#openstack-meeting-alt log

20:00:16 <dave-mccowan> #startmeeting Barbican
20:00:17 <openstack> Meeting started Mon Nov  7 20:00:16 2016 UTC and is due to finish in 60 minutes.  The chair is dave-mccowan. Information about MeetBot at http://wiki.debian.org/MeetBot.
20:00:18 <openstack> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
20:00:20 <openstack> The meeting name has been set to 'barbican'
20:00:27 <dave-mccowan> #topic roll call
20:00:36 <diazjf> o/
20:00:41 <arunkant> o/
20:00:52 <dave-mccowan> o/
20:01:02 <alee> o/
20:01:48 <dave-mccowan> redrobot woodster_ ping
20:01:56 <redrobot> o/
20:02:25 * woodster_ lurks in the background...multitasking with another meeting :)
20:02:38 <dave-mccowan> we've a got a few more barbicaneers today.  welcome back from barcelona everyone!
20:02:51 <dave-mccowan> #topic summit recap
20:03:26 <mathiasb> o/
20:03:32 <dave-mccowan> What's everyone thoughts on summit?  What went well?  What needs to happen next for Ocata?
20:03:38 <diazjf> sup mathiasb
20:03:46 <dave-mccowan> #link https://etherpad.openstack.org/p/barbican-ocata-design-summit
20:03:52 * dave-mccowan waves mathiasb
20:03:53 <mathiasb> nm diazjf
20:04:18 <redrobot> I think in general the summit went well...
20:04:29 <diazjf> dave-mccowan I think it went really well. Lots of interest in barbican this time around.
20:04:49 <dave-mccowan> i heard really good things about the hands-on lab.  great job on that!
20:05:13 <diazjf> thanks couldn't have done it without the crew
20:05:35 <dave-mccowan> our theme for Ocata is quality and stability.
20:05:54 <dave-mccowan> we've made some good progress on reducing our review backlog.  let's keep that up.
20:05:55 <mathiasb> as a participant I can say the hands on lab was great!
20:06:18 <alee> I think things went well. for one thing, it really looked like projects are starting to use barbican - and not treat it like the red headed stepchild.
20:06:58 <alee> and yeah - the hands on seemed to go well -- I think we should reprise it in sydney perhaps ..
20:07:33 <diazjf> alee haha right on
20:07:33 <dave-mccowan> does anyone have an update on a work item you signed up for at summit?
20:08:41 <alee> dave-mccowan, do we have a list of work items (and assignees) somewhere?
20:08:55 <alee> dave-mccowan, perhaps something we should review at this meeting?
20:08:55 <redrobot> No updates here... do we need a full spec for adding the ID property?
20:09:05 <diazjf> dave-mccowan I started the initial chat with the vault team. Its the next topic.
20:09:23 <dave-mccowan> alee, the minutes from the session at the link i posted above
20:09:45 <alee> dave-mccowan, yeah - jjust noticing that ..
20:09:54 <alee> no updates from me yet
20:10:09 <dave-mccowan> i'll find a better place to record and track them for next week.  ideally we'll use launch pad, but we need to clean up the old stuff first.
20:10:41 <dave-mccowan> moving on
20:10:45 <dave-mccowan> #topic vault plugin
20:10:49 <dave-mccowan> diazjf ?
20:11:27 <diazjf> Started the initial chat https://groups.google.com/forum/#!topic/vault-tool/BfSq4dP081s they are definitely interested but we need to compile a list of requirements for each side
20:11:54 <diazjf> I started https://etherpad.openstack.org/p/barbican+vault so we can all give output. Will update by next meeting.
20:13:23 <dave-mccowan> the background, it folks would like another softHSM option, in addition to dogtag.  vault is the popular one that people ask about.
20:13:31 <dave-mccowan> redrobot you mentioned you had also done some initial research?
20:15:12 <redrobot> dave-mccowan not much really, but I'll be looking into it more in-depth soon
20:16:54 <dave-mccowan> #topic threat analysis results
20:17:50 <dave-mccowan> does anyone want to volunteer to write a spec (or etherpad) on how to sign database information to close the bug opened on the access vulnerability?
20:18:54 <dave-mccowan> the bug says that if the database becomes compromised in such a way that an attacker has write permissions, he can change the database to grant himself all access to the secrets.  the proposed design is to sign the database contents to close that gap.
20:19:45 <dave-mccowan> if no one else want to start, i'll make a first draft spec to start the conversation on if this is the right solution.
20:20:56 <dave-mccowan> #topic Arun nominated for barbcian-core
20:20:58 <alee> sounds great :)
20:21:11 <alee> vote please!
20:21:23 <dave-mccowan> congrats arun!
20:21:33 <dave-mccowan> barbican cores, please reply to alee's email on openstack-dev email list to record your vote.
20:21:54 <diazjf> +1 arunkant congrats
20:22:37 <dave-mccowan> #topic any other business
20:23:14 <diazjf> Deprecate those pesky certs
20:23:14 <diazjf> https://review.openstack.org/#/c/393016/
20:23:14 <diazjf> Need some reviews on this
20:23:49 <dave-mccowan> does anyone need details on PTG meeting in February?
20:24:18 <mathiasb> diazjf dave-mccowan: there was interest in a vault backend at the swift design summit also
20:26:08 <diazjf> mathiasb once we get https://etherpad.openstack.org/p/barbican+vault filled out we can start looking on what teams can contribute :)
20:27:26 <dave-mccowan> looks like that's all for today.  thanks everyone!
20:27:34 <mathiasb> diazjf: sounds good :)
20:28:05 <dave-mccowan> #endmeeting