#acumos-meeting: Acumos TSC Security Committee

Meeting started by bryan_att at 14:06:41 UTC (full logs).

Meeting summary

    1. Bryan Sullivan (bryan_att, 14:06:48)

  2. Roll Call (bryan_att, 14:06:58)
    1. present: Bryan, Aimee (bryan_att, 14:09:03)
    2. #link https://wiki.acumos.org/display/CS/Tool+Comparison (aimeeu, 14:10:42)
    3. Strawman proposal (WIP) for security-verification (new name for validation-security) is at https://etherpad.acumos.org/p/security-verification (bryan_att, 14:11:44)
    4. Security-Verification is on the path to having design docs and impacts e.g. to CDS id'd in the sprint 1 (by two weeks from now). (bryan_att, 14:22:50)
    5. Project code security-verification we are looking at using the Anteater project from OPNFV. (bryan_att, 14:23:27)
    6. #link https://github.com/anteater/anteater (aimeeu, 14:23:53)
    7. This will benefit from cross-LF collaboration via the lf-releng list (bryan_att, 14:23:58)
    8. Also we will publish guidelines for projects/PTLs as the the rollout and impacts to their processes. (bryan_att, 14:24:51)
    9. Re platform security/hardening, we will need specific resources to help assess platform security weaknesses and propose remediations. Until we have these, that epic area may be at risk for this release. (bryan_att, 14:26:18)
    10. #link https://github.com/opnfv/releng/tree/master/jjb/ci_gate_security example of how Anteater has been implemented in OPNFV gating process (aimeeu, 14:26:52)
    11. Bryan will send out a note to the list on whether the timing of these calls needs updating to promote more attendance, etc, in order to grow community support. (bryan_att, 14:27:50)


Meeting ended at 14:28:45 UTC (full logs).

Action items

  1. (none)


People present (lines said)

  1. bryan_att (12)
  2. aimeeu (4)
  3. collabot` (3)


Generated by MeetBot 0.1.4.