Blue Sheet (Attendees)  
Behcet Sarikaya  
Charles Hart  
Dick Brooks  
Joshua Lock  
Monty Wiseman  
Neal McBurnett  
Steve Lasker  
Zachary Newman  
Henk Birkholz  
Kay Williams  
Jon Geater  
Ray Lutz  
Orie Steele

# Introduction   {#introduction}

*   Lead: Hannes Tschofenig
*   Welcome to the group
*   We are using IETF tooling including Meetecho for remote
    participation and HedgeDoc for notes

# Use Cases Discussion   {#use-cases-discussion}

*   Use case document is getting in better shape
*   Is the content up to date?

*   Henk Birkholz
    *   Not a lot of changes
    *   Addressing feedback from Hannes and others
    *   Most feedback has been entered as issues in GitHub
    *   Need to create uniform style across Henk and Yogesh's documents
    *   Reached out to Monty to distill Firmware use case

*   Yogesh
    *   Style he had been using was based on document shared by Hannes

*   Henk Birkholz
    *   Yogesh and Henk to meet to come up with a proposal for style and
        review with the group
    *   Do we have sigstore use cases covered?

*   Joshua Lock
    *   Can help with sigstore use cases

*   Dick Brooks
    *   Proposed additional use case - registration of a trust score

*   Charles Hart
    *   Not all issues from mailing list are included in Use Cases
        document
    *   Some use cases use proprietary terminology (e.g. 'Trust Bond',
        'Trust Score')
        *   If we are going to use any terms of art, need to ensure
            these are not proprietary
        *   Dick: officially withdrawing the term 'Trust Bond' pending
            another way to describe
    
    *   Question regarding whether evidence is stored in the ledger or
        outside
        *   Roy: would be great to have two use cases; one that shows
            evidence stored in the ledger, another where it is outside
        *   Jon: discussion already had and concluded on mailing list
            that support is needed for both
        *   Steve: documenting in use cases (or some other requirements
            document?) will help; some technical challenges, e.g. query,
            promotion across ledger instances; access control
    
    *   (Another point that Kay missed...) (perhaps point that a third
        option would be linking or referring to some public evidence
        outside the ledger??)

*   Election Use Case
    *   Ray
        *   Working on election data use case
        *   Requires data outside of the ledger
        *   Also requires air-gap support
    
    *   Hannes:
        *   makes sense to have several paragraphs written about it
        *   useful to document somewhere even if we put it on hold for
            now
    
    *   Ray:
        *   would need to summarize; currently too detailed
    
    *   Roy:
        *   Would love to see full document

*   Non-opaque well known statements (Henk)
    *   Relationships between statements
    *   Links to external payload

*   Audit use case
    *   What should be exposed during audit? This will help inform what
        data is stored on ledger, which is external (Roy)

*   Sigstore Use Cases (Hannes)
    *   Link posted to mailing list ahead of the holidays
    *   Writeups by different companies
    *   Would be good to cover these in our use cases
    *   Key Management, Air-gapped scenarios
    *   Can someone review and ensure these are covered in our document?

*   Goal data for finishing use case document?
    *   Should we set a date? (Dick)
    *   Proposed date - mid-February (Hannes)
    *   Henk: agree with mid-February; needs to switch to another
        project by then
    *   Dick: agree with mid-February

# Additional Topics for today's meeting   {#additional-topics-for-todays-meeting}

*   Sigstore use cases (proposed by Hannes)
*   Proposed new use case (proposed by Hannes)
*   Workback schedule for IETF 116 (proposed by Roy)
*   Terminology document (proposed by Roy)

# Threat Model   {#threat-model}

*   Henk to ping Brendan Moran to help with threat model
*   Hannes - sensible to include threat model in architecture document

# Material for IETF 116 (Roy)   {#material-for-ietf-116-roy}

*   Summary
    *   Use Cases
    *   Threat Model
    *   Terminology

*   Jon
    *   Use Cases
    *   Threat model

*   Roy
    *   What will the slides be?
    *   Who will work on each slides?
    *   Posters

*   Hannes
    *   Jon/Hannes to send email to see who will attend in person and
        remote
    *   Remote attendance for IETF 116 may be challenging give time zone

*   Yogesh
    *   Terminology should also be a topic for IETF 116; discussion with
        Cedric and Antoine before the holidays, should be able to wrap
        up in the next several weeks
    *   Will take an action to summarize current status and open items
        and share with SCITT mailing list

# Terminology   {#terminology}

*   Monty
    *   do we have a place to describe definitions of concepts we need
        describe terms for? Once we have a list of definitions, we can
        define terms
    *   Is there method for discussion of terms

*   Hannes
    *   Mailing list

*   Yogesh
    *   All terms we use should be in the terminology section of the
        SCITT architecture document

# Thursday technical meeting   {#thursday-technical-meeting}

*   Thursday bi-weekly meeting - is this still happending? (Ray)
*   Hannes: No. The only formal meeting is this one on Mondays; there
    may be ad-hoc small group meetings on specific topics.
*   Yogesh: The Thursday meeting (from his outlook calendar) has now
    been cancelled