iTC Meeting Minutes 2024 05 23 - DSC-iTC/cPP GitHub Wiki
Call started at 12:02pm EDT
The call started with a review of the open Pull Requests. PR #301 was merged after some discussion about the change from identity to data. It was also mentioned that this was included in a proposed set of changes to the FPR_PRO and FPR_ROT requirements, which will be done in a later version of the cPP. It was agreed that this change was good for now and so it was merged. PR #305 was then discussed. It was agreed that it was good to add a test for this, though there was agreement that whether this test was feasible was unclear in many situations, but as it is optional and a TD could be issued, this was an improvement. This was then merged.
The third PR #303 to be discussed had a question about whether or not the last requested change should be included or not. Discussion within the group felt that this was not needed, that the proposed change was good, and so it was also merged.
With these changes Brian said he could create the next version to be published tomorrow for public review.
The next topic to be reviewed then was the open issues targeted for the milestone for PRD-2. The remaining issues were all related to crypto, and so to be handled at the next update.
Dave asked about the two pull requests he has created. Brian said we could tackle them after he has updated the crypto SFRs which he hopes to have completed before the next call.
There was a question about the changes related to wear-leveled storage. Stan said this should be discussed with the FDE iTC, to which Dave said they had not expressed any specific desire to maintain the FCS_CKM.6 SFR. Stan said they would discuss then with the FDE iTC and the Crypto WG to see what they should do and let us know of any changes.
The Crypto WG released their "final" version of the crypto catalog this week. Brian said there wasn’t enough time to get it into PRD-2 but he will work on it now. This still doesn’t include the EAs. They are supposed to know by the end of June how to write the EAs. If it goes as hoped, the EAs will be fairly quick to write, but this still isn’t known.
Brian then reviewed the next comment period which will end on July 8. He will send out the announcements tomorrow along with the updated docs.
The current project plan mainly has open issues related to crypto requirements. The plan will be to review those again after the updates from the catalog and make sure they resolve the issues that can be handled while still waiting for the EAs.
The call ended at 12:54pm EDT.