iTC Meeting Minutes 2025 01 16 - DSC-iTC/cPP GitHub Wiki
Call started at 12:01pm EST
The call first moved on to the topic of decomposition. Brian started with a look at Proposed requirement for Key Store Use Case. This was a rough breakdown of what was thought to be the minimal set of requirements to provide a key store (outside of crypto). This was quickly looked at, leading to more discussion. The request is to review this and consider whether it is accurate or if changes should be made.
The following discussion from this discussed how to consider breaking down the DSC requirements. The general agreement is to start with the other two use cases and try to lay out the requirements for them as well to see how they may overlap. Additionally, the requirements as a whole would be reviewed for sets of requirements that provide functionality. Some examples were RoT, or internal authorization services (used to determine if actions should be allowed inside the DSC). The goal is to break the DSC down into components and then see how they would fit together.
Related to this it was thought that some things, like USE CASEs 1 & 3 were very close, and maybe the differences would actually be in things like the assigned roles, which could lead to additional role definitions (or other flexibility). The thinking was that this would let us determine if there are additional gaps, or that there are core components that have to be included in any smaller functional set (i.e. package or module) that may be created from the current DSC. It was agreed that the descriptions in the introduction should also be updated with this information to make the use cases clear (or to add/remove use cases as applicable).
Brian then pointed out two new pull requests he had made about some renaming and the proposed addition of a new Operation. He said these were not urgent, but things to consider going forward.
The end result of these investigations would be used to decide on the next steps, whether the focus should be on decomposition or something else.
The last topic was a review of the new pull requests submitted by Joachim related to the crypto SFRs. These are all proposed as edits to investigate, and we agreed they should be discussed with the Crypto WG. Most of the changes were to clear up duplication of some items (like key lengths) while others combine requirements into one new one. It was agreed that these would all be reviewed but that there was no immediate need to push them out into a new version of the cPP right now. They would likely be included in the next update (unless it is solely a TD), but there is no specific timeline for publication.
The call ended at 1:01pm EST.