========================
#fdio-meeting: fd.io TSC
========================


Meeting started by edwarnicke at 15:00:20 UTC.  The full logs are
available at
http://ircbot.wl.linuxfoundation.org/meetings/fdio-meeting/2016/fdio-meeting.2016-05-05-15.00.log.html
.



Meeting summary
---------------

* Rollcall  (edwarnicke, 15:00:25)
  * edwarnicke  (edwarnicke, 15:00:35)
  * C.J. Collier present  (cj, 15:00:39)
  * Joel Halpern  (joelhalpern, 15:00:42)
  * Chris Luke is alive  (Chrisy, 15:02:07)
  * dbarach present  (DaveBarach, 15:02:48)
  * Keith Wiles for Venky  (keith_wiles, 15:03:28)

* Agenda Bashing  (edwarnicke, 15:03:32)
  * Pierre Pfister  (ppfister, 15:03:37)
  * ACTION: CJ to register CPE with NIST: https://nvd.nist.gov/cpe.cfm
    (edwarnicke, 15:05:09)
  * ACTION: Keith Burns to document convention on wiki and email the
    mailing list  (edwarnicke, 15:05:55)

* Events  (edwarnicke, 15:06:36)
  * LINK:
    https://wiki.fd.io/view/Events#May_FD.io_.2Fdev.2Fboot_Training_.26_Hackfest_.7C_Paris.2C_Francefd.io
    <- Paris Training/Hackfest May 31-Jun 3  (edwarnicke, 15:07:01)
  * LINK:
    https://wiki.fd.io/view/Events/Training_Hackfest-2016-05_Agenda <-
    Tentative Agenda for Training  (edwarnicke, 15:07:24)
  * ACTION: ppfister put info on how to prepare for training on the wiki
    (edwarnicke, 15:07:48)
  * LINK:
    https://app.smartsheet.com/b/form?EQBCT=503f45e9004043d2ada3334568ad04cf
    <- Registratin link for training  (edwarnicke, 15:08:12)

* VPP Sandbox Creation Review  (edwarnicke, 15:08:43)
  * LINK: https://wiki.fd.io/view/Project_Proposals/VPPSandbox <-
    Project proposal  (edwarnicke, 15:10:34)
  * LINK: https://lists.fd.io/pipermail/tsc/2016-April/000090.html <-
    Announcement of Project Proposal (2016-04-21)  (edwarnicke,
    15:11:04)
  * LINK: https://lists.fd.io/pipermail/tsc/2016-April/000111.html <-
    Request for creation review  (edwarnicke, 15:11:23)
  * let the record show that alagalah is a nonce and was 10min late :(
    (lost track of time drawing deep thoughts about VBD)  (alagalah,
    15:13:34)
  * let the record show that alagalah was given a friendly hard time ;)
    (edwarnicke, 15:14:21)
  * keith_wiles  asks about what happens when a project becomes inactive
    long before the 9 month mark  (edwarnicke, 15:17:45)
  * VOTE: Voted on "Approve VPP Sandbox as an incubation project?"
    Results are, +1: 4  (edwarnicke, 15:24:30)

* Security Response Process (with special guest David Jorm)
  (edwarnicke, 15:25:04)
  * Proposes doing something similar to OpenDaylight here  (edwarnicke,
    15:26:54)
  * recommendation is to start with locking down the security response
    team  (edwarnicke, 15:33:24)
  * recommends that security response team be made up of those
    establishing the process  (edwarnicke, 15:33:45)
  * (recommendations are from David Jorm)  (edwarnicke, 15:33:53)
  * draft process and team, and open process and draft to public comment
    (edwarnicke, 15:34:16)
  * ACTION: David Jorm has volunteered to cut a first draft of the
    security response process in two weeks  (edwarnicke, 15:36:37)
  * ACTION: David Jorm has volunteered  to send email to
    https://lists.fd.io/mailman/listinfo/discuss
    https://lists.fd.io/mailman/listinfo/tsc
    https://lists.fd.io/mailman/listinfo/vpp-dev to start the
    conversation about forming a security response team  (edwarnicke,
    15:37:50)
  * David Jorm is unlikely to join the call in 2 weeks call, but will
    primarily communicate by email, as he is in Australia  (edwarnicke,
    15:38:47)
  * LINK:
    https://wiki.fd.io/view/Meetings#TWS_.28Technical_Working_Stream.29
    <- TWS meeting  (edwarnicke, 15:40:36)
  * That last link was on the topic of TWS, not part of the Security
    Response Process topic.  (joelhalpern, 15:41:18)
  * email helpdesk@fd.io to request access to infra tickets
    (edwarnicke, 15:41:59)
  * cj indicates it may be some time before we get general public access
    (edwarnicke, 15:42:11)
  * cluke brings up that in Jira 'completed' tickets are still showing
    as 'unresolved'. edwarnicke notes that there is an infrastructure
    ticket for this but hasn't happened yet  (Chrisy, 15:43:51)
  * joelhalpern has asked whoever has been saying no to general ticket
    access to provide a coherent explanation of why not  (edwarnicke,
    15:49:24)
  * ACTION: cj to ask  whoever has been saying no to general ticket
    access to provide a coherent explanation of why not and report back
    (edwarnicke, 15:49:44)



Meeting ended at 15:50:10 UTC.



Action items, by person
-----------------------

* cj
  * CJ to register CPE with NIST: https://nvd.nist.gov/cpe.cfm
  * cj to ask  whoever has been saying no to general ticket access to
    provide a coherent explanation of why not and report back
* ppfister
  * ppfister put info on how to prepare for training on the wiki
* **UNASSIGNED**
  * Keith Burns to document convention on wiki and email the mailing
    list
  * David Jorm has volunteered to cut a first draft of the security
    response process in two weeks
  * David Jorm has volunteered  to send email to
    https://lists.fd.io/mailman/listinfo/discuss
    https://lists.fd.io/mailman/listinfo/tsc
    https://lists.fd.io/mailman/listinfo/vpp-dev to start the
    conversation about forming a security response team



People present (lines said)
---------------------------

* edwarnicke (38)
* collabot` (8)
* Chrisy (4)
* joelhalpern (3)
* cj (2)
* DaveBarach (2)
* keith_wiles (2)
* ppfister (1)
* alagalah (1)



Generated by `MeetBot`_ 0.1.4