From 13cddb6cd50f4b4c662709c94f1faf5717270452 Mon Sep 17 00:00:00 2001
From: Nigel Jones <jonesn@uk.ibm.com>
Date: Mon, 13 May 2024 09:50:18 +0100
Subject: [PATCH 1/4] 2024-05-09 minutes - initial version

Signed-off-by: Nigel Jones <jonesn@uk.ibm.com>
---
 meetings/2024-05-09/minutes.md | 158 +++++++++++++++++++++++++++++++++
 meetings/index.md              |   4 +-
 2 files changed, 159 insertions(+), 3 deletions(-)
 create mode 100644 meetings/2024-05-09/minutes.md

diff --git a/meetings/2024-05-09/minutes.md b/meetings/2024-05-09/minutes.md
new file mode 100644
index 0000000..41455ad
--- /dev/null
+++ b/meetings/2024-05-09/minutes.md
@@ -0,0 +1,158 @@
+---
+layout: default
+title: 2024-05-09 TSC Meeting Record
+parent: Meeting Minutes
+grand_parent: PQCP TSC
+nav_exclude: true
+---
+
+# 2024-05-09 TSC Meeting Minutes
+
+## Agenda
+
+* Welcome
+* Reminder of [TSC Charter](charter/charter-2024-01-29.pdf)
+* Agree TSC membership
+* Establishing a voting procedure
+* Election of a TSC chair
+* Identify a representative from the PQCP TSC to the PQCA Technical Advisory Committee
+* Agree meeting frequency and appropriate days/times
+* Discuss & identify initial priorities for the TSC
+* Review relevant PQCA activities
+* Review status of sub projects
+  
+  * mlkem-c-generic
+  * mlkem-c-embedded
+  * mlkem-c-aarch64
+  * mkkem-libjade
+  * mlkem-rust-libcrux
+  * test vectors?
+  * documentation
+
+* Any other business
+
+## Announcements
+
+## Presentation
+
+None
+
+## Decision
+
+* [x] Initial list of TSC voting members confirmed
+
+## Discussion
+
+### TSC Charter
+
+Key elements from charter were highlighted - we agreed this was accurate:
+
+_PQ Code Package Project, which will build high-assurance production-ready software implementations of forthcoming post-quantum cryptography standards, starting with the ML-KEM algorithm_
+
+Alex noted the charter stats a CONTRIBUTING.md file should be present in each repo. We don't have this. (Action: Nigel to raise issue/fix)
+
+### TSC _Voting_ Membership
+
+It was noted by Naomi this should be referred to as Voting members. We have an open community to which everyone is invited. Here we are only voting on those elegible to vote in future TSC discussions.
+
+Discussed composition of TSC - typically starts as maintainer from each of the contributing subjects. Each member proposed in the initial list explained their role. A vote was taken which agreed with the initial voting members of the TSC. These voting members are listed in the attendance section below
+
+### Voting Procedure / Election of a TSC Chair / PQCA TAC Rep
+
+We agreed that an offline vote was the best way to elect a TSC Chair. Naomi will arrange a vote via github. Ry noted candidates should self-nominate.
+
+Naomi also pointed out that the TSC Chair will be the PQCA TAC Rep.
+
+### Meeting frequency/times
+
+Some consensus of a monthly frequency longer term, but we agreed to have the next meeting in 2 weeks time as we're getting started. The current time (Thu 1300 UTC) seems ok. Naomi will send out a 1-off invite, and we'll review at the next TSC meeting.
+
+### Discuss initial priorities
+
+
+#### Common APIs
+
+Agreed useful to have common APIs between implementations, especially where they are in the same language (and similar where it makes sense, if not).
+
+Tiago noted that sometimes randomization needs to come from outside, so needed an API change.
+
+We should ask users about APIs (including John in Mozilla). Open Quantum Safe is also a consumer.
+
+Agreed a good starting point would be for 1 or 2 projects to present on their APIs and design decisions for the rest of the group.
+
+Hanno pointed out a consistent internal structure is useful too.
+
+#### Lifecycle / Projects / Assurance
+
+How do we describe assurance levels?
+
+Agreed each project could explain what their interpretation is & share. We can then derive a common definition. Nigel pointed out we need to be able to explain to a consumer what to expect.
+
+What do we expect from a reference implementation? Is this production ready? Agreed important to have reference implementation.
+
+What is production code? What are it's characteristics? Nigel noted that the PQCA has a project lifecycle proposal, and some discussion is delegated to the open quantum safe team - so probably makes sense to consolidate the discussion there.
+
+#### Test vectors
+
+Norman would like to propose a common testing harness. Common API would help. We could use the NIST test server. Need to supply credentials including cert. Ry will help out with the cert.
+
+## Review PQCA activities
+
+Nigel briefly mentioned the following calls for workgroups at the PQCA:
+
+* Security and Governance
+* CBOMs and SBOMs
+* Algorithms
+
+## Review subprojects
+
+Matthias mentioned they now have stack optimized code. Not very fast yet. Working through some cleanup including cc0 licensing. Currently no issues to discuss at tsc. For aarch64 have defined what to achieve - Hanno is new maintainer for this
+
+Nigel briefly mentioned our initial docs site at https://docs.pqcodepackage.org
+
+We ran out of time to do justice to this discussion. Continue in next session.
+
+## Action items
+
+Action items
+
+### Done (from previous minutes)
+
+### Old
+
+### New
+
+* [ ] Nigel to share links on project lifecycle discussions
+* [ ] Matthias to Present API design/approach for embedded/arch64
+* [ ] Matthias - what does high assurance mean fir the embedded/arch64 subproject
+* [ ] Naomi to arrange TSC chair vote
+* [ ] Naomi to schedule next meeting / send out invites
+
+## Recordings
+
+* [Recordings are available on your Open Profile page](https://openprofile.dev/my-meetings) under Past Meetings
+
+## Upcoming TAC meetings
+
+[Please check the calendar](https://pqca.org/calendar/)
+
+## Attended by
+
+### TSC voting members
+
+* [x] Manuel Barbosa, Cryspen
+* [x] Hanno Becker, AWS
+* [x] Nigel Jones, IBM
+* [x] Matthias J. Kannwischer, CHelpis Quantum Tech
+* [x] Franziskus Kiefer, Sandbox AQ
+* [x] Tiago Oliveira, Nova IMS
+* [ ] John Schanck, Mozilla
+* [x] Douglas Stebila, University of Waterloo
+
+### Additional attendees
+
+* Alex Bozarth, IBM
+* Norman Ashley, Cisco
+* Naomi Washington, Linux Foundation
+* Ry Jones, Linux Foundation
+* ???, Nvidia _Apologies: details to be corrected from recording_
diff --git a/meetings/index.md b/meetings/index.md
index 906b549..304e8ec 100644
--- a/meetings/index.md
+++ b/meetings/index.md
@@ -1,6 +1,4 @@
 # Minutes and agenda
 
-A regular meeting cadence has not yet been established.
-
-* 2024-05-09 : [agenda](2024-05-09/agenda.md) / minutes (kick-off meeting)
+* 2024-05-09 : [agenda](2024-05-09/agenda.md) / [minutes](2024-05-09/minutes.md) (kick-off meeting)
   
\ No newline at end of file

From e2e94ff14d9246e0ad5864af9accecdd18640c40 Mon Sep 17 00:00:00 2001
From: Nigel Jones <jonesn@uk.ibm.com>
Date: Mon, 13 May 2024 10:18:05 +0100
Subject: [PATCH 2/4] 2024-05-09 minutes - add more links

Signed-off-by: Nigel Jones <jonesn@uk.ibm.com>
---
 meetings/2024-05-09/minutes.md | 49 +++++++++++++++++-----------------
 1 file changed, 25 insertions(+), 24 deletions(-)

diff --git a/meetings/2024-05-09/minutes.md b/meetings/2024-05-09/minutes.md
index 41455ad..1bf7b58 100644
--- a/meetings/2024-05-09/minutes.md
+++ b/meetings/2024-05-09/minutes.md
@@ -15,19 +15,19 @@ nav_exclude: true
 * Agree TSC membership
 * Establishing a voting procedure
 * Election of a TSC chair
-* Identify a representative from the PQCP TSC to the PQCA Technical Advisory Committee
+* Identify a representative from the PQCP TSC to the [PQCA Technical Advisory Committee](https://pqca.org/about/technical-advisory-council/)
 * Agree meeting frequency and appropriate days/times
 * Discuss & identify initial priorities for the TSC
 * Review relevant PQCA activities
 * Review status of sub projects
   
-  * mlkem-c-generic
-  * mlkem-c-embedded
-  * mlkem-c-aarch64
-  * mkkem-libjade
-  * mlkem-rust-libcrux
+  * [mlkem-c-generic](https://github.com/pq-code-package/mlkem-c-generic)
+  * [mlkem-c-embedded](https://github.com/pq-code-package/mlkem-c-embedded)
+  * [mlkem-c-aarch64](https://github.com/pq-code-package/mlkem-c-aarch64)
+  * [mkkem-libjade](https://github.com/pq-code-package/mlkem-libjade)
+  * [mlkem-rust-libcrux](https://github.com/pq-code-package/mlkem-rust-libcrux)
   * test vectors?
-  * documentation
+  * [documentation](https://github.com/pq-code-package/documentation)
 
 * Any other business
 
@@ -39,7 +39,7 @@ None
 
 ## Decision
 
-* [x] Initial list of TSC voting members confirmed
+* [x] Initial list of TSC voting members confirmed.
 
 ## Discussion
 
@@ -49,13 +49,13 @@ Key elements from charter were highlighted - we agreed this was accurate:
 
 _PQ Code Package Project, which will build high-assurance production-ready software implementations of forthcoming post-quantum cryptography standards, starting with the ML-KEM algorithm_
 
-Alex noted the charter stats a CONTRIBUTING.md file should be present in each repo. We don't have this. (Action: Nigel to raise issue/fix)
+Alex noted the charter stats a **CONTRIBUTING.md** file should be present in each repo. We don't have this. [Issue 54](https://github.com/pq-code-package/tsc/issues/54)
 
 ### TSC _Voting_ Membership
 
 It was noted by Naomi this should be referred to as Voting members. We have an open community to which everyone is invited. Here we are only voting on those elegible to vote in future TSC discussions.
 
-Discussed composition of TSC - typically starts as maintainer from each of the contributing subjects. Each member proposed in the initial list explained their role. A vote was taken which agreed with the initial voting members of the TSC. These voting members are listed in the attendance section below
+Discussed composition of TSC - typically starts as maintainer from each of the contributing subjects. Each member proposed in the initial list explained their role. A vote was taken which agreed with the initial voting members of the TSC. These voting members are listed in the attendance section below.
 
 ### Voting Procedure / Election of a TSC Chair / PQCA TAC Rep
 
@@ -76,7 +76,7 @@ Agreed useful to have common APIs between implementations, especially where they
 
 Tiago noted that sometimes randomization needs to come from outside, so needed an API change.
 
-We should ask users about APIs (including John in Mozilla). Open Quantum Safe is also a consumer.
+We should ask users about APIs (including John in Mozilla where it's used in [NSS](https://wiki.mozilla.org/NSS)). [Open Quantum Safe](https://openquantumsafe.org/) is also a consumer.
 
 Agreed a good starting point would be for 1 or 2 projects to present on their APIs and design decisions for the rest of the group.
 
@@ -90,19 +90,19 @@ Agreed each project could explain what their interpretation is & share. We can t
 
 What do we expect from a reference implementation? Is this production ready? Agreed important to have reference implementation.
 
-What is production code? What are it's characteristics? Nigel noted that the PQCA has a project lifecycle proposal, and some discussion is delegated to the open quantum safe team - so probably makes sense to consolidate the discussion there.
+What is production code? What are it's characteristics? Nigel noted that the PQCA has a [project lifecycle proposal](https://docs.google.com/document/d/1NV-0vNgXWdc81oqT0jv0C-9Funb8dySS06u90ghF-X4/edit), and some discussion is [delegated to the open quantum safe team](https://github.com/open-quantum-safe/tsc/issues/1) - so probably makes sense to consolidate the discussion there.
 
 #### Test vectors
 
-Norman would like to propose a common testing harness. Common API would help. We could use the NIST test server. Need to supply credentials including cert. Ry will help out with the cert.
+Norman would like to propose a [common testing harness](https://github.com/pq-code-package/tsc/issues/29). Common API would help. We could use the [NIST acvts test server](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/how-to-access-acvts). Need to supply credentials including cert. Ry will help out with the cert.
 
 ## Review PQCA activities
 
 Nigel briefly mentioned the following calls for workgroups at the PQCA:
 
-* Security and Governance
-* CBOMs and SBOMs
-* Algorithms
+* [Security and Governance](https://github.com/PQCA/TAC/issues/2)
+* [CBOMs and SBOMs](https://github.com/PQCA/TAC/issues/14)
+* [Algorithms](https://github.com/PQCA/TAC/issues/7)
 
 ## Review subprojects
 
@@ -123,6 +123,7 @@ Action items
 ### New
 
 * [ ] Nigel to share links on project lifecycle discussions
+* [ ] Nigel to contact John Schanck about API needs
 * [ ] Matthias to Present API design/approach for embedded/arch64
 * [ ] Matthias - what does high assurance mean fir the embedded/arch64 subproject
 * [ ] Naomi to arrange TSC chair vote
@@ -140,14 +141,14 @@ Action items
 
 ### TSC voting members
 
-* [x] Manuel Barbosa, Cryspen
-* [x] Hanno Becker, AWS
-* [x] Nigel Jones, IBM
-* [x] Matthias J. Kannwischer, CHelpis Quantum Tech
-* [x] Franziskus Kiefer, Sandbox AQ
-* [x] Tiago Oliveira, Nova IMS
-* [ ] John Schanck, Mozilla
-* [x] Douglas Stebila, University of Waterloo
+* [x] [Manuel Barbosa](https://github.com/mbbarbosa), Cryspen
+* [x] [Hanno Becker](https://github.com/hanno-becker), AWS
+* [x] [Nigel Jones](https://github.com/planetf1), IBM
+* [x] [Matthias J. Kannwischer](https://github.com/mkannwischer), CHelpis Quantum Tech
+* [x] [Franziskus Kiefer](https://github.com/franziskuskiefer), Sandbox AQ
+* [x] [Tiago Oliveira](https://github.com/tfaoliveira), Nova IMS
+* [ ] [John Schanck](https://github.com/jschanck), Mozilla
+* [x] [Douglas Stebila](https://github.com/dstebila), University of Waterloo
 
 ### Additional attendees
 

From 4b9a5a8e008dbd26b2fd0a51929dabc75febab3d Mon Sep 17 00:00:00 2001
From: Nigel Jones <jonesn@uk.ibm.com>
Date: Mon, 13 May 2024 10:56:04 +0100
Subject: [PATCH 3/4] 2024-05-09 minutes - additional notes from transcript &
 correction to affiliations

Signed-off-by: Nigel Jones <jonesn@uk.ibm.com>
---
 meetings/2024-05-09/minutes.md | 41 ++++++++++++++++++++++------------
 1 file changed, 27 insertions(+), 14 deletions(-)

diff --git a/meetings/2024-05-09/minutes.md b/meetings/2024-05-09/minutes.md
index 1bf7b58..c3f6fdb 100644
--- a/meetings/2024-05-09/minutes.md
+++ b/meetings/2024-05-09/minutes.md
@@ -72,30 +72,42 @@ Some consensus of a monthly frequency longer term, but we agreed to have the nex
 
 #### Common APIs
 
-Agreed useful to have common APIs between implementations, especially where they are in the same language (and similar where it makes sense, if not).
+See [
+](https://github.com/pq-code-package/tsc/issues/4)
 
-Tiago noted that sometimes randomization needs to come from outside, so needed an API change.
+Agreed useful to have common APIs between implementations, especially where they are in the same language (and similar where it makes sense, if not).
 
 We should ask users about APIs (including John in Mozilla where it's used in [NSS](https://wiki.mozilla.org/NSS)). [Open Quantum Safe](https://openquantumsafe.org/) is also a consumer.
 
-Agreed a good starting point would be for 1 or 2 projects to present on their APIs and design decisions for the rest of the group.
+Tiago noted that sometimes randomization needs to come from outside, so needed an API change for NSS.
 
-Hanno pointed out a consistent internal structure is useful too.
+Hanno pointed out a consistent internal structure is useful too ie common functions in C implementations, as is common packaging. Doug mentioned it could be useful for a consumer to pull in several different implementations (ie generic, x86 etc).
+
+Agreed a good starting point would be for 1 or 2 projects to present on their APIs and design decisions for the rest of the group. We could start with Tiago & then Matthias.
 
 #### Lifecycle / Projects / Assurance
 
 How do we describe assurance levels?
 
-Agreed each project could explain what their interpretation is & share. We can then derive a common definition. Nigel pointed out we need to be able to explain to a consumer what to expect.
+Franziskus mentioned this should be a high priority as it's on our charter.
+
+Can we have a single definition? Noted aspects can vary (ie threading model, whether algo is constant-time checked...). Agreed each project could explain what their interpretation is & share. We can then derive a common definition. Nigel pointed out we need to be able to explain to a consumer what to expect - how do I choose which implementation to use?
 
 What do we expect from a reference implementation? Is this production ready? Agreed important to have reference implementation.
 
 What is production code? What are it's characteristics? Nigel noted that the PQCA has a [project lifecycle proposal](https://docs.google.com/document/d/1NV-0vNgXWdc81oqT0jv0C-9Funb8dySS06u90ghF-X4/edit), and some discussion is [delegated to the open quantum safe team](https://github.com/open-quantum-safe/tsc/issues/1) - so probably makes sense to consolidate the discussion there.
 
+Security vulnerability reporting also important.
+
+Nigel suggested that Production could mean getting to a point where an org could take it & incorporate into their systems with some level of confidence, or perhaps goes into a distribution like Fedora.
+
 #### Test vectors
 
-Norman would like to propose a [common testing harness](https://github.com/pq-code-package/tsc/issues/29). Common API would help. We could use the [NIST acvts test server](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/how-to-access-acvts). Need to supply credentials including cert. Ry will help out with the cert.
+Norman would like to propose a [common testing harness](https://github.com/pq-code-package/tsc/issues/29) within PQCP. Common API would help. We could use the [NIST acvts test server](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/how-to-access-acvts). Need to supply credentials including cert. Ry will help out with the cert.
+
+#### Hackathons
 
+It may make sense for future hackathons to be more targetted?
 ## Review PQCA activities
 
 Nigel briefly mentioned the following calls for workgroups at the PQCA:
@@ -106,9 +118,9 @@ Nigel briefly mentioned the following calls for workgroups at the PQCA:
 
 ## Review subprojects
 
-Matthias mentioned they now have stack optimized code. Not very fast yet. Working through some cleanup including cc0 licensing. Currently no issues to discuss at tsc. For aarch64 have defined what to achieve - Hanno is new maintainer for this
+Matthias mentioned they now have stack optimized code. Not very fast yet. Working through some cleanup including cc0 licensing. Currently no issues to discuss at tsc. For aarch64 have defined what to achieve - Hanno is new maintainer for this.
 
-Nigel briefly mentioned our initial docs site at https://docs.pqcodepackage.org
+Nigel briefly mentioned our initial docs site at https://docs.pqcodepackage.org .
 
 We ran out of time to do justice to this discussion. Continue in next session.
 
@@ -124,8 +136,8 @@ Action items
 
 * [ ] Nigel to share links on project lifecycle discussions
 * [ ] Nigel to contact John Schanck about API needs
-* [ ] Matthias to Present API design/approach for embedded/arch64
-* [ ] Matthias - what does high assurance mean fir the embedded/arch64 subproject
+* [ ] Tiago, Matthias to Present API design/approach for embedded/arch64 (see [Issue 4](https://github.com/pq-code-package/tsc/issues/29))
+* [ ] All - what does high assurance mean for the embedded/arch64 subproject
 * [ ] Naomi to arrange TSC chair vote
 * [ ] Naomi to schedule next meeting / send out invites
 
@@ -141,12 +153,12 @@ Action items
 
 ### TSC voting members
 
-* [x] [Manuel Barbosa](https://github.com/mbbarbosa), Cryspen
+* [x] [Manuel Barbosa](https://github.com/mbbarbosa), University of Porto
 * [x] [Hanno Becker](https://github.com/hanno-becker), AWS
 * [x] [Nigel Jones](https://github.com/planetf1), IBM
 * [x] [Matthias J. Kannwischer](https://github.com/mkannwischer), CHelpis Quantum Tech
-* [x] [Franziskus Kiefer](https://github.com/franziskuskiefer), Sandbox AQ
-* [x] [Tiago Oliveira](https://github.com/tfaoliveira), Nova IMS
+* [x] [Franziskus Kiefer](https://github.com/franziskuskiefer), Cryspen
+* [x] [Tiago Oliveira](https://github.com/tfaoliveira), Sandbox AQ
 * [ ] [John Schanck](https://github.com/jschanck), Mozilla
 * [x] [Douglas Stebila](https://github.com/dstebila), University of Waterloo
 
@@ -156,4 +168,5 @@ Action items
 * Norman Ashley, Cisco
 * Naomi Washington, Linux Foundation
 * Ry Jones, Linux Foundation
-* ???, Nvidia _Apologies: details to be corrected from recording_
+* Yarkin Doroz, Worcester Polytechnic Institute
+* Duc Tri Nguyen, Sandbox AQ

From d96717f880f9d5b3539cd1e5ae06d10e83b68b43 Mon Sep 17 00:00:00 2001
From: Nigel Jones <nigel.l.jones+git@gmail.com>
Date: Thu, 16 May 2024 11:21:29 +0100
Subject: [PATCH 4/4] Update meetings/2024-05-09/minutes.md

Co-authored-by: Duc Tri Nguyen <dnguye69@gmu.edu>
Signed-off-by: Nigel Jones <nigel.l.jones+git@gmail.com>
---
 meetings/2024-05-09/minutes.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meetings/2024-05-09/minutes.md b/meetings/2024-05-09/minutes.md
index c3f6fdb..1169b21 100644
--- a/meetings/2024-05-09/minutes.md
+++ b/meetings/2024-05-09/minutes.md
@@ -169,4 +169,4 @@ Action items
 * Naomi Washington, Linux Foundation
 * Ry Jones, Linux Foundation
 * Yarkin Doroz, Worcester Polytechnic Institute
-* Duc Tri Nguyen, Sandbox AQ
+* Duc Tri Nguyen, Cryptography Engineering Research Group @ GMU