The Trust Registry Task Force (TRTF) at Trust Over IP (ToIP) is pleased to announce Public Review 02 (PR02) of the Trust Registry Query Protocol Specification V2.0.
The Challenge: Verifying Trust at Scale
The power of open standard digital wallets—now being implemented across the EU, Canada, Bhutan, and dozens of other jurisdictions—is that they can accept verifiable credentials that are digitally signed by issuers and cryptographically verified by relying parties.
However, cryptographic verification alone is not enough. A relying party also needs to know that the issuer is authorized to issue a particular type of credential. For example, to verify a California mobile driver's license (mDL), you first need to confirm that the issuer is actually the California Department of Motor Vehicles.
Now multiply that across 50 U.S. states, hundreds of international jurisdictions, and thousands of credential types serving countless digital trust use cases. The need for a simple, fast, and secure way to verify trusted participants becomes clear.
The challenge doesn't stop with issuers. The EU's eIDAS 2.0 legislation also requires "verifying the verifier"—ensuring that parties requesting personal data from wallet holders are authorized to do so.
What is TRQP?
The Trust Registry Query Protocol (TRQP) is a lightweight, read-only protocol for making fast, efficient queries for authoritative data from trust registries. It is often described as "DNS for trust." Just as DNS name servers serve name domains, TRQP trust registries serve trust domains (also known as digital trust ecosystems).
The authority for the trust registry (e.g. a company, university, professional association, or government agency) determines the policies governing which actors can perform what actions on what resources within an ecosystem. Those policies are typically published in a human-readable governance framework. To make these policies accessible to software agents, they are published in machine-readable authority statements. These are the data structures that can be queried via TRQP.
Key Features of TRQP V2.0
Two Core Query Types
TRQP V2.0 focuses on two query types:
- Authorization Queries — "Has Authority A authorized Entity B to take Action X on Resource Y?"
- Recognition Queries — "Does Authority A recognize Entity B as an authority for governing Action X on Resource Y?"
PARC-Based Information Model
The TRQP information model is inspired by the PARC model (Principal, Action, Resource, Context), a well-established framework for expressing authorization decisions:
For more background on the PARC model, see the Cedar PARC Authorization documentation.
Identifier Requirements
Interoperability of TRQP across decentralized trust domains depends on globally unique identifiers, just as Internet interoperability depends on IP addresses and DNS names. TRQP identifiers:
- MUST be represented as a single string conforming to IETF RFC 3986
- SHOULD use verifiable identifiers such as W3C Decentralized Identifiers (DIDs), KERI Autonomic Identifiers (AIDs), or HTTPS URLs so their authenticity can be verified by any relying party
Transport Protocol Bindings
The core TRQP specification is separate from transport bindings. The initial binding specifies how to implement TRQP over HTTPS, with potential for future bindings to other transport protocols such as DIDComm and the ToIP Trust Spanning Protocol (TSP).
Bridging to Existing Systems
TRQP bridges connect TRQP endpoints to existing systems of record. A bridge transforms TRQP queries into the format supported by the underlying system (X.509 certificate hierarchies, OpenID Federations, EBSI Trust Chains, TRAIN trust lists, etc.) and performs the reverse mapping for responses. The specification includes the following diagram illustrating this architecture:
Important Design Principles
"A trust registry does not create authority. The authority of a trust registry is an outcome of governance." — Jacques Latour, CTO, CIRA.ca
TRQP is intentionally a read-only protocol. It does not manage information inside the trust registry (the system of record). The decision to trust the outputs from a trust registry belongs entirely to the party making the query. However, the information available via TRQP-compatible trust registries is often essential to building trust between parties that do not have any previous relationship.
How to Provide Feedback
We invite trust registry operators, ecosystem architects, wallet developers, credential issuers, verifiers, and other stakeholders to review TRQP V2.0 PR02 to help ensure it is:
- Practical and usable for real-world ecosystems
- Flexible enough to accommodate different systems of record and governance models
- Comprehensive without being overly complex
Review the Specification
Both an HTML and a Markdown version of the specification are available:
- HTML: https://trustoverip.github.io/tswg-trust-registry-protocol/
- Markdown (GitHub): https://github.com/trustoverip/tswg-trust-registry-protocol
Submit Feedback
Follow the ToIP Public Review Process to comment, report bugs, or file issues via GitHub:
About the Trust Registry Task Force
The Trust Registry Task Force (TRTF) was established in the summer of 2021 following the high demand for cross-jurisdiction verification of digital health credentials during the COVID-19 pandemic. The TRTF operates under the ToIP Technology Stack Working Group.
For more information about the TRTF and its work, visit the Trust Registry Task Force wiki page.
Acknowledgements
We would like to thank the authors of TRQP V2.0:
- Editors: Darrell O’Donnell, Andor Kesselman, Drummond Reed, Antti Kettunen
- Contributors: Alex Tweeddale, Christine Martin, Dave Poltorak, Eric Drury, Fabrice Rochette, Jacques Latour, Jesse Carter, Jeff Braswell, Jon Bauer, Makki Elfatih, Marcus Ubani, Markus Sabadello, Scott Perry, Sankarshan Mukhopadhyay, Subhasis Ojha, Tim Bouma
_______
Trust Over IP, an LF Decentralized Trust project, is defining a complete architecture for Internet-scale digital trust that combines cryptographic trust at the machine layer with human trust at the business, legal, and social layers. Learn more at trustoverip.org.