Document ISO/IEC/JTC 1/SC 22/WG 23 N0574
Meeting Minutes of Mtg #37 (draft)
ISO/IEC JTC 1/SC 22/WG 23: Programming Language Vulnerabilities
3 August 2015

Meeting Location :

Teleconference

Meeting Times:

Started 3 August 2015 at 2000 UTC
Ended 3 August 2015 at 2200 UTC

Agenda

1 Opening activities

1.1 Opening Comments

1.2 Introduction of Participants/Roll Call

Stephen Michell
Clive Pygott
David Keaton
Larry Wagoner
Erhard Ploedereder

1.3 Procedures for this Meeting

1.4 Approval of previous Minutes

Defer to Meeting 38 for minutes of Meeting 36, and meeting 37.

1.5 Review of actions items and resolutions, Action Item and Decision Logs

1.6 Approval of Agenda [N 05XX]

Approved.

1.7 Future Meeting Schedule

2016

#47

#46

#45

#44

#43

#42

November 2016

October 2016

TBD Sep 2016

TBD June 2016

TBD May 2016

April 14 (noon) -16

Teleconference

Teleconference

With SC 22 Plenary

Face-to Face, location TBD

Teleconference (UTC 2000, 2 hr)

BSI, London UK, with SC 22/WG 14


#43

#42

#41

7 March 2016

8 Feb 2016

11-13 Jan 2016

Teleconference (UTC 2100, 2 hr)

Teleconference (UTC 2100, 2 hr)

Place – Tampa, or Orlando

2015

#40

23/11/15

Teleconference (UTC 2100, 2 hr)

oo

#39


Cancelled

#38

Sep 17-18 2015

Washington, DC with SC 22 Plenary












2. Liaison Activities (as needed – not for this meeting)

2.1 SC 22

2.2 PL 22 (Open)

2.3 PL22.3/WG5 (Fortran)

2.4 WG4 (COBOL)

2.5 WG9 (Ada)

2.6 PL22.11/WG14 (C)

2.7 PL22.16/WG21 (C++)

2.8 Ecma International, TC49/TG2 (C#)

2.9 Ecma International, TC39 (ECMAScript)

2.10 MISRA (C)

2.11 MISRA (C++)

2.12 SPARK

2.13 SC7/WG19 (UML)

2.14 SC27/WG3, WG4 Security

2.15 Other Liaison Activities or National body reports

3. Document Review

3.1 DIS 17960 Code Signing

Document SC 22 N5046, WG 23 document 0573.

FDIS Ballot finished. 13 NB’s voted in favour, no negative votes, 7 abstentions.

Comments from France and Japan and SC 27/WG 3.

Comment Resolution in document N0575.

Response to SC 27 WG 3 comments on FDIS 17960 are in N0576.

3.2 TR 24772-1 Vulnerabilities, language independent

3.3 TR 24772-2 Ada

3.4 TR 24772-4 Python

3.5 TR 24772-8 Fortran

Defer to Meeting 38.

3.6 TR 24772-X C++

Defer to meeting 38.

3.6 TR 24772-3 C

Defer to meeting 38.


3.7 TR 24772-X C++

Defer to meeting 38.

4 Strategy (for face-to-face meetings)

5. Publicity (for face-to-face meetings)

6. Other Business

6.1 Review of Assignment of responsibilities

7. Resolutions and Action Items

Resolve to send IS 17960 as edited at this meeting to ITTF for publication. The editor will work with the SC 22 secretariat.

Action items listed:



Action

37-06

Steve

Get IS 15408 and 18045 for reference in revision of IS 17960:2015.

Open


2015-08-03

Action

37-05

Larry, Stephen

Set up meeting for 11-13 January in Orlando or Tampa area.

Open


2015-08-03

Action

37-04

Steve

Contact Jean Stride about Saturday meeting at BSI on April 16th.

Open


2015-08-03

Action

37-03

All

Review core document (N0565), in particular clause 6.4 Floating pt (all subclauses)



2015-08-03

Action

37-02

Steve

Modify CWE comparison spreadsheet and turn into S0006



2015-08-03

Action

37-01

All

Review N0566 (24772-3 initial draft) and make formal comments for meeting 38.

Open


2015-08-03



8. Adjournment