Hello again Working Group members!
In the absence of our weekly meeting today, here are the items I was going to bring to the meeting:
- Section 2 of the CCKS (let's just shorten "Customer Controlled Key Store" all the time – so much easier!) was updated per our last meeting.
- I eliminated all the "example" details and simply listed each of the areas of consideration (technical, operational, etc.) with a word or two of clarification
- I added clarification about the guidance contained in the document, that it is scoped to the intersection of the CCKS and one or more cloud services.
i. I've tried to make clear that the document should not have recommendations about the KMS as a standalone system, just as we are not making any recommendations about the public cloud service(s) that the organization plans to use with the CCKS. Down further in the document, in the Technical and Operational considerations (I believe in Section 3) I added quite a number of comments to the effect that "this item is outside the scope of the document because it speaks only to the CCKS (KMS) and not to its use with cloud services".
ii. Please review your content in light of this scope. I will continue down the document this week when I have more time.
- The self-paced content for the introductory CSA Cloud Key Management course is ready to be reviewed. Anna Schorr sent out details about how to review the content and the type of feedback needed – you can find that email in our WG Circle content or in your inbox if you get those emails.
- Feedback is needed by Monday, May 30th.
- I was hoping to welcome Sumeet Shah, of American Express, to our Working Group. Sumeet has extensive experience in PKI and encryption so I'm hoping he'll be able to contribute to our work.
Please work to either (a) update your content in response to comments/questions; (b) review sections you have agreed to review and provide comments/questions where the content is unclear, out of scope of the pattern, repeated, etc.
Thank you all for devoting time to the current document. We are past the mid-point and that inspires me to want to push through and get to the finish line!
Appreciatively,
Paul