Abstract

This article defines a four-layer architectural stack called the ToIP stack for establishing trust between peers over the Internet and other digital networks. Patterned after the TCP/IP stack that standardized packet exchange and created the Internet, the ToIP stack is a decentralized architecture that encompasses business, legal, and technological requirements. Layer One establishes decentralized trust roots using decentralized identifiers (DIDs), an emerging W3C standard for decentralized PKI. Layer Two is the DIDComm protocol, a transport-independent protocol that uses DIDs to form and communicate over a cryptographically secure connection. Layer Three is a suite of credential exchange protocols based on the W3C Verifiable Credentials standard for cryptographically verifiable digital credentials. Layer Four adds cryptographically verifiable governance frameworks using a metamodel for describing the business, legal, and technical policies under which a peer is operating as an issuer, holder, or verifier of digital credentials. This governance metamodel can be applied at all four Layers of the stack, producing a parallel ToIP Governance Stack that fully integrates the non-technical dimensions of trust establishment. Further work on defining, testing, and integrating the ToIP stack is planned for a new project at the Linux Foundation.