Skip to content

2024‐07‐23‐CFCC‐Minutes

Jump to bottom
Aditya P. Gurajada edited this page Jul 24, 2024 · 18 revisions

Certifier Framework Monthly Meeting

Date: Wed, July, 24, 2024, Time: 6-7 am PST

NOTE: The Wiki-file's date in the name is wrong; will fix it after the meeting.

Attendees

  • Community: John Manferdelli, Chris Ramming, Aditya Gurajada
  • Broadcom: Ye Li, Rado Gerganov
  • Samsung: Bokdeuk Jeong
  • Others: None

Agenda

  1. Issue #250 Discuss mentorship opportunity for CCC project ideas; E.g.
  • (Ye) Figuring out how Coconut-SVSM works with SEV-SNP and attempt to add support of it as another backend to the Certifier Framework;
  • Port of CFCC to Mac/OSX
  1. (John) Update on your talk on Quantum resistant algs and integration with CFCC library to CCC -- did that happen?
  2. (John/Chris) Update on request from MU Prof. Calyam for guidance with NSF proposal
  3. (John) Other updates from external interactions

Pending items from past backlog list

  • PR #246 is assigned to Ye & John. Please resolve whatever needs to be done to get this in.
  • Ye - investigate and come-up with a recommendation for a static analysis tool to be implemented in our repo
  • Rado -- investigate and come-up with a recommendation for a dynamic analysis tool to be implemented in our repo
  • Aditya -- once the tools / processes are identified, will coordinate with Ye & Rado to implement the dev/Ci-processes required.
  • Aditya -- follow-up on code-level cleanup items for Ubuntu-Linux, sev-simulator changes
  • Aditya will take John's recent writeup on Quantum safe crypto algorithms and update Wiki. Work w/ John to finalize.

Status Updates

  1. John gave a talk to CCC TAC in June 2024, on Quantum safe crypto algorithms. Working on a blog on this topic. Will share link to talk. Upshot: Algos need to be supported in h/w. Algos ~20-30% slower than current algorithms; due to use of SHA-3.
  2. Group from MS & someone in Germany interested in CFCC: Some networking going on with both teams.
  3. John thinking about implementing in CFCC support for Quantum safe algos, which is mostly OpenSSL. S/W testing is possible.
  4. John reports that MS was interested in porting CFCC to run on Mac/OSX.
  5. Chris: Updated on NSF project solicitation for CC projects, around privacy solutions. CC is necessary foundation for privacy solutions; working on WP w/Intel. WH came out with Pres order on Privacy. NSF came out with RFCs for projects around CC.
  1. Bokdeuk (Samsung) and Ye had a discussion about support needed in CFCC for application update, specifically about sealing, in addition to re-certification.

Action Items

  1. (Ye) Need to find out design issues from AMD
  2. John: Will own appln development: Use CFCC to build a private communication appln. Requires h/w. Some dependencies for intern person to drive. Can run with simulated-SEV. Aditya to follow-up w/John.
  3. Ye: Did static analysis "basic"-check w/CppCheck: Found some error on Keystone - had double definition of report struct. Log an issue for this error.
  4. CppCheck - available on all platforms.
  5. Aditya to investigate how to integrate this into CI.
  6. Rado - To follow-up on OSS dynamic analysis tools (e.g. ~ Coverity). Check w/Sal.
  7. Ye to double-check interface for what's exposed for dev usage & applications. Will revert to Samsung.

CFCC-Wiki

CFCC-Monthly Meetings

How-To-Add-Meeting-Minutes-Page

CFCC-2024-Meeting-Minutes

Clone this wiki locally