Governance Models
How trust frameworks are governed determines their flexibility, speed of evolution, and degree of decentralization. Different models suit different use cases.
Types of Governance Models
Trust frameworks can be governed in different ways, each with trade-offs between efficiency, decentralization, and adaptability.
Governance Model Comparison
| Model | Authority | Decision Speed | Examples |
|---|---|---|---|
| Centralized | Single organization | Fast | Government-issued IDs, corporate credentials |
| Federated | Consortium of organizations | Medium | Industry consortia, academic networks |
| Decentralized | Community/DAO | Slow | Open source communities, blockchain networks |
Trusted Issuer Lists
A trusted issuer list is a machine-readable registry of entities authorized to issue specific types of credentials. Verifiers consult these lists to determine whether to accept credentials from a given issuer.
{
"@context": [
"https://www.w3.org/ns/credentials/v2",
"https://example.org/trust-framework/v1"
],
"id": "https://trust.example.org/issuers/education",
"type": ["VerifiableCredential", "TrustedIssuerList"],
"issuer": "did:web:trust.example.org",
"validFrom": "2024-01-01T00:00:00Z",
"credentialSubject": {
"trustedIssuers": [
{
"id": "did:web:university-a.edu",
"name": "University A",
"credentialTypes": ["UniversityDegreeCredential"],
"jurisdiction": "US"
},
{
"id": "did:web:university-b.edu",
"name": "University B",
"credentialTypes": ["UniversityDegreeCredential", "TranscriptCredential"],
"jurisdiction": "UK"
}
]
}
}Credential Type Scoping
Issuers can be trusted for specific credential types, not universally. A university may be trusted for degrees but not driver's licenses.
Jurisdictional Scope
Trust can be scoped to specific jurisdictions. An issuer may be recognized in some countries but not others.
Case Study: EU eIDAS 2.0
The European Union's eIDAS 2.0 regulation establishes a comprehensive framework for digital identity across all member states, including requirements for digital identity wallets and verifiable credentials.
EU Digital Identity Wallet
Every EU citizen will have access to a government-issued digital identity wallet that can hold credentials from public and private issuers.
Qualified Trust Services
Trust Service Providers (TSPs) must be qualified by member states and are listed in the EU Trusted List, enabling cross-border recognition.
Cross-Border Interoperability
Credentials issued in one member state must be recognized across all member states, enabled by the common technical framework (EU Toolbox).
Other Notable Frameworks
TRAIN Trust Registry Protocol
Developed by the Trust over IP Foundation, TRAIN provides a universal protocol for discovering and querying trust registries across different ecosystems.
DCC Digital Credentials Consortium
A consortium of leading universities (MIT, Harvard, etc.) establishing standards for academic credentials with mutual recognition among members.
GLEIF Legal Entity Identifiers
The Global Legal Entity Identifier Foundation manages the LEI system and is extending it to verifiable credentials for organizational identity.
AAMVA Mobile Driver's License
The American Association of Motor Vehicle Administrators oversees mDL implementation standards across US states.
Building Trust in Practice
Establishing a trust framework requires careful consideration of multiple factors.
Stakeholder Alignment
Identify all ecosystem participants and ensure their interests are represented in governance structures.
Clear Documentation
Publish comprehensive policies covering technical requirements, operational procedures, and dispute resolution.
Evolution Mechanisms
Define processes for updating rules and onboarding new participants as the ecosystem grows.
Enforcement & Remediation
Establish consequences for policy violations and processes for addressing issues when they arise.