#openstack-meeting log

18:01:42 <hyakuhei> #startmeeting OSSG
18:01:43 <openstack> Meeting started Thu Feb 21 18:01:42 2013 UTC.  The chair is hyakuhei. Information about MeetBot at http://wiki.debian.org/MeetBot.
18:01:44 <openstack> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
18:01:46 <openstack> The meeting name has been set to 'ossg'
18:02:03 <hyakuhei> Good morning/afternoon/evening all
18:02:51 <hyakuhei> #info bdpayne might not be able to make it to this meeting - he sends his apologies
18:03:30 <hyakuhei> #topic Encryption
18:04:06 <hyakuhei> Right, so there's been a lot of discussion on-list regarding encryption, especially in regard to Cinder. Anyone care to comment / update?
18:04:25 <hyakuhei> Welcome guys :)
18:04:35 <hyakuhei> Topic is 'Encryption' atm.
18:04:46 <hyakuhei> there's been a lot of discussion on-list regarding encryption, especially in regard to Cinder. Anyone care to comment / update?
18:05:00 <rellerreller> There is an email thread called "Volume Encryption" in dev mailing list
18:05:12 <rellerreller> That one has been really active lately.
18:05:16 <hyakuhei> Yup, that's mainly what I'm referring to.
18:05:34 <hyakuhei> The thing that scares me is the lackluster discussion with regard to key management
18:05:38 <rellerreller> We are talking about encryption problems with regards to clone and snapshot operations
18:05:59 <rellerreller> There will be a discussion on key management at the April summit
18:06:00 <hyakuhei> Yeah, I know some of our Block Storage guys had some concerns there.
18:06:11 <mtesauro> Tangentially related, I have submitted a talk for the summit on a key management work that Rack is doing currently
18:06:17 <Kiall> Pure fluke I noticed this meeting/topic - But Moniker (DNS service) would be interested in some sort of secure key storage too for DNSSEC signing keys etc
18:06:33 <rellerreller> We plan to do a talk on disk encryption at the summit as well to talk about possible solutions for clones and snapshots
18:06:36 <mtesauro> key management is needed in many areas
18:06:59 <rellerreller> I think Malini also has a talk on key management
18:07:02 <hyakuhei> rellerreller: a dev discussion or a presentation (I forget the correct parlance)
18:07:24 <rellerreller> A dev discussion
18:07:37 <hyakuhei> #idea Share the love, vote on the security topics for the Summit
18:07:56 <lglenden> #link http://summit.openstack.org/cfp/details/6 for the key manager dev discussion
18:08:16 <rellerreller> mtesauro: which track did you register your talk?
18:08:20 <lglenden> is there voting on the dev discussions or just the user sessions?
18:08:25 <rellerreller> Keystone, cinder, etc
18:08:26 <hyakuhei> rellerreller: great. I'm really concerned about key management, in my experience with systems like this the easiest way to circumvent/undermine is typically to go after the key management
18:08:42 <mtesauro> here's the link to the talk
18:08:43 <hyakuhei> lglenden: voting is just for the summit presentations
18:09:01 <mtesauro> [link] http://www.openstack.org/summit/portland-2013/vote-for-speakers/presentation/573
18:09:13 <hyakuhei> #link https://www.openstack.org/summit/portland-2013/vote-for-speakers/#538 for the OSSG talk
18:09:33 <hyakuhei> So I think we can agree to meet up and discuss this at the summit.
18:09:43 <hyakuhei> #topic Security Notes
18:09:50 <mtesauro> #link http://www.openstack.org/summit/portland-2013/vote-for-speakers/presentation/573
18:10:28 <hyakuhei> I have an outstanding action to publish the LXC note, I've got agreement from the OpenStack guys on how they'd like it to be done so I'll action that this week
18:11:26 <hyakuhei> Does anyone else have ideas for security notes? I think we must all have a pocket full of 'configure it this way or its a security nightmare' thoughts - Security Notes are a way to document them for the rest of the community to use while we wait for the hardening guide.
18:13:01 <hyakuhei> Well, if there's something you think might be relevant I'm happy to talk about it. Similarly I'm happy to do the write-up and publishing of OSNs for anyone who has issues they think should be documented in this way.
18:13:35 <hyakuhei> Any comments/issues before we move on?
18:13:53 <hyakuhei> #action hyakuhei - publish the LXC note, begin work on the next ones.
18:14:21 <hyakuhei> #topic Hardening Guide
18:15:01 <hyakuhei> At the last summit there was a really strong call for something along these lines. I think everyone is keen to see it happen but of course, everyone is busy trying to fix OpenStack!
18:15:47 <mtesauro> Just curious, why latex?  I'd think a more simple markup like markdown or aciidoc would lower the contribution threashhold.
18:15:55 <hyakuhei> I'm going to get the outline turned into LaTeX this week. Happy to take any contributions and convert to tex if authors aren't comfortable withtex.
18:16:15 <hyakuhei> Academic Snobbiness ?
18:16:28 <lglenden> I've collected some feedback on the guide from my team, what is the best venue to discuss it?  the mailing list?
18:16:30 <hyakuhei> I'm not against changing the format particularly.
18:16:57 <mtesauro> That's great and all but if you want people to contribute, best to keep the stuff they have to know down to a minimum.
18:17:15 <hyakuhei> lglenden: perhaps use the team mailing list or if you'd prefer to just mail it to bryan or myself
18:17:17 <mtesauro> I've done Tex/Latex and its great but lots of people don't really like it or want to learn
18:17:27 <hyakuhei> mtesauro: You're correct
18:17:38 <lglenden> hyakuhei: will do, I will start off with an email to you and Bryan
18:17:53 <Kiall> Also - The existing doc team, and infra tooling don't do latex :)
18:18:16 <hyakuhei> #action current authors bdpayne and hyakuhei to discuss the proposal to move the Hardening Guide to a different format that's more accessible
18:18:18 <mtesauro> Ouch.  So what's a good alternative?  Whats the existing doc team using?
18:18:22 <hyakuhei> lglenden: thanks
18:18:47 <hyakuhei> We're already using a close approximation of MD for Security Notes.
18:18:48 <Kiall> mtesauro, the doc team uses DocBook and some Sphinx+RST thrown in
18:19:20 <hyakuhei> #idea email robert.clark@hp.com with your suggestions for the (possible) reformat
18:19:23 <mtesauro> Interesting.  I know you can go from asciidoc => DocBook.  Not sure about markdown
18:20:07 <hyakuhei> I think there's a lot of value in following the way others are doing it.
18:20:15 <Kiall> mtesauro, BTW I'm not saying anything about weather a switch is necessary.. Just worth pinging anne gentile and the infra guys before introducing a new format :)
18:20:26 <mtesauro> @hyakuhei: Totally agree on that point
18:20:36 <hyakuhei> Any concerns with doing the development of the docs inside of git?
18:21:02 <Kiall> #link https://github.com/openstack/openstack-manuals
18:21:11 <mtesauro> Not really - if we pick a non-binary format, it gives us version, branches, etc
18:21:13 <hyakuhei> #action lglenden to email robert.clark@hp.com with some feedback on the hardening guide
18:21:25 <hyakuhei> yarp
18:21:33 <hyakuhei> Ok, any more comments on the HG ?
18:21:42 <noslzzp> yes.
18:21:50 <hyakuhei> Go ahead :)
18:22:03 <noslzzp> I have done a bit of work and will send a pull request tomorrow..
18:22:23 <noslzzp> and yes Tex is a problem for me..in terms of time and proper tools.
18:22:39 <hyakuhei> Fantastic! If we do a format change I'm happy to take on converting any existing content.
18:22:58 <noslzzp> some "hardening" best practices coming out of the federal government will be added..
18:23:18 <noslzzp> that is all. :)
18:23:45 <mtesauro> @noslzzp: If you're using Linux, look at Lyx - make Latex/Tex much nicer.
18:23:53 <hyakuhei> Fantastic - thanks for your contribution.
18:24:02 <mtesauro> http://www.lyx.org/
18:24:09 <noslzzp> OSX over here. :)
18:24:13 <hyakuhei> Probably not worth investing much time in tooling this week, in case we do decide to change the format ;)
18:24:32 <hyakuhei> #topic AOB
18:24:45 <hyakuhei> mtesauro: How's the OWASP-OpenStack group coming?
18:25:15 <mtesauro> I've got the Wiki page up, the mail list up and have ~6 queued requests to join I'm going to reply to today
18:25:40 <hyakuhei> Cool! Anything we can do to help, cross-linking etc just say.
18:25:56 <mtesauro> Next steps is to see what interests the members have
18:26:15 <mtesauro> Yes, I'm trying to have suggested work for people who join.
18:26:25 <mtesauro> Any suggestions ideas are very welcome
18:26:56 <mtesauro> OpenStack is pretty broad so I hate to leave it up to them if they are interested but not sure how to help
18:27:19 <hyakuhei> Yeah, well at least there's a lot to do ;)
18:27:30 <hyakuhei> Right, one last topic, somewhat out-of-order.
18:27:40 <hyakuhei> #topic Summit Meetup
18:29:52 <mtesauro> I will be at the summit and am game for a meetup
18:31:44 <hyakuhei> bugger.
18:32:12 <mtesauro> dropped out and came back I see
18:32:19 <hyakuhei> apparantly.
18:32:25 <hyakuhei> We're over time so I'll close this out.
18:32:33 <hyakuhei> #topic Summit Meetup
18:32:41 <hyakuhei> I'll send a mail around but we should meetup. Either at,before or after one of the main events.
18:32:46 <hyakuhei> Any votes/requests/demands on the back of a postcard.
18:32:51 <hyakuhei> Thank you to all of you for putting time into this group right at the start. It's going to become an important part of OpenStack, thanks to people putting in effort on day 1.
18:32:56 <mtesauro> perfect.
18:33:00 <hyakuhei> #endmeeting
18:33:21 <hyakuhei> #endmeeting