#openstack-meeting log

15:00:14 <gagehugo> #startmeeting security
15:00:15 <openstack> Meeting started Thu May  6 15:00:14 2021 UTC and is due to finish in 60 minutes.  The chair is gagehugo. Information about MeetBot at http://wiki.debian.org/MeetBot.
15:00:17 <openstack> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
15:00:20 <openstack> The meeting name has been set to 'security'
15:00:57 <gagehugo> #link https://etherpad.opendev.org/p/security-agendaagenda
15:01:03 <gagehugo> #link https://etherpad.opendev.org/p/security-agenda agenda
15:02:31 <fungi> ohai
15:03:25 <redrobot> 🙋
15:03:40 <gagehugo> o/
15:05:10 <gagehugo> #topic Topics from the PTG
15:05:56 <gagehugo> We had some good discussions at the PTG
15:06:05 <gagehugo> #link https://etherpad.opendev.org/p/security-sig-ptg-xena ptg agenda
15:08:16 <gagehugo> Mainly around updating the security wiki, updating our meeting schedule, barbican as a base service, starting a mailing list update about open issues after each meeting, trying to recruit more for the security sig
15:09:04 <gagehugo> Did anyone have anything they wanted to follow up on regarding those topics?
15:09:40 <fungi> i haven't put together a new open vulnerability report reminder list yet
15:11:53 <fungi> there was a brief tangential discussion in this week's image encryption pop-up team meeting about barbican as a base service
15:12:04 <fungi> mainly that we're looking for supporting use cases
15:12:06 <gagehugo> I saw, thanks for the ping
15:12:41 <gagehugo> For the reminder list, are we wanting to use the list from launchpad?
15:13:00 <fungi> yeah, i was basically just going to send something like a did a couple months ago
15:13:23 <fungi> https://bugs.launchpad.net/ossa/+bugs
15:13:43 <fungi> #link https://bugs.launchpad.net/ossa/+bugs public reports of suspected vulnerabilities
15:14:15 <fungi> thankfully the list is fairly short currently
15:14:26 <fungi> but we'll see if we can make it even shorter
15:14:51 <gagehugo> Ok
15:17:29 <gagehugo> If I can get another keystone core to review a ps, that list should lose another one too lol
15:19:48 <gagehugo> Would be nice to try to drum up support for the security sig as well
15:21:13 <fungi> yeah, we could maybe get the foundation's social media marketing folks to promote something if we were to decide what specific message we wanted to get out
15:22:15 <gagehugo> I can work on a snippet for that
15:22:47 <gagehugo> and we can discuss in openstack-security in the meantime
15:24:37 <gagehugo> fungi redrobot: anything else for this meeting? That was all I had
15:25:14 <fungi> nah, and sorry if i'm slow to respond, this is one of three meetings i'm in at the moment
15:26:22 <gagehugo> multitasking is the name of the game
15:26:24 <gagehugo> :)
15:26:41 <gagehugo> thanks everyone, have a good rest of the week!
15:26:43 <gagehugo> #endmeeting