#openstack-meeting log

18:00:14 <bdpayne> #startmeeting OpenStack Security Group
18:00:15 <openstack> Meeting started Thu Mar  6 18:00:14 2014 UTC and is due to finish in 60 minutes.  The chair is bdpayne. Information about MeetBot at http://wiki.debian.org/MeetBot.
18:00:16 <openstack> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
18:00:18 <openstack> The meeting name has been set to 'openstack_security_group'
18:00:27 <bdpayne> Welcome to the OSSG meeting :-)
18:00:32 <bdpayne> #topic Roll Call
18:00:41 <bdpayne> o/ everyone
18:00:58 <srirramhere> hi there, this is sriram
18:00:59 <hyakuhei> yo!
18:01:23 <malini1> hello everyone!
18:01:50 <nkinder> Hi
18:02:34 <bdpayne> welcome everyone
18:02:38 <bdpayne> #topic Agenda
18:02:42 <paulmo> Paul here too
18:02:47 <joel-coffman> hey
18:02:58 <bdpayne> I'd like to discuss the ongoing election process a bit
18:03:03 <bdpayne> I'd also like to review OSSN status
18:03:08 <bdpayne> anything else for today?
18:03:53 <nicolae-sics> Hi, nicolae from the swedish institute of comp science here
18:04:05 <bdpayne> welcome nicolae
18:04:07 <hyakuhei> How about that security review of Keystone, if anyone is here to talk about it that is
18:04:15 <bdpayne> sure, we can add that too
18:04:16 <hyakuhei> welcome nicolae-sics nice to have you here.
18:04:23 <bdpayne> #topic Lead Election
18:04:38 <bdpayne> If you're following the mailing list, you'll know that we now have two candidates
18:04:51 <hyakuhei> Closing date for candidates is the 12th of March.
18:05:02 <bdpayne> yep, that ^^
18:05:10 <bdpayne> so that's next Wed
18:05:35 <bdpayne> thanks for Malini and Sriram for stepping up thus far
18:05:52 <srirramhere> pleasure!
18:06:00 <hyakuhei> Indeed, it's a worthy cause.
18:06:04 <malini1> :-)
18:06:09 <bdpayne> Also, I wanted to give a quick word on the electorate
18:06:26 <bdpayne> I've been working on a spreadsheet that lists everyone that is a member of OSSG launchpad group
18:06:41 <bdpayne> And then I'll be going through and figuring out who is an "active member"
18:06:48 <bdpayne> I'll publish this list before the election starts
18:06:57 <bdpayne> just so that everyone is on the same page and can correct errors, etc
18:07:04 <bdpayne> so please be watching for that
18:07:07 <hyakuhei> Seems reasonable.
18:07:20 <bdpayne> any other questions about the election process?
18:07:48 <bdpayne> ok, great
18:07:53 <bdpayne> #topic OSSN
18:08:01 <bdpayne> I'd like to do a quick review of the open OSSNs
18:08:16 <nkinder> there's a bit of a backlog
18:08:19 <bdpayne> yeah
18:08:37 <bdpayne> nkinder would you like to discuss?
18:08:44 <nkinder> I'll be sending one out today (it actually covers two)
18:08:57 <hyakuhei> Good stuff
18:08:59 <nkinder> It's not marked public yet, so I don't want to discuss the details of it.
18:09:15 <bdpayne> right, I mean discuss the backlog
18:09:21 <hyakuhei> https://bugs.launchpad.net/ossn
18:09:25 <nkinder> I've looked into the one about cinder third-party driver permissions, and will be writing that one up too.
18:09:31 <hyakuhei> We have two in 'new' states
18:09:39 <hyakuhei> i.e need writers / reviewers
18:10:02 <hyakuhei> I'm tied up in other work this week but I'd be happy to review these if someone else wants to have a go at writing them up
18:10:23 <nkinder> srirramhere worked on the noVNC one, but it's still listed in "New" status
18:10:35 <nkinder> I reviewed it, and recommended some changes a while back
18:10:43 <bdpayne> srirramhere can you update the status of that one?
18:11:00 <malini1> i'll take the DOS noVNC one
18:11:21 <hyakuhei> great. So does anyone want/need a review doing?
18:11:24 <srirramhere> I will take a look and make corrections that will make it complete this week
18:11:24 <nkinder> malini1: ok, there's a draft OSSN in the bug, but it needs to have some items addressed
18:11:25 <malini1> i remember seeing something like that a few months back
18:11:42 <hyakuhei> There was a VNC one but I think it may have been orthogonal to this one
18:12:20 <bdpayne> any takers for https://bugs.launchpad.net/ossn/+bug/1268751 ?
18:12:23 <malini1> nkinder and hyakuhei: will check and consult you as necessary, thanks
18:12:25 <bdpayne> this is a token revocation issue
18:12:40 <nkinder> I can look at that one and discuss it with Adam
18:12:50 <bdpayne> ok, thanks
18:13:15 <bdpayne> looks like all of the others have an assignee
18:13:18 <bdpayne> so that's a good step
18:13:21 <nkinder> I have one other thing related to OSSNs
18:13:25 <bdpayne> although most of them are assigned to nkinder ;-)
18:13:47 <hyakuhei> How's the gerrit/git stuff going?
18:14:02 <nkinder> The stackforge repo request isn't moving along, largely because we are discussing putting the OSSN repo under the docs program
18:14:30 <nkinder> annegentle started a discussion on the docs mailing list to float the idea, and I didn't see anyone against it on that side of things
18:14:43 <hyakuhei> What's the subject? I'll dig it out
18:14:54 <nkinder> OSSNs really are docs, and they will feed into the security guide, so I think that makes sense.
18:15:00 <nkinder> hyakuhei: let me get you a link...
18:15:21 <nkinder> hyakuhei: http://lists.openstack.org/pipermail/openstack-docs/2014-February/003833.html
18:15:53 <hyakuhei> thanks :)
18:15:57 <nkinder> Here is the stackforge repo request - https://review.openstack.org/#/c/73157/
18:16:15 <nkinder> I'm fine with it living inthe docs repo, and I'd just like to get this to move along so we can use git/gerrit.
18:16:43 <nkinder> So if nobody has problems with us using the docs repo, I'll sync up with annegentle and see how we can make it happen.
18:16:53 <hyakuhei> Yeah I'm fine with it in docs - I'll reach out to anne
18:16:54 <malini1> nkinder: completely agree with you, anything we can do
18:17:21 <annegentle> great!
18:17:40 <bdpayne> yeah, +1 for just moving ahead with the docs option... would be nice to get that put together
18:18:15 <malini1> BTW https://bugs.launchpad.net/ossn/+bug/1227575 has a long history (no wonder I am familiar with it, was following it at one time). srirramhere has a handle on it, why is it not wrapped up yet?
18:18:19 <nkinder> ok, I'll take an action item to push that forward
18:18:53 <hyakuhei> annegentle: hi there!
18:18:59 <nkinder> malini1: yes, that's what I was mentioning.  A OSSN draft was created, but it needs to have my feedback integrated.
18:19:09 <hyakuhei> So you're going to make this all work and we can get back to the pub annegentle ?
18:20:03 <srirramhere> malini, there is an OSSN for that : /wiki.openstack.org/wiki/OSSN/1227575; nkinder had some review comments; I will incorporate and make it ready ti close
18:20:41 <nkinder> srirramhere: it's not complete/published, so it's not listed among the other OSSNs on the wiki
18:21:19 <nkinder> srirramhere: I would prefer that we don't add drafts to the wiki.  Placing it on the wiki should be a part of the publishing process after it is written and reviewed.
18:21:47 <srirramhere> agreed - hence i didn't add that to wiki
18:21:47 <hyakuhei> +1
18:22:03 <srirramhere> it shouldn't be listed in wiki and last i checked, it is not
18:22:08 <nkinder> srirramhere: it was added, but I removed it from here some time back (https://wiki.openstack.org/wiki/Security_Notes)
18:22:09 <srirramhere> the content is added, but not listed
18:22:43 <srirramhere> ok - i you remember removing it, then i will follow the convention. Sorry for the inconvenience
18:23:24 <nkinder> srirramhere: no problem
18:23:34 <srirramhere> thx
18:23:35 <bdpayne> ok, sounds like we are sync'd on OSSN stuff
18:23:41 <bdpayne> which is excellent
18:23:54 <bdpayne> #topic Keystone Review
18:23:59 <malini1> srirramhere: ping me today after you are done incorporating nkinder edits and lets wrap this one and have nkinder publish tomorrow
18:24:05 <bdpayne> anyone here that can speak to this effort?
18:24:37 <Shohel02> tomorrow we will hv another meeting
18:25:03 <hyakuhei> What time?
18:25:14 <Shohel02> feedbacks r welcome
18:25:37 <Shohel02> 1700 gmt
18:25:58 <hyakuhei> Cool
18:26:08 <bdpayne> Shohel02 Could you provide a quick status update for people that haven't been following it through the other meetings?
18:26:47 <hyakuhei> yes please
18:27:08 <Shohel02> i can sent email later right nw i m using mobile to connect
18:27:41 <bdpayne> sure, perhaps just a note to the openstack-security mailing list
18:27:52 <bdpayne> I believe that there are several people that would like to stay abreast of that work
18:27:59 <bdpayne> and you might even suck in some more people that could help
18:28:01 <bdpayne> :-
18:28:01 <Shohel02> yes certainly
18:28:03 <bdpayne> :-)
18:28:10 <bdpayne> #topic Open Discussion
18:28:18 <bdpayne> anything else on people's minds?
18:28:35 <hyakuhei> Barbican!
18:28:49 <hyakuhei> I don't really have much to contribute other than more people should be contributing :P
18:28:51 <srirramhere> did u all vote for the Private cloud security talk by Bdpayne?
18:29:05 <hyakuhei> We are driving a few interesting features at the moment, it might even be useful soon.
18:29:11 <Shohel02> i did
18:29:41 <bdpayne> thanks for the nod guys :-)
18:29:59 <srirramhere> +!
18:30:11 <nicolae-sics> +1
18:30:26 <hyakuhei> +1
18:31:01 <bdpayne> ok, I guess we are out of time for today
18:31:05 <bdpayne> have a great week
18:31:07 <bdpayne> #endmeeting