Hello everyone, Merry Xmas and happy holidays!
I'd like to share a recent NIST (draft) publication on Post-Quantum Cryptography Migration, in relation to the 3rd bullet in the new action items above: https://csrc.nist.gov/pubs/sp/1800/38/iprd-(1)
------------------------------
Thanos Vrachnos OffensiveOps | PKI & eID Subject-matter Expert
SPEARIT
Thessaloniki, Greece
------------------------------
Original Message:
Sent: Dec 22, 2023 12:04:59 PM
From: Marina Bregkou
Subject: Meeting Minutes 20 December 2023
Dear members,
Below you can find the meeting minutes from our working group call on the 20th of December.
Minutes:
- The Key Mgmt Lifecycle Best Practices document was published on 19th of December 2023.
- The HSM document, is in the phase of addressing its peer review comments.
- Working group discussed next steps for 2024.
- Due to time overlap with the AI groups, working group decided to have our bi-weekly Key Mgmt WG call an hour later on 09:00 a.m. PT / 12:00 p.m. ET.
- New topics suggested for 2024 and parallel work-streams:
- Best Practices when uploading on-prem data to the cloud.
- Multi-cloud and multi-regional KMS
- Secrets Management
- Post-Quantum Cryptography Key Management with procedural steps on crypto-migration.
Previous action items:
- Sam to update Diagram 1: Debit PIN Translation Flow, page 13 and Diagram 2: Credit Card Transaction Flow, page 15. - PENDING
- Partha to provide a "skeleton" for the 'Best Practices when uploading on-prem data to the cloud' paper. A potential table of contents. - PENDING
- Sam to provide a "skeleton" / Table of Contents for the 'Multi-Cloud and Multi-Regional KMS' document. - DONE
- Iain to provide a "skeleton" / Table of Contents for the 'Post-Quantum Cryptography Key Management with procedural steps on crypto-migration' document.- DONE
- Sunil to provide a 'Lesson Learned' list for what to avoid and what to manage more efficiently. - PENDING
- Members of the group to discuss the structure of the 4 documents proposed and divide in parallel work-streams, after scoping the level of effort involved.- In progress
New action items:
- Sam ( @Sam Pfanstiel) to update Diagram 1: Debit PIN Translation Flow, page 13 and Diagram 2: Credit Card Transaction Flow, page 15, in the HSM document.
- Sam ( @Sam Pfanstiel) and Alex Rebo to arrange a between call to discuss the 'Multi-Cloud and Multi-Regional' document's structure and purpose.
- Partha to provide a "skeleton" for the 'Best Practices when uploading on-prem data to the cloud' paper. A potential table of contents.
- Sunil ( @Sunil Arora) to provide a 'Lesson Learned' list for what to avoid and what to manage more efficiently.
- Members of the group to review the 3 new documents they are interested in joining for contribution.
- Best Practices when Uploading On-Prem Data to the Cloud, google doc
- Multi-Cloud and Multi-Regional KMS, google doc
- Post-Quantum Cryptography Key Management with Procedural Steps on Crypto-Migration, google doc
Next working group call: 10 January 2024
Time: 09:00 a.m. PT / 12:00 p.m. ET / 17:00 GMT / 19:00 EET
URL: https://zoom.us/j/93617880747 (Meeting ID: 936 1788 0747)
Wish you a calm, warm, restful and happy holiday season!!!!!
See you in 2024!!
Happy Holidays!!!!
Marina
------------------------------
Marina Bregkou,
Senior Research Analyst,
CSA
------------------------------