#openstack-meeting log

15:01:52 <lhinds> #startmeeting security-sig
15:01:53 <openstack> Meeting started Thu Apr  5 15:01:52 2018 UTC and is due to finish in 60 minutes.  The chair is lhinds. Information about MeetBot at http://wiki.debian.org/MeetBot.
15:01:54 <openstack> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
15:01:56 <openstack> The meeting name has been set to 'security_sig'
15:02:00 <lhinds> #chair gagehugo
15:02:01 <openstack> Current chairs: gagehugo lhinds
15:02:06 <lhinds> #topic agenda
15:02:16 <lhinds> #link https://etherpad.openstack.org/p/security-agenda
15:02:37 <gagehugo> lhinds I slimmed down the agenda a bit, feel free to undo any of that if it was too much
15:02:55 <lhinds> gagehugo: no, good job..it had some stale stuff in there.
15:03:01 <lhinds> gagehugo: i prefer this look
15:03:20 <lhinds> gagehugo: has the guy from Tatu been able to make the meeting?
15:03:46 <gagehugo> he reached out to me a few weeks ago, but otherwise I haven't seen him
15:04:05 <gagehugo> could email him and see if he can make this time?
15:04:18 <lhinds> gagehugo: ack, will drop him an email for next meeting
15:04:30 <lhinds> any one have other items they would like to add?
15:04:38 <lhinds> (agenda that is)
15:05:34 <lhinds> k, so I think we can skip documentation
15:05:47 <lhinds> no patches need review and no key items as far as I am aware
15:05:58 <lhinds> #topic Keystone Threat Analysis
15:06:09 <lhinds> nice work on the patches gagehugo
15:06:24 <gagehugo> \o/ almost there
15:06:30 <lhinds> whats the current state of the VMT +2ing? (goes to take a look.)
15:07:14 <lhinds> so I will merge this: https://review.openstack.org/#/c/447139/
15:07:28 <lhinds> we got +1's from VMT and sec-core on keystone
15:07:54 <gagehugo> sounds good
15:09:03 <lhinds> fungi: what's needed for this governance patch: https://review.openstack.org/#/c/555934/
15:09:11 <lhinds> anything we should do from our side?
15:12:16 <lhinds> I will chat to him later about this.
15:12:22 <fungi> looking
15:12:39 <lhinds> I just added pycadf and oslo.cache reviews that we should track and get moving.
15:12:45 <fungi> members of the vmt still need to officially vote in favor of it
15:13:00 <fungi> i was meaning to ask whether we can get the security analysis change approved
15:13:13 <lhinds> fungi: that should be done now
15:13:19 <lhinds> fungi: so an IRC vote?
15:13:24 <fungi> yeah
15:13:40 <gagehugo> ok
15:13:50 <fungi> i brought 555934 to the attention of TristanC and kmalloc last week
15:14:08 <lhinds> fungi: sounds good. let's monitor and we can track it here each meeting.
15:14:14 <fungi> i think we're in favor but i was hoping to see the analysis change merge first (which looks like it's on its way to doing now)
15:14:27 <lhinds> fungi: makes sense
15:14:43 <kmalloc> ++
15:14:56 <fungi> and then approval by the tc is mostly a formality once the vmt gives it a thumbs-up
15:15:14 <kmalloc> Yeah, 555934 looks good, but analysis merge before would be perfect.
15:15:55 <lhinds> so that's merged now: https://review.openstack.org/#/c/447139/
15:16:17 <gagehugo> I'll take a look at the other analysis docs too and make sure they're refined
15:16:23 <lhinds> so will leave it up to you kmalloc and fungi to vote and put to the tc
15:16:28 <gagehugo> for pycadf & others
15:16:34 <lhinds> gagehugo: +1
15:16:36 <lhinds> me too.
15:17:33 <lhinds> ttx: anything on spectre / meltdown mitigation , nova conversation..I have not had a chance to look at this, just been following what's happening upstream in the kernel
15:17:56 <ttx> nope kashyap promised a blog post
15:18:12 <lhinds> ttx: k, lets see what that brings up
15:18:24 <lhinds> #topic Policy Security Roadmap
15:19:00 <lhinds> I don't think there is anything new here, there were some AP's from the PTG. I will look at those again and see if anyone has done anything yet (I don't believe they have)
15:19:07 <gagehugo> yeah
15:19:11 <lhinds> ping eeiden
15:19:32 <gagehugo> think she is away atm
15:19:39 <lhinds> no worries.
15:19:42 <lhinds> #topic bandit
15:19:44 <gagehugo> I'll ask about lcoo when I see here again
15:19:48 <gagehugo> her*
15:19:49 <lhinds> thx gagehugo
15:20:07 <lhinds> so I have not heard anything more on the migration to PyTools
15:20:21 <gagehugo> ok
15:20:22 <lhinds> and I can see ebrown is working on a new plugin
15:20:38 <lhinds> https://review.openstack.org/#/c/552720/
15:21:20 <lhinds> one you could look at here gagehugo : https://review.openstack.org/#/c/558959/
15:21:33 <gagehugo> yeah I'll pull that down and verify
15:21:40 <lhinds> cool
15:21:45 <gagehugo> but it looks ok to me
15:21:50 <lhinds> #topic OSSN
15:22:03 <lhinds> so I think we have someone new working on authoring a note
15:22:11 <lhinds> I replied to the email today gagehugo , thanks for that.
15:22:28 <lhinds> #topic General Discussion
15:22:33 <gagehugo> np
15:23:14 <lhinds> Only other items I have is I updated the wiki / lp pages to show myself and gagehugo as chairs of the SIG, so thanks gagehugo for agreeing to help chop the wood and carry the water with me as a co-chair
15:23:33 <lhinds> https://wiki.openstack.org/wiki/Security-SIG
15:23:56 <lhinds> and; https://launchpad.net/~openstack-ossg
15:24:08 <gagehugo> woo
15:24:09 <lhinds> anyone else have any other business or points before we close for this week?
15:25:10 <fungi> nothing from me
15:25:18 <gagehugo> I'm good for now
15:25:30 <lhinds> k, sounds good!
15:26:17 <lhinds> see you all next week..I will be on holiday, but still plan to make it. But if I don't turn up (rare chance) as I am late getting back with the family, please hash startmeeting for me!
15:26:29 <lhinds> thanks all!
15:26:34 <lhinds> #endmeeting