Hello Ammy ,
Generally we does not recommend to open policy from Untrust to Trust untill you have some web services or application hosting . But when you have untrust to trust policy , its advanced to have IDP policy for the same . But if you have appID or Apptracker , thats applied from trust to untrust based on requirement . Normally the IDP is applied from Untrust to trust .