Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add TSC 2024-12-10 minutes #123

Merged
merged 2 commits into from
Jan 21, 2025
+66 −0
Merged

Add TSC 2024-12-10 minutes #123

Changes from 1 commit
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
6a6160d
add TSC 2024-12-10 minutes
bhess Dec 19, 2024
e2d8315
Add more context to SLH-DSA discussion.
bhess Dec 20, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Next Next commit
add TSC 2024-12-10 minutes 
Signed-off-by: Basil Hess <bhe@zurich.ibm.com>
@bhess
bhess committed Dec 19, 2024
commit 6a6160d007dae6c77bb8602d6ee3dff6965f50c6
62 changes: 62 additions & 0 deletions meetings/2024-12-10/minutes.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,62 @@
# OQS Technical Steering – 2024-12-10 – minutes

## Attendees

* Douglas Stebila (U Waterloo)
* Spencer Wilson (U Waterloo)
* Michael Baentsch (Intependent)
* Brian Jarvis (Amazon)
* Christian Paquin (Microsoft)
* Norman Ashley (Cisco)
* Alex Bozarth (IBM)
* Basil Hess (IBM)

## Agenda

1. Chair's introduction

- Introduction by Douglas.

2. Approve agenda

- No changes requested.

3. Appoint minute-taker

- Basil Hess

4. Review action items from previous meeting

- [Security response team](https://github.com/open-quantum-safe/tsc/issues/60)

- Setup GitHub/email alias: Pending.
- Dry run pending security response policy. Spencer and Douglas to discuss.
- Spencer: Awaiting wet run of HQC incident; will draft process document (PR forthcoming).
- Douglas: Solicit feedback, expecially from people with prior experience.
- Michael: Suggests documenting guidelines on how to interact with upstream projects. Responsiveness from upstreams is a concern; to identify key contacts at upstreams.

5. Reports (PQCA TAC, PQ Code Package) - Spencer

- TAC discussion around supporting context strings in ML-KEM. Google's Tink library doesn't expose context string features, alghough Tink aims at providing higher-level API compared to liboqs.
- PQCP mlkem-native version 1.0-alpha has been released, with Pravek and Basil working on its integration with OQS.


6. [SLH-DSA and which upstream code bases to rely on](https://github.com/open-quantum-safe/liboqs/issues/1894)

- Discussion on whether to rely on OpenSSL’s upcoming SLH-DSA implementation or explore other upstream sources.
- Considerations include performance, diversity, formal verification, and composite use cases.
- Douglas will reach out to SPHINCS+ authors for input.
- Michael suggests exploring the option of dropping support for SLH-DSA.

7. [Binary distributions](https://github.com/orgs/open-quantum-safe/discussions/1625)

- Ubuntu has expressed interest in including liboqs/oqs-provider but only with no plain PQ algorithms. This raises implications for configuration.
- Action: Create a wiki/markdown page documenting binary distributions shipped.
- Suggestion: Ensure GitHub contacts for communication are accessible.

8. Other business

- Agreement to set the ops-openssl 1.1.1 fork and liboqs-dotnet repositories to read-only status (archive).
- Spencer to update the website with links to archived repositories, providing interested parties the ability to revive them if needed.
- libssh to also be archived following consensus.
- Question raised by Alex if the arm64 runner used in OQS is a self-hosted runner. Clarification provided that the project currently uses the GitHub-hosted beta runner, which may resemble a self-hosted instance. Alex will open a PR in the TSC repository to address this.