SSI Orbit Podcast
One Trust Spanning Protocol & Many Trust Tasks (with Drummond Reed)
By Mathieu Glaude
December 22, 2022

>>  Listen to this Episode On Spotify

>>  Listen to this Episode On Apple Podcasts

About Podcast Episode

In the previous podcast episode that Drummond and I recorded together in October, 2022, we touched upon the hourglass design model for digital trust applications, which was just about to be proposed as a new Technology Architecture Specification by the Trust over IP Foundation (ToIP).


The hourglass model is perhaps the most widely recognized hallmark of the Internet protocol suite. The single “spanning layer” at the “waist” of the hourglass is the IPv4 protocol. Much of the success of the Internet is attributed to this “hourglass” design in which the spanning layer protocol maximizes interoperability by providing a common way for all the higher level layers to communicate with all the lower levels. For those interested, I discussed how this relates to digital trust in more detail here.

Since we recorded that last podcast, I’ve spent time carefully reading through Kim Cameron’s 2005 whitepaper entitled “The Laws of Identity” (PDF version). I found it to be one of the most well written, and concise papers about (1) the impacts of not having trusted digital identities on the internet; and (2) seven laws to follow when designing digital identity systems if one wishes for it to be successful on the open internet.

It was interesting to then start visualizing how this ToIP hourglass model could start to embody the seven laws defined in Kim’s paper, which still resonates today, some 17 years after its publishing.

In this podcast episode with Drummond Reed, we discuss,

  • Does the new ToIP Technology Architecture Specification address the questions posed by Kim Cameron in his 2005 whitepaper?
  • If we agree that one identity system cannot rule them all, how then can an identity metasystem solve interoperability across identities, identity systems and contexts? (hint: a trust spanning protocol!)
  • What are the leading contenders for becoming the trust spanning protocol?
  • What are some examples of trust tasks, other than credential exchange, that are possible to unlock?
  • How does a trust spanning protocol x trust tasks lead to advancements in how we manage our relationships, and help us move away from phone numbers and emails as our most valuable identifiers?
  • Where can governments participate within the hourglass model framework to accelerate digital trust on the open internet?


About Guest

Drummond Reed has spent a quarter-century in Internet identity, security, privacy, and trust infrastructure. He is Director, Trust Services at Avast after their acquisition of Evernym, where he was Chief Trust Office.

He is co-author of the book, Self-Sovereign Identity (Manning Publications, 2021), and co-editor of the W3C Decentralized Identifiers (DID) 1.0 specification. At the Trust over IP Foundation, Drummond is a member of the Steering Committee and co-chair of the Governance Stack Working Group and the Concepts and Terminology Working Group. At the Sovrin Foundation, he served as co-chair of the Sovrin Governance Framework Working Group for five years.

From 2005-2015 he was co-chair of the OASIS XDI Technical Committee, a semantic data interchange protocol that implements Privacy by Design. Drummond also served as Executive Director for two industry foundations: the Information Card Foundation and the Open Identity Exchange, and as a founding board member of the OpenID Foundation, ISTPA,, and Identity Commons. In 2002 he received the Digital Identity Pioneer Award from Digital ID World, and in 2013 he was cited as an OASIS Distinguished Contributor.

Related Episodes

Want to Be a Guest?

Come Onto the Show

Stay Connected to Get The Latest Podcast Alerts

Introducing our groundbreaking Trust Registry platform

The ultimate solution for forging resilient trust ecosystems in today's digital landscape.

Trust Registry



Orbit Enterprise

Establish your own trusted digital interactions ecosystem with your customers, partners and suppliers

Orbit Edge Wallet

Hold and manage issued verifiable credentials securely and in a privacy-preserving way

Orbit Trust Registry

Empower your organization to establish credibility, verify identities, and foster secure interactions with confidence and ease.



Product Updates



Verified Person

Receive a verifiable credential from Northern Block


Try our new OpenID4VC demo

Energy and Mines Digital Trust

Organizational Wallet and Credentials

Receive, store and exchange organizational credentials within your ecosystem




OpenID4VC Demo

Exchange verifiable credentials over OpenID4VCI and OpenID4VP.




SSI Orbit Podcast

Self-sovereign Identity, Decentralization and Digital Trust


Insights and News from the Forefront of Self-sovereign Identity

Latest Content