Skip to main content

Glossary

ODP Stage 3: Draft Development

This document is a supporting deliverable for the project. This means that it is not listed in the original project brief as a deliverable but provides supporting information and explanations that the project team believe are useful for reviewers and implementers.

This document contains acronyms and key terms used in the project documentation. The expansions and definitions used here gives their meaning and use in the project context.

These acronyms and terms may have other meaning(s) outside of this project, we do not claim that these should be the generally accepted meaning, but within this project, these terms are defined and used as shown below.

List of acronyms

AI
Artificial Intelligence
AML
Anti-Money Laundering. International anti-money laundering (AML) regulatory requirements are primarily driven by Financial Action Task Force (FATF) standards. Key obligations include developing risk-based AML/CTF programs, conducting customer due diligence (CDD), monitoring transactions, reporting suspicious activity, and maintaining records to prevent financial crimes, terrorism financing, and proliferation financing.
CDD
Customer Due Diligence. A phrase denoting the regulatory requirement to perform sufficient checks on a prospective customer before offering them services. Typically used in a financial services context. See KYC and AML.
CFT:
Countering the Financing of Terrorism. A phrase used in international financial services regulation to denote laws, regulations and practices to prevent the financing of terrorist organistions. See also CTF.
CTF
Counter Terrorism Financing. A phrase used in Australian financial services regulation to denote laws, regulations and practices to prevent the financing of terrorist organistions. See also CFT.
DIA
Digital Identity Anchor
DID
Decentralized Identifier
DMR
Data Management Request
DPI
Digital Public Infrastructure (in this project context)
genAI
Generative AI. A phrase used to denote artificial intelligence (AI) system that can generate content (text, code, images etc.). Whilst this often uses a Large Language Model (LLM) genAI is not limited to LLM approaches.
GRID
Global Registrar Information Directory
GTR
Global Trust Registry
JSON
Javascript Object Notation. A text-based data-interchange format that humans can read and write, and machines can parse and generate.
JSON-LD
Javascript Object Notation for Linked Data. A lightweight and machine and human readable data format that provides a way to structure and connect data on the web using the established Javascript Object Notation. "Linked Data" means it uses a shared vocabulary (like the one found on Schema.org) to add context and meaning, making it easier for machines to understand the information.
KYB
Know Your Business. A phrase used to describe the regulatory requirement imposed on a business that it must understand the nature of another business that it deals with. For example, the offering of banking services to a company demands that the bank has checked that the company is a recognised legal entity.
KYC
Know Your Customer. Can also be expressed as Customer Due Diligence (CDD). Often used in a regulatory context where there is a requirement for a service provider (such as a bank) to sufficiently identify and check the bonfides of someone before offering them services.
SME
Small to Medium sized Business
UNTP
United Nations Transparency Protocol
VC
Verifiable Credential

List of terms and definitions

Authenticity of Evidence
Supporting documents must be official and verifiable (official gazette, qualified e-signature/seal, certified extract; apostille/legalization where applicable).
Authoritative Register
A UN Member State register established by law or formal regulation, managed or supervised by a public authority, with the power to create, maintain, and certify official trade-relevant identifiers within a jurisdiction (e.g., legal entities, assets, products, trademarks, facilities, property titles).
Authoritative Registrar
The UN Member State public authority that supervises or manages an authoritative register.
Certificate of Registration
An official document or digital credential issued by the register to attest the existence, validity, or current status of a registration, with evidentiary or enforceable value.
Chain of Title
The chronological record of successive legal holders or rightsholders as reflected in a register, used to establish legitimacy and prevent conflicts or overlapping claims.
Credential Issuer
The authoritative entity (often the registry itself) that issues verifiable credentials or official attestations on the basis of registered information.
Cut-off Date
The date by which GRID-DMRs must be received to be include in a Release. Later requests roll to a subsequent Release, subject to out-of-cycle handling for security. See also "Release" and "GRID Data Maintenance Request"
Decentralized Identifier (DID)
Source: https://glossary.trustoverip.org/\\#term:decentralized-identifier A globally unique persistent identifier that does not require a centralized registration authority and is often generated and/or registered cryptographically. The generic format of a DID is defined in section 3.1 DID Syntax of the W3C Decentralized Identifiers (DIDs) 1.0 specification. A specific DID scheme is defined in a DID method specification.
Digital Identity Anchor (DIA)
A verifiable credential issued by an Authoritative Register to a subject (person, company, or asset), linking a registered identifier for the subject controlled by the Authoritative Register to a cryptographic proof of authenticity and integrity. It functions like a digital certificate of ownership for the identifier. A DIA may also contain Decentralized Identifiers provided by the subject and asserted as under their control. This means that a DIA becomes a proof of identity as registered by an Authoritative Register and recognition that the subject of that identity has asserted other identifiers under their control.
Global Registrar Information Directory (GRID)
A working title given by the UN/CEFACT GTR project for the proposed organisation and system that provides a global directory of authoritative registrars.
Global Trust Registry (GTR) Project
The UN/CEFACT project titled "Global Trust Registry" started in April 2025.
GRID Data Maintenance Request (GRID-DMR)
Standardized instrument for lifecycle actions - NEW (listing), UPD(update), COR (correction), SUS (suspension), REA (re-activation), RET (retirement/delisting).
GRID Participant
Are entities admitted to the GRID by UNBODY, see "Participant".
GRID Recognition
In these documents we sometimes refer to Registrars participating in the GRID as being "recognised" by the GRID. "Recognition" in this context constitutes a formal listing for transparency and discovery purposes only. It shall not constitute certification, endorsement, validation of legal status, nor confer any legal effect under national or international law.
GRID Record
The authoritative, versioned entry for a Scheme in the GRID, including mandatory metadata (resolver templates, Issuer DID(s), lifecycle status and change history).
Issuer DID
The Decentralized Identifier controlled by an Authoritative Registrar and used to issue DIAs
Key Ceremony & Key Rollover
Controlled procedure for generating/rotating/retiring cryptographic keys used in trust-list signing or Issuer DID operations. Key Rollover: managed transition to new keys (pre-announcement, dual-publishing, post-event guidance).
Legal Effect
The recognized consequence under the applicable law that arises from the registration or certification of data, including the creation, confirmation, or enforceability of rights, obligations, or statuses.
List of Trusted Lists (LOTL)
See Trusted List. A list of trusted listed is a meta-listing that signs and references subsidiary TLs.
National Focal Point (NFP)
The competent national authority designated by a Member State as the State’s official interface with UNBODY for admission, updates, suspension and retirement of Schemes.
Operator
The technical operator appointed by UNBODY to run day-to-day GRID services under a Service-Level Agreement (SLA).
Participant
An entity admitted to the GRID by decision of UNBODY in accordance with the Governance Requirements (including Scheme Owners and any other category defined by UNBODY). See also "GRID Participant".
Public Legal Register
A register that is managed or supervised by a public authority and whose entries produce legal effects under national law, including opposability to third parties, legal presumption, or constitutive value. For the purposes of the UN/CEFACT GRID, the registers of interest are those that register supply chain relevant information such as Organisations, Land Assets, Trademarks, Compliance Certificates, Licenses etc.
Register
A set of data typically used to record membership, ownership and/or events. Also the data set maintained by a Registrar.
Registrar
The authority and/or person responsible for a register.
Registry
A term used to describe both the organsation and the registered data maintained by a Registrar. Registry can be a useful term to use when the meaning of both elements is intended.
Release
Scheduled publication of approved GRID changes with a Secretariat Note. See also "Cut Off Date".
Resolver Template
A documented URL construction pattern enabling deterministic retrieval/dereferencing of public information for a Scheme’s identifiers.
Scheme
An identifier system operated by an Authoritative Register under a valid legal mandate.
Scheme Owner
The public authority (or intergovernmental body) mandated to operate a Scheme.
Status (Candidate / Active / Suspended / Delisted)
Lifecycle states of a Scheme’s GRID Record.
Statutory Notice Effect
A legal effect whereby the information recorded in a register is deemed known by third parties, regardless of actual knowledge, enabling legal enforceability and protection against good-faith claims.
Trusted List (TL)
Machine-readable, signed list under UN BODY’s authority enumerating trusted Issuer DID(s) and parameters. LOTL: optional meta-listing that signs and references subsidiary TLs.
UNBODY
Placeholder for the competent United Nations body that is chosen, created to administer and oversee the GRID.
Verifiable Credential (VC)
A verifiable credential is a tamper-evident credential that has authorship that can be cryptographically verified. Verifiable credentials can be used to create verifiable presentations, which can also be cryptographically verified. The claims in a credential can be about different subjects.The GTR project uses the W3C VC Data Model reference for verifiable credentials - see https://www.w3.org/TR/vc-data-model-2.0/. Other types of credentials that are cryptographically verifiable exist, such as X.509 certificates (IETF RFC5280), mDocs (ISO 18013-5 and 7) and vLEIs (ISO 17442-3).
Verification Path
Operator checks confirming legal mandate, authenticity, domain/DID control and resolver correctness.

Expression of Requirements

The following approach is used in the project documentation when defining requirements.

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.