-
Notifications
You must be signed in to change notification settings - Fork 14
Meetingminutes Minutes18082021
Bob Relyea edited this page Mar 5, 2025
·
1 revision
- Roll call (Tony) - quorum achieved.
- Tony taking minutes.
- Attendance noted in KAVI
- Agenda
- Roll call
- Review / approval of the agenda
- Approve Minutes (July 21, 2021)
- PKCS#11 V3.1
- WD Status
- Wiki & Actions Items Review (Closing off v3.1)
- Line by line review
- PKCS#11 v3.2
- FIPS indicator
- New Business
- GitHub
- Next meeting
- Call for late arrivals
- Adjourn
- Hamish C moved, Daniel M seconded. No objections, comments or abstentions. Agenda approved.
- Minutes posted for July 21, 2021
- Jonathan S moved, Greg S, Dieter B seconded. No objections, comments or abstentions. Minutes approved.
- Tony C noted that a new item had been noted by Daniel and had been added as action item 18 in the wiki
- item 1 - Profile objects do appear in the header file - Hamish to check. Tony has passed on info to Tim to update the reference.
- A range of items closed in the AI table - thanks to Hamish, Bob & Jonathan for their efforts.
- Item 11 - needs update in the spec to close out
- Item 18 - new item added per Daniel's email above. Tony & Dieter to work it into the next WD
- Item 16 - Closed out CKA_OPERATION_TIMEOUT - TC was taking no action on this so closing it out with no changes - all agreed
- Item 13 - Jonathan sent an email to the list - Confusion around this item - what DER wrappings are we using here as the existing references aren't ASN1 encodings. RFC 8410 is closest but has different wrapping for public and private keys. Jonathan's item is complete - Tony & Bob to do some offline work and will revisit on next call.
- Bob reviewed the email to the list following the discuss in the last meeting noting that there are some strict conditions it is possible to make FIPS statement
- In other cases the elements in use that are FIPS validated can be identified individually
- Bob mentioned the KMIP approach suggested by Tim and included as attributes the same values assigned in KMIP - Bob needs descriptions to go with them. Bob also added two extra values (validation flags & validation module ID). FIPS requires a method of retrieving the information required to match the validation & implementation version. Bob proposed that the Validation ID be linked to an output/version object object. Bob does require information from some of the KMIP content.
- Instead of adding flags to the session flags, Bob has inserted three new flags (Current Operation, Last Operation & Cumulative Operation). Validation state is then kept with the object.
- New function to query a flag - takes the session, and the flag required to be returned.
- Again, Bob required definitions for the attributes pulled from KMIP and would like to make sure PKC#11 & KMIP are aligned on the attributes.
- Bob is presenting on this at ICMC in two weeks so feedback before then would be useful.
- Tony noted that we need to update the github repo to put the published v3.0 in the appropriate folder - Tony & Bob to do this in the coming weeks.
- Daniel raised the issue lodged in Github a whole back regarding labelling items so they can be pulled atomically. Tony & Bob noted that the issue was front of mind however first step is to get the folders sorted, then additional steps can be taken.
- Tony to leave this on the agenda for discussion in following weeks.
- Daniel M noted that the issue he sent to the list on 23-Jun needed to be addressed
- Tony to add it the wiki
- Bob noted that he would like a copy of Daniel's tool to check header file vs spec. Daniel to resend.
- Next meeting will be September 1, 2021.
- 1 noted
- Bruce R moved. Greg S seconded. No objections, comments or abstentions. Meeting adjourned.