iTC Meeting Minutes 2023 12 07 - DSC-iTC/cPP GitHub Wiki
Call started at 12:03pm EDT
-
Brian Wood
-
Stephan Mueller
-
Matt Downey (briefly)
-
Jim Donndelinger
-
Jerry Myers
-
Shawn Geddis
-
Bob Clemens
-
Yi Mao
-
Brian will provide the list of SFRs for the Crypto WG to Matt
-
Brian will cerate issues for the document from BSI
-
Brian will create a proposed SFR for the online hammering issue
Matt joined the call briefly to state that he was in contact with the Crypto WG and that if we can provide a list of the SFRs we are using they will work to get us EAs in that order (if at all possible). They would also share an older document they were going to use as the starting point from the USB group. Brian said he would provide the list soon.
the call then moved to the open pull requests. The only pull request there was about fixing some table problems Brian found on looking at the cPP. This was approved and merged.
The call then reviewed some of the document from BSI. Brian will work on making these into issues. The group agreed that this was useful as the comments came from someone who had not previously reviewed the document. It wasn’t clear that all the issues were directly relevant, but there is certainly good information there.
The next topic was further CC:2022 review. It was agreed that we can probably leave that until the end at this point as what is left is likely to be small and the types of things that can be handled during the final reviews.
The last topic was a discussion about PBKDF and how this should be handled given the TD that was implemented already. The agreement (noted in the comment from today) is that a new requirement would be created that would provide the vendor with a way to specify how they handle online hammering attempts and provide selection/assignment for specifying what is done. The PBKDF with a specified number of rounds would be one of the selections. Brian will propose this for everyone to review as the alternative to what has been done so far. This will replace the original pull request that was proposed for this.
The next scheduled call will be canceled so the next call will take place on January 4.
The call ended at 1:02pm EDT.