_Copy this template to the subdirectory for the current year and name the file `YYYY-MM-DD-TAC-meeting-record.md` (e.g., `2023-02-02-TOC-meeting-record.md`). Update the information above to change the `title` (e.g., `2023-02-16 TOC Meeting Record`, the `parent` to `YYYY` (e.g., 2023), the `grand_parent` to `Meeting Minutes`, and remove the `nav_exclude` line. Update the links below to reflect the appropriate image location (e.g., `../images/`). Text between `` are instructions. Please remove when section has been completed._

Agenda

  1. New faces
  2. Approve agenda (with any changes) [Max]
  3. Approval of minutes of last meeting [All]
  4. Project lifecycle document [All]
  5. Working groups [All]
  6. Vision for TAC <= Delayed to next meeting
  7. PQ Code Package [Nigel]
  8. Action items [All]

Announcements

None

Presentation

None

Decision

None since not enough voting members

Discussion

  • New faces [Max]
  • Approve agenda (with any changes) [Max]
  • Approval of minutes of last meeting [All]
    • 03/07 minutes are available at: https://github.com/PQCA/TAC/pull/5 
    • Please review minutes and vote for approval via approval of the pull request, or make a comment / code review to suggest a change
  • Project lifecycle document [All]
    • https://docs.google.com/document/d/1NV-0vNgXWdc81oqT0jv0C-9Funb8dySS06u90ghF-X4/edit
    • Start merging changes and reply to comments
    • Can revise the document over time
    • Flexibility
  • Working groups [Max]
    1. https://github.com/PQCA/TAC/issues/8
    1. Website managed by Naomi
    2. Different parts come from github.io for the various projects
    3. Work with Naomi to ensure that PQCA.org sections that require changes sync with correct parts of the projects github.io
      1. https://github.com/PQCA/TAC/issues/7
    4. It’s the essence of this project
    5. Goal is to currate which OSS PQ algo implementation to reach out to
      1. https://github.com/PQCA/TAC/issues/2
    6. Open SSF guideline
    7. Scorecard (started, Nigel)
      1. At least start with basic
      2. Automated as much as possible
      3. Moved to best practices eventually
      4. CVE vulnerability reporting
    8. Sigstore
    9. CBOM (a bit meta since the items in this project are used by CBOM)
    10. Get someone from OpenSSF (reach out to Omkar and cc: Hart)
  • Vision for TAC <= Delayed to next meeting
  • PQ Code Package [Nigel]
    • Different algorithms already
    • Creation of TSC
    • Need list members
    • Project charter (template from Hart)
    • Documentation and website pages
    • Hackathon after charter

Action items

Done (from previous minutes)

  • Propose the 3 new working groups: Algos, Tooling / Misc, and Docs / Education / Website as issues [Max]

Old

  • Schedule next hackathon meeting [Nigel]
  • Review lifecycle document and include assurance into template doc [All]

New

  • Reach out to OQS about lifecycle document [Thomas / Nigel]
  • Setup TSC for PQ Code Package [Nigel]
  • Reach out to OpenSSF (Omkar) for a security governance overview / best practices [Max]

Recordings

Upcoming TAC meetings

Please check the calendar

Attended by

Non-voting members

  • Bryan (Keyfactor)
  • Ry (LF)
  • Hart (LF)
  • Naomi (LF)
  • Nigel (IBM)

Voting members

  • Norman Ashley, Cisco
  • Michael (Max)imilien, IBM
  • Sam Stanwyck, NVIDIA
  • Sophie Schmieg, Google
  • Brian Jarvis, Amazon Web Services Inc.
  • Thomas Bailleux, SandboxAQ