#openstack-meeting log

18:04:00 <bdpayne> #startmeeting OpenStack Security Group
18:04:01 <openstack> Meeting started Thu Feb 14 18:04:00 2013 UTC.  The chair is bdpayne. Information about MeetBot at http://wiki.debian.org/MeetBot.
18:04:02 <openstack> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
18:04:04 <openstack> The meeting name has been set to 'openstack_security_group'
18:04:17 <bdpayne> good morning / evening everyone
18:04:45 <bdpayne> I'd like to get started today with an update on the storage encryption work
18:04:50 <bdpayne> #topic Storage Encryption
18:05:09 <bdpayne> Anyone from Intel or JHU APL around to give an update?
18:05:31 <lglenden> yes, I'm here from APL
18:05:45 <rellerreller> The volume encryption blue print was rejected for Grizzly release
18:06:07 <bdpayne> ok, I saw some chatter about that… didn't know it was formal
18:06:15 <rellerreller> The change was a bit too big at the last minute to make Grizzly
18:06:29 <bdpayne> yeah, I know that is frustrating… but it does make some sense
18:06:38 <bdpayne> so, let's plan for how to get it into H?
18:06:39 <rellerreller> It's understandable
18:06:57 <rellerreller> But there is interest, and we are hopeful to make Havana
18:07:05 <lglenden> we were encouraged to lead a design summit session specifically for the blueprint, so that is what we are planning
18:07:17 <bdpayne> I think that's a good idea
18:07:29 <bdpayne> are you guys moving forward with setting that up?
18:07:31 <lglenden> there will also likely be a second design session specifically for key management issues
18:07:36 <mtesauro> Please share that here if/when its setup.  I will attend.
18:07:47 <bdpayne> ditto
18:07:47 <rellerreller> The dev mailing list has some chatter about how to handle cloning and snapshotting if anyone is interested in that
18:08:37 <bdpayne> ok, sounds good
18:08:53 <bdpayne> I think that this will give us a little more time to "get it right"
18:09:09 <bdpayne> if you guys need help with coding stuff post-summit, then please make an ask here with OSSG
18:09:22 <bdpayne> I suspect that there are people around that can help with pieces, if desired
18:10:40 <bdpayne> ok, so I guess we can move on to some of the documentation efforts
18:10:50 <bdpayne> #topic Hardening Guide and OSN
18:11:08 <bdpayne> the LXC OSN has been a slow process ;-)
18:11:35 <bdpayne> Rob and I have been working to coordinate the release of the document and make it smoother in the future
18:11:45 <bdpayne> I think that we're about there and this will roll more smoothly next time
18:11:50 <mtesauro> LXC OSN == what?
18:12:03 <bdpayne> the security note on using LXC
18:12:11 <bdpayne> sorry, too man acronyms
18:12:18 <bdpayne> s/man/many/
18:12:26 <mtesauro> Roger.  I've got it now.
18:12:30 <bdpayne> ok
18:12:57 <bdpayne> so… looking forward, I encourage everyone here to bring forward ideas for future security notes
18:13:34 <bdpayne> basically, if there's some brief security guidance that we can provide to help people do things better from a security viewpoint, then it would be nice to share
18:13:47 <bdpayne> anything come to mind right now?
18:13:55 <noslzzp> i will have some additions shortly..
18:14:03 <bdpayne> great, thanks
18:14:24 <bdpayne> #action We can all think of ideas for more security notes
18:14:35 <bdpayne> Now, turning to the hardening guide
18:14:46 <bdpayne> Not much work has happened on that, unfortunately
18:15:02 <bdpayne> I am happy to put in some cycles, but would like to get more of the community involved as well
18:15:10 <bdpayne> Is there anyone that would like to help with that effort?
18:15:21 <bdpayne> Or any suggestions for pushing that forward?
18:16:10 <rellerreller> APL can provide suggestions.  We were swamped trying to get into Grizzly.
18:16:20 <noslzzp> unfortunately, I don't know Tex so getting setup with that has been a blocker.
18:16:22 <rellerreller> We can have comments by next week
18:16:37 <bdpayne> rellerreller thanks
18:16:47 <bdpayne> Re Tex… please don't let that block you
18:17:04 <bdpayne> you can submit stuff in plain text and I'll happily drop it into tex files
18:17:10 <bdpayne> the delta is very small anyway
18:17:17 <noslzzp> roger.
18:17:21 <bdpayne> and the outline is actually in a plain text file too
18:17:32 <bdpayne> and, I'm happy to teach people LaTeX ;-)
18:17:36 <noslzzp> ;)
18:17:55 <bdpayne> but, seriously… I can drop in plain text contributions very easily
18:18:14 <noslzzp> gotcha.. i'll move forward with plain text for now..
18:18:35 <bdpayne> well… as always, please touch base with me if you'd like to help… I'd love to see some more momentum there
18:18:43 <lglenden> are you looking mainly for comments on the outline that is in place, or contributions for fleshed out sections (or both?)
18:18:47 <bdpayne> #action Ramp up work on hardening guide
18:18:58 <bdpayne> both would be great
18:19:10 <lglenden> okay
18:19:36 <bdpayne> I don't expect the outline to change too much as I haven't gotten much feedback on it
18:19:42 <bdpayne> so writing text is low risk
18:20:14 <bdpayne> also, if anyone like drawing technical diagrams… I'd love to hear from you :-)
18:20:32 <bdpayne> ok… moving onward
18:20:46 <bdpayne> #topic OSSG and Core Projects
18:21:07 <bdpayne> At the summit last fall, I expressive my desire to get OSSG tightly integrated into the core projects
18:21:24 <bdpayne> the idea is to have people on OSSG working on the core projects
18:21:48 <bdpayne> and that those people could bring security concerns back to the group for deeper analysis, design, and improvement
18:22:03 <bdpayne> I would love to start seeing this happen
18:22:25 <bdpayne> I think that the first step is to identify who we have in OSSG that is already tracking core projects
18:22:30 <bdpayne> Does anyone fit that bill?
18:23:27 <bdpayne> Ok… the next question, who would *like* to get integrated into a core project?
18:23:57 <bdpayne> hrm
18:24:08 <noslzzp> I'm too new. :)
18:24:28 <bdpayne> Ok, I may need to approach this a little differently
18:24:59 <bdpayne> I think that the plan will be to identify people already on the core projects that could be good and invite them to work with OSSG
18:25:22 <bdpayne> #action Work with PTLs to get tighter integration between OSSG and core projects
18:25:32 <bdpayne> #topic Discussion
18:25:49 <bdpayne> It's been quiet today… anything else on people's minds?
18:26:50 <bdpayne> #action All meeting attendees to drink coffee before next meeting :-)
18:27:00 <lglenden> are there any particular plans for OSSG at the next summit?
18:27:10 <bdpayne> a few
18:27:31 <bdpayne> Rob and I are planning to submit a talk to give an update on OSSG work
18:28:10 <bdpayne> I've been debating setting up a design session to get discussion going around integrating OSSG and security thinking into the core projects (still need to flush that out)
18:28:33 <bdpayne> And I'd love to get the group together informally at some point just so we can meet f2f… perhaps over a meal
18:28:51 <bdpayne> I'm, of course, open to other ideas too!
18:29:19 <lglenden> those all sound good to me
18:29:27 <mtesauro> Absolutely.  f2f is a great way to get some serious momentum
18:29:37 <rellerreller> I concur
18:29:45 <bdpayne> great, looking forward to it
18:29:56 <bdpayne> thanks everyone… til next time...
18:30:01 <bdpayne> #endmeeting