Skip to content
Passport Alliance Passport Alliance

Governance Process

Standards Lifecycle

1. Proposal

A contributor submits an RFC describing problem statement, technical specification, security considerations, and compatibility impact.

2. Public Review

Minimum 30-day review window for technical and operational feedback.

3. Technical Committee Review

Committee evaluates technical quality, interoperability impact, and security posture.

4. Ratification

Steering Committee ratifies accepted proposals and version updates.

5. Publication

Updated APIS documents, schemas, and conformance tests are published.

Issuer Onboarding Process

  1. Application submission
  2. APIS implementation review
  3. Policy and controls review
  4. Conformance test execution
  5. Committee vote and tier assignment
  6. Signed registry entry publication

Incident Response Process

  1. Report submitted by any party
  2. Technical investigation opened
  3. Interim risk controls (if required)
  4. Steering decision: warning, suspension, or revocation
  5. Registry status update and publication

Dispute Resolution

  • 30-day mediated resolution period
  • Escalation to neutral arbitration if unresolved

Change Control Principles

  • Preserve backwards compatibility when practical
  • Version all normative changes
  • Publish rationale and migration notes for each release