| gagehugo | #startmeeting security | 15:00 |
|---|---|---|
| opendevmeet | Meeting started Thu Dec 2 15:00:45 2021 UTC and is due to finish in 60 minutes. The chair is gagehugo. Information about MeetBot at http://wiki.debian.org/MeetBot. | 15:00 |
| opendevmeet | Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. | 15:00 |
| opendevmeet | The meeting name has been set to 'security' | 15:00 |
| gagehugo | #link https://etherpad.opendev.org/p/security-agenda agenda | 15:01 |
| gagehugo | o/ | 15:01 |
| fungi | ohai | 15:02 |
| gagehugo | fungi: you around? | 15:03 |
| fungi | yes | 15:03 |
| fungi | are you seeing me? | 15:04 |
| fungi | gagehugo: connectivity problems? | 15:05 |
| gagehugo | your messages just appeared for me | 15:08 |
| gagehugo | o/ | 15:08 |
| fungi | sounds like oftc may have some lag between servers | 15:09 |
| gagehugo | hmm maybe | 15:09 |
| gagehugo | Nothing on the agenda, seems to have been a quiet month | 15:11 |
| fungi | yeah, there was some clarification obtained in the cinder meeting on forward progress for the image encryption effort | 15:11 |
| fungi | also the "trojan source" vulnerability ate a lot of discussion bandwidth in general | 15:12 |
| fungi | fips testing is coming along, being disucssed in the tc meeting right now | 15:12 |
| fungi | also the opendev collaboratory has made a quiet/soft announcement about how to start using 2fa with launchpad/ubuntuone | 15:14 |
| gagehugo | oh neat | 15:15 |
| fungi | #link http://lists.opendev.org/pipermail/service-discuss/2021-December/000304.html UbuntuOne/Launchpad two-factor authentication | 15:15 |
| fungi | per earlier messages in that thread, several of us have been trying it for more than a year now | 15:16 |
| gagehugo | I still have the items from the PTG on my todo list, I'll try to get to those this month. | 15:17 |
| fungi | yeah, i think i got some minor site updates pushed up | 15:17 |
| gagehugo | how's it working so far? | 15:17 |
| fungi | can't remember if those merged before the last meeting or before this one | 15:17 |
| fungi | teh 2fa? no problems at all. i enrolled totp slots in two of my librem key devices and have been using those | 15:18 |
| fungi | i spent more time working out viable command-line access (they're modified nitrokeys, but needs a very new nitrocli build to recognize them) | 15:19 |
| gagehugo | ah ok | 15:19 |
| fungi | i think clarkb is using google authenticator on an android phone | 15:19 |
| fungi | i don't recall if ianw said what he's using | 15:19 |
| fungi | anyway, follow up to that service-discuss thread if anyone wants to talk about it more | 15:20 |
| fungi | oh, also we retooled the artifact signing key generation/rotation/attestation process for openstack releases | 15:20 |
| fungi | basically coping with the collapse of the sks keyserver network and switching to keys.openpgp.org | 15:21 |
| fungi | since no well-connected keyservers still carry third-party key signatures, we've moved to more of a caff-style attestation process, where you checkout the public key from git, import it, sign that, re-export it with your new signature and the ones which were already on it, commit that and push it for review | 15:22 |
| fungi | previously we only included the self-sig in the export (since that's what sets the expiration) | 15:23 |
| fungi | #link https://docs.opendev.org/opendev/system-config/latest/signing.html Signing System | 15:23 |
| gagehugo | hmm | 15:24 |
| fungi | that documentation is up to date, with the exception of the attestation section which we're still finalizing | 15:24 |
| gagehugo | good to know | 15:25 |
| gagehugo | fungi: anything else you want to discuss? | 15:30 |
| fungi | nah, sucked into python 3.6 deprecation discussion in the tc meeting | 15:31 |
| gagehugo | thanks for the updates! Have a good holiday if I don't talk you to before then! | 15:32 |
| fungi | thanks, you too! | 15:33 |
| gagehugo | #endmeeting | 15:33 |
| opendevmeet | Meeting ended Thu Dec 2 15:33:05 2021 UTC. Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4) | 15:33 |
| opendevmeet | Minutes: https://meetings.opendev.org/meetings/security/2021/security.2021-12-02-15.00.html | 15:33 |
| opendevmeet | Minutes (text): https://meetings.opendev.org/meetings/security/2021/security.2021-12-02-15.00.txt | 15:33 |
| opendevmeet | Log: https://meetings.opendev.org/meetings/security/2021/security.2021-12-02-15.00.log.html | 15:33 |
| *** priteau is now known as Guest7388 | 16:38 | |
| *** priteau_ is now known as priteau | 16:38 | |
Generated by irclog2html.py 2.17.2 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!