#opnfv-sec: Security Group
Meeting started by LukeHinds at 14:04:59 UTC
(full logs).
Meeting summary
- Last weeks minutes (LukeHinds, 14:05:15)
  - Nothing of note! As everyone was @ the summit /
    vacation! (LukeHinds,
    14:05:35)
- just myself and Marcin caught up (LukeHinds,
    14:05:50)
 
 
- Agenda Bashing (LukeHinds, 14:06:02)
  - https://etherpad.opnfv.org/p/opnfv-sec-meetings
    (LukeHinds,
    14:06:07)
- mark yourselves down as attended (LukeHinds,
    14:06:28)
- main topics are inspector approval (yay!) and
    next steps how we can help (LukeHinds,
    14:06:52)
- and perhaps the ETSI SEC mapping to OPNFV
    projs, if we have a volunteer (LukeHinds,
    14:07:19)
- Ari is here, yes (aripie,
    14:07:27)
- any additions we wish to make  / amend /
    adjust? (LukeHinds,
    14:07:39)
 
 
- Inspector (LukeHinds, 14:10:57)
  - Inspector has finally been approved as an
    official OPNFV project (jaosorior,
    14:11:17)
- As I mentioned in the mail, I have already
    asked for a repository and a bug-tracker (jaosorior,
    14:11:45)
- the guys would like to use the security group
    to align / discuss inspector activties, which was agreed to be a
    good idea. (LukeHinds,
    14:11:52)
- jaosorior: We should look into making the
    material that has been already created by ETSI and CSA into a
    concrete maping towards the components we use in OPNFV (LukeHinds,
    14:14:15)
- aripie: provisioning list should be sanity
    checked (LukeHinds,
    14:14:35)
- inspector can be used for SEC008, a work item
    on security monitoring and management in ETSI NFV which may well be
    very relevant. (LukeHinds,
    14:16:11)
- ACTION: Kapil to
    attend next SEC group to discuss SEC008 and inspector (LukeHinds,
    14:17:00)
- ACTION: Luke to
    contact Ashutosh to perform the same. (LukeHinds,
    14:17:19)
- ACTION: Luke to
    contact ONF about inspector project (LukeHinds,
    14:20:14)
- https://etherpad.opnfv.org/p/inspector_preliminary
    (aripie,
    14:22:11)
- three main activities: (LukeHinds,
    14:23:31)
- Proactively monitor the components (such as
    OpenStack) to see that the relevant events in the system (such as
    requests taken in the services) are properly emitted (logged)
    (LukeHinds,
    14:23:42)
- Align with relevant institutions (such as ETSI)
    in order to have their requirements and use-cases be mapped in a
    concrete way with the actual services we are using in OPNFV
    (LukeHinds,
    14:23:56)
- Respond to bug-reports (and properly implement
    them in the components upstream), which will be filed when we figure
    out there is something missing or when our shareholders report they
    need more information for a certain use-case (LukeHinds,
    14:24:03)
- all covered in the following #link
    https://etherpad.opnfv.org/p/inspector_preliminary (LukeHinds,
    14:24:19)
- https://wiki.opnfv.org/requirements_projects/inspector
    (jaosorior,
    14:44:14)
- ACTION: juan/ari to
    start listing specific components / work items for commiters /
    contributers (LukeHinds,
    14:48:17)
 
Meeting ended at 14:56:47 UTC
(full logs).
Action items
  - Kapil to attend next SEC group to discuss SEC008 and inspector
- Luke to contact Ashutosh to perform the same.
- Luke to contact ONF about inspector project
- juan/ari to start listing specific components / work items for commiters / contributers
People present (lines said)
  - LukeHinds (75)
- jaosorior (45)
- aripie (18)
- MikeCamel (11)
- collabot (5)
Generated by MeetBot 0.1.4.