17:00:00 <hyakuhei> #startmeeting openstack security group
17:00:01 <openstack> Meeting started Thu Apr  2 17:00:00 2015 UTC and is due to finish in 60 minutes.  The chair is hyakuhei. Information about MeetBot at http://wiki.debian.org/MeetBot.
17:00:02 <openstack> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
17:00:05 <openstack> The meeting name has been set to 'openstack_security_group'
17:00:13 <hyakuhei> Hey everyone!
17:00:20 <tkelsey> o/
17:00:33 <elmiko> yo/
17:00:36 <ljfisher> o/
17:00:42 <singlethink> o/
17:00:49 <sicarie> Hello
17:00:54 <hyakuhei> Agenda and previous minutes over here: https://wiki.openstack.org/wiki/Meetings/OpenStackSecurity#Agenda_for_next_meeting
17:01:49 <hyakuhei> Hey dg_
17:01:53 <dg_> hey
17:01:58 <hyakuhei> Looks like I’m the only person who came here an hour early!
17:02:08 <elmiko> =(
17:02:22 <tkelsey> i did too lol
17:02:22 <dg_> lol we all did, but chair6 pointed out we are silly
17:02:24 <sicarie> I was definitely here
17:02:28 <hyakuhei> hehe
17:02:39 <chair6> <- not silly
17:02:39 <ljfisher> me too, but I just wanted to be early :)
17:02:51 <shelleea007> o/
17:03:05 <hyakuhei> Ok, I suppose we should get started, doesn’t look like we have nkinder
17:03:44 <hyakuhei> No Travis either.
17:04:03 <hyakuhei> So I guess we can talk about the OSSN Yaml stuff later if they roll up
17:04:15 <hyakuhei> sicarie: Want to talk about the security guide?
17:04:24 <sicarie> Sure
17:04:25 <tkelsey> Travis sends his apologies and asked me get an update on the Bandit gate tests in Keystone
17:04:25 <hyakuhei> #topic Security Guide
17:04:46 <sicarie> elmiko and pdesai are taking a look at the identity chapter
17:05:04 <sicarie> we're still looking at the case studies making sure they're consistent (right now, they are not)
17:05:04 <hyakuhei> Great, probably time for an update and a tidy
17:05:19 <sicarie> yes, the goal is to do another physical book release for Liberty
17:05:42 <sicarie> So I think shelleea07 and nkinder were going to look at chapters as well
17:05:44 <dave-mccowan> o/
17:05:55 <sicarie> If anyone wants to take a look at the Dashboard chapter, that's one that needs a bit of work
17:06:12 <shelleea007> I'm looking at the dashboard chapter and network chapter
17:06:15 <hyakuhei> Yeah shelleea007 has an action to look at the network section
17:06:45 <sicarie> So please, take a chapter, log a bug, or grab a bug
17:06:47 <sicarie> #link: https://bugs.launchpad.net/openstack-manuals/+bugs?field.tag=sec-guide
17:07:19 <sicarie> The etherpad for looking at case study consistency is in the bug: https://bugs.launchpad.net/openstack-manuals/+bug/1349540
17:07:20 <openstack> Launchpad bug 1349540 in openstack-manuals "Ensure one case study per chapter in security guide" [Medium,In progress] - Assigned to N Dillon (sicarie)
17:07:36 <sicarie> And then I'm also trying to look at the Compute chapter (creating it) and that outline is here: https://bugs.launchpad.net/openstack-manuals/+bug/1412975
17:07:36 <openstack> Launchpad bug 1412975 in openstack-manuals "Security Guide - Compute Section" [Low,Confirmed] - Assigned to N Dillon (sicarie)
17:07:48 <ljfisher> sicarie I'll have some more time to look at the case studies now
17:07:57 <hyakuhei> Great work sicarie thank you!
17:08:38 <hyakuhei> Anything else on the guide sicarie ?
17:09:11 <sicarie> I don't think so
17:09:17 <sicarie> Thanks ljfisher!
17:09:41 <hyakuhei> ok, next up
17:09:46 <hyakuhei> #topic Governance Stuff
17:10:14 <hyakuhei> Ok, so some of you may have seen the announcement around the OSSG and VMT merging: http://lists.openstack.org/pipermail/openstack-dev/2015-April/060474.html
17:10:22 <hyakuhei> I think this is great news
17:10:44 <tkelsey> hyakuhei: +1
17:11:12 <hyakuhei> I followed that up today with https://review.openstack.org/#/c/170172 - a request to make us recognised as an official OpenStack project
17:11:30 <hyakuhei> Here’s the mail to -dev which has had a couple of +1’s already. http://lists.openstack.org/pipermail/openstack-dev/2015-April/060510.html
17:11:44 <elmiko> nice
17:12:49 <hyakuhei> So we’ll see how that goes but it’s very much my hope that we become simply the security team within OpenStack
17:13:34 <elmiko> security team as a service? ;)
17:13:48 <hyakuhei> That’s the culmination of a fair bit of behind the scene work etc
17:14:34 <chair6> all driven by hyakuhei .. *round of applause*
17:14:37 <ljfisher> good work, thanks
17:14:51 <tkelsey> hip hip
17:14:52 * elmiko claps
17:15:07 <sicarie> +1
17:15:12 <hyakuhei> We’ll have to change the way we do elections to be more inline with the proper way of doing things, we’ll also have to proably do this out of sync to catch up but as discussed previously I’ve put myself down as iterim PTL
17:15:32 <hyakuhei> Any thoughts or comments on this change?
17:16:03 <elmiko> aside from elections, are there other responsibilities that will change?
17:16:23 <dg_> seems like a good step forwards. I particuarly like the idea of security.openstack as a source for all things security
17:16:24 <hyakuhei> So there’s a great deal of work to do with regards to rebranding, making sure documentation makes sense
17:16:41 <hyakuhei> ^ exactly dg_ I’m hoping we can really make use of that
17:17:05 <dg_> chair6 i think we're going to need a logo...
17:17:18 <hyakuhei> Heh.
17:17:33 <hyakuhei> ok, lets talk about OSSN for a few moments
17:17:38 <hyakuhei> #topic OSSN
17:17:48 <hyakuhei> There’s a number of OSSN in the queue right now
17:17:58 <hyakuhei> #link https://bugs.launchpad.net/ossn
17:18:38 <sicarie> hyakuhei: how specific should I be that OSSN's match doc guidelines?
17:18:49 <hyakuhei> hyakuhei: Not.
17:18:56 <sicarie> For example, 46 uses "etc" which is a doc no-no
17:18:56 <sicarie> k
17:19:27 <hyakuhei> At least not today. OSSN are a lot more free form than everything else, however good language is encouraged, if you see things you don’t like, comment on the gerrit, we want the standards to be high
17:19:47 <sicarie> Nah, that's a nit I'm not a huge fan of, but enforce on the sec-guide
17:20:05 <hyakuhei> #link https://review.openstack.org/#/c/169388/3/security-notes/OSSN-0046
17:20:41 <hyakuhei> I’d appreciate more reviews on that.
17:20:52 <hyakuhei> Ang generally, if you can, please pick up an OSSN.
17:21:01 <hyakuhei> Good way to get yourself an ATC badge too.
17:21:27 <hyakuhei> tkelsey: want to talk about Bandit?
17:21:55 <tkelsey> yup yup
17:22:00 <hyakuhei> #topic Bandit
17:22:36 <tkelsey> so, Travis was asking about any update on the Keystone gate, anyone have any news?
17:23:43 <hyakuhei> bknudson: ^ ?
17:25:05 <tkelsey> I didnt see bknudson on the roll call, so maybe not
17:25:20 <hyakuhei> I guess not
17:25:22 <tkelsey> thats a shame :(
17:25:28 <tkelsey> oh well, next time then
17:25:30 <hyakuhei> Short meeting today even though lots of exciting stuff happening :)
17:25:47 <tkelsey> heh yeah, seems so
17:26:10 <hyakuhei> Ok well I’ll guess we’ll roll smartly on to AOB
17:26:19 <hyakuhei> #topic Any Other Business
17:27:16 <tkelsey> OSSG + VMT == awesome, thats all I got :) its worth mentioning again
17:27:22 <hyakuhei> :D Cheers
17:27:24 <elmiko> hehe, +1
17:28:02 <sicarie> anything summit related?
17:28:04 <hyakuhei> We’ll I guess we’ll wrap up early! Cheers guys!
17:28:21 <dg_> l8z
17:28:22 <tkelsey> sicarie: good point, anyone got summit stuff ?
17:28:34 <hyakuhei> Oh yeah, I knew there was something else :)
17:29:11 <hyakuhei> Please take a look at https://etherpad.openstack.org/p/liberty-security-summit-ideas and add content.
17:30:08 <hyakuhei> That’s for things to discuss at the summit if we manage to get some dedicated time/space
17:30:34 <hyakuhei> Other than that I think we’re done :)
17:31:01 <hyakuhei> #endmeeting