17:00:01 <hyakuhei> #startmeeting Security 17:00:04 <openstack> Meeting started Thu Oct 1 17:00:01 2015 UTC and is due to finish in 60 minutes. The chair is hyakuhei. Information about MeetBot at http://wiki.debian.org/MeetBot. 17:00:05 <openstack> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. 17:00:08 <openstack> The meeting name has been set to 'security' 17:00:11 <hyakuhei> #chair tmcpeak 17:00:14 <openstack> Current chairs: hyakuhei tmcpeak 17:00:15 <hyakuhei> Hey all! 17:00:19 <dg_> hey 17:00:22 * sicarie waves 17:00:23 <tmcpeak> yo! ~o/ 17:00:24 <chair6> hai 17:00:42 <tmcpeak> oh, hai! 17:00:45 <elmiko> o/ 17:00:56 * bknudson lurks 17:01:06 <hyakuhei> heh 17:01:10 * tmcpeak pulls bknudson out of his corner 17:01:21 <hyakuhei> Hey elmiko! Thanks for helping out with the meeting! 17:01:24 <nkinder> Hi all! 17:01:31 <tmcpeak> yo, Mr. Kinder 17:01:32 <elmiko> hyakuhei: no problem, glad to help 17:01:36 <hyakuhei> nkinder? 17:01:39 * hyakuhei squints 17:01:41 <elmiko> haha 17:01:44 <hyakuhei> is that nkinder in the distance ? 17:01:44 <yaya> hi everbody 17:01:51 <browne> hi 17:01:53 <tmcpeak> hey yaya, wassup 17:02:05 <yaya> been awhile :) 17:02:22 <hyakuhei> Sweet, so… Agenda 17:02:43 <hyakuhei> Anchor, Bandit, OSSN, Docs, Syntribos, PR 17:02:45 <hyakuhei> what else ? 17:03:02 <tmcpeak> elmiko's architecture bonanza? 17:03:25 <tmcpeak> separating the less trusted things from the golden things, etc 17:03:28 <hyakuhei> Yeah, I’ve only just looked through that but I think it needs some massaging first. 17:03:38 <chair6> i've been looking briefly at Horizon logging and could do with some opinions (eek) 17:03:38 <elmiko> i've only shared the doc internally and with hyakuhei, not sure it's ready for primetime yet 17:03:39 <tmcpeak> oh, I haven't even seen it 17:03:46 <hyakuhei> (I literally opened it two mintues ago) 17:03:50 <elmiko> lol! 17:03:50 <redrobot> o/ 17:03:54 <hyakuhei> tmcpeak: you were there when we whiteboarded it :P 17:03:59 <hyakuhei> hey redrobot 17:04:15 <tmcpeak> oh yeah, I know that. I mean the finished product 17:04:30 <hyakuhei> Sweet, lets leave that for next week 17:04:37 <hyakuhei> tkelsey sends his appologies 17:04:40 <hyakuhei> #topic Anchor 17:04:48 <hyakuhei> dg_: what’ve you guys been up to ? 17:05:10 <dg_> tkelsey and I spent a day pretending we worked at a startup, sat in a coffee shop hacking code 17:05:38 <dg_> anchor now has a sperate validation module, so you can import anchor.validation and do cert validation 17:05:39 <elmiko> nice 17:05:56 <hyakuhei> Yeah that’ll be handy 17:06:24 <dg_> it now returns a dictionary, of {validator:result} so you can see the results for individual validators, rather than complete list 17:06:37 <hyakuhei> #link https://review.openstack.org/#/q/anchor+status:open,n,z 17:06:53 <dave-mccowan> o/ 17:07:00 <hyakuhei> That sounds useful dg_ 17:07:05 <hyakuhei> welcome dave-mccowan 17:07:30 <hyakuhei> Cool 17:07:34 <dg_> i think thats merged too 17:07:44 <hyakuhei> Nice work :) 17:07:57 <hyakuhei> Anything else? 17:08:09 <dg_> thats all the anchor stuff I can think of 17:08:22 <hyakuhei> Great! Thanks 17:08:25 <hyakuhei> #topic Bandit 17:08:29 <tmcpeak> yo 17:08:39 <tmcpeak> so Kelsey has been smashing docs like a possessed man 17:08:48 <hyakuhei> haha 17:08:55 <tmcpeak> he's a beast 17:09:01 <tmcpeak> check out the reviews if you haven't already 17:09:10 <hyakuhei> #link https://review.openstack.org/#/q/bandit+status:open,n,z 17:09:10 <tmcpeak> our plan is to release new Bandit after the docs are done 17:09:57 <bknudson> I can't even keep keystone up with the previous release. 17:10:07 <hyakuhei> heh 17:10:25 <chair6> looking at the multiprocessing change, i think it's a useful POC but probably needs some more work / refactoring to do it 'nicely' 17:10:46 <tmcpeak> yeah, we'll punt on multi-processing until 0.15.0 if it's cool with you guys 17:11:03 <tmcpeak> it might break things 17:11:08 <tmcpeak> we want to test the crap out of it first 17:11:23 <browne> bknudson: i think once we refactor bandit.yaml so that other projects don't have to update it, then it'll be a lot easier to stay current 17:12:00 <hyakuhei> anything else? 17:12:06 <bknudson> that would make things easier. having a bunch of options for the tests in bandit.yaml makes for more work. 17:12:07 <tmcpeak> that's about it for this week 17:12:19 <tmcpeak> +1 17:12:28 <tmcpeak> yeah, that's not a great user experience 17:12:44 <hyakuhei> ok cool, ploughing on through :) 17:12:49 <hyakuhei> #topic OSSN 17:12:53 <browne> ok, i want to look into that some more 17:13:08 <nkinder> So our backlog looks a lot better now for OSSNs 17:13:16 <elmiko> \o/ 17:13:23 <nkinder> I published another one last week, and there are a few in progress 17:13:28 <hyakuhei> There’s still a few sitting open #link https://review.openstack.org/#/q/status:open+security-doc,n,z 17:13:33 <nkinder> The trusted compute pools one is close - https://review.openstack.org/#/c/220263/ 17:13:50 <nkinder> We just need to fix up the terminology a bit, then get a nova reviewer 17:14:16 <hyakuhei> Think we could get malini to review #link https://review.openstack.org/#/c/220263/ ? 17:14:38 <nkinder> yeah, that's what I was thinking too 17:15:01 <hyakuhei> Probably should consider abandoning or updating #link https://review.openstack.org/#/c/136203/ 17:15:04 <nkinder> We should have Michael fix up the terminology first, then we can get the reviews going 17:15:06 <tmcpeak> Malini still around? 17:15:23 <nkinder> hyakuhei: Yes, that one has rotted 17:15:38 <hyakuhei> She’s still working in the space but not around atm, I’ll ping her an email 17:15:59 <hyakuhei> Anything else required on the OSSN front nkinder ? 17:16:03 <dave-mccowan> nkinder did you notice that Nova began the process of deprecating TrustedComputePools by marking it "experimental"? it might be worth calling that out in this note. 17:16:40 <nkinder> dave-mccowan: Yeah, that's worth calling out. Do you mind adding a comment in the review for Michael? 17:16:59 <dave-mccowan> nkinder will do. 17:17:00 <nkinder> hyakuhei: nothing else really at this point. 17:17:07 <hyakuhei> cool, thanks nkinder 17:17:19 <hyakuhei> #topic Security-docs 17:17:25 <hyakuhei> sicarie: How’s things going ? 17:17:29 <sicarie> Pretty well 17:17:36 <sicarie> We're outlining the work to be done for the new leaf release 17:17:45 <sicarie> I think the COmpute chapter is relatively complete for now 17:17:49 <hyakuhei> hows the RST magics going ? 17:17:50 <sicarie> I'm going to finish the case studies 17:18:01 <sicarie> So much nicer than DocBOok 17:18:23 <sicarie> And then the only other effort called out was getting a generalized "checklist" into each chapter 17:18:44 <sicarie> I think once we hit that I'm going to wrestle with the table conversions and submit for new leaf book - hopefully coinciding with the Tokyo Summit 17:19:00 <sicarie> If anyone sees any gaps, please open a bug or ping me 17:19:00 <elmiko> +1 17:20:03 <sicarie> And that's about it for docs righ tnow 17:20:13 <hyakuhei> Great stuff! 17:20:20 <hyakuhei> #topic syntribos 17:20:34 <hyakuhei> Anyone here to talk about this ? 17:20:40 <mvaldes> sure 17:20:47 <hyakuhei> :) 17:20:54 <mvaldes> we're working on some general improvements to reporting 17:21:10 <mvaldes> and better detection on the SQLi attacks 17:21:17 <elmiko> did you get things worked out with the infra folks concerning cores and what not? 17:21:33 <mvaldes> not yet that i know of 17:21:42 <mvaldes> Michael is working on that 17:21:52 <elmiko> yea, just curious how that's going 17:22:20 <mvaldes> i think that is new for us, so if anyone has expertise... :) 17:22:45 <mvaldes> and that's really the only updates we have 17:22:52 <elmiko> i think michael is on the right path, he was asking some questions in channel yesterday(?) 17:23:10 <mvaldes> awesome 17:23:20 <elmiko> thanks =) 17:23:49 <mvaldes> thanks for the help 17:23:54 <hyakuhei> Anyhting else to cover ? 17:24:08 * hyakuhei just got grabbed on another meeting so I’m multi tasking! 17:24:18 <tmcpeak> @hyakuhei I can take over if you want 17:24:30 <hyakuhei> please 17:24:31 <mvaldes> Michael is joining in now 17:24:35 <hyakuhei> :) 17:24:43 <tmcpeak> cool 17:24:49 <tmcpeak> ok, anything else to say for Syntribos or shall we move on? 17:25:20 <tmcpeak> michaelxin: wassup 17:25:25 <tmcpeak> anything to say for Syntribos this week? 17:25:30 <michaelxin> tmcpeak: sorry I am late 17:25:34 <michaelxin> tmcpeak: Yes. 17:25:39 <tmcpeak> no worries 17:26:03 <michaelxin> The sytribos-core is not working and am working with openstack infrastructure team on it. 17:26:18 <tmcpeak> core? 17:26:18 <michaelxin> At the same time, our team is currently working on reporting of security issues. 17:26:26 <tmcpeak> have I missed something from last week? 17:26:26 <michaelxin> yes. 17:26:34 <tmcpeak> I should probably be a non-crappy chair and read logs huh? 17:26:52 <michaelxin> It was merged into openstack 17:26:56 <tmcpeak> as long as somebody knows what we're talking about we can keep rolling ;) 17:27:02 <bknudson> there's a bunch of security issues? 17:27:08 <bknudson> I hope they're not in keystone 17:27:31 <michaelxin> But the syntribos-core group on review.openstack.com is empty. 17:27:39 <elmiko> =( 17:27:42 <mvaldes> we are working to improve syntribos' reporting of issues it finds 17:27:55 <tmcpeak> reporting how? 17:28:02 <hyakuhei> back now (stupid life or death sales people) feel free to keep on rolling tmcpeak 17:28:23 <mvaldes> right now it writes to a log file 17:28:30 <michaelxin> A list of identified security issues with severity and description, etc. 17:28:32 <tmcpeak> all you Mr. Hyakuhei, we're still on syntribos 17:28:33 <mvaldes> we want to make the reporting more digestible 17:28:40 <tmcpeak> JSON is useful IMO 17:28:47 <tmcpeak> we use that a lot internally 17:28:59 <michaelxin> We will make it consistent with Bandit 17:29:00 <hyakuhei> +1 17:29:04 <elmiko> nice 17:29:11 <michaelxin> Forgot to mention. 17:29:25 <michaelxin> I have recruited some of my team members to our group 17:29:27 <tmcpeak> michaelxin: awesome, was just talking to chair6 about a standardized reporting format earlier too 17:29:33 <mvaldes> bknudson: we didn't find issues per se, but when syntribos does, we want the reporting to be better 17:29:49 <tmcpeak> michaelxin: awesome!! you're singing my song, who we got? :D 17:30:07 <hyakuhei> I’m all for good reporting 17:30:18 <michaelxin> hi, rackers, would you please introduce yourself? 17:30:39 <hyakuhei> but a little voice in the back of my head says it should be complicated enough that “pentesters” dont just start emailing me invoices and “Syntribos Reports”... 17:30:40 <mdong> hey everyone, I’m Michael Dong, I’m pretty new to the Rackspace security team 17:30:48 <mvaldes> hyakuhei: +1 17:30:53 <tmcpeak> awesome mdong! great to meet you 17:31:01 <tmcpeak> maybe a few sentences about your background and interests? 17:31:03 <hyamauchi> hi. I'm henry yamauchi. Hi all. Just lurking for now... 17:31:10 <dg_> hey 17:31:22 <michaelxin> Henry is from Rackspace too. 17:31:23 <tmcpeak> hyamuchi: lurking is cool but hanging out with us is better, the more the merrier! 17:31:27 <hyakuhei> Pesky rackers everywhere! (Welcome :D) 17:31:27 <elmiko> hi mdong 17:31:31 <greg_a> Hey everyone, I'm Greg Anderson. Also part of RAX and here to help with syntribos :) 17:31:36 <yaya> and I am Yasmine K 17:31:45 <tmcpeak> wow! this is awesome 17:31:52 <michaelxin> greg_a is from Rackspace too. 17:32:02 <tmcpeak> Rackers, could you each please type a couple of sentences about your backgrounds and what interests you? 17:32:08 <elmiko> yea, lots of hellos =) /me waves at hyamauchi greg_a and yaya 17:32:14 <michaelxin> greg_a is our Defcon speaker here. 17:32:29 <tmcpeak> michaelxin: this is great, glad you've brought such fine folks to us 17:32:29 <michaelxin> :-) 17:32:39 <elmiko> +1 17:32:40 <michaelxin> We missed ccneil 17:32:46 <nkinder> +1 Welcome all! Good to have some fresh faces here. 17:32:51 <tmcpeak> ++ 17:32:55 <michaelxin> He is the one who contributed to Bandit. 17:33:18 <tmcpeak> ahh yeah, I'm familiar with ccneil. The HTML report is a great addition 17:33:36 <mdong> I just graduated from University of Texas at Austin this May, right now it’s the UT football team that interests me, but I’m pretty excited to work on Syntribos! 17:33:50 <elmiko> hehe 17:34:04 <greg_a> That's me :D, as mentioned tricked the defcon folks into letting me present. I dabble in all things security: pen testing, IDS, etc. Also have Dev experience and I'm excited to help out and be a part of this :) 17:34:06 <tmcpeak> awesome! great to have you mdong 17:34:09 <michaelxin> cool, glad to see our team grow. 17:34:19 <tmcpeak> greg_a got a link to your preso? 17:34:29 <tmcpeak> I love watching good defcon presos 17:34:30 <greg_a> yep one sec 17:34:55 <tmcpeak> sweet 17:35:12 <michaelxin> yaya: would you give us some introduction too? 17:35:26 <hyakuhei> Great having some fresh blood in the group! Is this just Syntribos focussed or while you guys be poking around other bits of the security cave too ? 17:35:55 <michaelxin> hyakuhei: We will help with everything 17:35:58 <mdong> I’ll definitely try to contribute as much as I can all around 17:36:04 <tmcpeak> sweet!! 17:36:07 <michaelxin> whatever hyakuhei asks us to do. :-) 17:36:11 <mvaldes> all the things! 17:36:15 <hyakuhei> :D 17:36:28 <elmiko> lol 17:36:28 <hyakuhei> I love you rackers, I’ve always said “I love them Rackers” :P 17:36:31 <yaya> yup. So I’ve been with the team for almost a year now. Interested in all things security from pentesting to research :) 17:36:49 <michaelxin> hyakuhei: +1 17:36:58 <michaelxin> tmcpeak: +1 17:36:58 <hyakuhei> Fantastic. 17:37:08 <greg_a> tmcpeak: here it is https://www.youtube.com/watch?v=H1l-9Z8TOAg 17:37:11 <hyakuhei> #topic Any Other Business 17:37:22 <tmcpeak> greg_a: awesome, wil check it out 17:37:24 <hyakuhei> chair6: Did you have some logging ideas? 17:37:30 <chair6> just a small one 17:37:32 <hyakuhei> greg_a: awesome thanks! 17:37:36 <tmcpeak> also I wanted to give a brief shout about PR 17:37:43 <chair6> i've been trying to actually use openstack log output in anger 17:37:45 <elmiko> thanks greg_a , and the other rackers, always nice to meet some new sec. folks =) 17:37:49 <chair6> devstack@devstack:/var/log/apache2$ tail -f horizon_error.log | grep failed 17:37:52 <chair6> 2015-09-29 20:22:29.683986 Login failed for user "admin". 17:37:55 <chair6> 2015-09-29 20:22:46.032374 Login failed for user "blahblah". 17:37:57 <chair6> 2015-09-29 20:23:20.997693 Login failed for user "blahblah". 17:38:05 <greg_a> tmcpeak: no prob! I start around 10:40 17:38:12 <chair6> something like ^ is not particularly useful though .. a source IP would be a nice additino 17:38:12 <michaelxin> elmiko: +1 17:38:31 <chair6> wondering if anyone has worked on horizon before, before i go chasing this and other potential similar cases down myself.. 17:38:31 <tmcpeak> +1 17:39:05 <hyakuhei> Don’t we sell super expensive connect the dot machines to do this ? 17:39:08 * hyakuhei hides. 17:39:19 <hyakuhei> fwiw I think this would be very useful 17:39:44 <hyakuhei> About 18 months ago there was some discussion of finding a way to trace API cascades from individual inputs 17:40:07 <bknudson> keystone at least puts the request ID in its logs now 17:40:11 <michaelxin> ccneill: Would you please introduce yourself? 17:40:17 <hyakuhei> Yeah that’s a good step forward 17:40:19 <elmiko> chair6: have you been following any of the logging-wg stuff? 17:40:25 <bknudson> there's a spec to have the APIs provide the request IDs to the callers 17:40:32 <bknudson> the python APIs 17:40:53 <elmiko> yea, that's a good one too 17:41:13 <chair6> elmiko - i remember reading some logging-related stuff ~6 months ago but didn't see any evidence of progress .. maybe i'm not looking in the right place 17:41:51 <elmiko> chair6: yea, not sure much has happened, aside from some error logging related stuff 17:42:06 <elmiko> well, and what bknudson mentioned 17:42:49 <mvaldes> can you easily trace the request Id to a specific API? 17:43:09 <mvaldes> or does that still require some detective work 17:43:17 <elmiko> good question 17:43:31 <bknudson> you can't easily track request IDs at all now 17:44:01 <bknudson> the work hasn't been done 17:44:03 <bknudson> jfdi 17:44:49 <chair6> interesting .. 17:44:58 <tmcpeak> #JFDI 17:45:28 <chair6> okay, well what i might (if i have time.. sigh) start working on is some security-related scenarios and seeing what it takes to track them back through various logs .. see where gaps are, what simple fixes there mgith be, etc 17:45:42 <elmiko> chair6: +1 17:45:54 <chair6> your horizon UI is being bruteforced? how does that manifest, how do you invesitgate, etc 17:46:00 <chair6> and so on for other attack scenarios 17:46:04 <mvaldes> sounds like a worthy effort 17:46:08 <tmcpeak> chair6: you won't 17:46:15 <chair6> lol, yeah, time... 17:46:23 <sicarie> tmcpeak: way to stay optimistic 17:46:28 <tmcpeak> :D 17:47:01 <elmiko> chair6: i'd be curious to talk about it sometime, we're working on something along those lines for our presentation in tokyo 17:47:19 <tmcpeak> oh, presentation? now you're singing chair6's song :P 17:47:23 <elmiko> (ie how to use logs to see certain behaviors) 17:47:29 <chair6> cool.. how about we setup an etherpad or something and start throwing some thoughts into it? 17:47:41 <elmiko> sounds good 17:47:44 <chair6> presentations are good as long as they're only made up of photos of people watching clouds 17:47:50 <tmcpeak> +1 17:47:51 <elmiko> haha 17:48:39 <hyakuhei> I didn’t have anything else to cover today, anyone else ? 17:48:47 <hyakuhei> tmcpeak: How about the PR deck? 17:48:49 <nkinder> chair6: I wonder if CADF notifications can be used for watching for these sorts of attacks 17:48:53 <chair6> #link https://etherpad.openstack.org/p/security-logging-investigation 17:48:56 <hyakuhei> s/PR/recruitment 17:49:00 <tmcpeak> sweet 17:49:02 <tmcpeak> https://docs.google.com/document/d/1g2LVI_oR8sNAuiAB5VW1RYRV9afD_D6BboSYFQX7lDs/edit?usp=sharing 17:49:09 <chair6> nkinder i've been looking at CADF as well, that has some gaps / frustrations too 17:49:23 <elmiko> hyakuhei: do you want just stay in touch via email about the "canhaz" project? ;) 17:49:27 <tmcpeak> so this is something I've written (with hyakuhei's help) for SuperUser magazine 17:49:32 <tmcpeak> the OpenStack thing 17:49:32 <chair6> like it logs a user UUID but not a plaintext username, so it takes some wrapper / work to make it human-useful 17:49:44 <tmcpeak> http://superuser.openstack.org/ 17:49:51 <tmcpeak> the idea is to boost our numbers 17:50:05 <tmcpeak> as you all know I've been all "we should have more ppl, we're spread thin, etc" 17:50:05 <hyakuhei> elmiko: yeah, I’ll throw it into google docs and share it with you, which should let us both edit 17:50:20 <tmcpeak> hopefully the superuser article can help us get publicity for our projects and group and get some further fresh blood 17:50:35 <tmcpeak> please take a look, let me know if you like it or hate it, but.. 17:50:41 <elmiko> hyakuhei: wish i could just share my google doc... ಠ_ಠ 17:50:42 <tmcpeak> it's pretty much going out regardless :) 17:50:54 <tmcpeak> sent it to the foundation folks 17:51:15 <tmcpeak> aside from that: any of our chapters have any luck scheduling things? 17:51:27 <tmcpeak> or shall I go around and annoy you all until you do it? :P 17:51:38 <tmcpeak> Seattle is GTG 17:51:42 <tmcpeak> UK: where you at? 17:51:46 <tmcpeak> San Antonio? 17:51:48 <mvaldes> I think Michael is working on something for our OWASP chapter 17:51:50 <tmcpeak> Minnesota? 17:52:05 <mvaldes> San Antonio 17:52:08 <dg_> tmcpeak say where and when, we'll be there 17:52:09 <hyakuhei> UK stalled out slightly because of a few things like Discover, I’ll try to make a note to find a venue 17:52:17 <mvaldes> I'll push that along :) 17:52:25 <tmcpeak> hyakuhei, dg_: you guys want to book it yourself or you want me to? 17:52:29 <tmcpeak> I'm happy to do either way 17:52:33 <chair6> turns out i'll be presenting to CSA Seattle on oct 22 so will definitely put in some PR content there 17:52:42 <tmcpeak> chair6: oooh, sweet 17:52:42 <bknudson> I haven't heard about the next minnesota meetup. 17:53:02 <dg_> tmcpeak not fussed 17:53:18 <dg_> i think there is some stuff happening in bristol, but not looked into it 17:53:20 <tmcpeak> browne: I'll ping you offline, looks like I'll be back in the bay in early December so I'll make sure whatever I set up works for both of us, sounds good? 17:54:05 <browne> tmcpeak: sounds good 17:54:09 <tmcpeak> sweet 17:54:21 <tmcpeak> ok, so hyakuhei will look into Bristol 17:54:28 <tmcpeak> michaelxin: how's San Antonio coming? 17:54:36 <tmcpeak> bknudson: you want help with Minnesota or you good? 17:54:47 <mvaldes> tmcpeak: he got called away 17:54:58 <tmcpeak> ahh ok, you guys can work it and let us know next week 17:54:58 <mvaldes> we are looking at doing something for October OWASP meeting 17:55:03 <tmcpeak> perfect 17:55:21 <mvaldes> and we are speaking at LASCON in October, so can give a mention there as well 17:55:23 <bknudson> tmcpeak: I'm good. The next meetup is this month but it's already booked, so need to get on the agenda for the next one. 17:55:30 <tmcpeak> cool, sounds good 17:55:58 <mvaldes> tmcpeak: the google doc is great and will be a big help 17:56:22 <tmcpeak> mvaldes: great, you mean the deck, right? 17:56:51 <mvaldes> tmcpeak: didnt see that. i was looking at the superuser article 17:57:08 <tmcpeak> oh cool 17:57:10 <tmcpeak> glad you like it 17:57:23 <dg_> got a link to the superuser article? 17:57:27 <tmcpeak> michaelxin should have the link for the deck. We're hoping that the recruiting efforts can centralize around that 17:57:28 <mvaldes> tmcpeak: can you link to the deck? 17:57:33 <mvaldes> ok cool 17:57:42 <mvaldes> dg_: https://docs.google.com/document/d/1g2LVI_oR8sNAuiAB5VW1RYRV9afD_D6BboSYFQX7lDs/edit?pli=1 17:57:54 <tmcpeak> https://docs.google.com/document/d/1g2LVI_oR8sNAuiAB5VW1RYRV9afD_D6BboSYFQX7lDs/edit?usp=sharing 17:58:18 <dg_> thanks 17:58:23 <tmcpeak> cool, so wrapping up 17:58:27 <tmcpeak> any final words? 17:59:01 <hyakuhei> lgtm :) 17:59:03 <tmcpeak> excellent 17:59:05 <hyakuhei> #endmeeting