14:11:12 <aripie> #startmeeting 2016-02-10
14:11:12 <collabot> Meeting started Wed Feb 10 14:11:12 2016 UTC.  The chair is aripie. Information about MeetBot at http://wiki.debian.org/MeetBot.
14:11:12 <collabot> Useful Commands: #action #agreed #help #info #idea #link #topic.
14:11:12 <collabot> The meeting name has been set to '2016_02_10'
14:14:20 <aripie_> back in business
14:14:57 <Sona> hi Ari
14:15:23 <Sona> I don'yt think Aric fixed the permissions issue for me
14:15:31 <aripie_> ok
14:15:40 <Sona> I can't send patch for review
14:15:58 <Sona> I send you by email
14:16:08 <aripie_> I seem to have the same problem
14:17:36 <aripie_> Aric hopefully will sort it out
14:18:01 <Sona> so far perhaps we can send our patches by email & sync what we have been writing?
14:18:21 <aripie_> we can do that, yes
14:18:32 <Sona> Can you please have a look at my patch and let me know what do you think
14:18:50 <Sona> I just need to if I am on right direction :)
14:19:00 <aripie_> #agree until gerrit access sorted out, sync patches over email
14:19:11 <Sona> Dows it make any sens what I have been written so far
14:19:42 <aripie_> I will also send my stuff for your comments
14:19:46 <aripie_> ok Son, I will do that
14:20:03 <Sona> good, I will look at
14:20:23 <aripie_> yes, based on a quick look, your contribution looks fine
14:20:28 <Sona> I have been digging into trusted computing
14:20:52 <aripie_> that is a pretty complex territory
14:21:07 <Sona> yes :)
14:21:25 <Sona> I learned that my chromebook uses TMP
14:21:34 <Sona> I will a little better now :)
14:21:45 <aripie_> have you tried using it?
14:22:07 <Sona> this feature is used by default
14:22:23 <aripie_> ... in addition to the default use
14:22:29 <Sona> it is a nice featutre which I was not aware of
14:22:51 <aripie_> I assume you could store your secrets there (well, some of them at least)
14:23:41 <Sona> I haven't used anything on chromebook but when I was booting a test image on hierofalcon I noticed that the trust boot id disabled
14:24:14 <aripie_> sounds positive
14:24:32 <Sona> maybe because I wanted to use another OS so we needed to disable it
14:24:45 <Sona> anyway I will continue with this
14:25:12 <aripie_> yes, keep going!
14:25:14 <mazdak> is there any deadline for updating ?
14:25:15 <Sona> Any news from the release?
14:25:45 <aripie_> OK lets discuss agenda
14:25:52 <aripie_> #topic Agenda
14:26:05 <aripie_> #info Deadlines
14:26:12 <aripie_> #info Release
14:26:30 <aripie_> any other topics to discuss today
14:26:32 <aripie_> ?
14:26:48 <Sona> not from me
14:27:12 <aripie_> ok, if something comes to mind we can take AOB
14:27:21 <aripie_> # topic Deadlines
14:27:43 <aripie_> we have not really fixed any target dates for the Guideline
14:28:24 <aripie_> we are still in learning mode, so maybe we just do best effort
14:28:29 <Sona> ok, good
14:29:02 <mazdak> ok so there is no deadline for B-release
14:29:05 <mazdak> good
14:29:30 <aripie_> should we plan some internal timelines?
14:30:23 <Sona> it would be good just to set internal goals
14:31:25 <Sona> we have each different area, so we try to wite as much as we can
14:32:26 <aripie_> yes, it is easy to process in parallel
14:33:19 <aripie_> #agree With next OPNFV release in mind, define timelines for security guideline
14:34:07 <aripie_> so lets talk Release
14:34:14 <aripie_> #topic Release
14:34:39 <aripie_> regarding Brahmaputra, we do not have an official delivarable
14:37:04 <aripie> had a network disconnect... hopefully stable now
14:37:40 <Sona> I was disconnected, back again
14:37:48 <aripie> ...I dont know what happened, same here
14:38:09 <aripie> ... anyway, regarding Release, I suppose
14:38:30 <aripie> we could target for some version of the guide to be released
14:38:37 <aripie> within a month or so
14:38:53 <aripie> it does not need to be in sync with the sw releases as this is
14:38:56 <aripie> generic documentation
14:39:08 <aripie> assuming that is ok with the project
14:39:53 <Sona> that is right
14:40:01 <aripie> #info discussion about the release not necessarily needing be in syunc with sw releases
14:40:22 <aripie> #info as the security guideline is generic documentation
14:40:34 <aripie> #info that is not specific to a release
14:41:18 <aripie> #agree discuss with project if OK to release first version out-of-sync with project release
14:41:45 <aripie> hello bryan_att
14:42:23 <bryan_att> aripie: hi
14:42:31 <aripie> welcome
14:42:39 <Sona> Hi Bryan
14:43:04 <bryan_att> hi all, just lurking
14:43:14 <aripie> feel free!
14:43:46 <Sona> Ari, is there any security related activity which OPNFV needs for this coming release?
14:43:47 <aripie> anyone: more thoughts on release scheduling of opnfvsecguide?
14:44:51 <Sona> scheduling of opnfvsecguide: let's just say untill next week we try to send some text for review (it doesn't need to be very advanced)
14:45:10 <aripie> that sounds fine
14:45:11 <Sona> just to get started
14:45:43 <aripie> #agree send input for review per email until next week
14:45:50 <florind> The way I see it, the security guide will start as a general document and as OPNFV releases roll out, the guide will touch on various features introduced with new releases
14:46:22 <aripie> pretty much like OpenStack equivalent
14:46:55 <aripie> on any security related activity which OPNFV needs for this coming release;
14:47:08 <Sona> Openstack has good documentation
14:47:13 <aripie> I do not think there is anything specified for the coming release
14:47:38 <Sona> ok good, I will continue to scan CVEs for OPNFV components
14:48:15 <aripie> and I should get active on pushing to fill gaps in audit information generation
14:48:30 <aripie> ... in all opnfv projects
14:48:44 <Sona> yes that would be good :)
14:49:17 <aripie> and I know Luke is looking into the CII Badges program
14:49:40 <aripie> related to how and to what extent opnfv should self-assess
14:50:03 <aripie> our secure design practices
14:50:26 <aripie> so we have stuff going on, even though not very visible
14:50:28 <aripie> to the rest of the community
14:51:47 <aripie> ok, good discussion, AOB?
14:51:48 <aripie> #topic AOB
14:53:12 <aripie> I do not come up with more now
14:53:22 <Sona> Nothing from me
14:53:54 <aripie> OK, I will stay around for a while so if anything, let me know
14:53:57 <aripie> but closing the meeting
14:54:03 <aripie> #endmeeting