January 27, 2016 Meeting Minutes
Meeting commenced 8:00PM GMT
- Roll call (Valerie)
- Errata process update
- Next Steps
- any discussion
- Face to face
- Interop update
- Topics for next call
- New Business
- Review Action Items
Motion to approve Agenda
- Tim moves; Sue seconds; no objection; no abstentions. Agenda approved.
Motion to approve meeting minutes
- Tim moves; Chris seconds; no objections; no abstentions; both meeting minutes approved.
Errata process update
- Action: revisit this in v2.41 to see what additional changes we need to make around TLS.
- Pending Dina being back on the call to confirm what remains to be handled.
- Valerie reports Chet is finalising errata documents now. Expected to be uploaded shortly.
- All editors of previous documents are okay to continue. Sue to confirm we have the v2.41 starter documents from OASIS. We think so.
HMAC general mechanism. Signature length of 0 is meaningless. We will need to clean this up.
- Pending Dina's return.
- If signature length is 0 then something bad probably has happened and returning CKR_OK seems like a potentially wrong indication to provide caller.
- Chris will look into this. There is a test case for zero length HMAC - there is a known answer test - so zero length is valid.
- No objections to leaving this as is from call participants. Dina likely to comment on this.
Dina: TLS 1.X text improvements
- Pending - include as topic next meeting.
New Algorithms:SHA3, ChaCha20, Poly1305
- BobR has no updates at this time on SHA3.
- Volunteer to define spec mechanism not yet identified.
- Chris will take a look at it and will have an answer as to whether or not he can pick the other items up on the next call.
AES GCM IV
- Ideas on how to handle this without the v2.30 dependency.
- BobR - this could be a little tough to do. Not a real good API for handling that. Could just tweak the definition of the existing GCM spec. We don't have a continuing context for multiple calls for GCM so there isn't an easy way to do this.
- Tim - perhaps we need to deal with v3.0 with some simple function extensions and push the broader v3.0 issues to later. Abusing this in the existing mechanisms parameters seems somewhat undesirable.
- BobR - agrees this is probably the right approach (fix the API issue for AEAD
- AEAD mechanisms is the priority.
- BobR would like to have a spec ready for the face to face on AEAD.
- Nothing more on this topic outside the items already mentioned under v2.41
- Valerie - other topics for the face to face are desirable to have before the f2f meeting even if only for discussion rather than decisions on inclusion.
NIST CMVP feedback, BobR
BobR needs additional time to generate a non-RedHat specific feedback item. It has to effect almost every FIPS validation at this point - even if your boundary isn't PKCS#11 most of the hardware vendors still have to surface that interface to any modules using PKCS#11.
- Valerie - it's going to impact a lot of modules - if your only API is PKCS#11 - encourages vendors to do special "mostly PKCS#11 except for this one thing for GCM" - that discourages actual standard usage. NIST/CMVP need to be more aware of the context.
Face to Face - 26th Feb
BobR has RedHat approval to host meeting.
- Straw Poll is open for tracking attendance - for logistics issue.
- Burt Kalaski wants to address the group in the context of the PKCS 25th Anniversary
- Call for topics for the face 2 face - small and large topics welcome
- Feel free to talk on the calls, on the mailing list or directly to the co-chairs
- BobR - meeting room is a class room not a conference room - every seat has wired network and power - arrangement is fixed. Can hold up to 30 people so should be fine. On the 11th floor so you have a view of San Francisco if it is clear.
- idTrust dinner funding - Tim will forward details to the co-chairs after the call.
- Dinner will be Thursday night.
- Had PKCS#11 meeting for interop. Testing has started. Different groups are testing between different vendors.
- Tim testing is proving interesting in terms of logistics but working well. Good spirits and cooperation among the participants.
- Jane from OASIS is working through booth slot selections.
Next meeting date
- 10th February 2016
- We should have no meeting on 24th February given the face to face on the 26th.
- Motion made to cancel 24th meeting.
- Tim moves; Chris seconds.
- Open action item. Tony to file to Jira.
- Will review action items at next meeting.
Call for late arrivals
Motion to Adjourn
- Tim moves; Greg seconds; no objections; no abstentions.