "time": "2023-06-12T15:51:56Z"}, {"author": "Raymond Lutz", "text": "Maybe good to defer the policy issue by having a policy verifier -- akin to what RATS did to avoid the issue, yet provide the mechanism
", "time": "2023-06-12T15:52:07Z"}, {"author": "Raymond Lutz", "text": "Such a verification would occur as it is submitted.
", "time": "2023-06-12T15:54:00Z"}, {"author": "Steve Lasker", "text": "TIme Check
", "time": "2023-06-12T15:55:13Z"}, {"author": "Orie Steele", "text": "payload structures are out of scope : /
", "time": "2023-06-12T15:56:12Z"}, {"author": "Orie Steele", "text": "content types are the solution to that.
", "time": "2023-06-12T15:56:27Z"}, {"author": "Jon Geater", "text": "I'm hearing overwhelming opinion leaning to the simple case
", "time": "2023-06-12T15:56:42Z"}]