Monday, 2015-04-20

*** salv-orlando has quit IRC00:04
*** elo1 has joined #openstack-security00:09
*** browne has joined #openstack-security00:45
*** salv-orlando has joined #openstack-security01:05
*** salv-orlando has quit IRC01:11
*** salv-orlando has joined #openstack-security01:32
*** salv-orlando has quit IRC01:35
*** salv-orlando has joined #openstack-security01:41
*** salv-orlando has quit IRC01:51
*** elo1 has quit IRC02:27
*** bpokorny has joined #openstack-security02:40
*** jamielennox is now known as jamielennox|away02:58
*** tmcpeak has quit IRC02:59
*** jamielennox|away is now known as jamielennox03:03
*** elo1 has joined #openstack-security03:41
*** salv-orlando has joined #openstack-security03:45
*** salv-orlando has quit IRC03:51
*** dave-mccowan has quit IRC04:16
*** subscope has joined #openstack-security04:25
*** Kennan2 has joined #openstack-security04:26
*** Kennan has quit IRC04:26
*** aswadr has joined #openstack-security04:32
*** subscope has quit IRC04:47
*** bpokorny has quit IRC04:50
*** elo1 has quit IRC05:38
*** elo1 has joined #openstack-security05:44
*** salv-orlando has joined #openstack-security05:57
openstackgerritOpenStack Proposal Bot proposed openstack/security-doc: Imported Translations from Transifex
*** salv-orlando has quit IRC06:06
*** Guest85711 has quit IRC06:30
*** smu_ has joined #openstack-security06:33
*** smu_ is now known as Guest1770806:33
*** jamielennox is now known as jamielennox|away06:52
*** browne has quit IRC06:52
*** browne has joined #openstack-security07:05
*** tkelsey has joined #openstack-security07:09
*** browne has quit IRC07:21
*** tkelsey has quit IRC07:23
*** tkelsey has joined #openstack-security07:27
*** tkelsey has quit IRC07:39
*** tkelsey has joined #openstack-security08:00
*** salv-orlando has joined #openstack-security08:07
*** salv-orlando has quit IRC08:11
*** salv-orlando has joined #openstack-security08:17
*** tkelsey has quit IRC08:20
*** salv-orlando has quit IRC08:21
*** salv-orlando has joined #openstack-security08:23
*** salv-orlando has quit IRC08:28
*** salv-orlando has joined #openstack-security08:51
*** tkelsey has joined #openstack-security09:05
*** pcaruana has quit IRC09:27
*** pcaruana has joined #openstack-security09:30
*** elo1 has quit IRC09:36
*** tmcpeak has joined #openstack-security10:02
*** dave-mccowan has joined #openstack-security12:14
*** bknudson has quit IRC12:26
*** salv-orlando has quit IRC12:28
*** jamielennox|away is now known as jamielennox12:31
*** jamielennox is now known as jamielennox|away12:32
*** bknudson has joined #openstack-security12:55
*** salv-orlando has joined #openstack-security12:56
*** elo1 has joined #openstack-security14:34
*** browne has joined #openstack-security14:39
*** elo1 has quit IRC14:42
*** dwyde has joined #openstack-security14:57
*** voodookid has joined #openstack-security14:58
*** browne has quit IRC15:08
*** bpokorny has joined #openstack-security15:11
*** elo1 has joined #openstack-security16:21
*** browne has joined #openstack-security16:21
*** voodookid has quit IRC16:24
*** dwyde has quit IRC16:27
*** Kennan2 has quit IRC16:29
*** Kennan has joined #openstack-security16:29
*** nkinder has quit IRC16:38
*** voodookid has joined #openstack-security16:42
*** shelleea007 has joined #openstack-security16:56
*** sicarie has joined #openstack-security17:00
* sicarie waves17:00
*** pdesai has joined #openstack-security17:00
* elmiko waves17:00
pdesaiGood Morning17:01
sicarieSo we have one new bug for triage:
openstackLaunchpad bug 1444657 in openstack-manuals "Adding a chapter on Barbican - OpenStack Security Guide" [Undecided,Confirmed] - Assigned to Jason Fritcher (jason-fritcher)17:01
elmikoooh, nice!17:01
sicariepdesai: would you like to give a quick overview?17:01
pdesaisure, i have a team mate who has deployed barbican in our dev test env., and would like to contribute secure way of deployment to our guide17:02
pdesaii have promised him, help from my side on composing his content into doc book17:03
pdesaihe he17:03
sicarieSo what level do you think this should be?17:03
elmikomed/high imo17:04
pdesaii think med17:04
pdesaiyeah dont mind high17:04
sicarieI would lean towards medium, but wouldn’t be averse to a high17:04
*** bpokorny_ has joined #openstack-security17:04
pdesailets go with Med17:04
elmikosounds like med. might be the prudent choice17:04
sicarieGreat, that’s updated17:05
pdesaiawesome thanks17:05
sicarieLooking through the bugs there’s not much else that’s new:
sicarieLooking through the project in gerrit there is mostly OSSN stuff17:06
elmikosicarie: i have a question about the case studies pad17:07
sicariethere are two new contributor reviews17:07
sicarieelmiko: sure17:07
sicarieJust a quick note, I moved the Alice section up to the top and labeled the sections I thought were ready for review17:07
elmikolooking at the notes for the data processing section, should i go ahead and recraft the studies there for data p. based on the notes?17:07
sicarieYeah, that’d be awesome17:07
elmikook, cool. didn't want to start mucking around till we talked =)17:08
*** bpokorny has quit IRC17:08
sicarieOh yeah, that’s why I posed it on the etherpad - feel free everyone to make any updates17:08
elmikoack, will do17:08
sicarieI was going to draft it on the etherpad for a rough draft and then submit to Gerrit for wider OSSG review once I was sure there weren’t crazy gaps17:08
shelleea007i will look at it too17:08
sicarieI did mark the Management section as ready to review, but there is a piece I have not had time to fit into it17:09
pdesaiare we tracking all of the case studies, i mean case studies from all the ch?17:09
sicarieSO if you have input on that (or just want to edit the existing), please feel free17:09
shelleea007i am still working on the two chapters and will file some bugs on that17:09
sicarieYes, the headings (System Documetnation, Management, etc…) reference the case study for that chapter17:09
pdesaii see,17:09
sicarieRight now i have only done Alice's17:09
sicarieI figured hers would be more stringent because she would be heavily governed by regulation, and then Bob’s could be much more free-flowing to contrast to Alice's17:10
elmikoi think it might be best to stage out the updates into gerrit review, to keep from having a huge CR. (if that wasn't already the plan)17:10
sicarie+1 elmiko17:10
sicarieAs there hasn’t been much response on these, I was going to take lead, but if you write a section and you feel comfortable with it, please feel free to submit it into Gerrit17:11
elmikonice, that works17:11
sicariebug is
openstackLaunchpad bug 1349540 in openstack-manuals "Ensure one case study per chapter in security guide" [Medium,In progress] - Assigned to N Dillon (sicarie)17:11
elmikoand we're going with case study at the end of each chapter?17:11
pdesaiawesome, i can help you with identity and secure communication ch17:12
sicarieelmiko: yes, I believe the previous tmeplate was a case study for each alice and bob at the end of each chapter showing how that chapter was implemented into their deployments17:12
sicariepdesai: that would be great!17:12
elmikosicarie: cool, just wanted to double check17:12
sicariepdesai: Please feel free to rewrite the Secure Communication section as you see fit - I have not drafted Identity yet, so I will assign that to you?17:13
pdesaielmiko, do you have any recommendation on restructring case studies?17:13
sicarieshelleea007: did you want to take a case study, or are you good with your 2 chapters and doing some review on them overall?17:14
elmikopdesai: none that haven't been mentioned. i'll take another pass at the data processing stuff, but in general everything sounds good to me.17:14
shelleea007i can do both17:14
sicarieOh, and please feel free to give input on or start drafting “Bob’s” case studies as well if you think of a good contrast or alternate configuration17:15
shelleea007OK, I can do that too17:15
sicarieshelleea007: thanks!17:15
sicarieSo there were two new (or relatively new) contributors17:16
*** Guest36304 is now known as mgagne17:16
*** mgagne has joined #openstack-security17:16
elmikovery nice17:16
sicarieSo thanks all for submitting bugs on the chapters - we do get good new contributors on the low-hanging-fruit stuff!17:17
elmiko+1, i gotta remember to add that to the grammar bugs17:18
sicarieSo I can’t remember with how many meetings I’ve been in, did I mention the sec-guide move to RST format?17:18
pdesaiyeah in few months (around 7)17:19
sicarieokay, cool17:19
sicarieNothing to think about yet, but know it’s coming down17:19
pdesaibut we havent discussed the process on migration17:19
sicariepdesai: thanks for the great lead-in!17:19
sicarieSummit Planning:17:19
elmikoshould be too bad, are they working on tools for auto-migration of xml->rst?17:20
sicarieI’d like to sit down with a group and discuss 1) published book standards and 2) migration process17:20
sicarieelmiko: Good question, I will take that to the doc team17:20
sicarieI know there is manual work, but I don’t know how much17:20
elmikosicarie: thanks17:21
sicarieelmiko: i’ve added it to the meeting invite17:21
*** dwyde has joined #openstack-security17:21
sicarieUnfortunately this is the meeting that is in the afternoon, which is right during my commute time17:21
sicarieSo there’s a good chance I’ll miss it17:22
sicarieIt may be pushed to next week17:22
sicarieSo the process for publishing a new lulu version of the book is apparnetly spinning up a pdf and submitting it17:22
sicarievery straightforward17:22
elmikonice and simple ;)17:23
sicarieSo I’d like to decide on a few milestones to complete before we get there17:23
sicariePersonally, the identity chapter refactoring was big on my list, I’d like to do that with Dashboard as well17:23
sicarieso pdesai thanks for doing that!17:23
pdesaisure you are welcome17:23
sicarieAnd I would like to 1) finish the case studies, 2) finish the Compute chapter, and 3) do a thorough reivew of Identity (in-progress), Dashboard, and Networking17:24
sicarieThose are just my personal list, I’d like to decide on the criteria at the Summit, and then push the new lulu version and have it available by the Liberty release17:25
sicarieSound good?17:25
sicarieAnd then at the summit I’d also like to discuss the migration to RST, as soon as we have an idea of how much manual work will be needed17:26
sicarieThe admin guide and user guides have already been converted, so we have a good set of experience we can ping the docs team on17:26
sicarieAnd that’s ll I had17:27
sicarieDid anyone else have anything they’d like to discuss, or anything I missed?17:27
elmikonothing from me17:27
pdesainothing from me17:27
sicarieGreat, well thanks for all your help, and see you next week!17:28
pdesaithanks, see ya17:28
shelleea007nothing from me either17:28
openstackgerritMerged openstack/security-doc: Updated from openstack-manuals
*** pdesai has quit IRC17:30
*** shelleea007 has quit IRC17:32
*** aswadr has quit IRC17:32
*** sicarie has quit IRC17:32
*** edmondsw has joined #openstack-security17:39
*** tkelsey has quit IRC18:01
*** elo1 has quit IRC18:05
*** dwyde has quit IRC18:08
*** bpokorny has joined #openstack-security18:09
*** elo1 has joined #openstack-security18:11
*** bpokorny_ has quit IRC18:12
*** bpokorny_ has joined #openstack-security18:18
*** singlethink has joined #openstack-security18:20
*** bpokorny has quit IRC18:21
*** dwyde has joined #openstack-security18:28
*** tkelsey has joined #openstack-security18:30
*** tkelsey has quit IRC18:34
*** elo2 has joined #openstack-security18:35
*** elo1 has quit IRC18:35
*** elo1 has joined #openstack-security18:44
*** elo2 has quit IRC18:45
*** elo2 has joined #openstack-security18:48
*** elo1 has quit IRC18:48
*** elo1 has joined #openstack-security18:49
*** elo2 has quit IRC18:49
*** elo1 has quit IRC18:54
*** elo1 has joined #openstack-security18:54
*** elo2 has joined #openstack-security19:01
*** elo1 has quit IRC19:02
*** tkelsey has joined #openstack-security19:28
*** tkelsey has quit IRC19:32
*** tkelsey has joined #openstack-security20:04
*** tkelsey has quit IRC20:13
*** tkelsey has joined #openstack-security20:15
*** dwyde has quit IRC20:45
*** dstanek has joined #openstack-security20:45
dstanekwow, cool! i just guessed that this channel existed and y'all are here!20:46
*** edmondsw has quit IRC20:47
*** dwyde has joined #openstack-security20:49
* elmiko waves20:49
tmcpeakhey, what's up dstanek21:01
*** bpokorny has joined #openstack-security21:02
dstanekhey tmcpeak, is there a way to document possible attack vectors? something that doesn't exist now, but could in the future21:02
*** tkelsey has quit IRC21:04
tmcpeakdstanek: sure, what do you have in mind?21:04
*** bpokorny_ has quit IRC21:05
tmcpeakI guess what kind of attack vectors?… generic security threats or OpenStack specific?21:05
*** elo2 has quit IRC21:13
dstanektmcpeak: sorry wasn't paying attention21:15
openstackLaunchpad bug 1440958 in Keystone "loosen validation on matching trusted dashboard" [Medium,Fix committed] - Assigned to Lin Hua Cheng (lin-hua-cheng)21:15
dstaneki notice in this particular bug that if there was a flaw in the dashboard (horizon or other) then this federation feature may be exploitable21:16
dstanekwhat i don't like is that the security of a feature in keystone relies on the security of another system and we have to way to check/verify the provided data21:17
*** elo2 has joined #openstack-security21:17
*** elo3 has joined #openstack-security21:24
*** elo2 has quit IRC21:24
*** elo3 has quit IRC21:37
*** voodookid has quit IRC21:46
*** elo2 has joined #openstack-security21:58
*** voodookid has joined #openstack-security22:01
*** elo2 has quit IRC22:07
*** elo1 has joined #openstack-security22:07
*** elo2 has joined #openstack-security22:16
*** elo1 has quit IRC22:16
*** elo2 has quit IRC22:17
*** elo1 has joined #openstack-security22:17
*** elo1 has quit IRC22:21
*** elo1 has joined #openstack-security22:21
*** dwyde has left #openstack-security22:22
*** bknudson has quit IRC22:26
*** elo1 has quit IRC22:31
*** elo1 has joined #openstack-security22:32
*** singlethink has quit IRC22:50
*** bpokorny_ has joined #openstack-security22:55
*** bpokorny has quit IRC22:58
*** voodookid has quit IRC22:58
openstackgerritJamie Finnigan proposed stackforge/bandit: Shift in result types & ranking scales
*** jamielennox|away is now known as jamielennox23:45
*** openstackgerrit has quit IRC23:58
*** openstackgerrit has joined #openstack-security23:58

Generated by 2.14.0 by Marius Gedminas - find it at!