17:01:16 <hyakuhei> #startmeeting Security
17:01:17 <openstack> Meeting started Thu Mar  2 17:01:16 2017 UTC and is due to finish in 60 minutes.  The chair is hyakuhei. Information about MeetBot at http://wiki.debian.org/MeetBot.
17:01:18 <openstack> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
17:01:21 <openstack> The meeting name has been set to 'security'
17:01:46 <hyakuhei> o/
17:01:53 <knangia> o/
17:01:57 <lhinds> o/
17:02:07 <hyakuhei> Quiet room today :D
17:02:45 <knangia> :D
17:02:46 <hyakuhei> how's it going lhinds / knangia  ?
17:02:55 <unrahul> o/
17:03:00 <lhinds> good thanka hyakuhei
17:03:01 <vinaypotluri> o/
17:03:06 <lhinds> or thanks rather
17:03:07 <browne> o/
17:03:08 <knangia> going good...thank you
17:03:17 <hyakuhei> Excellent
17:03:22 <hyakuhei> welcome vinaypotluri browne
17:03:29 <vinaypotluri> thank you hyakuhei
17:03:38 <hyakuhei> Man I'm full of flu
17:03:58 <mdong> o/
17:04:08 <capnoday> o/
17:04:14 <hyakuhei> Hey mdong capnoday
17:04:20 <knangia> because of traveling ? hyakuhei
17:04:22 <hyakuhei> So I don't have much to report this week
17:04:29 <hyakuhei> knangia Travel induced man-flu
17:05:42 <hyakuhei> hey capnoday
17:05:49 <hyakuhei> Can you give a quick summary of the summit?
17:06:30 <capnoday> sure
17:07:00 <capnoday> PTG was a very interesting event
17:08:17 <capnoday> Im glad that hyakuhei and I went along, in terms of output it wasnt as good as a traditional midcycle, but it was very useful getting to talk to a lot of people in a much more relaxed setting than the summit
17:08:43 <hyakuhei> We spent a lot of time with the Barbican guys that I think was very helpful
17:08:59 <capnoday> We spent some time talking to the docs guys about the future of the guide, spent some time drafting a chapter for the guide on barbican
17:09:31 <capnoday> the rest of the week we spent hanging out with the barbican team, it was really good to see everyone again and contribute to a few debates about key management in openstack
17:09:59 <capnoday> it looks like Castellan is going to become a 'core' openstack service, which is one that can be assumed to be present in a openstack deployment
17:10:29 <capnoday> hyakuhei has done some work putting together a barbican plugin, to allow you to use Hashicorp Vault as a secret store backend
17:10:53 <capnoday> i think thats it for the summit, unless anyone else has something to add?
17:11:21 <unrahul> oh.. thats really nice.. that castellan is going to be part of deployment.
17:11:24 <lhinds> shame I never made it, 100% getting to the next one though I hope.
17:11:25 <browne> food sucked
17:11:34 <capnoday> +1 browne
17:11:42 <capnoday> we went out for sushi
17:11:45 <lhinds> i heard about sandwiches everyday
17:11:56 <capnoday> there was nothing at the summit that met my diet
17:12:04 <unrahul> Are there any links to see discussions by any chance?
17:12:06 <capnoday> lhinds yeh
17:12:08 <browne> yeah, same 3 sandwiches rotated every other day
17:12:20 <lhinds> ugh
17:12:26 <unrahul> browne: .. sounds like a meal plan :D
17:12:51 <capnoday> but there was some acceptable sushi at the mall 2 blocks away, which seemed like a good way to spend $10/day
17:12:59 <knangia> that feels bad browne :(
17:13:05 <capnoday> unrahul I think we have some notes
17:13:30 <capnoday> hyakuhei and I will dig them out for next weeks meeting, we are both flatout with meetings this week
17:13:53 <browne> the attendence in the security sessions was low.  think we need to recruit
17:13:53 <unrahul> sounds good capnoday .. thank you..
17:14:18 <capnoday> browne i think a bit part of that was the travel cost
17:14:30 <unrahul> browne:  we would have loved to come.. except for the budget.. we tried attending the security guide discussion over phone
17:14:39 <capnoday> we've had a lot more people when we have picked the midcycle location to suit
17:14:49 <unrahul> by the way Are we going to have a midcycle this time around, or , too soon to ask?
17:14:57 <capnoday> thanks for dialing in to that btw unrahul
17:14:59 <browne> no more midcycles
17:15:08 <browne> just PTGs
17:15:12 <capnoday> we may have a midcycle
17:15:14 <unrahul> :/
17:15:32 <browne> i'm still wondering where next PTG will be
17:15:34 <capnoday> it is too soon to say no more midcycles
17:15:40 <unrahul> if there is a midcycle.. around Austin .. I think more people can come..
17:16:01 <capnoday> the PTG was definitely a useful thing, but it doesnt replace a midcycle unless the foundation would like to fund a lot more of our members to attend
17:16:05 <vinaypotluri> unrahul: +1 It wold be nice to have it in Austin
17:16:08 <capnoday> unrahul yes thats what I was thinking
17:16:59 <michaelxin> Good idea!
17:17:09 <unrahul> hyakuhei:  whats your opinion...
17:17:13 <tkelsey> o/ sorry im late, busy day :(
17:17:24 <capnoday> hey tim
17:17:24 <unrahul> welcome tkelsey  :)
17:17:38 <tkelsey> thanks folks, carry on I'll catch up
17:17:47 <capnoday> unrahul hyakuhei had to step away i think
17:18:13 <capnoday> browne why do you say no more midcycles?
17:18:21 <browne> i think part of the drop in attendance is that many (at in least in bandit) no longer work on openstack
17:18:30 <capnoday> that is definitely a big factor
17:18:44 <browne> capnoday:  think that was the goal of the PTG to replace midcycles
17:18:56 <unrahul> .. hmm..
17:19:09 <capnoday> although if we had it in austin or san antonio, we would have all the rack and OSIC people too...
17:19:15 <browne> so yeah, i think maybe we could use 1-2 more bandit cores if anyone is interested in contributing/reviewing
17:19:27 <unrahul> capnoday: ,, I agree..
17:19:29 <knangia> yes capnoday !
17:19:31 <capnoday> which would take it from 2-3 people, to maybe 8-10?
17:20:07 <unrahul> our team is already around 6.. and I guess.. it would be a more of a learning experience too.. if we have a midcycle
17:20:19 <vinaypotluri> true that
17:20:31 <vinaypotluri> and We wouldn't have to be worried about the budget too
17:20:49 <capnoday> its something we need to consider, along with scheduling
17:20:58 <aasthad> o/
17:21:00 <knangia> +1 unrahul vinaypotluri
17:21:16 <capnoday> possibly we could have a mid-cycle at the same time as the boston summit, as that is meant to be more of a marketing event now?
17:21:20 <capnoday> anyway
17:21:37 <hyakuhei> Some of us have to go to the summit still :'(
17:21:38 <capnoday> lets talk mid-cycles in a few weeks once we are over the jet-lag
17:21:45 <hyakuhei> Though a similar time in the year would work.
17:21:45 <capnoday> does anyone else have feedback on the PTG?
17:22:09 <knangia> then there can be less attendance for the mid cycle, if it clashes with boson summit
17:22:09 <michaelxin> The remote session with doc team seems to work fine
17:22:13 <capnoday> my personal thought was it would be nice to run the PTG at the end of the summit, then have a mid-cycle to suit our team
17:22:16 <hyakuhei> So I thought the conversations we had with the docs people were very interesting
17:22:21 <unrahul> Did we decide anything on how the new security guide should be?
17:22:28 <hyakuhei> Sure
17:22:31 <michaelxin> Maybe, we can do similar thing (for remote folks) in the future.
17:22:52 <hyakuhei> Tactical; we embrace the work OSIC has taken on to improve the existing guidance by tackling important bugs
17:23:17 <hyakuhei> Strategic; work on a next iteration of the doc, that maintains a consistent level of detail and does not go into as much depth as the current doc
17:23:33 <michaelxin> Sounds good plan to me
17:23:46 <hyakuhei> The net benefit being a less detailed guide on day 1 but a more maintainable and thus, useful guide over months/years
17:24:30 <unrahul> hyakuhei:  that vision of a maintainable guide is promising.
17:24:31 <knangia> sounds good !
17:25:13 <unrahul> we are in talks with different teams here in OSIC like neutron and keystone to close some of those sec guide bugs..
17:25:24 <michaelxin> Is Doug still working for the security project?
17:25:40 <michaelxin> There is a bug assigned to him.
17:25:41 <capnoday> redrobot doug? or me doug?
17:25:44 <hyakuhei> capnoday ^^^
17:26:20 <capnoday> I will take a look, although i think this may be the one that vinay emailed me about, which he has kindly offered to deal with
17:26:21 <vinaypotluri> michaelxin: Doug asked me to take it over https://bugs.launchpad.net/ossp-security-documentation/+bug/1619485
17:26:21 <openstack> Launchpad bug 1619485 in OpenStack Security Guide Documentation "Annual Cipher Validation - Introduction to TLS and SSL in Security Guide" [Medium,Confirmed] - Assigned to Vinay Potluri (vinay-potluri)
17:26:23 <unrahul> I think vinaypotluri  discussed it and got it assigned
17:26:38 <capnoday> michaelxin that ^^
17:26:45 <dave-mccowan> what's the status of new key management chapter for the security guide?
17:26:53 <capnoday> thanks vinaypotluri :)
17:27:01 <vinaypotluri> thank you capnoday  :)
17:27:32 <capnoday> key management chapter is getting there, will need updating with the outcome of the discussions we had on Thursday regarding castellan as a core service
17:27:43 <capnoday> plus updating once Robs vault plugin has merged
17:28:01 <capnoday> ok 3 mins left, anything else quick?
17:28:25 <lhinds> OSSN: one single note which I should have out next week I hope
17:28:29 <lhinds> that's it
17:28:32 <capnoday> great work lhinds
17:28:52 <capnoday> ok anything else to add hyakuhei?
17:29:02 <hyakuhei> Narp
17:29:13 <capnoday> great, lets wrap this up
17:29:17 <hyakuhei> #chair capnoday
17:29:19 <openstack> Current chairs: capnoday hyakuhei
17:29:22 <hyakuhei> I'll write a blog post on the PTG if you'll help capnoday
17:29:27 <capnoday> yeh of course
17:29:32 <capnoday> lets take a look at that next week
17:29:37 <hyakuhei> Anyay, that's time lol. TY all, lets hope for a bit more progress to share next week!
17:29:56 <unrahul> thanks all.
17:29:58 <knangia> thanks hyakuhei
17:30:16 <aasthad> thank you all
17:30:25 <capnoday> #endmeeting