Supply Chain Integrity, Transparency and Trust (SCITT)
Weekly Meeting Agenda and Notes (Weekly, Mon, 8 AM Pacific)
Scope: Supply Chain Integrity, Transparency, and Trust (SCITT)
Description
The scope of this BOF is focused on solutions that fulfill a set of fundamental guiding technical objectives: IoT-applicable, crypto-agile, and identity-agile.
The intent is to create a globally uniform/interoperable (counter-)signing format for “Statements made about supply chain elements”, to enable offline/air-gap validation, and to reduce emerging issues with respect to claim-lifetime & identity-lifetime.
The planned results for the non-WG forming BOF include:
- Expression of interest in solving the described problem through standardization in the IETF
- Kick-off for discussing how to standardize illustrated supply chain security problems at the IETF
- Minimal/conceptual charter building bloc
The activities to be spawned from this BOF should result in:
- Goals and non-goals for an initial charter based on, for example, An Architecture for Trustworthy and Transparent Digital Supply Chains and non-WG-forming BoF participant input
- Attracting a new audience to the IETF
- beyond SBOM, identifying at least one use-case involving physical goods that we can bring in enough energy for
Success factors:
- Establishing a shared understanding of the problem statement
- Bringing relevant stakeholders into the room
- Stimulating list/discussion activity
Go to above link for full info
Who ya gonna trust?
Digital Utility Group The mission of this group is to bring together utility professionals in the power industry who are in the thick of the digital utility transformation.
Cryptography Review of W3C Verifiable Credentials Data Model (VCDM) and Decentralized Identifiers (DIDs) Standards and Cryptography Implementation Recommendations
by David Balenson & Nick Genise.
Traceability Interoperability v0.0
Unofficial Draft 10 June 2022
JSON Encoding for Post Quantum Signatures
Internet Engineering Task Force (IETF)
The Internet Engineering Task Force (IETF) is the premier Internet standards body, developing open standards through open processes.
The IETF is a large open international community of network designers, operators, vendors, and researchers concerned with the evolution of the Internet architecture and the smooth operation of the Internet. The technical work of the IETF is done in Working Groups, which are organized by topic into several Areas. Much of the work is handled via mailing lists. The IETF holds meetings three times per year.
The IETF standards-setting process is open to any individual interested in providing technical contributions.
Participants new to the IETF—even those with previous experience with Internet technologies or working in other standards-setting bodies—find it helpful to read Getting Started in the IETF and The Tao of the IETF.
Github: IETF / Supply Chain Integrity, Transparency and Trust (SCITT)
The Supply Chain Integrity, Transparency and Trust (SCITT) initiative is a set of proposed industry standards for managing the compliance of goods and services across end-to-end supply chains. It supports the ongoing verification of goods and services where the authenticity of entities, evidence, policy, and artifacts can be assured and the actions of entities can be guaranteed to be authorized, non-repudiable, immutable, and auditable.
Github: Authentication Tutorial
This tutorial describes how to obtain an access token for use in making authenticated requests to a VC API endpoint.