Cloud Key Management

Dear members,

Here are the minutes from the working group call on the 8th of March.

Minutes:

• The call started with the presentation from the DLT/Blockchain WG leadership, Urmila Nagvekar and Michael Theriault. They presented the Framework for Digital Certification Governance Security Recommendations. 
  
  • Presentation title: 'The DLT Implementation of the Trade Finance Use Case'. (Link to the recommendations document: https://docs.google.com/spreadsheets/d/1iJ9yvX7JMCunld10ct-ickhTfg4TDPFR/edit#gid=632422826)
• Group members will provide feedback to what was presented.
  • Partha asked for a time window to see how he can provide feedback for the recommendations presented.
  • Alex Sharpe also committed to review and give feedback.
• Thoughts about creating a process for other working groups to recognize their possible needs for Key Management. The idea of writing and distributing an executive summary of what our working group will cover and communicate it to other WGs, was also mentioned.
• Started assigning authors to the KM Lifecycle Best Practices Lifecycle document. 
• Decided to work progressively: The authors that picked up the starting sections will present their contributions by next call. The sections that have no authors yet, will be assigned on the next call as well.

Previous action items:

• Alex to check CCAK/CCSK and suggest the use case that might support the certifications of valid immutable storage as part of a valid Key Mgmt plan) (for the HSM document). - PENDING
• Assign roles and responsibilities  in both documents. - PENDING
• Assign authors to sections in both documents. - PENDING
• Create an initial timeline for the first document draft for both documents. - PENDING
• All to review document 2 (KM Lifecycle) sections and provide feedback please. Santosh and Partha to go through those comments on Tuesday, prior to the WG call. - PENDING
• Iain to repurpose and create the KM lifecycle diagram according to section 2 in the KM document. - PENDING

Next action items:

• Marina to contact other WGs and see if their roadmap includes any Key Mgmt touch-points so that we can embed those needs in our upcoming works.
• Marina to check with the Zero Trust sub-group on IAM on the chance of related topics to our WG that we could incorporate in our 2 new documents.
• Create an initial timeline for the first document draft for both documents.
• Iain ( @Iain Beveridge) to repurpose and create the KM lifecycle diagram according to section 2 in the KM document
• Need to address Akash's question about 'Trusted Computing' and for what reason it wasn't included in the Key Mgmt document. 
• For the HSM-as-a-Service Paper, interested authors, please look specifically at the Use Cases section, and "claim" one or more use cases. Simply add a comment next to the use case that you are interested in discussing. Sam ( @Sam Pfanstiel ) might reach out to those who volunteer to discuss further before next call.
• Assigned authors to please start populating their respective sections in the Key Mgmt document:
  • Partha for 1. Introduction
  • Alex ( @Alex Sharpe ) for 2.1 and 2.5
  • Akash for 2.2
  • Iain ( @Iain Beveridge) and Christian ( @Christian Bollich) for 2.3
  • Santosh ( @Santosh Bompally) for 2.4 and 2.6

Next working group call:

Date: Wednesday, 22 March 2023

Time: 08:00 a.m. PST / 11:00 a.m. EST / 15:00 GMT / 17:00 EET (*Attn: These hours for the European continent are valid only for this time, due to the US light-time savings that happens earlier).

URL: https://zoom.us/j/93617880747  (Meeting ID: 936 1788 0747)

Kind regards,

Marina

------------------------------
Marina Bregkou,
Senior Research Analyst,
CSA
------------------------------

Dear members,

Here are the minutes from the working group call on the 8th of March.

Minutes:

• The call started with the presentation from the DLT/Blockchain WG leadership, Urmila Nagvekar and Michael Theriault. They presented the Framework for Digital Certification Governance Security Recommendations. 
  
  • Presentation title: 'The DLT Implementation of the Trade Finance Use Case'. (Link to the recommendations document: https://docs.google.com/spreadsheets/d/1iJ9yvX7JMCunld10ct-ickhTfg4TDPFR/edit#gid=632422826)
• Group members will provide feedback to what was presented.
  • Partha asked for a time window to see how he can provide feedback for the recommendations presented.
  • Alex Sharpe also committed to review and give feedback.
• Thoughts about creating a process for other working groups to recognize their possible needs for Key Management. The idea of writing and distributing an executive summary of what our working group will cover and communicate it to other WGs, was also mentioned.
• Started assigning authors to the KM Lifecycle Best Practices Lifecycle document. 
• Decided to work progressively: The authors that picked up the starting sections will present their contributions by next call. The sections that have no authors yet, will be assigned on the next call as well.

Previous action items:

• Alex to check CCAK/CCSK and suggest the use case that might support the certifications of valid immutable storage as part of a valid Key Mgmt plan) (for the HSM document). - PENDING
• Assign roles and responsibilities  in both documents. - PENDING
• Assign authors to sections in both documents. - PENDING
• Create an initial timeline for the first document draft for both documents. - PENDING
• All to review document 2 (KM Lifecycle) sections and provide feedback please. Santosh and Partha to go through those comments on Tuesday, prior to the WG call. - PENDING
• Iain to repurpose and create the KM lifecycle diagram according to section 2 in the KM document. - PENDING

Next action items:

• Marina to contact other WGs and see if their roadmap includes any Key Mgmt touch-points so that we can embed those needs in our upcoming works.
• Marina to check with the Zero Trust sub-group on IAM on the chance of related topics to our WG that we could incorporate in our 2 new documents.
• Create an initial timeline for the first document draft for both documents.
• Iain ( @Iain Beveridge) to repurpose and create the KM lifecycle diagram according to section 2 in the KM document
• Need to address Akash's question about 'Trusted Computing' and for what reason it wasn't included in the Key Mgmt document. 
• For the HSM-as-a-Service Paper, interested authors, please look specifically at the Use Cases section, and "claim" one or more use cases. Simply add a comment next to the use case that you are interested in discussing. Sam ( @Sam Pfanstiel ) might reach out to those who volunteer to discuss further before next call.
• Assigned authors to please start populating their respective sections in the Key Mgmt document:
  • Partha for 1. Introduction
  • Alex ( @Alex Sharpe ) for 2.1 and 2.5
  • Akash for 2.2
  • Iain ( @Iain Beveridge) and Christian ( @Christian Bollich) for 2.3
  • Santosh ( @Santosh Bompally) for 2.4 and 2.6

Next working group call:

Date: Wednesday, 22 March 2023

Time: 08:00 a.m. PST / 11:00 a.m. EST / 15:00 GMT / 17:00 EET (*Attn: These hours for the European continent are valid only for this time, due to the US light-time savings that happens earlier).

URL: https://zoom.us/j/93617880747  (Meeting ID: 936 1788 0747)

Kind regards,

Marina

------------------------------
Marina Bregkou,
Senior Research Analyst,
CSA
------------------------------