iTC Meeting Minutes 2024 05 09 - DSC-iTC/cPP GitHub Wiki
Call started at 12:03pm EDT
The call started with a review of the open Pull Requests. Several were already approved and were quickly merged.
PR #292 was discussed and Yi will perform a final review to make sure that PR #251 is incorporated (which would then be closed once this is merged).
PR #275 was then discussed as to what changes should be made. The discussion covered how the changes should be incorporated and it was decided that a change would be made to FMT_SMF.1 to align it with FIA_AFL_EXT.1.2. Brian will make this change and send it for review.
There was an update on the Crypto WG. A meeting next Tuesday will hopefully provide approval for updates on the SFRs for use. Brian asked about the SD, but there are still discussions ongoing. Bob said that the CC:2022 Evaluation Methods document should be able to be used, but since this hasn’t been done before, it isn’t clear what would be accepted.
The call then moved to open issues. #263 was discussed and is likely to be moved to v3 but will see what is sent from the Crypto WG for consideration. It seems that this should be part of a larger editorial (but not functional) review of the document. A similar decision was made on #273 about the throttling requirement, which is related to #127.
The call then moved to #284 and a discussion about the FPT_PRO_EXT.2 tests. There was a lot of discussion about how to resolve this. Brian’s point was that the way it reads leads to possible conflicting requirements in that this is mandatory, not optional. The consensus is that some wrapping text in the cPP should be able to make it clear that this SFR is not tied to RoT Storage. This may lead to some other edits (but seems less likely). The SD for the SFR may still need to be adjusted (such as removing FMT_MSA.3), but would be limited solely to the testing requirements and not to any larger changes such as those proposed by Brian.
A quick review was made of the project showing that most items outside of crypto have been closed, so the plan for publishing the next iteration of the cPP/SD after the next call looks to be on target. This will set off the next comment round, some of which may need to be squeezed a little to meet ICCC, but it looks doable.
The call ended at 1:04pm EDT.