#openstack-meeting-alt log

17:00:47 <hyakuhei> #startmeeting Security
17:00:48 <openstack> Meeting started Thu Jul  9 17:00:47 2015 UTC and is due to finish in 60 minutes.  The chair is hyakuhei. Information about MeetBot at http://wiki.debian.org/MeetBot.
17:00:49 <openstack> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
17:00:52 <openstack> The meeting name has been set to 'security'
17:00:57 <hyakuhei> o/
17:00:58 <michaelxin> hi
17:01:01 <dave-mccowan> o/
17:01:02 <Daviey> \o
17:01:02 <tmcpeak> o/
17:01:08 <elmiko> o/
17:01:09 <timkennedy> o/
17:01:12 <browne> o/
17:01:31 <nkinder> Hi all
17:01:45 <hyakuhei> Hey, what a great crowd we have today :)
17:01:50 <chair6> \o/
17:02:18 * sicarie sneaks in late
17:02:45 <dg_> Hi everyone
17:02:53 <Daviey> ugly bunch.
17:02:55 <hyakuhei> Agenda for today:
17:02:55 <hyakuhei> Anchor
17:02:55 <hyakuhei> Bandit
17:02:55 <hyakuhei> Infra Changes
17:02:55 <hyakuhei> Formalizing Meeting Process
17:02:56 <hyakuhei> MidCycle
17:02:56 <hyakuhei> Crypto BootStrap
17:02:57 <mvaldes> hello
17:03:10 <nkinder> OSSN parsing tools
17:03:22 <michaelxin> update on API testing
17:04:17 <hyakuhei> Great
17:04:29 <hyakuhei> So reminder that the Agenda is over here: https://wiki.openstack.org/wiki/Meetings/OpenStackSecurity#Agenda_for_next_meeting
17:05:09 <hyakuhei> Lots to get through today, lets start
17:05:12 <hyakuhei> #topic Anchor
17:05:32 <dg_> regarding the change to the API that is pending atm
17:05:33 <hyakuhei> There's a patch in flight that includes an API change - not a problem as it's not used that much atm
17:05:40 <dg_> yeah that
17:05:49 <hyakuhei> More the function I wanted peoples opinion on
17:05:58 <dg_> is it worth realeasing a version that uses the old api, and a version that uses the new API
17:06:13 <elmiko> i wouldn't think so
17:06:14 <hyakuhei> Anchor makes it easy to do siloed PKI (deploying multiple CAs)
17:06:31 <dg_> i.e. 1.0 is old, 2.0 is new, or something, so its clear that there is a change and which one you are getting
17:06:44 <dg_> with regards to the change, I like it
17:06:46 <hyakuhei> dg_: We don't have any tagged releases atm
17:06:48 <elmiko> otoh, have you considerd some sort of microversions to allow either?
17:06:55 <hyakuhei> but feedback is that it's actually annoyingly complicated to stand up lots of the same service
17:07:26 <Daviey> A short amount of pain for current users feels reasonable to get onto well versioned API support in the future.
17:07:45 <hyakuhei> The patch will allow a single Anchor instance to sign with multiple CAs
17:08:23 <hyakuhei> So you can do cryptographic separation of trust but with a single Anchor instance. I prefer proper silo's but this is a good middle ground
17:08:45 <hyakuhei> Anyone think it's a really bad idea?
17:08:54 <hyakuhei> #link https://review.openstack.org/#/c/190473/
17:09:04 <hyakuhei> ^ There's the link if anyone wants to take a look
17:09:27 <tkelsey> o/
17:09:50 <hyakuhei> hi tkelsey - we're talking Anchor, I just brought up the big patch that changes the API. Anything else to discuss before we roll on to bandit?
17:10:06 <tkelsey> ah right, nothing on my radat
17:10:08 <tkelsey> *radar
17:10:09 <nkinder> hyakuhei: No, it's a fine idea for certain situations
17:10:19 <Daviey> Quick one on Anchor, I wanted to propose that the project moves to global-requirements managed requirements.txt, rather than self managed.  This is how all well integrated OpenStack projects manage their requirements.  Tracked via bug #1472540 .
17:10:19 <openstack> bug 1472540 in Anchor "Anchor doesn't follow global-requirements contracts" [Undecided,New] https://launchpad.net/bugs/1472540 - Assigned to Dave Walker (davewalker)
17:10:19 <nkinder> We did something similar in Dogtag
17:10:21 <Daviey> I've pushed up two WIP branches to do it, and Stan has made a first attempt at making openstack/requirements match our needs
17:10:24 <Daviey> #link https://review.openstack.org/#/q/topic:bug/1472540,n,z
17:10:32 <hyakuhei> tkelsey: I thought we had Bandit jobs running on Anchor but I don't see anything in the Jenkins checks on gerrit
17:10:38 <tkelsey> Daviey: +1
17:10:50 <tkelsey> hyakuhei: run "check experimental"
17:10:54 <hyakuhei> Thanks Daviey
17:11:06 <nkinder> if you want separation, use multiple instances.  If you don't need complete separation, use multiple signing certs in one instance.
17:11:20 <tmcpeak> you guys are still experimental? get with the times, "voting" is where it's at :)
17:11:33 <hyakuhei> nkinder: That's my thinking too but I wanted a sanity check
17:11:35 <tkelsey> lol yeah, when I have some spare cycles I'll sort that
17:11:37 <hyakuhei> tmcpeak: +1
17:11:53 <tkelsey> tmcpeak: ^^
17:12:01 <hyakuhei> #topic Bandit
17:12:03 <tmcpeak> sweet
17:12:12 <tmcpeak> tkelsey is dropping patches like a madman
17:12:19 <tkelsey> so I got patch happy on Bandit over the last few days
17:12:28 <elmiko> yea, tkelsey++
17:12:32 <tmcpeak> https://review.openstack.org/199249
17:12:34 <tmcpeak> #link https://review.openstack.org/199249
17:12:42 <tkelsey> some interesting changes and improvements
17:12:43 <tmcpeak> #link https://review.openstack.org/199548
17:12:50 <tkelsey> thanks tmcpeak
17:12:54 <tmcpeak> #link https://review.openstack.org/199582
17:13:07 <ukbelch> I will get my review of them done today, promise...
17:13:09 <tmcpeak> and Stan did this: https://review.openstack.org/199927
17:13:21 <browne> i'll take a look also
17:13:24 <tkelsey> one thing to think about is the removal of the statement buffer, and the concept of a "statement" interested parties please way in on that in the review
17:13:25 <tmcpeak> so basically, Tim has put up "removing Statement Buffer" which is big, makes the code tons cleaner
17:13:33 <tmcpeak> "Faster Bandit" which is just plain cool
17:13:40 <tmcpeak> and a new test for Except with pass
17:13:43 <hyakuhei> lol I like Stans patch.
17:13:54 <tmcpeak> yeah, for sure
17:14:01 <tmcpeak> Stan's patch is simple but really useful
17:14:08 <tkelsey> tmcpeak: +1
17:14:22 <tmcpeak> I'd like to roll a new version sooner than later when this stuff lands
17:14:31 <tmcpeak> I think faster cleaner Bandit can benefit all
17:14:36 <tmcpeak> no reason to wait 2 months for another
17:14:40 <tkelsey> :)
17:14:41 <ukbelch> I'm the key "statement" proponent :)
17:15:03 <tmcpeak> so reviewsies all around
17:15:09 <tkelsey> yes, ukbelch is pro-statement, hence looking for a discussion on this
17:15:09 <ukbelch> apparently I'm the only one who cares about that bit :P
17:15:12 <tmcpeak> hoping to get this stuff landed today so we can beat tomorrow's move to #openstack
17:15:38 <tmcpeak> bknudson: you around?
17:15:45 <browne> tmcpeak: from stackforge to openstack?
17:15:47 <bknudson> I think I need to put in the keystone bandit.conf a note that says what version it's written for
17:15:48 <tkelsey> ah yes, thats a good point, we go "openstack" tomorrow :)
17:15:52 <hyakuhei> #link https://review.openstack.org/#/c/197672/
17:15:54 <hyakuhei> ^
17:15:56 <tmcpeak> yep
17:16:03 <tmcpeak> bknudson: how's the voting keystone gate working out?
17:16:09 <bknudson> tmcpeak: no complaints
17:16:14 <tmcpeak> sweet
17:16:23 <tkelsey> bknudson: awesome :)
17:16:29 <Daviey> bknudson: Has it caught anything that we know of?
17:16:29 <tmcpeak> tkelsey: you get anywhere with a list of projects using Bandit?
17:16:51 <tkelsey> well i emailed -dev
17:17:08 <tkelsey> but only got one resp back, cinder uses it as a tox target but not in the gate
17:17:13 <tmcpeak> ahh ok cool
17:17:27 <tmcpeak> would be nice to track efforts to integrate with projects, maybe we can work this at the midcycle
17:17:32 <Daviey> #link http://lists.openstack.org/pipermail/openstack-dev/2015-July/068541.html
17:17:34 <tkelsey> yeah
17:17:47 <tmcpeak> also I talked to Jelle - the guy that did the XML output, and he said archlinux is looking to bundle Bandit
17:17:50 <tmcpeak> so that's pretty cool
17:17:53 <tkelsey> thanks Daviey
17:17:58 <hyakuhei> tmcpeak: That's awesome.
17:18:05 <tkelsey> nice
17:18:06 <tmcpeak> more the merrier :)
17:18:14 <browne> tkelsey: cinder doesn't yet.  patch still in review
17:18:27 <browne> https://review.openstack.org/#/c/179568/
17:18:28 <tkelsey> ah ok, thanks browne
17:18:34 <tmcpeak> browne: you're also working on Nova, right?
17:18:38 <browne> yep
17:18:48 <tmcpeak> sweet
17:19:00 <browne> both have one +2, but looks like i have a merge conflict on cinder
17:19:07 <tmcpeak> ahh ok
17:19:27 <tmcpeak> cool, so that's good progress for Bandit this week
17:19:33 <hyakuhei> Excellent
17:19:35 <tkelsey> browne: excellent work
17:19:35 <tmcpeak> anybody else have anything they want to bring up for it?
17:19:37 <Daviey> For giggles, I might try and run it against cinder.
17:19:44 <Daviey> err, glance, rather
17:20:06 <hyakuhei> So next up I was going to mention the infra changes but that came up during this discussion so we'll roll onto the next agenda item
17:20:13 <hyakuhei> #topic OpenStack Security Guide
17:20:20 <hyakuhei> sicarie: What's occuring?
17:20:32 <sicarie> Lots of fun
17:20:41 <sicarie> we have the specs repo set up (thanks pdesai)
17:20:48 <elmiko> \o/
17:20:48 <sicarie> so we're going to upload a bp for the rst migration
17:21:25 <sicarie> other than that, we're going to try to plan for a way to break subjects down a bit easier so that we can try to do a sprint during the mid-cycle
17:21:30 <sicarie> and that's about it right now
17:21:43 <hyakuhei> #topic Infra Changes
17:21:57 <hyakuhei> So as well us getting the namespace moved for Anchor/Bandit
17:22:06 <hyakuhei> We also now have a specs-repo for security things
17:22:11 <tmcpeak> woot
17:22:24 <dg_> oh we are under openstack now?
17:22:25 <hyakuhei> #link http://git.openstack.org/cgit/openstack/security-specs
17:22:33 <hyakuhei> keep up dg_!
17:22:51 <dg_> you'll be telling me the date has changed next!
17:22:58 <chair6> that namespace shift will be happening at the gerrit level on Friday, July 10th, at 22:00 UTC
17:23:01 <hyakuhei> It needed cores, I've set it up so that Anchor,Bandit and Security-Doc cores are there initially
17:23:13 <chair6> #link http://lists.openstack.org/pipermail/openstack-dev/2015-July/068848.html
17:23:13 <hyakuhei> Is that ok with everyone?
17:23:40 <chair6> seems legit to me..
17:23:46 <hyakuhei> Cool
17:23:56 <hyakuhei> So we should probably organise the repo somehow
17:23:58 <tkelsey> LGTM
17:24:12 <hyakuhei> Is it dumb to just have a directory for each major project?
17:24:45 <elmiko> i dont think so
17:24:52 <nkinder> yeah, I think that approach is fine
17:25:01 <hyakuhei> do we want them per release?
17:25:07 <timkennedy> no.  the easier things are to find, the more likely they are to be used
17:25:14 <sicarie> +1
17:25:16 <hyakuhei> Cool
17:25:25 <hyakuhei> We can always refactor later if it gets messy I guess
17:25:26 <Daviey> hyakuhei: By simple project, or ./release/project ?
17:25:26 <elmiko> i guess project/release dir structure is easy enough
17:25:44 <timkennedy> +1
17:26:06 <hyakuhei> ok, so ./release/project seems sensible
17:26:07 <Daviey> Other projects do $release first
17:26:14 <Daviey> right.
17:26:18 <elmiko> fair
17:26:20 <hyakuhei> looking around that's probably going to be specs/release/project
17:26:27 <hyakuhei> because there's a few other things we'll want in the root
17:26:30 <hyakuhei> readme's etc
17:26:39 <elmiko> yea
17:26:49 <hyakuhei> Ok cool, I'll make the change later today
17:27:02 <hyakuhei> #action hyakuhei to setup basic repo layout
17:27:09 <hyakuhei> sicarie: are you happy with that?
17:27:18 <hyakuhei> nkinder: you too (for OSSN )
17:27:27 <sicarie> hyakuhei: yep, works for me
17:27:29 <nkinder> yep
17:27:41 <hyakuhei> great, what's best practice regarding casing, all lower?
17:27:46 <nkinder> yes, I think so
17:27:55 <hyakuhei> great.
17:28:18 <hyakuhei> #topic OSSN
17:28:23 <hyakuhei> nkinder: ^
17:28:53 <tkelsey> so I failed to pick up an OSSN last week, will try again this coming week
17:29:05 <nkinder> tkelsey: no problem
17:29:15 <nkinder> I saw that Daviey picked one up (thanks!)
17:29:24 <Daviey> nkinder: Actually 2 :)
17:29:28 <elmiko> nice
17:29:30 <tmcpeak> I successfully picked one up and did nothing on it
17:29:36 <nkinder> ...then thanks*2
17:29:39 <nkinder> I've been working on an OSSN parsing tool
17:29:42 <Daviey> They were closely linked and i hard to learn the detail of them both to work on one, so i thought i might aswell do both :)
17:30:13 <nkinder> At first, I was looking at having us write notes in YAML, which we could then output to various formats (text for e-mail, wiki markup, etc.)
17:30:17 <tmcpeak> I have acquired an option on one of the OSSN issues
17:30:22 <tmcpeak> :P
17:30:25 <hyakuhei> nkinder: Is the intention to stay with the current pretty open format or to move to something 'parsable' ?
17:30:27 <nkinder> writing notes in YAML doesn't really work well
17:30:37 <tmcpeak> nkinder: how come?
17:30:38 <nkinder> ...for various reasons of formatting
17:30:43 <hyakuhei> That's how the cool kids on the VMT do it.
17:30:57 <nkinder> We do all sorts of example snippets, etc.
17:31:11 <hyakuhei> true
17:31:15 <nkinder> it seems more error prone to write in YAML, and a larger barrier to entry for no benefit
17:31:21 <tmcpeak> hmm yeah - YAML doesn't have a triple quoted option or something?
17:31:21 <nkinder> The reason we wanted YAML is for parsing
17:31:35 <nkinder> We can parse without YAML, which is what I've done
17:31:45 <elmiko> cool
17:31:47 <Daviey> hyakuhei: Making it able to parse might actually be more complicated than is helpful atm, as I am certain more fields will want to be added as they evolve..
17:31:50 <hyakuhei> gmurphy: ^
17:31:51 <nkinder> I pushed up what I have thus far - https://github.com/nkinder/ossn-tools
17:32:16 <nkinder> Daviey: We want it to be parseable so we can have tools that can check OSSNs against a config file that represents a particular deployment
17:32:19 <hyakuhei> Daviey: you might be right, but they've been going for a few years now, evolution isn't going to be fast
17:32:28 <nkinder> an "am I vulnerable" tool is my ultimate goal
17:32:29 <hyakuhei> And we want to be able to index them, do smart things
17:32:33 <hyakuhei> nkinder: +1
17:32:38 <tmcpeak> +1
17:32:47 <hyakuhei> or "I'm running $release - what should I be aware of"
17:32:55 <elmiko> nice idea
17:32:59 <nkinder> So, I can parse them with the ossn.py module in my repo, then output in a few forms (including YAML)
17:33:11 <nkinder> Here is an example with elmiko's recent note....
17:33:23 <nkinder> http://paste.openstack.org/raw/359070/
17:33:37 <hyakuhei> I'm guessing that would mean there's an intermediate step of verification/tweaking before publishing?
17:33:38 <nkinder> This is just dumping the parsed OSSN with repr()
17:33:39 <Daviey> nkinder: Is it expected that old notes should be revisited to add this useful data?
17:33:40 <hyakuhei> ^such a thing would be fine
17:33:52 <nkinder> Daviey: it already works with old notes though
17:33:56 <nkinder> ...but yes, we can update them
17:34:12 <Daviey> nkinder: Sorry, i meant adding search strings for configs etc.
17:34:28 <tmcpeak> interesting how in discussion the list alternates using " and '
17:35:02 <tmcpeak> or does it just use ' unless it can't
17:35:17 <nkinder> tmcpeak: most likely
17:35:36 <tmcpeak> anyway it's pretty cool stuff nkinder
17:35:37 <nkinder> so we get nice lists that are easily manipulated/searched in python
17:35:48 <hyakuhei> Yeah nice work nkinder thank you
17:35:55 <elmiko> agreed, nkinder++
17:35:56 <nkinder> I split otu known releases and services from other free-form stuff in the affected releases section
17:36:13 <nkinder> ...because we do thinks like say "all of the things" for issues like POODLE
17:36:23 <hyakuhei> We need to build out more functions on or as children of security.openstack.org
17:36:28 <hyakuhei> This being one of the main ones
17:36:36 <nkinder> spitting out to YAML looks like this - http://paste.openstack.org/raw/359071/
17:36:46 <elmiko> hyakuhei: that would be awesome
17:37:28 <nkinder> I'm sort of at a point where I don't think we should care about it being YAML, as I coudl just write a tool with what I have already to allow for finding all notes that affect a certain release+service
17:37:44 <tmcpeak> this is true.. so what format would you like it to live in nkinder?
17:37:44 <nkinder> I'd rather chase use-cases than formats
17:37:47 <elmiko> yea, probably not worht worrying about the yaml
17:37:50 <nkinder> the same one they are now
17:37:57 <Daviey> nkinder: fancy pushing test.py up somewhere, i'd like to test it on the ones i am writing now
17:38:10 <nkinder> Daviey: it's in my github repo
17:38:14 <Daviey> super
17:38:17 <tmcpeak> fair enough, as long as we can parse it reliably should be good
17:38:31 <nkinder> the other thing we can use it for is to slurp in a note, then spit it back out in text form
17:38:38 <nkinder> this would handle line-wrapping, etc.
17:38:56 <nkinder> that might be a good gate check.  See if the input == output
17:39:07 <hyakuhei> I think standardizing on some format has advantages like allowing other people to write tools that don't have to depend on some intermediate tool but if we setup the CI so that when an OSSN was accepted it got dumped out into the repo (via your tool) in some other formats (like you've demonstrated just now) that'd be perfectly acceptable
17:40:25 <tmcpeak> yeah, sounds good
17:40:43 <hyakuhei> cool - good work nkinder
17:40:53 <hyakuhei> @all we need to get more of these OSSN processed
17:41:10 <hyakuhei> #topic MidCycle
17:41:42 <bknudson> I updated the dates on the wiki... it said "Seattle" for the month and "Mon-Thu" for the days
17:41:43 <hyakuhei> It would be good to get more people involved, I'm keen to get some other companies sending people
17:41:51 <hyakuhei> thanks bknudson
17:42:15 <mvaldes> i will have time before next week to start helping out
17:42:20 <tmcpeak> hyakuhei: +1
17:42:44 <tmcpeak> bring your friends!
17:42:49 <elmiko> i'd really like to go, just not sure if it's possible :/
17:44:20 <michaelxin> I hope my boss will say "yes"
17:44:21 <hyakuhei> elmiko: Don't be afraid to hold your breath until they say you can
17:44:36 <hyakuhei> We're a proper project now after all. Just think of all the glory you'll get
17:44:43 <elmiko> lol!
17:44:48 <hyakuhei> ok next up
17:44:52 <hyakuhei> #topic API Testing
17:44:55 <michaelxin> hyakuhei: +1
17:44:55 <hyakuhei> michaelxin: ^^
17:45:12 <michaelxin> ok
17:45:25 <michaelxin> We have two developers working on the PoC
17:45:47 <michaelxin> They will have it ready this week.
17:45:58 <tmcpeak> michaelxin: what's the approach?
17:45:59 <elmiko> nice
17:46:06 <hyakuhei> That's great, I can't wait to see it
17:46:10 <michaelxin> We will test, bug-fix, update documents.
17:46:37 <michaelxin> Then, can we push it stack forge?
17:46:57 <tmcpeak> sounds good
17:47:00 <hyakuhei> Seems like a good idea
17:47:30 <hyakuhei> Looking forward to seeing what you've come up with
17:47:40 <hyakuhei> Anything else to add?
17:47:51 <elmiko> likewise
17:48:02 <hyakuhei> #topic Meeting process
17:48:03 <michaelxin> I will be gone in next four weeks
17:48:18 <michaelxin> mvaldes will keep giving updates
17:48:29 <hyakuhei> Cool, thanks michaelxin, mvaldes
17:48:29 <mvaldes> :)
17:48:30 <tmcpeak> cool
17:48:32 <michaelxin> He will lead the efforts to make this available.
17:48:45 <hyakuhei> So I wanted to talk for a moment about meeting process.
17:49:02 <hyakuhei> The minutes from each meeting get linked to our meeting page some time after we finish
17:49:09 <hyakuhei> #link https://wiki.openstack.org/wiki/Meetings/OpenStackSecurity#2015
17:49:19 <hyakuhei> It would be good to start using some more of the meetbot features
17:49:37 <elmiko> you mean like action, info, etc?
17:49:41 <tmcpeak> what you have in mind?
17:49:41 <hyakuhei> #link http://meetbot.debian.net/Manual.html#user-reference
17:49:56 <bknudson> if there's already a link on http://eavesdrop.openstack.org/meetings/openstack_security_group/ then do we need to link again on the wiki page?
17:49:59 <hyakuhei> So using more actions, idea tags
17:50:13 <elmiko> +1
17:50:14 <Daviey> Sounds reasonable.
17:50:25 <mvaldes> i like that a lot
17:50:34 <hyakuhei> bknudson: Just makes it easier to find but no, probably not, it's just "what we've always done"
17:50:44 <chair6> good to see you're finally jumping on teh hashtag bandwagon, hyakuhei..
17:50:59 <bknudson> #bandwagon
17:51:05 <hyakuhei> #idea until we get used to them, I'll try to drop a link to the meetbot reference at the start of meetings
17:51:15 <hyakuhei> ^ see what I did there?
17:51:20 <Daviey> #vote
17:51:38 <Daviey> Whilst on this subject...
17:51:39 <Daviey> sicarie: I can't remember, was it agreed to creating a meeting entry for Doc's on openstack-infra/irc-meetings?
17:51:39 <elmiko> bknudson: you totally made me search that page lol
17:52:20 <Daviey> (ie formalising it)
17:52:23 <sicarie> Daviey: yes I tried to hit the doc team meeting this week and managed to miss both
17:52:38 <hyakuhei> Of particular use might be the #chair and #unchair commands.
17:52:39 <sicarie> There is a page that currently exists with "specialty" doc  meeting info, we're the only one not populated :(
17:52:43 <Daviey> sicarie: Sorry, I mean the monday security one.
17:53:12 <tmcpeak> haha
17:53:24 <sicarie> Yep, I actualy have half an email drafted to the doc team lead to make sure there's nothing I missed
17:53:33 <tmcpeak> #unchair
17:53:34 <tmcpeak> #unchair
17:53:35 <elmiko> sicarie: nice
17:53:38 <tmcpeak> :\ doesn't work
17:53:39 <tmcpeak> lol
17:53:45 <Daviey> sicarie: Does it involve their input?
17:54:20 <Daviey> (We can take this offline)
17:54:22 <sicarie> Daviey: not really, they just know where all those pages are that should be updated
17:54:29 <Daviey> ah right
17:54:59 <Daviey> EOF
17:55:13 <hyakuhei> Ok lets move to AOB
17:55:18 <hyakuhei> #topic Any Other Business
17:55:45 <bknudson> keystone mid-cycle is next week
17:56:03 <hyakuhei> Cool, let us know if anything exciting happens or if assistance is required with anything!
17:56:15 <hyakuhei> #info I'm taking a couple of weeks vacation, any volunteers to run things here in my absence?
17:56:25 <tmcpeak> I can take it
17:56:53 <hyakuhei> Excellent
17:57:08 <tmcpeak> when are you out and back?
17:57:16 <hyakuhei> #agree tmcpeak to lead Security meetings in hyakuhei's absence
17:57:26 <hyakuhei> make sure to use lots of #tags. It'll make chair6 happy
17:57:33 <tmcpeak> oh yeah, I'm all about tags
17:57:41 <chair6> i think you meant #agreed?
17:57:46 <hyakuhei> It's aliased
17:58:01 <hyakuhei> chair6: trying to school me twice eh?
17:58:04 <tmcpeak> lol
17:58:12 <tmcpeak> he smells weakness
17:58:15 <hyakuhei> ok anything else?
17:58:26 <hyakuhei> Remember to throw things in the agenda for next week
17:58:38 <hyakuhei> #chair tmcpeak
17:58:38 <openstack> Current chairs: hyakuhei tmcpeak
17:58:43 <hyakuhei> #unchair hyakuhei
17:58:44 <openstack> Current chairs: hyakuhei tmcpeak
17:58:50 <hyakuhei> well that half worked.
17:59:03 <tmcpeak> :P
17:59:10 <hyakuhei> tmcpeak: want to close it down?
17:59:14 <tmcpeak> #endmeeting