We reconvened the Perseus Technical Infrastructure Advisory Group, chaired by Icebreaker One.

Date: 10 February 2026 10:00-11:0 GMT

Location: online

Chair: Frank Wales

Secretariat: IB1

Meeting Aims:

  1. Summarise Sandbox learnings
  2. Feedback from members on Perseus-ready integration
  3. Discuss change management best practice
  4. Present draft certificate revocation specification
  5. Explore workshop topics in 2026

Summary:

It was agreed that:

  • Lessons from sandbox integrations would continue to inform incremental improvements to documentation, tooling, and processes.
  • Future change proposals would aim to present technical changes more concretely, including clearer linkage between definitive specifications, and registry entries.

It was noted that:

  • Four categories of issues had emerged from recent sandbox integrations:
    • Certificate authentication challenges, including confusion around directory usage and certificate expiry on services.
    • Conceptual understanding gaps, particularly around the FAPI 2 security model and Perseus’ role as an enabler of connections rather than a data provider.
    • Areas where documentation required clarification, including subdomain queries, CAP-to-EDP selection, and OAuth flow setup.
    • Technical usability issues with the directory service, including sandbox labelling and endpoint behaviour.
  • A range of documentation and support improvements had been implemented in response, including workflow diagrams, role-specific setup guides (CAP and EDP) , a CLI testing tool for EDPs, and a directory usage guide with screenshots.

It was discussed that:

  • IB1 recommends a Certificate Revocation List (CRL) approach over OCSP for certificate withdrawal, on the basis of simplicity, lower operational complexity and improved privacy characteristics; we are accepting review and feedback on this until February 27 (see actions)
  • Git-based workflows were seen as helpful for proposing and reviewing technical changes (such as API updates), but not sufficient on their own to describe multi-environment availability or long-term governance state.
  • Future change proposals could benefit from clearer presentation of “before and after” states, including diffs against OpenAPI specifications, supported by explanatory documents.

Next meeting: Tuesday 28 April 2026 10:00-11:00 GMT

Formal records, including attendees, are maintained by the secretariat. 

These are confidential to the Advisory Group Members.