iTC Meeting Minutes 2024 04 11 - DSC-iTC/cPP GitHub Wiki
Call started at 12:02pm EDT
-
Brian Wood
-
Bob Clemens
-
Dave Thompson
-
Joachim Vandermissen
-
Stan Potter
-
Stephan Mueller
-
Tim McDonough
-
Zachary Blum
-
Jade Stewart
The call started with a question about the status of the Crypto WG updates. The Crypto WG may be close, but still haven’t provided an update.
From there, the next topic was a review of open Pull Requests. The users/roles pull request was checked first as Brian pointed to the Issue that it was meant to resolve. This needs to be approved for merge.
Brian then pointed out that most of the remaining open pull requests are related to crypto requirements, and while the iTC is still waiting on the Crypto WG to provide the updated SFRs, these should be on hold so we can check the changes against what will be provided. Brian’s main concern is that the large amount of changes that will need to be incorporated will be harder to integrate the more changes we make to the SFRs beforehand. To review the project plan, the remaining review on the pull requests was put off until last.
There were no new comments on the existing issues, so that topic was skipped.
The next topic was then a review of the Project Plan. The categories were reviewed for coverage. The main concern is that no SD reviews have been happening (Brian admitted that he has not had time in the last 6-8 weeks). It was decided to add 5 more weeks to the end of the PRD-2 phase with a heavy focus on just the SD (excluding any FCS requirements). This was agreed, and Brian will try to manage the timing of the next phases to keep things on track for October.
Brian asked about the status of the ALC_FLR updates. Bob said that the ALC_FLR change seems to have come down to making those SARs as optional within the cPP such that the vendor could choose one (or none) in their evaluation. Brian pointed out that this seems fine, but that the iTC may want to consider if the cPP should mandate a minimum level. For example ALC_FLR.1 is mandatory, and .2/3 are optional, and since they are hierarchical, having one of the higher ones would meet the minimum requirements of the cPP.
The last topic of the call was Section 2.3 and 2.4 changes. This was reviewed on the call, and most of the changes were resolved with a few comments made to have further changes. Brian will complete the review of this pull request.
The call ended at 1:03pm EDT.