================================
#opnfv-sec: OPNFV Security Group
================================


Meeting started by jaosorior at 14:05:20 UTC.  The full logs are
available at
http://ircbot.wl.linuxfoundation.org/meetings/opnfv-sec/2015/opnfv-sec.2015-05-06-14.05.log.html
.



Meeting summary
---------------

* Agenda  (jaosorior, 14:08:00)
  * AGREED: Agenda  (jaosorior, 14:09:52)

* Moon  (jaosorior, 14:10:02)
  * discussed with Ruan He (Orange) about how to contribute to Moon
    (mwinandy, 14:10:41)
  * they are preparing to revise the proposal  (mwinandy, 14:12:07)
  * I had a look at a running demo of Moon. It supports RBAC and MLS
    access policies for users/tenants on OpenStack currently.
    (mwinandy, 14:13:05)
  * Moon prototype code is currently standalone, but should be an
    extension for Keystone in next release.  (mwinandy, 14:14:29)
  * Moon will not replace policy engine, instead using existing one. But
    adds policy configuration and policy decision point.  (mwinandy,
    14:16:13)
  * ACTION: Invite the contributors to the Moon project to the next
    Security Group meeting  (jaosorior, 14:17:47)
  * OpenStack has a lot of modules, each with their own (security)
    config. Moon wants to build a centralized policy management for all
    things in OpenStack, SDN controller, etc. Also place hooks in those
    components that they can directly enforce dynamic changes in the
    policy.  (mwinandy, 14:19:23)
  * LINK:
    http://www.mail-archive.com/openstack-dev@lists.openstack.org/msg52144.html
    (jaosorior, 14:21:00)
  * that is worth a read, one of the keystone core-devs gives a really
    good insight about how policy works and some relevant aspects to
    take into account  (jaosorior, 14:21:49)
  * LINK: https://wiki.opnfv.org/moon  (mwinandy, 14:23:12)
  * LINK: https://wiki.opnfv.org/moon  (jaosorior, 14:23:12)

* inspector  (jaosorior, 14:26:40)
  * The inspector project had a community review last Thursday, so it
    seemed that people agreed on the proposal  (jaosorior, 14:27:57)
  * LINK: https://wiki.opnfv.org/requirements_projects/inspector
    (jaosorior, 14:29:02)
  * ACTION: invite the mailing list to discuss the inspector project
    (jaosorior, 14:34:33)
  * ACTION: request the Linux Foundation for a repo for Inspector
    (jaosorior, 14:39:56)
  * ACTION: jaosorior to write an overview of audit in OpenStack in the
    Inspector repo  (jaosorior, 14:41:35)
  * ACTION: set up a proper sphinx project structure in the repo
    (jaosorior, 14:41:56)
  * LINK: http://www.etsi.org/technologies-clusters/technologies/nfv
    (aripie, 14:50:25)

* any other business  (jaosorior, 14:52:11)



Meeting ended at 14:56:03 UTC.



Action items, by person
-----------------------

* jaosorior
  * jaosorior to write an overview of audit in OpenStack in the
    Inspector repo
* **UNASSIGNED**
  * Invite the contributors to the Moon project to the next Security
    Group meeting
  * invite the mailing list to discuss the inspector project
  * request the Linux Foundation for a repo for Inspector
  * set up a proper sphinx project structure in the repo



People present (lines said)
---------------------------

* jaosorior (91)
* mwinandy (26)
* aripie (14)
* B_Smith (4)
* collabot (3)



Generated by `MeetBot`_ 0.1.4