Trust Registry or Governance Registry

[darrellodonnell]

We've been discussing this a bit in Slack so I figured I'd start the Idea here in Discussions.

The blurring of discussions that comes with using the very overloaded word "trust" is getting hard. I wonder if Governance Registry may help manage both the scope and focus for our efforts.

I'm sharing the following more broadly to generate some input:

What is a Governance Registry?

It’s a digital repository that provides access to information managed under a Governance Framework. This information is used to interact with the digital systems that operate under a particular governance framework.

All of the above is just a staring point for discussion.

[mathieuglaude]

To write out some of my comments from today's meeting:

1. We should think about who the naming matters most for. I don't think it matters very much for end consumers, but more from identity system managers whom we want to adopt our frameworks. We should try to stay aligned with existing acceptable lingo.
2. One one side, I don't like the idea of calling these things "lists" or "registries" as they are both specific implementations that are among many inputs that can be used to inform someone that is trying to make a trust decision.
3. On the other side, I like the idea of starting with "lists" or "registries" in the name since it helps limit the scope of this working group so that we can achieve some quick deliverables. If we try to tackle too large of a scope, we'll never get anywhere and confuse our stakeholders.

[trbouma]

My inclination is to stick with the word "Trust Registry" as the term of art, and make sure we limit our scope to what we can deliver as a group and refine the definition as we progress.

Once approach I like to use is to define methods (as Darrell has been doing in the OpenAPI spec) and ask questions 'do they make sense or fall into scope?' of what I need from our 'trust registry'. For example, will the trust registry list the did methods that I can trust, and by whose judgment/authority? Will it list issuers? Will it list other governance authorities, etc?

[mathieuglaude]

I would agree with you based on traction that has in the market. And I think that defining scope right now is more important than re-branding.

[IDmachines]

I like where Tim is going to find a scope, there is method list.. https://www.w3.org/TR/did-spec-registries/#did-methods and DID-CORE (and current API) what else for a "trust registry" perhaps? Level 2 trust?

[darrellodonnell]

agreed