Re: [Dlt-networking] [SCITT] SCITT General Meeting - Monday May 23 - Slide Deck and Meeting Recording

[Dick Brooks <dick@reliableenergyanalytics.com>]

Anil,

 

I've offered to participate in documenting an SBOM use case for the SCITT
initiative, along with some other people.

 

Do you have a use case from Customs that we could use to show SBOM and
vulnerability disclosure reports that would be subject to Executive Order
14028. This would be both timely and insightful for many government agencies
that will be implementing EO 14028 solutions, following NIST's 5/5 EO 14028
guidelines;
https://www.nist.gov/itl/executive-order-14028-improving-nations-cybersecuri
ty/software-security-supply-chains-software-1 

 

The use case would be used to show how an SCITT inspired approach could be
used to meet the EO 14028 requirements.

 

Happy to discuss this further if interested.

 

Thanks,

 

Dick Brooks

  

Active Member of the CISA Critical Manufacturing Sector, 

Sector Coordinating Council - A Public-Private Partnership

 

Never trust software, always verify and report!
<https://reliableenergyanalytics.com/products>  T

http://www.reliableenergyanalytics.com
<http://www.reliableenergyanalytics.com/> 

Email: dick@reliableenergyanalytics.com
<mailto:dick@reliableenergyanalytics.com> 

Tel: +1 978-696-1788

 

From: SCITT <scitt-bounces@ietf.org> On Behalf Of John, Anil
Sent: Tuesday, May 24, 2022 9:55 AM
To: scitt@ietf.org
Cc: blockchain-interop@ietf.org; dlt-networking@ietf.org
Subject: Re: [SCITT] SCITT General Meeting - Monday May 23 - Slide Deck and
Meeting Recording

 

I can provide a bit of technical insight/background/perspective regarding
the U.S. Customs interoperability work with blockchain/DLT/DAGs etc. that
Vinny spoke to in the presentation.

 

Rewinding the clock to around 2017 or so, we (DHS) were receiving ongoing
enquiries from the global Trade community about the tech and our perspective
on it as applied to supply chain data. The discussion internally between my
program (which was just in the process of finishing up a pretty significant
R&D into the tech to understand its applicability to Government use cases)
and the CBP Office of Trade i.e. U.S. Customs leadership was around how best
to get access to data coming from blockchain systems in the Trade - with the
full acknowledgement at that time that different Trade entities were using
different blockchain systems and interoperability and data sharing across
blockchain and non-blockchain systems was *not* part of the conversation! 

 

We realized that we had two options on the table at that time, given that we
had no desire to rip-n-replace our internal systems/processes which are
working at global scale:

1.	Go down the path of running a node of every blockchain platform that
needed to connect with us - an unbounded problem with no path to success for
any organization!
2.	One ring to bind them all - Choose a particular blockchain platform
and mandate that everyone who uses blockchain tech to integrate with us, use
that same platform - As the largest customs org in the world, could we make
that work? Possibly. Is the political capital needed to sustain that
approach better expended elsewhere? Absolutely.

 

We decided to go a third way.

 

That third way was to see if we could implement an abstraction layer between
enterprise systems and blockchain/DLT/DAG systems and between
blockchain/DLT/DAG systems where:

*	There is no expectation that all links in the supply chain use the
same technology platform or vendor
*	All links in the supply chain remain free to choose the technology
stack / platform / vendor of their choice
*	Interfaces between systems are based on global, open, royalty free
and free to use data and protocol standards that ensure multi-platform,
multi-vendor, cross-border interoperability

 

That is the path that led us down to choosing W3C Verifiable Credentials
data model (https://www.w3.org/TR/vc-data-model/ ) as the way to represent
attestations/credentials from/to Trade using a semantically aware
standardized vocabulary (https://w3c-ccg.github.io/traceability-vocab/ ),
W3C Decentralized Identifiers (https://www.w3.org/TR/did-core/ ) as a way to
represent Trade entities and to publish and retrieve their public keys
regardless of the network they are on, and an openly developed API that is
testable, royalty free and free to implement
(https://w3c-ccg.github.io/vc-api/ &
https://w3c-ccg.github.io/traceability-interop/ ) that allows for connecting
the entities.

 

We also require in our operational implementation, standards compliance
(against open, automated test suites) AND *real* multi-vendor,
multi-platform, interoperability via interoperability plug-fests
(https://docs.google.com/presentation/d/1MeeP7vDXb9CpSBfjTybYbo8qJfrrbrXCSJa
0DklNe2k/edit?usp=sharing  ) which have demonstrated in practices interop
not just between enterprise systems and blockchain systems but between
blockchain systems << Our thesis has been proven in practice.

 

In general, blockchain specific interop work requires that an enterprise
end-point be blockchain based and that particular blockchain supports some
specific blockchain interop magic sauce - which is not the reality of a
large, established enterprise with existing investments in both technology
and processes. Our approach has been and continues to be the standards based
abstraction layer for data models and APIs such that we can make the
"To-Blockchain or To-Not-Blockchain" go away as a decision criteria for
integration with external systems.

 

Best Regards,

 

Anil

 

Anil John

Technical Director, Silicon Valley Innovation Program 

Science and Technology Directorate 

US Department of Homeland Security 

Washington, DC, USA 

 

Email Response Time - 24 Hours

 

 <https://www.dhs.gov/science-and-technology> 

 

 

From: SCITT <scitt-bounces@ietf.org <mailto:scitt-bounces@ietf.org> > On
Behalf Of Michael McBride
Sent: Monday, May 23, 2022 8:41 PM
To: Yogesh Deshpande <Yogesh.Deshpande@arm.com
<mailto:Yogesh.Deshpande@arm.com> >; scitt@ietf.org <mailto:scitt@ietf.org> 
Cc: Kay Williams <kayw@microsoft.com <mailto:kayw@microsoft.com> >;
blockchain-interop@ietf.org <mailto:blockchain-interop@ietf.org> ;
dlt-networking@ietf.org <mailto:dlt-networking@ietf.org> 
Subject: Re: [SCITT] SCITT General Meeting - Monday May 23 - Slide Deck and
Meeting Recording

 

CAUTION: This email originated from outside of DHS. DO NOT click links or
open attachments unless you recognize and/or trust the sender. Contact your
component SOC with questions or concerns. 

 

Hi Yogesh,

 

Thank you for recording the meeting/presentation, it was very insightful.

 

Vincent mentioned the importance of having one methodology for
interoperability between supply chains which may be using a DLT of some
sort. The Dept of Customs appears to be working on their own interop
solution. The blockchain interop group is specifically working on the
development of a protocol, called ODAP, to provide asset transfer
interoperability which SCITT may be able to leverage. They too are seeking
to form an ietf working group and have had at least one bof. It might be
helpful to have Thomas provide SCITT with an overview of the blockchain
interop work and vice versa.

 

mike

 

From: SCITT <scitt-bounces@ietf.org <mailto:scitt-bounces@ietf.org> > On
Behalf Of Yogesh Deshpande
Sent: Monday, May 23, 2022 1:40 PM
To: scitt@ietf.org <mailto:scitt@ietf.org> 
Cc: Kay Williams <kayw@microsoft.com <mailto:kayw@microsoft.com> >
Subject: [SCITT] SCITT General Meeting - Monday May 23 - Slide Deck and
Meeting Recording

 

Hello All,

 

Thanks to Vincent and Anil for a great presentation. The Meeting recording
has been updated on the Google Docs here

 

The presentation material attached to the email.

 

Regards,

Yogesh Deshpande

 

From: SCITT <scitt-bounces@ietf.org <mailto:scitt-bounces@ietf.org> > On
Behalf Of Kay Williams
Sent: Friday, May 20, 2022 5:34 PM
To: scitt@ietf.org <mailto:scitt@ietf.org> 
Subject: [SCITT] SCITT General Meeting Agenda - Monday May 23

 

Hello SCITT community,

 

Here is the agenda for our Monday May 23 8:00 AM Pacific SCITT general
meeting.  Special welcome to our guest presenter Vinny Annunziato from US
Customs.

 

Agenda:

*	IETF non-working-group BOF update (Roy Williams)

*	planning document

*	Presentation: US Customs (Vinny Annunziato)

*	Vincent (Vinny) Annunziato, Director, Business Transformation &
Innovation Division (BTID), Trade Transformation Office (TTO) will be
presenting about the work US Customs is doing for Modernizing the Supply
Chain through use of decentralized technologies more specifically through
use of verified credentials and decentralized identifiers.

 

Hope to see you there.

 

Kay

 

SCITT General Meeting Agenda and Notes - Google Docs

Join Zoom Meeting 
https://armltd.zoom.us/j/99133885299?pwd=b0w4aGorRkpjL3ZHa2NPSmRiNHpXUT09 

Meeting ID: 991 3388 5299 
Passcode: 531470 
One tap mobile 
+442034815240,,99133885299#,,,,*531470# United Kingdom 

Dial by your location 
        +44 203 481 5240 United Kingdom 
        +1 346 248 7799 US (Houston) 
        +1 408 638 0968 US (San Jose) 
        +1 646 518 9805 US (New York) 
        +91 224 879 8012 India 
        +91 406 480 2722 India 
        +91 806 480 2722 India 
        +91 116 480 2722 India 
        +852 5803 3730 Hong Kong SAR 
        +46 8 4468 2488 Sweden 
        +47 2400 4735 Norway 
        +972 3 978 6688 Israel 
        +353 1 536 9320 Ireland 
        +36 1 408 8456 Hungary 
        +49 69 3807 9883 Germany 
        +33 1 7037 2246 France 
        +358 3 4109 2129 Finland 
        +45 32 70 12 06 Denmark 
        +1 438 809 7799 Canada 
        +82 2 3143 9611 Korea, Republic of 
        +65 3158 7288 Singapore 
        +27 87 550 3946 South Africa 
        +32 1579 5132 Belgium 
        +48 22 307 3488 Poland 
        +386 1600 3102 Slovenia 
        +60 3 3099 2229 Malaysia 
        +886 (2) 7741 7473 Taiwan 
        +81 3 4578 1488 Japan 
Meeting ID: 991 3388 5299 
Passcode: 531470 
Find your local number: https://armltd.zoom.us/u/auABE2oPq 

Join by SIP 
99133885299@zoomcrc.com <mailto:99133885299@zoomcrc.com>  

Join by H.323 
162.255.37.11 (US West) 
162.255.36.11 (US East) 
115.114.131.7 (India Mumbai) 
115.114.115.7 (India Hyderabad) 
213.19.144.110 (Amsterdam Netherlands) 
213.244.140.110 (Germany) 
103.122.166.55 (Australia Sydney) 
103.122.167.55 (Australia Melbourne) 
209.9.211.110 (Hong Kong SAR) 
149.137.40.110 (Singapore) 
64.211.144.160 (Brazil) 
69.174.57.160 (Canada Toronto) 
65.39.152.160 (Canada Vancouver) 
207.226.132.110 (Japan Tokyo) 
149.137.24.110 (Japan Osaka) 
Meeting ID: 991 3388 5299 
Passcode: 531470 

 

IMPORTANT NOTICE: The contents of this email and any attachments are
confidential and may also be privileged. If you are not the intended
recipient, please notify the sender immediately and do not disclose the
contents to any other person, use it for any purpose, or store or copy the
information in any medium. Thank you.