14:09:48 #startmeeting Security Group 20-04 14:09:48 Meeting started Wed Apr 20 14:09:48 2016 UTC. The chair is lhinds. Information about MeetBot at http://wiki.debian.org/MeetBot. 14:09:48 Useful Commands: #action #agreed #help #info #idea #link #topic. 14:09:48 The meeting name has been set to 'security_group_20_04' 14:10:28 #link https://etherpad.opnfv.org/p/opnfv-sec-meetings 14:10:41 I need to leave about 30 minutes past, but we should be fine 14:10:54 ok, any topics to add Sona? 14:11:07 it is ok 14:11:18 ok functest update... 14:11:43 I am trying to understan Openscap 14:11:43 I merged my code in, and will be integrating it with the functest framework next. 14:11:55 any q's? Sona? 14:12:10 I will likely not work on it for a week, as its austin next week 14:12:16 where do you get the ds (data stream)? 14:12:30 download the SCAP data stream files from the National Vulnerability Database (NVD) download page Web site? 14:13:06 there are a lot feed there, how do you know which one? 14:13:34 most of them on on git hub or available in an RPM for Centos 14:14:00 openscap-security-guide is the pkg name 14:14:25 ok, I am running on Ubuntu and couldn't find this package 14:14:32 this is the scap content for ubuntu : https://github.com/GovReady/ubuntu-scap 14:14:40 I will build this tool myself or test on Redahat 14:14:41 but its not been updated for two years 14:14:49 good thanks 14:15:17 so openscap would be a security test for functest? 14:15:30 OPNFV platform would run this? 14:15:45 https://wiki.debian.org/SCAPGuide 14:15:58 thanks Luke 14:16:21 I will read more an if I have questions I will send email 14:16:28 functest will run it, all the tests launch from a docker container 14:16:33 let's move on 14:16:39 ok 14:17:06 one other test'y type thing is I made a tool to audit all the prjects 14:17:23 you can see it here https://asciinema.org/a/7jk0jb9j01bjzrlzu976m084c 14:17:26 #link https://asciinema.org/a/7jk0jb9j01bjzrlzu976m084c 14:17:47 ok, anything for the badge program? 14:18:29 one question 14:18:30 https://github.com/lukehinds/opnfv-audit 14:18:40 yep? 14:18:49 is there any readme file about this? 14:19:07 not yet, only in the jira issue 14:19:07 I didn't see in the github 14:19:40 ok, it would be good to create a README file in github to explain what it is and how to use it :) 14:19:46 https://jira.opnfv.org/browse/SECURITY-22?focusedCommentId=14756&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-14756 14:20:09 good thanks :) 14:20:15 I wil try to do that, or your welcome to make a push request 14:20:25 ok, I can do it 14:20:28 cool 14:20:41 let's move to summit 14:20:51 k.. 14:21:00 hi, sorry for late arrvial, stuck in a meeting 14:21:08 so main thing I had, is that I will be going there now, so won't be around next week 14:21:09 Hi Ari 14:21:11 hi aripie 14:21:35 just need someone to chair next week, or we cancel it for a week 14:21:46 we can cancel 14:21:55 k, sounds good to me 14:22:01 np 14:22:20 k, that's us I believe, that should be all 14:22:42 short'n'to the point 14:23:08 have a good summit! 14:23:47 Do we need to prepare for summit in Berlin? with presentation? 14:24:09 we have plenty of time :) 14:24:27 Sona, we have time still. We should think about starting to get something ready around 3rd week of may 14:24:36 last time, I sent mine in a few days before 14:24:43 ok :) 14:24:49 right, thanks * 14:25:04 have to take my daughter to Ballet now :) 14:25:14 ok, have fun 14:25:21 good luck 14:25:27 \endmeeting 14:25:39 bye 14:25:42 bye 14:25:44 #endmeeting