...
Scott
Ken
Key discussion items
...
- It was discussed what we are trying to produce
...
AH straw man is this we are trying to produce?
...
- in the sub-group.
- Andrew shared a straw man on 63B (Section 5.1.7) and asked the group if this was the right direction of the work.
Kantara Initiative Mail - [SG-800-63-3
...
Next week further what we are
...
...
assessment guide is that we are trying to create?
So the attached doc is a first attempt to produce assessment criteria against the specified requirements in one section of 63B: s5.1.7 Single-Factor Cryptographic Devices.
On the left I've copied the text from 63B.
On the right I've written a bunch of questions that must be answered to determine if the stated requirement from the left has been fulfilled.
There might be additional instructions to the assessor on what evidence is needed to support the answers on the right.
...
- analysis ACH.docx
- There was a general consensus that the straw man was not what the group is trying to achieve and produce.
- It was commented that the outcome of the group, should enable an assessor to assess that a CSP meets 800-63-3.
AH if our objective to strict evaluate conformity to the requirements stated In -63, assessment guide and instructions to some extent, to have assessors assess in a similar ways and come to similar conclusions.
...