►
From YouTube: IETF-SCITT-20230206-1600
Description
SCITT meeting session at IETF
2023/02/06 1600
https://datatracker.ietf.org/meeting//proceedings/
A
Hey
guys
hope
you
can
hear
me
Kieran.
A
B
A
A
Cool
thanks
a
lot.
That's
really
helpful
because
capturing
some
of
the
sort
of
key
points,
it's
obviously
quite
important,
because
otherwise
we
would
rehash
them
again.
Then,
the
week
afterwards,
hey
Steve.
A
I
sent
out
the
link
a
little
bit
late,
but
thanks
to
Steve
for
reminding
me.
A
C
Hi
there
sorry
for
being
unmuted,
but
my
new
app
wants
to
basically
be
left
phone
and
it's
always
canceling
a
call
and
creating
a
call
when
a
mutant,
ammued
so
I'm,
just
muting
my
Hardware
wise
and
that's
fine.
A
Yeah
I
was
checking
yesterday
the
progress
that
has
been
made
from
last
Monday
till
this
Monday
I
didn't
see
much
but
Steve
just
pointed
out
that
you
Hank,
you
created
some
text
for
the
use
case
document.
That's
something
we
should
probably
talk
about.
C
Yeah,
so
that's
the
the
open
PR
that
reflects
Monty
wiseman's
contribution
that
initially
we
call
it
a
firmware
use
case,
and
now
it's
more
like
the
context
frosting
about
auditing
things
after
the
fact,
so
how
you
would
enable
that
via
endorsements
coming
from
the
outside,
and
they
should
be
available
and
running
through
that
it.
It
really
resonates
with
me.
I,
don't
know
if,
once
we
see
it
today,
no
I
don't
think
he
is
yeah.
A
But
that's
something
we
should
talk
about
today
and
and
decide
whether
we
want
to
merge
it
or
not,
and
you
can
have
that
included.
For
example,
yeah.
C
Yeah
exactly
and
then
I
can
do
again.
The
agenda
bash
wise
I
can
give
a
small
update
to
the
received
ID
and
through
what's
planned.
There.
C
A
And
then
I
was
also
wondering
about
the
terminology.
I
was
hoping
to
see
some
email
discussions
on
that
the
architecture
terminology.
C
Yeah
so
I
was
on
on
I
was
on
vacation
last
week
and
basically
everything
is
buzzing
today,
so
also
I'm
sitting
in
the
dark,
because
my
house
fell
apart
and
such
so
yeah.
So
there
are
updates
on
the
architecture
terminology
in
so
far
that
we
are
boiling
it
down
to
simple
words.
Now
as
a
intermediate
step.
Basically,
the
supply
chain
entity
is
going
to
put
your
statements
and
days
become
signed
statements
then,
and
they
will
then
be
processed
by
the
part.
A
C
A
A
Actually,
five
minutes
after
the
hour,
so
I
guess
we
should
get
started.
Obviously
vote
come
again,
I
see
familiar
faces,
Lane
I
see
K
Mike
net
thanks
for
joining
oi,
yogesh,
sakuri,
dick
headache.
Okay,
so
from
the
attracted
items,
use
cases
start
with
use
cases.
You
want
to
give
a
brief
update
about
the
receipt
stuff
and
then
the
last
item
is
the
architecture.
Is
there
anything
else?
You
guys
would
like
to
talk
about.
A
Okay,
that's
good!
Let's
start
with
the
use
cases.
Hanky
do
you
want
to
take
the
lead
on
that
or
who
would
be
the
best
person
to
do
to
do
so?.
E
Hank
I
think
we
we
started
reviewing
the
document
and
we
merged
the
pr
initially
from
me,
and
then
we
said
that,
yes,
we
will
go
through
the
news.
New
edits
or
new
section
in
the
final
document
and
I
expect
a
reply
from
audience
through
either
a
PR
or
GitHub.
Issues
on
that
so
I
would
love
to
hear
from
the
community
is.
E
To
say,
I'm,
just
opening
that
document
to
see
is
there
any
upper.
Is
there
any
GitHub
issues
raised
against
that
that
repository
so.
A
So
so,
let's,
let's
have
tickets
in
the
queue.
Do
you
want
to
say
something?
I
will
get
the
link
for
the
repository,
the
use
case,
Repository.
F
Yep,
thank
you.
Johannes
yeah,
just
two
points.
I
I
did
enter
two
issues
on
the
current
use
case.
Draft
they're
really
minor,
but
they
I
put
them
in
there.
Just
some
minor
additions
that
I'm
recommending.
Thank
you.
A
A
E
A
Yeah
I'm
I'm,
seeing
it
yet
waiting.
C
On
the
chat,
Ray
was
highlighting
that
for
the
agenda
today
and
I
think
some
folks
related
to
join.
He
wanted
to
do
some
discussion
on
six
stores,
so
maybe
Ray
wants
to.
C
A
That
put
it.
C
A
But
it's
also
the
the
pr
as
wild
apps,
something
we
should
look
at.
Yes,.
E
Certainly,
yes,
that
was
the
thing
which
I
also
want
to
discuss,
but
I
thought
we
have
gone
systematically
from
top
level
sections,
so
we
had
only
discussed
about
the
first
use
case.
Yes,
in
the
last
meeting
and
I
think
there
was
some
comment
from
Ray
and
they
had
some
issues.
E
So
gay
has
kindly
edited
something
after
discussion
discussing
with
me,
so
we
have
a
slightly
modified
first
use
case,
which
is
a
bit
simplified
then
and
specifically,
address
highlights
the
use
case
in
a
more
clear
way,
rather
than
kind
of
only
talking
about
the
relationship
between
the
supplier
and
the
distribution
and
the
distribution
Authority
or
the
signing
Authority
yeah.
A
So
yeah
very
also
posted
the
mail
to
the
list
discussing
this
use
case.
I
think
it's,
let's
not.
We
have
this.
Let's.
E
A
Have
a
look
at
the
the
details
of
what,
because
I
think
that
email
conversation
on
the
list
was
actually
quite
a
quite
good
summary
of
what
we
talked
about
so
I
I
haven't
read
it
when,
when
did
you
merge
that
change.
E
Yeah,
so
basically,
I
had
sent
an
email
to
the
skit
Community
last
last
Wednesday
that
to
that
we
need
to
move
fast
and
that's
why
I
immersed
it?
Okay,
so
that
people
can
raise
GitHub
issues
directly
if
they
see
any
issue
on
the
because
otherwise
we
kind
of
keep
going
in
circles
and
we
not
make
any
progress.
E
Itf
is
approaching
fast
next
month,
so
we
want
to
submit
this
document
so
that
it
can
be
usable
in
the
skit,
skit
rats,
working
group,
skit
working
group,
so
I
I
just
wanted
to
make
progress
and
we
decided
that
we
will
submit
it
and
if
there
are
any
issues
with
any
specific
sections,
anybody
anyone
has
is
feel
free
to
raise
an
issue
GitHub
issue
or
suggested
Improvement,
using
a
PR
pull
request
on
this
repository.
So
I
had
said
that
explicitly
to
everyone
and
I
think
as
a
result
of
that,
dick
has
created
two
pull
requests.
A
E
A
In
the
queue
Ray,
do
you
want
to
say
something
about
that.
G
Yeah
I
just
wanted
to
bring
up
that.
It
seems
maybe
maybe
in
the
future
meeting
or
something
we
could
get
into
the
the
identity
user
identity
section,
which
seems
to
be
really
hard
problem.
G
G
You
know
my
little
bit
of
research
they're,
bringing
up
the
acronym,
kyc
and
I
guess
ADM,
something
like
that
and
know
your
customer
different
levels
of
authentication
of
the
customer,
this
type
of
thing,
and
also
how
the
authentications
are
you
know
like
if
one
entity
has
validated
an
identity,
then
how
does
that
get
communicated
those
sort
of
things
because
yeah
well
I
was
just
thinking.
G
If,
if
someone
is,
you
know
is
already
in
that
area,
for
we
know
you
know
if
we
had
somebody
come
and
present
at
least
that
would
be
something
I
would
appreciate.
I,
don't
know
about
where
everyone
else
is
on
it.
A
So
I
think
that's
a
point
clearly
and
as
we
also
noticed
from
the
discussion
last
week,
that's
sort
of
the
whole
identity
aspect
is
is
important
yeah,
so
that's
good
thanks,
Ray
I
know
that
it
okay
yogis
back
to
you.
A
E
I'm
focusing
on
the
screen,
so
this
is
use
case
two
which
we
have
improved
upon
is
the
use
case
where
the
software
industry
in
the
software
industry,
a
software
product,
is
released,
and
then
it
is
analyzed
by
various
parties
like
an
auditing
company
would
like
to
do
a
audit
of
the
software
or
the
government
body
might
examine
the
software
product
for
an
issue.
Some
Authority
reports
about
the
state
of
the
product,
so
I
think
this
is
very
similar
to
John,
mentioned
last
about
the
analysis
of
the
product
once
before
it.
E
In
this
specific
use
case,
it
is
after
the
product
is
in
the
market.
People
are
analyzing
it
or
running
running
some
tools
on
that
so,
and
this
use
case
specifically
focus
on
how
the
end
user
can
access
these
access.
E
So
how
one
can
discover
all
such
reports
and
identify
identify,
identity
of
authoritative
bodies
at
significant
cost
to
the
end,
end
user
or
consumer
of
the
product?
If
it
wants
to
know
about
these
reports
to
find
it
from
a
central
location?
So
what
would
the
consumer
want
to
do
is
to
offload
the
burden
of
identifying
all
such
authoritative
entities,
as
well
as
where
who
does
what
on
on
their
behalf
and
where
to
find
these
statements
so,
and
there
is
no
standardized
way
to
do
this
currently
in
the
industry.
A
E
Just
thought
of
summarizing
what
exactly
the
use
case
is
referring
to
so
I'm,
assuming
that
we
will
we
will,
if
there
are
any
issues
with
this
or
if
there
is
anything
which
people
don't
agree
with
and
feel
free
to
raise
issues
or
if
there
is
any
scope
for
improvement.
We
are
happy
to
consider
that
at
least
this
week.
F
Yeah,
thank
you
Johannes,
so
I
I
do
have
to
leave
alone
place
a
request.
Could
could
we
as
we're
reviewing
each
use
case?
Could
we
review
any
open
issues
that
pertain
to
the
use
case
as
we're
as
we're
reviewing
them?
E
Yeah
I
think
we
basically
dick
what
happened
is
the
3.1
was
extensively
debated
last
week
and,
as
you
mentioned
earlier,
that
this
was
a
minor
issue,
so
we
are
happy
to
discuss.
Maybe
if
time
permitting
at
close
to
the
hour,
we
I'm
happy
to
discuss
that
because.
A
H
C
Yeah
yeah,
so
so,
but
with
respect
to
Dexcom
issues,
I
think
that
they
are
easy
to
incorporate
easy
to
incorporate.
So
that's
not
the
some,
maybe
not
something
for
here.
I
would
like
to
ask
because
I
think
Josh
and
Zach
are
here
today
I've.
If
I
may
remember
correctly.
There
was
this
mention
of
sub-use
cases
and
there's
also,
as
yoga
has
highlighted
this
next
meeting
approaching
fast,
and
do
you
want
to
contribute
something
into
that
direction
before
the
cut
off
day?
C
That
is
early
March,
always
two
weeks
before
an
ITF
meeting,
you
shall
only
read
the
documents.
C
You
may
not
write
to
them
anymore,
and
so
they
have
a
two
weeks
moratorium
of
submission,
and
that
is
called
a
deadline
somehow,
because
you
can
publish
all
the
time
unless
these
two
weeks
are
approaching,
then
it's
blocked,
and
so
there's
this
basically
and
deadline
before
ITF
meeting
and
do
you
plan
to
so
again
it
just
address
to
Zach
and
Joshua
parental
would
create
a
PR
that
would
outline
how
these
sub-use
cases
can
Incorporated
in
the
document.
C
Okay,
that
would
be
great
because
we
want
to
I
assume
go
into
an
adoption
call
around
there,
which
will
not
block
anything
like
that
being
Incorporated,
but
we
need
a
stable
point
and
I
think
we
have
to
understand.
C
If
are
we
putting
that
in
before
we
try
to
do
a
working
group,
adoption
call
or
after
it's
a
working
group
item
I
think
both
is
fine
with
me
and
I
think
procedure,
as
we
are
already
doing
like
handing
it
like
a
working
room
item
actually
because
we
do
consensus
here
and
do
nothing
without
having
discussed
it.
But
it's
a
formal
thing
where
you
have
to
get
ready.
Thank
you.
It's
great
that
you
could
do
that
before
then.
A
H
Okay,
sorry
about
that,
okay
yeah!
So
how
do
we
want
to
so?
There
are
issues
posted
against
the
document.
How
do
we
want
to
work
work
through
those?
What
is
the
typical
process
for
that,
and
does
it
make
sense
to
take
time
in
this
meeting
to
actually
walk
through
issues
and
see
if
we
can
get
agreement
on
them
or
or
is
that
something
that's
better
done
offline?
How
do
other
groups
typically
handle
that.
A
Well
normally
like,
if
the
resolution
is
pretty
obvious
and
doesn't
require
any
discussion,
it's
it's
you
you
could
just
do
it,
but
maybe
that's
not
always
the
case
and
so
bringing
it
up
and
discussing
is
that
makes
sense,
I'm
not
entirely
sure
from
the
from
the
issues
which
ones
are
still
current
and
which
ones
are
not
an
issue
that
I
raised
earlier
and
so
so
yeah.
So
that's,
maybe
something
for
the
owner
of
the
issues
to
go
through
to
double
check
whether
they
are
still
applicable
to
the
current
version.
H
Is
that
okay,
okay,
just
to
be
clear,
sorry,
a
project
manager
hat
on
so
yogesh?
Is
that
something
that
that
you're
going
to
do
is
is
go
through
all
of
those
open
issues
or
or
I
can
help
well.
I'll
I'll
be
I'll,
be
I'll,
agree
myself
to
go
ahead
and
go
through
them
and
add
comments
to
all
of
them,
and
then
yoga
she'll
make
the
determination
on
which
ones
get
resolved
and
and
and
where
needed
any
merges
are
made
into
the
into
the
existing
document.
A
J
J
We
have
now
five
weeks
ahead
of
that
freeze
deadline
to
get
to
116
and
we
are
late
on
publishing
the
two
artifacts,
the
two
and
a
half
artifacts
that
we
are
supposed
to
publish,
which
is
the
use
case,
the
security
model
and
the
architecture
and
security
model,
as
we've
noted,
is
sort
of
in
the
architecture,
and
so
about
a
month
ago,
we
adopted
a
strategy
in
the
face
of
some
reasonably
Fierce
discussion
on
terminology
and
both
kind
of
abstractly,
what
the
terminology
means
and
additionally,
in
some
cases,
whether
overlapping
terminology
with
other
groups
was
problematic
or
not,
and
we
adopted
a
a
strategy
of
going
through
the
use
case
document
to
try
and
constrain
the
areas
where
that
was
important.
J
So
we
kind
of
put
down
the
architecture
PRS
for
a
moment
went
to
the
use
case.
Once
my
observation
of
what's
been
going
on
in
the
last
sort
of
few
weeks
is
that
we
was
kind
of
stuck
in
a
catch-22
where
we're
discussing
these
things
in
circles,
but
not
really
making
progress
and
I
think
it
would
help
us
all
if
we
actually
do
the
former
of
What
Hank
suggested,
which
is
to
call
a
vote
pretty
much
now.
Let's
call
it
next
interim
meeting
on
the
use
cases
to
say
you
know:
are
they?
J
J
More
wonderful
but
I
think
it's
time
to
stop
adding
and
we
need
to
take
a
view
on
whether
it's
correct
or
not
and
then
and
then
submit
it
and
then
and
then
make
progress
on
the
architecture,
because
otherwise
I
feel,
like
we've,
been
going
around
in
circles
somewhat
for
a
couple
of
weeks,
so
that
that's
what
you
know
unless
there's
a
howl
of
disagreement,
just
with
my
chair
hat
on
I,
think
the
way
to
make
progress
is
going
to
be
that
so
we'll
say:
let's
call
time
if
you
actually
think
it's
wrong,
absolutely
stand
up,
say
it's
wrong
put
issues
in,
but
if
we
think
it's
fine,
it's
just
not
maybe
as
wonderful
as
it
might
be.
J
I
would
like
to
propose
that
we
get
the
use
cases
document
adopted
and
and
submitted
that
will
give
us
time
to
make
sure
that
the
architecture
and
the
open
issues
on
the
architecture
satisfy
all
of
those
use
cases.
And
then
we
can
have
a
a
successful
ietf116.
A
Thanks
thanks,
John
I
see
do
persons
in
in
the
queue
they
can.
Thank,
probably
in
response
to
what
you
just
said.
Dick
do
you
want
to
start.
D
F
A
Thank
you,
Hank.
A
E
C
Mute
humbling
to
my
half
a
mute
I'm,
so
sorry
yeah,
just
as
a
note
submitting
in
this
case,
an
ITF
scenarios
means
we
are
updating
the
data
tracker
data
track
document
on
the
IIT
website.
That
is
a
official
submission
in,
in
contrast
to
the
incubator,
that
is
GitHub,
and
so
that
is
by
no
means
meaning
that
we're
done
right.
We're
just
creating
a
stable
discussion
points
for
the
next
meeting
and
then,
as
we
have
to
do
this,
all
the
documents
can
go
cycling
through
the
other
documents
to
have
a
reach.
C
J
A
Yeah,
but
it's
also
a
forcing
function,
to
produce
a
somewhat
consistent
document
and
to
say
like
this
is
something
I
want
to
submit
in
so
so
that's
something
I
will
come
to
Hank.
Do
you
want
to
buy
onto
that,
or
do
you
want
to
let
yogish
talk.
A
E
I'm,
a
hundred
percent
on
board
with
what
John
stated
and
that's
what
I
our
effort
was
since
last
week
as
K
and
me,
we
decided
that
we
will
try
to
close
this
document
as
early
as
possible.
So
I
floated
an
email
asking
everyone
in
the
community
here
to
review
it.
E
If
there
are
any
major
concerns
or
anything,
please
raise
issues,
and
so
that
we
understand
that
this
is
the
blocking
thing
which,
which
is
objectionable
and
we
corrected
ASAP
so
that
we
close
as
early
as
possible
and
100
agree
that
the
deadlines
are
approaching
and
we
should
move
on
to
other
documents.
Not
just
sit
on
the
use
case
document
as
well.
Yeah.
A
Okay,
having
said
that,
maybe
yogishi
can
you
quickly
click
on
the
issues.
E
A
See
like
to
to
sort
of
glance
over
them,
there.
A
A
E
Two,
the
top
two
Issue
Number
20
and
issue
number
19,
is
opened
by
dick.
There
are
minor
proposed
changes.
We
are
not
going
to
discuss
that
right
now.
There
are
two
minor
changes,
as
mentioned
by
Hank:
let's
discuss
this
one
from
Hank
use
of
term
trust
in
trust,
bond
between
package
supplier
and
this
I
think
we
have
addressed
that
thing.
To
my
knowledge,
we
removed
the
word
trust
as
much
as
possible.
E
H
Okay,
sorry
yeah.
It
takes
a
little
while
for
the
mic
to
come
on
it.
H
Maybe
a
couple
of
more
places:
I
just
did
a
search
on
on
the
word
trust
and
it
is
showing
up
a
few
times
in
the
document.
So
it
looks
to
me
like:
there's
are
a
few
more
places
where
we
might
want
to
make
edits.
I'd
be
happy
to
make
a
PR
to
to
address
the
remaining
issues
that
I
see.
A
Okay,
if
there
sometimes
the
term
may
be
just
fine
but
yeah.
H
A
H
I
agree
in
some
cases,
it'll
say
things
like
this
is
a
requirement
in
order
for
a
consumer
to
establish
trust
and
that
that
cases
are
makes
sense,
but
there
are
still
at
least
one
I'm,
seeing
where
we
talk
about,
manage
a
trust,
relationship
and
I
think
those
are
the
ones
we
want
to
try
to.
A
F
A
I
A
Very
good
yeah
I'm,
not
I'm,
not
saying
that
I
think
that's
that's.
What
K
is
hopefully
going
to
look
at
is
is
to
see
where
foreign,
where
the
use
of
trust
is
appropriate
and
where
it
isn't,
because
it
just
like
read
through
it
and
and
see
whether
you
you
think
you
understand
it.
If
it's
like
trust,
is
printed
all
over
the
place,
then
it's
maybe
maybe
hard
to
understand,
and
maybe
this
is
the
issue
we
just
looked
at
is
is
maybe
can
be
closed
already.
I
I
don't
know.
H
There
are
just
a
couple
questions
and
they're
just
a
couple
of
places
where
we
talk
about
trust
relationships
and
Trust,
bonds
and
I
think
we
want
to
reward
those
couple
of
places.
I
I
think
it's
relatively
minor
I'm
happy
to
create
a
pull
request
for
that.
If
that's
yogesh,
if,
if
that
would
be
useful,
if
you'd
rather
I,
don't
I,
I'm
I,
think
I
think
it.
F
E
A
Native
speaker,
you
obviously
like
know
how
to
to
phrase
the
the
sentence
is
better
than
I
would
ever
be
able
to
do
it
so
yeah
you're.
I
F
Yeah,
thank
you,
honest
I'll.
Be
brief,
so
just
a
couple
of
thoughts,
so
we
talked
some.
It
seems
like
there's
some
concern
about
the
word
trust,
but
the
fact
is
that
trust
is
part
of
our
name.
F
So
you
know,
if
we're
going
to
keep
it
as
part
of
our
name,
then
I
think
we
need
to
say
something
about
what
we
mean
by
trust
in
in
the
use
cases
and
in
the
architecture
and
so
and
the
other
thought
is
I
thought
we
removed
trust
bond
or
replaced
it
with
trust
relationship.
So
I
I
didn't
think
that
was
still
an
issue
thanks.
A
Right,
yeah
I
think
you
rightfully
said
it
so
like
we
need
to
explain
what
we
mean
and
if
that's
done
that's
great.
G
Right
yeah,
so
thank
you
for
for
looking
at
this
topic
on
I
I
do
think
it
could
be
explained
pretty
easily
by
saying
that
that
the
trust
is
established
through
evidence
and
that's
what
we
want
to
get
to
is
to
not
have
just
blind
trust,
which
a
lot
of
times
is
what
people
think
of
like
you
can
trust
me,
and
but
he
I
was
making
a
note
that,
even
like
a
trust
deed
which
you
can
you
know
you
can
exchange
and
so
forth,
they're
backed
up
by
an
interest
in
the
property.
G
So
you
really
don't
trust.
Anyone
with
a
trustee,
so
trust
is,
is
is
fine
in
the
name.
I.
Think,
because
really
we
want
to
to
make
it
so
that
you
can
you
can
you?
Can
you
can
establish
a
trust
relationship
by
finding
all
that
evidence,
and
so
some
way
to
word
it
like
that
I
think
could
be
the
way
to
go
and
no
I'm
not
saying
take
it
out
of
the
name.
I
think
it's
fine
to
have
it
and
then
keep
the
name,
and
everything
and
trust
is
a
good
thing.
G
G
We
can
backtrack
all
of
the
packages
and
find
out
where
they
came
from,
and
we
can
see
everything
along
the
way
if
it's
other
kinds
of
material
we
can
see
where
they
came
from,
and
so
so
there
shouldn't
be
a
need
to
say:
okay,
well,
I
I
trust
that
company,
and
so
therefore
everything
is
fine,
although
there
is
that,
because
the
software
package
is
a
pretty
complex
thing
and
when
they
say
yeah,
this
works
according
to
the
specifications.
You
can't
backtrack
that
unless
you
have,
you
know
a
test
house
or
something.
G
A
Really
I
think
in
in
in
in
a
summary,
what
you're
saying
is,
if
you
use
that,
don't
trust
say
who
you
trust
and
to
do
what.
G
I
think
we
we
want
in
a
nutshell,
the
trust
is
built
through
solid
evidence
and
that's
what
skit
provides
is
a
trail
of
solid
evidence
to
create
that
trust
relationship.
Something
like
that.
So
what
you
know
our
goal
is
to
actually
create
that
that
trail
of
evidence
that
we
can
look
to
yep
without
saying,
okay.
Well,
it's
Microsoft,
therefore
I
trust
what
they
do
and
it's
it'll
be
a
good
package,
and
there
is
that
right.
G
There
is
that
name,
recognition
with
companies
as
to
whether
or
not
in
the
past,
their
stuff
has
worked,
and
so
you
can
shortcut
it
and
you
can
say
well.
You
know
this
is
a
good
company.
That's
produced
solid
products
in
the
past,
but
then
for
more
for
more
sophisticated
customers,
we're
not
going
to
use
that
rule
of
thumb
and
they're
going
to
want
more
evidence
to
back
it
up
and
that's,
what's
get
actually,
hopefully
will
will
provide
for
those
more
sophisticated
customers.
Thanks
yeah.
A
J
D
J
So
yeah,
just
with
another
I'm
trying
to
be
a
bit
strict
on
on
keeping
these
work
items
in
line
and
getting
those
deadlines
hit.
This
is
an
area
that
comes
up
a
lot
and
it
seems
to
me
a
couple
of
things.
So
I
really
like
what
Ray
just
said
and
I'm
gonna
hit
the
button
on
a
comment
in
the
chat
there.
You
go,
I
want
to
make
sure
we
stay
on
target
and
within
scope
of
what
skit
does
and
a
lot
of
the
use
cases.
J
Obviously,
because
the
use
cases
are
talking
about
applications
that
can
be
built
on
top
of
a
skit
registry
or
use
cases
and
and
Trust
dynamics
that
can
be
established
on
the
basis
of
the
consumption
and
verification
of
some
number
of
skit
feeds.
But
they
don't
give
it
to
you
themselves.
So
I
think
we
need
to.
J
You
know
we're
to
be
very
crisp
and
clear
in
what
we're
sort
of
voting
on
in
the
working
group
here
that,
if
we
sort
of
disagree
or
don't
understand
the
terminology
of
something
like
trust
buttons,
but
it's
in
the
domain
of
an
application
on
top
of
skit
rather
than
skit
itself,
I
think
we
need
to
have
a
a
moment
of
pause
where
we
just
put
that
to
the
side
and
fix
the
things
that
we
can,
that
we
can
fix.
J
That
was
inspired
actually
by
a
lot
of
this
talk
about
identities
and
we've
had
three
or
four
talks
of
identities.
Here
we
need
to
bear
in
mind
that
the
minimal
set
of
interoperable
building
blocks
for
creating
trustworthy,
Supply
chains
does
not,
according
to
our
Charter
or
any
conversation.
I
remember
include
necessarily
automatically
verifying
all
of
these
things
and
in
particular,
if
we
think
about
kyc
processes.
J
It's
checked
by
manually,
going
and
digging
that
thing
out
and
having
a
look
at
whether
the
photocopy
looks
like
a
legitimate
passport
or
not,
and
the
minimal
set
of
interoperable
building
blocks
that
skit
is
trying
to
enable
in,
in
my
opinion,
if
I'm
allowed
to
have
an
opinion
is,
is
at
that
level.
J
So
we'll
have
identities
where
you
contribute
things
to
the
system,
and
obviously
you
have
to
authenticate
yourself
to
the
notary
in
order
to
be
allowed
to
make
statements,
but
the
statements
you're
then
making
are
not
two
an
iot
device
or
two
a
private
person.
They
are
about
the
iot
device
or
about
the
private
human
and
so
all
the
questions
of
identity.
A
I
Yeah,
thank
you.
John
I
agree
to
most
of
what
you
said.
There's
a
few
boundary
cases
that
I
have
issues
with
Ray
the
there
is
some
implicit
trust
in
a
lot
of
our
business
day
relationship.
If
our
corporate
legal
department
says
the
licensing
on
OSS
component
complies
with
our
policy,
I
trust
they've
done
their
due
to
and
I
do
not
go
off
and
I
profess
to
know
the
legal
ramifications.
So
there's
plenty
of
places
in
our
daily
lives
where
the
signing
entity
infers
some
implicit,
Crosstour
removal
of
responsibility.
A
Okay,
Neil.
D
Yeah,
just
briefly,
as
I
noted
in
chat,
I
I
think
that
the
way
the
document
currently
as
I
see
it
refers
to
the
trust
relationships
is
that
we're
help
we're
trying
to
we're
interested
in
standardizing
trust
relationships
and
I.
Don't
think
we
are
I
think
as
people
are
saying
we're
trying
to
standardize
the
way
that
the
evidence
is
organized
and
organizations
are
going
to
have
a
myriad
of
ways
to
manage
their
trust
relationships,
but
I,
don't
so
thanks.
C
Yeah.
This
is
just
me,
20
minutes
before
the
end
of
the
hour,
saying
that,
because
we
have
other
two
other
topics
there
and.
A
Yeah
yeah
fair
enough
Hank
I
I
checked
through
the
issues
myself
yeah.
That
issues
seem
to
be
straightforward.
K
had
already
indicated
that
she
would
be
working
on
those
and
yeah
I.
E
A
A
week
to
either
close
the
issues
address
them
or
whatever
is
necessary
to
do
whatever
is
necessary
and
will
submit
the
document
in
in,
hopefully
the
in
a
better
shape.
Next
week,.
E
So
Hannah's
I
have
reviewed
the
issues
as
well.
I,
don't
think
there
is
any
issue
which
is
blocking
or
pending
yeah.
To
my
knowledge,
they
are
all
issues
already
addressed.
Only
two
issues
from
dick
is
a
minor,
rewarding
or
Corrections,
which
me
and
K
will
review
and
correct
that
taking
dicks
and
ask
dick
to
approve
the
review,
the
pr
that
is
according
to
what
he
was
thinking
on
in
line
with
what
he
is
looking
forward
to.
E
Apart
from
that
I,
don't
think
there
is
any
major
Blocker
on
this
document
on
the
trust
aspect.
What
what
we
have
tried
to
show
in
the
use
case
is
not
how
to
trust,
but
what
are
the
type
of
evidences
which
are
required
or
which
are
missing
in
a
standardized
way
so
that
trust
can
be
implicitly
established
after
the
verification
event
is
happened
so.
A
We
are
focusing
on
yeah,
like
just
from
the
feedback
today,
I
think
there's,
maybe
maybe
it
doesn't
get
across
there
yet.
So
that's
why
it
might
be
might
be
good
to
double
check
again
to
see
whether
you
sort
of
like
you
got
there
in
that
intention
of
what
you
want
to
say.
A
A
Just
repeat
it
yourself
to
see
like
from
the
feedback
you
got
today
does
it
is?
Is
that
reflective
like.
A
I
say
that,
intentionally
to
trust
you
to
get
that
solid
out
somehow
yeah.
E
F
A
Now
yeah
so
Hank
do
you?
Can
you
say
a
few
words
about
the
receipt
update
or
the
receipt
pending
update.
C
Yeah,
exactly
and
to
my
delight,
Mike
is
also
here
so
Mike
is
here.
That
is
important,
and
power
is
also
here
so
I
think
we
are.
We
had
a
lot
of
discussions.
How
to
this
is
going
down
to
the
Cozy
level
to
the
to
the
to
the
civilization
proposal
we
are
creating
and
we
had
a
lot
of
feedback
already
on
the
use
of
word
of
counter
signature
whenever
you
countersign
something
and
add
a
single
by
that
is
not
about
the
semantic
of
quota.
C
Signing
You're,
Not
Just
counter
signing
you're
doing
something
else.
Good
example
is
the
trusted
timestamp
Authority
that
creates
a
trusted
timestamps
homes.
That's
pretty
much
like
counter
signing
it's
something
because
you
get
something
condescend
back,
including
the
time
stream,
but
it
isn't
it's
something
more.
So
receipts
are
its
own
thing
and
receipts
includes
proofs
of
mercury
proofs,
and
then
we
were
of
course,
first
of
all
a
little
bit
egocentric
and
we're
focusing
on
how
this
is
useful
to
skit
until
we
realized
well.
C
C
Have
the
plan
to
start
a
generic
cozy
based
representation
of
various
types
potentially
of
mercury,
proofs
there's
more
than
one
apparently,
and
actually
the
number
might
grow
if
even
if
we
go
to
post
Quantum
and
then
build
from
there,
the
bases
back
to
skits,
where
we
use
that
generic
cozy
Merkel
tree
proof
ID
that
we
want
to
create.
C
We
have
a
relatively
tight
deadline
for
this
I
think
we
want
to
have
internally
as
offer
something
communicatable
on
transparently
on
Thursday
actually
and
then
go
from
there
and
then
maybe
even
have
something
next
week
to
appoint
you
to
as
a
generic
approach.
Probably
it's
a
mess
in
a
construction
site,
but
that's
where
we
are
and
now
I
would
like
to
ask
into
the
group
here
or
your
mic.
Do
you
would
you
like
to
add
something
to
that,
or
is
that.
A
You
mentioned
some
discussions
and
and
updates
to
the
document.
Are
those
updates
visible
to
the
the
group
or
radio
or
where
do
the
discussions
take
place
on
this
topic?.
C
Discussions
are
typically
amongst
authors,
as
this
is
an
individual
work
at
the
moment.
We
want
to
extend
that
with
a
good
proposal,
we're
basically
giving
a
spoiling
the
surprise
so
to
speak,
because
we
want
to
be
transparent
and
that
way,
because
we
had
a
heated
discussion-
how
to
do
this
so
to
speak.
A
lot
of
ideas
were
coming
together
and
I
think
we
have
a
way
forward
now.
So
transparency
will
hopefully
kick
off
this
weekend.
Then
next
week,
everybody
again,
you
can
point
something
to
it.
That
is
internal
author.
A
Okay-
okay,
that's
that's
good
yeah,
so
we
obviously
eagerly
wait
to
see
that
new
outcome
of
what,
whatever
you
did,
because
it's
relevant
to
to
the
work
in
the
group
while
you're
in
the
queue.
Maybe
you
could
also
say
a
few
words
about
the
architecture
or
maybe
you
want
to
push
that
to
someone
else.
A
C
Yeah,
the
least
attention
went
through
that
I
have
to
admit,
so
we
are,
as
we
are,
the
heart.
Stopping
the
terminology
circular
discussion
also
and
looking
at
use
cases
I
think
we
just
have
to
rekindle
that
I
can't
say
that
next
to
the
statement
example
I
gave
earlier
with
respect
to
terminology
that
we
have
improved
significantly.
There
there's
also
a
the
original,
the
the
claim,
slash
sign
statement,
civilization
example
in
the
architecture.
C
We're
not
entirely
sure
if
it
belongs
there,
it
is
there
for
now
and
we
will
adjust
it
accordingly
to
what
we
find
out
with
the
general
discussion.
Cozy.
That's
all
I
can
say
today
to
be
honest,
as
we
have
done
all
the
other
parts
at
the
moment.
E
No
I
I
didn't
have
time
to
do
that,
so
I
will
take
it
on
now,
with
this
use
case
document
getting
a
little
in
a
good
shape
and
we'll
focus
on
that
I'm.
Actually
looking
for
Cedric
and
Anton
to
join
the
discussion
here,
but
seems
they
are
the
initial
authors
of
the
document
and
they
don't
seem
to
be
attending
any
meetings
from
last
since
in
the
new
year.
So.
A
Yeah
yeah
I
wound
up
yeah
I've
noticed
that
too.
E
H
Right
I
just
was
going
to
ask
him:
I
I,
I
I
think
that
we
can
have
Cedric
and
Antoine
participate.
I,
don't
think,
there's
any
reason
not
to
but
I.
Since
Mike
is
in
the
same
group
as
them
I
thought.
Maybe
he
could
confirm.
A
I'm
we
were
just
very
busy
internally
at
all
yeah
yeah
I
think
it
it's
probably
worthwhile
to
point
out
like
anyone
who
has
ever
worked
on
an
IDF
documents
may
know
that
already.
But
it
sounds
like
a
small
effort
like
writing
a
paper,
but
it
actually
isn't
it's
a
tremendous
amount
of
work
to
come
to
a
document
that
Everyone
likes,
and
it
typically
means
rewriting
it
so
many
times,
and
so
just
celery
can
and
and
one
I
think
they
are
new
to
the
IDF
process.
A
So
I
just
want
to
sort
of
mention
and
sort
of
mention
this,
so
that
they
are
not
surprised
about
the
effort.
The
amount
of
effort
that
needs
to
go
in
there
just
saying.
A
A
Great
yes,
but
I
I
can
guarantee
you
that
at
the
time
when
the
architecture
document
goes
to
the
isg,
there
will
probably
be
no
single
word
in
there.
That
was
in
initial
version.
So
it's
just
and
I'm
sure
a
couple
of
people,
the
nature
of
the
process.
A
The
way
how
things
work,
it's
not
a,
not
a
bad
thing,
not
a
not
a
good
thing,
but
it
is
just
what
it
is.
Since
we
are
approaching
the
end
of
the
hour,
I
I
still
wanted
to
get
to
the
six
door
question
but
I
before
that.
A
I
also
wanted
to
point
out
that
early
bird
registration
ends
today,
so
if
you
haven't
registered
for
the
IDF
meeting,
yet
you
may
want
to
do
so
today,
just
to
benefit
from
the
cheaper
rate,
also
useful
to
think
about
and
do
the
registration
as
early
as
possible.
Is.
The
hackathon
participation,
of
course,
we'd
like
to
see
people
sitting
together
on
the
two
days
before
the
ITF
meeting,
starts
to
work
on
some
code
together.
Last
time
it
was
a
lot
of
fun.
D
A
Please
think
about
that
too,
and
so
Ray
you
wanted
to
talk
about
the
the
six
star
topic.
Do.
G
You
can
you
yeah,
okay
and
I'm,
glad
that
Neil
brought
this
up
to
at
the
end
here
the
so
we
had
them
the
overview
in
a
meeting
and
it
pretty
much
took
the
whole
time.
It
was
really
good
to
get
that.
G
They
have
a
lot
of
things
that
are
very,
very
excellent
in
terms
of
being
able
to
tie
into
what
we're
doing,
except
the
courses
I
brought
up
in
the
meeting.
The
the
issue
is
that
the
identity
and
and
I
thank
Ori
for
for
those
documents
that
he
passed
to
me
in
the
chat
regarding
SP
800-63
might
be
the
source
of
that.
G
So
so,
yes,
I
do
believe
that
that
there's
a
lot
of
good
things
done
by
Sig
store
and
making
it
super
easy
for
people
to
to
push
things
into
a
repository
in
science.
What
it
doesn't
do
is
look
at
the
bigger
picture
of
everything
like
all
the
different
repositories
that
are
combined
into
a
product
and-
and
this
thing
called
in
Toto-
doesn't
do
that
either
they
they
look
at
one
build
pipeline
for
one
one
type
of
product
and
not
across
the
different.
G
You
know
there's
so
many
different
aspects
of
products,
these
days
browser
things,
and
you
know
things
that
run
on
the
server
and
all
that
stuff,
they're
all
in
different
repos
and
in
different
containers
and
everything
else,
and
yet
a
lot
of
times.
G
It's
all
part
of
one
product
concept,
and
so,
though,
that
kind
that
is
not
you
know
so
that
larger
view
of
of
a
product
is
not
taken
into
by
by
Sig
store
that
I
can
tell,
but
but
so
between
the
identity
problem
and
so
I
think
the
layering
can
be
really
good
because
a
lot
of
what
they
have
there
is
fine.
And
then,
if
we
get
this
identity
thing
done,
then
I
mean
that
was
just
my
my
feedback
on
it
was
that
part.
G
So
if
anyone
else
wanted
to
say
anything,
I'd
like
to
hear
any
other
comments
that
other
people
had.
A
Yeah
I
have
yoga
Shina,
cute
I,
don't
know
yoga.
She.
A
E
B
Regarding
just
the
the
concept
of
identity,
generally,
I
was
going
to
provide
a
link
to
the
document
that
I'm
a
document
Shepherd
of
from
the
UTA
you
to
working
group.
It
basically
it
covers.
You
know
some
components,
I
think
are
relevant
if
we're
building
on
top
of
certificates
and
we're
looking
at
the
concept
of
service
identity,
as
opposed
to
you
know:
human,
individual
user
developer
contributor,
you
know
quality
assurance
officer,
identity,
so
identity
for
software
systems
or
processes,
as
opposed
to
Identity
for
people
or
organizations.
That's
it.
A
Okay,
thanks
thanks,
I
I
could
also
in
white.
My
coach
here
revert
from
the
OS
working
group
to
join
one
of
our
meetings
in
the
future
and
talk
a
little
bit
about
identity.
A
B
G
At
least
in
terms
of
how
we
might
be
able
to
integrate
that,
because
I
I
think
it's
going
to
wind
up
being
a
really
critical
aspect,
since
I
mean
Sig
score,
has
done
almost
everything
and
most
for
software
within
the
scope
of
one
repo
and
one
you
know,
maybe
one
pipeline
of
getting
something
out,
but
not
multiple.
G
You
know
like
one
repository
release,
type
thing
and
everything
you
might
do
with
that,
but
not
all
the
different
repositories
together
and
and
that
bigger
picture
wasn't
there,
so
that
that's
really
the
feedback
that
I
had,
and
so
maybe
if
we
can
get
a
an
identity
something
to
if
we
can
focus
on
identity
at
some
point
and
I,
don't
want
to
I,
don't
want
to
try
to
misdirect
the
group
from
the
use
cases.
A
No,
no
I
think
this
is
part
of
the
use
cases
as
well.
One
of
the
the
use
case
write-ups
that
we
saw
Yes.
A
Six
to
actually
covered
that,
and-
and
of
course
it's
also
an
architectural
aspect,
so
so
I
I
definitely
think
this
is
sort
of
like
an
aspect
that
needs
to
be
thought
about.
We
are
not
going
to
Define
develop
a
new
identity
system,
but
of
course
it
needs
to
somehow
work.
G
Yeah,
and,
and
also
to
at
least
be
able
to
say,
like
this,
is
a
level
of
identity
that
has
been
established.
G
You
know
so
Sig
store
uses
a
pretty
loose
approach,
but
it's
not
too
bad,
because
those
those
identities
may
be
fairly
well
established
by
other
means
and-
and
they
just
are
not
communicating
that.
So
if
we
can
get
fi
get
to
some
sort
of
an
assertion
that
we
can
put
in
the
skit
Ledger.
That
says
this
identity
was
established
to
a
certain
level
or
I.
G
Think
it's
mostly
we're
talking
about
you
know,
firms
or
organizations
or
groups
that
are
government
entities,
for
example,
may
be
very
easy
to
that's,
usually
what
I'm
thinking
of
easy
to
have
them
be
identified,
but
some
means
to
say
this
is
the
level
of
identification
and
some
I'm
sure
it's
defined
somewhere.
The
the
levels
of
you
know
how
well
we've
looked
into
the
identity
of
this
of
this
entity.
A
Thanks,
of
course,
of
course,
that
work
has
been
yeah
well,
I
will
I,
will
invite
the
river
talk
to
him
and
find
out
what
time
works
for
him
and
and
also
think
about
like
what
works
for
us
in
terms
of
progress
on
our
documents.
A
E
I
won't
be
long.
First
is
because
of
the
ongoing
environment
surroundings
about
the
kind
of
reductions
I
just
wanted
to
ask
that.
Will
there
be
enough
on
on-site
participation
for
the
next
month,
ITF?
Otherwise,
you
have
to
schedule
some
kind
of
an
online
presentations
or
something
like
that.
Would.
A
Be
there
would
be
online
and
offline
anyway,
yeah.
E
A
In
person
meeting
and
then
there
will
be,
people
can
dial
in
for
those
who
who
are
unable
to
participate
in
person.
So
so
that's
the
default
setup
anyway
of.
E
Course
what
I
mean
the
presentations?
What
I
mean
was
presentation
as
well?
You
are
okay
with
that
yeah,
the.
A
Group,
we'll
figure
this
out
I'm
sure
we'll
yeah,
okay,.
E
And
second
thing
is:
there
were
a
lot
of
interesting
presentations
on
the
first
Dem
which
occurred
last
this
Saturday
and
Sunday
about
software
bill
of
material
and
supply
chain,
so
I'm
going
to
reach
out
to
them
and
see
if
they
they
can
get
attracted
to
skit
and
what
work
we
are
doing,
because
they
are
an
excellent
source
of
community
which
which
are
already
dealing
with
the
problems
of
how
to
address
supply
chain
security
issues.
So
that's
something
on
my
agenda.
A
Yeah
and
I
think
we've
reached
the
end
of
the
hour,
we're
not
yeah.
Actually
we
did
already
so
yeah.
Thank
you
all
for
joining
and
please
use
that
week
to
sort
of
add
improve,
modify
the
use
case
document,
so
you
you
feel
happy
with
it,
because
we
would
really
like
to
publish
it
next
Monday
after
the
after
the
meeting
is
over.