#openstack-meeting-alt log

17:00:01 <hyakuhei> #startmeeting Security
17:00:04 <openstack> Meeting started Thu Oct  1 17:00:01 2015 UTC and is due to finish in 60 minutes.  The chair is hyakuhei. Information about MeetBot at http://wiki.debian.org/MeetBot.
17:00:05 <openstack> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
17:00:08 <openstack> The meeting name has been set to 'security'
17:00:11 <hyakuhei> #chair tmcpeak
17:00:14 <openstack> Current chairs: hyakuhei tmcpeak
17:00:15 <hyakuhei> Hey all!
17:00:19 <dg_> hey
17:00:22 * sicarie waves
17:00:23 <tmcpeak> yo! ~o/
17:00:24 <chair6> hai
17:00:42 <tmcpeak> oh, hai!
17:00:45 <elmiko> o/
17:00:56 * bknudson lurks
17:01:06 <hyakuhei> heh
17:01:10 * tmcpeak pulls bknudson out of his corner
17:01:21 <hyakuhei> Hey elmiko! Thanks for helping out with the meeting!
17:01:24 <nkinder> Hi all!
17:01:31 <tmcpeak> yo, Mr. Kinder
17:01:32 <elmiko> hyakuhei: no problem, glad to help
17:01:36 <hyakuhei> nkinder?
17:01:39 * hyakuhei squints
17:01:41 <elmiko> haha
17:01:44 <hyakuhei> is that nkinder in the distance ?
17:01:44 <yaya> hi everbody
17:01:51 <browne> hi
17:01:53 <tmcpeak> hey yaya, wassup
17:02:05 <yaya> been awhile :)
17:02:22 <hyakuhei> Sweet, so… Agenda
17:02:43 <hyakuhei> Anchor, Bandit, OSSN, Docs, Syntribos, PR
17:02:45 <hyakuhei> what else ?
17:03:02 <tmcpeak> elmiko's architecture bonanza?
17:03:25 <tmcpeak> separating the less trusted things from the golden things, etc
17:03:28 <hyakuhei> Yeah, I’ve only just looked through that but I think it needs some massaging first.
17:03:38 <chair6> i've been looking briefly at Horizon logging and could do with some opinions (eek)
17:03:38 <elmiko> i've only shared the doc internally and with hyakuhei, not sure it's ready for primetime yet
17:03:39 <tmcpeak> oh, I haven't even seen it
17:03:46 <hyakuhei> (I literally opened it two mintues ago)
17:03:50 <elmiko> lol!
17:03:50 <redrobot> o/
17:03:54 <hyakuhei> tmcpeak: you were there when we whiteboarded it :P
17:03:59 <hyakuhei> hey redrobot
17:04:15 <tmcpeak> oh yeah, I know that.  I mean the finished product
17:04:30 <hyakuhei> Sweet, lets leave that for next week
17:04:37 <hyakuhei> tkelsey sends his appologies
17:04:40 <hyakuhei> #topic Anchor
17:04:48 <hyakuhei> dg_: what’ve you guys been up to ?
17:05:10 <dg_> tkelsey and I spent a day pretending we worked at a startup, sat in a coffee shop hacking code
17:05:38 <dg_> anchor now has a sperate validation module, so you can import anchor.validation and do cert validation
17:05:39 <elmiko> nice
17:05:56 <hyakuhei> Yeah that’ll be handy
17:06:24 <dg_> it now returns a dictionary, of {validator:result} so you can see the results for individual validators, rather than complete list
17:06:37 <hyakuhei> #link https://review.openstack.org/#/q/anchor+status:open,n,z
17:06:53 <dave-mccowan> o/
17:07:00 <hyakuhei> That sounds useful dg_
17:07:05 <hyakuhei> welcome dave-mccowan
17:07:30 <hyakuhei> Cool
17:07:34 <dg_> i think thats merged too
17:07:44 <hyakuhei> Nice work :)
17:07:57 <hyakuhei> Anything else?
17:08:09 <dg_> thats all the anchor stuff I can think of
17:08:22 <hyakuhei> Great! Thanks
17:08:25 <hyakuhei> #topic Bandit
17:08:29 <tmcpeak> yo
17:08:39 <tmcpeak> so Kelsey has been smashing docs like a possessed man
17:08:48 <hyakuhei> haha
17:08:55 <tmcpeak> he's a beast
17:09:01 <tmcpeak> check out the reviews if you haven't already
17:09:10 <hyakuhei> #link https://review.openstack.org/#/q/bandit+status:open,n,z
17:09:10 <tmcpeak> our plan is to release new Bandit after the docs are done
17:09:57 <bknudson> I can't even keep keystone up with the previous release.
17:10:07 <hyakuhei> heh
17:10:25 <chair6> looking at the multiprocessing change, i think it's a useful POC but probably needs some more work / refactoring to do it 'nicely'
17:10:46 <tmcpeak> yeah, we'll punt on multi-processing until 0.15.0 if it's cool with you guys
17:11:03 <tmcpeak> it might break things
17:11:08 <tmcpeak> we want to test the crap out of it first
17:11:23 <browne> bknudson: i think once we refactor bandit.yaml so that other projects don't have to update it, then it'll be a lot easier to stay current
17:12:00 <hyakuhei> anything else?
17:12:06 <bknudson> that would make things easier. having a bunch of options for the tests in bandit.yaml makes for more work.
17:12:07 <tmcpeak> that's about it for this week
17:12:19 <tmcpeak> +1
17:12:28 <tmcpeak> yeah, that's not a great user experience
17:12:44 <hyakuhei> ok cool, ploughing on through :)
17:12:49 <hyakuhei> #topic OSSN
17:12:53 <browne> ok, i want to look into that some more
17:13:08 <nkinder> So our backlog looks a lot better now for OSSNs
17:13:16 <elmiko> \o/
17:13:23 <nkinder> I published another one last week, and there are a few in progress
17:13:28 <hyakuhei> There’s still a few sitting open #link https://review.openstack.org/#/q/status:open+security-doc,n,z
17:13:33 <nkinder> The trusted compute pools one is close - https://review.openstack.org/#/c/220263/
17:13:50 <nkinder> We just need to fix up the terminology a bit, then get a nova reviewer
17:14:16 <hyakuhei> Think we could get malini to review #link https://review.openstack.org/#/c/220263/ ?
17:14:38 <nkinder> yeah, that's what I was thinking too
17:15:01 <hyakuhei> Probably should consider abandoning or updating #link https://review.openstack.org/#/c/136203/
17:15:04 <nkinder> We should have Michael fix up the terminology first, then we can get the reviews going
17:15:06 <tmcpeak> Malini still around?
17:15:23 <nkinder> hyakuhei: Yes, that one has rotted
17:15:38 <hyakuhei> She’s still working in the space but not around atm, I’ll ping her an email
17:15:59 <hyakuhei> Anything else required on the OSSN front nkinder ?
17:16:03 <dave-mccowan> nkinder did you notice that Nova began the process of deprecating TrustedComputePools by marking it "experimental"?  it might be worth calling that out in this note.
17:16:40 <nkinder> dave-mccowan: Yeah, that's worth calling out.  Do you mind adding a comment in the review for Michael?
17:16:59 <dave-mccowan> nkinder will do.
17:17:00 <nkinder> hyakuhei: nothing else really at this point.
17:17:07 <hyakuhei> cool, thanks nkinder
17:17:19 <hyakuhei> #topic Security-docs
17:17:25 <hyakuhei> sicarie: How’s things going ?
17:17:29 <sicarie> Pretty well
17:17:36 <sicarie> We're outlining the work to be done for the new leaf release
17:17:45 <sicarie> I think the COmpute chapter is relatively complete for now
17:17:49 <hyakuhei> hows the RST magics going ?
17:17:50 <sicarie> I'm going to finish the case studies
17:18:01 <sicarie> So much nicer than DocBOok
17:18:23 <sicarie> And then the only other effort called out was getting a generalized "checklist" into each chapter
17:18:44 <sicarie> I think once we hit that I'm going to wrestle with the table conversions and submit for new leaf book - hopefully coinciding with the Tokyo Summit
17:19:00 <sicarie> If anyone sees any gaps, please open a bug or ping me
17:19:00 <elmiko> +1
17:20:03 <sicarie> And that's about it for docs righ tnow
17:20:13 <hyakuhei> Great stuff!
17:20:20 <hyakuhei> #topic syntribos
17:20:34 <hyakuhei> Anyone here to talk about this ?
17:20:40 <mvaldes> sure
17:20:47 <hyakuhei> :)
17:20:54 <mvaldes> we're working on some general improvements to reporting
17:21:10 <mvaldes> and better detection on the SQLi attacks
17:21:17 <elmiko> did you get things worked out with the infra folks concerning cores and what not?
17:21:33 <mvaldes> not yet that i know of
17:21:42 <mvaldes> Michael is working on that
17:21:52 <elmiko> yea, just curious how that's going
17:22:20 <mvaldes> i think that is new for us, so if anyone has expertise... :)
17:22:45 <mvaldes> and that's really the only updates we have
17:22:52 <elmiko> i think michael is on the right path, he was asking some questions in channel yesterday(?)
17:23:10 <mvaldes> awesome
17:23:20 <elmiko> thanks =)
17:23:49 <mvaldes> thanks for the help
17:23:54 <hyakuhei> Anyhting else to cover ?
17:24:08 * hyakuhei just got grabbed on another meeting so I’m multi tasking!
17:24:18 <tmcpeak> @hyakuhei I can take over if you want
17:24:30 <hyakuhei> please
17:24:31 <mvaldes> Michael is joining in now
17:24:35 <hyakuhei> :)
17:24:43 <tmcpeak> cool
17:24:49 <tmcpeak> ok, anything else to say for Syntribos or shall we move on?
17:25:20 <tmcpeak> michaelxin: wassup
17:25:25 <tmcpeak> anything to say for Syntribos this week?
17:25:30 <michaelxin> tmcpeak: sorry I am late
17:25:34 <michaelxin> tmcpeak: Yes.
17:25:39 <tmcpeak> no worries
17:26:03 <michaelxin> The sytribos-core is not working and am working with openstack infrastructure team on it.
17:26:18 <tmcpeak> core?
17:26:18 <michaelxin> At the same time, our team is currently working on reporting of security issues.
17:26:26 <tmcpeak> have I missed something from last week?
17:26:26 <michaelxin> yes.
17:26:34 <tmcpeak> I should probably be a non-crappy chair and read logs huh?
17:26:52 <michaelxin> It was merged into openstack
17:26:56 <tmcpeak> as long as somebody knows what we're talking about we can keep rolling ;)
17:27:02 <bknudson> there's a bunch of security issues?
17:27:08 <bknudson> I hope they're not in keystone
17:27:31 <michaelxin> But the syntribos-core group on review.openstack.com is empty.
17:27:39 <elmiko> =(
17:27:42 <mvaldes> we are working to improve syntribos' reporting of issues it finds
17:27:55 <tmcpeak> reporting how?
17:28:02 <hyakuhei> back now (stupid life or death sales people) feel free to keep on rolling tmcpeak
17:28:23 <mvaldes> right now it writes to a log file
17:28:30 <michaelxin> A list of identified security issues with severity and description, etc.
17:28:32 <tmcpeak> all you Mr. Hyakuhei, we're still on syntribos
17:28:33 <mvaldes> we want to make the reporting more digestible
17:28:40 <tmcpeak> JSON is useful IMO
17:28:47 <tmcpeak> we use that a lot internally
17:28:59 <michaelxin> We will make it consistent with Bandit
17:29:00 <hyakuhei> +1
17:29:04 <elmiko> nice
17:29:11 <michaelxin> Forgot to mention.
17:29:25 <michaelxin> I have recruited some of my team members to our group
17:29:27 <tmcpeak> michaelxin: awesome, was just talking to chair6 about a standardized reporting format earlier too
17:29:33 <mvaldes> bknudson: we didn't find issues per se, but when syntribos does, we want the reporting to be better
17:29:49 <tmcpeak> michaelxin: awesome!! you're singing my song, who we got? :D
17:30:07 <hyakuhei> I’m all for good reporting
17:30:18 <michaelxin> hi, rackers, would you please introduce yourself?
17:30:39 <hyakuhei> but a little voice in the back of my head says it should be complicated enough that “pentesters” dont just start emailing me invoices and “Syntribos Reports”...
17:30:40 <mdong> hey everyone, I’m Michael Dong, I’m pretty new to the Rackspace security team
17:30:48 <mvaldes> hyakuhei: +1
17:30:53 <tmcpeak> awesome mdong! great to meet you
17:31:01 <tmcpeak> maybe a few sentences about your background and interests?
17:31:03 <hyamauchi> hi.  I'm henry yamauchi.  Hi all.  Just lurking for now...
17:31:10 <dg_> hey
17:31:22 <michaelxin> Henry is from Rackspace too.
17:31:23 <tmcpeak> hyamuchi: lurking is cool but hanging out with us is better, the more the merrier!
17:31:27 <hyakuhei> Pesky rackers everywhere! (Welcome :D)
17:31:27 <elmiko> hi mdong
17:31:31 <greg_a> Hey everyone, I'm Greg Anderson. Also part of RAX and here to help with  syntribos :)
17:31:36 <yaya> and I am Yasmine K
17:31:45 <tmcpeak> wow! this is awesome
17:31:52 <michaelxin> greg_a is from Rackspace too.
17:32:02 <tmcpeak> Rackers, could you each please type a couple of sentences about your backgrounds and what interests you?
17:32:08 <elmiko> yea, lots of hellos =) /me waves at hyamauchi greg_a and yaya
17:32:14 <michaelxin> greg_a is our Defcon speaker here.
17:32:29 <tmcpeak> michaelxin: this is great, glad you've brought such fine folks to us
17:32:29 <michaelxin> :-)
17:32:39 <elmiko> +1
17:32:40 <michaelxin> We missed ccneil
17:32:46 <nkinder> +1  Welcome all!  Good to have some fresh faces here.
17:32:51 <tmcpeak> ++
17:32:55 <michaelxin> He is the one who contributed to Bandit.
17:33:18 <tmcpeak> ahh yeah, I'm familiar with ccneil.  The HTML report is a great addition
17:33:36 <mdong> I just graduated from University of Texas at Austin this May, right now it’s the UT football team that interests me, but I’m pretty excited to work on Syntribos!
17:33:50 <elmiko> hehe
17:34:04 <greg_a> That's me :D, as mentioned tricked the defcon folks into letting me present. I dabble in all things security: pen testing, IDS, etc. Also have Dev experience and I'm excited to help out and be a part of this :)
17:34:06 <tmcpeak> awesome! great to have you mdong
17:34:09 <michaelxin> cool, glad to see our team grow.
17:34:19 <tmcpeak> greg_a got a link to your preso?
17:34:29 <tmcpeak> I love watching good defcon presos
17:34:30 <greg_a> yep one sec
17:34:55 <tmcpeak> sweet
17:35:12 <michaelxin> yaya: would you give us some introduction too?
17:35:26 <hyakuhei> Great having some fresh blood in the group! Is this just Syntribos focussed or while you guys be poking around other bits of the security cave too ?
17:35:55 <michaelxin> hyakuhei: We will help with everything
17:35:58 <mdong> I’ll definitely try to contribute as much as I can all around
17:36:04 <tmcpeak> sweet!!
17:36:07 <michaelxin> whatever hyakuhei asks us to do. :-)
17:36:11 <mvaldes> all the things!
17:36:15 <hyakuhei> :D
17:36:28 <elmiko> lol
17:36:28 <hyakuhei> I love you rackers, I’ve always said “I love them Rackers” :P
17:36:31 <yaya> yup. So I’ve been with the team for almost a year now. Interested in all things security from pentesting to research :)
17:36:49 <michaelxin> hyakuhei: +1
17:36:58 <michaelxin> tmcpeak: +1
17:36:58 <hyakuhei> Fantastic.
17:37:08 <greg_a> tmcpeak: here it is https://www.youtube.com/watch?v=H1l-9Z8TOAg
17:37:11 <hyakuhei> #topic Any Other Business
17:37:22 <tmcpeak> greg_a: awesome, wil check it out
17:37:24 <hyakuhei> chair6: Did you have some logging ideas?
17:37:30 <chair6> just a small one
17:37:32 <hyakuhei> greg_a: awesome thanks!
17:37:36 <tmcpeak> also I wanted to give a brief shout about PR
17:37:43 <chair6> i've been trying to actually use openstack log output in anger
17:37:45 <elmiko> thanks greg_a , and the other rackers, always nice to meet some new sec. folks =)
17:37:49 <chair6> devstack@devstack:/var/log/apache2$ tail -f horizon_error.log | grep failed
17:37:52 <chair6> 2015-09-29 20:22:29.683986 Login failed for user "admin".
17:37:55 <chair6> 2015-09-29 20:22:46.032374 Login failed for user "blahblah".
17:37:57 <chair6> 2015-09-29 20:23:20.997693 Login failed for user "blahblah".
17:38:05 <greg_a> tmcpeak: no prob! I start around 10:40
17:38:12 <chair6> something like ^ is not particularly useful though .. a source IP would be a nice additino
17:38:12 <michaelxin> elmiko: +1
17:38:31 <chair6> wondering if anyone has worked on horizon before, before i go chasing this and other potential similar cases down myself..
17:38:31 <tmcpeak> +1
17:39:05 <hyakuhei> Don’t we sell super expensive connect the dot machines to do this ?
17:39:08 * hyakuhei hides.
17:39:19 <hyakuhei> fwiw I think this would be very useful
17:39:44 <hyakuhei> About 18 months ago there was some discussion of finding a way to trace API cascades from individual inputs
17:40:07 <bknudson> keystone at least puts the request ID in its logs now
17:40:11 <michaelxin> ccneill: Would you please introduce yourself?
17:40:17 <hyakuhei> Yeah that’s a good step forward
17:40:19 <elmiko> chair6: have you been following any of the logging-wg stuff?
17:40:25 <bknudson> there's a spec to have the APIs provide the request IDs to the callers
17:40:32 <bknudson> the python APIs
17:40:53 <elmiko> yea, that's a good one too
17:41:13 <chair6> elmiko - i remember reading some logging-related stuff ~6 months ago but didn't see any evidence of progress .. maybe i'm not looking in the right place
17:41:51 <elmiko> chair6: yea, not sure much has happened, aside from some error logging related stuff
17:42:06 <elmiko> well, and what bknudson mentioned
17:42:49 <mvaldes> can you easily trace the request Id to a specific API?
17:43:09 <mvaldes> or does that still require some detective work
17:43:17 <elmiko> good question
17:43:31 <bknudson> you can't easily track request IDs at all now
17:44:01 <bknudson> the work hasn't been done
17:44:03 <bknudson> jfdi
17:44:49 <chair6> interesting ..
17:44:58 <tmcpeak> #JFDI
17:45:28 <chair6> okay, well what i might (if i have time.. sigh) start working on is some security-related scenarios and seeing what it takes to track them back through various logs .. see where gaps are, what simple fixes there mgith be, etc
17:45:42 <elmiko> chair6: +1
17:45:54 <chair6> your horizon UI is being bruteforced?  how does that manifest, how do you invesitgate, etc
17:46:00 <chair6> and so on for other attack scenarios
17:46:04 <mvaldes> sounds like a worthy effort
17:46:08 <tmcpeak> chair6: you won't
17:46:15 <chair6> lol, yeah, time...
17:46:23 <sicarie> tmcpeak: way to stay optimistic
17:46:28 <tmcpeak> :D
17:47:01 <elmiko> chair6: i'd be curious to talk about it sometime, we're working on something along those lines for our presentation in tokyo
17:47:19 <tmcpeak> oh, presentation? now you're singing chair6's song :P
17:47:23 <elmiko> (ie how to use logs to see certain behaviors)
17:47:29 <chair6> cool.. how about we setup an etherpad or something and start throwing some thoughts into it?
17:47:41 <elmiko> sounds good
17:47:44 <chair6> presentations are good as long as they're only made up of photos of people watching clouds
17:47:50 <tmcpeak> +1
17:47:51 <elmiko> haha
17:48:39 <hyakuhei> I didn’t have anything else to cover today, anyone else ?
17:48:47 <hyakuhei> tmcpeak: How about the PR deck?
17:48:49 <nkinder> chair6: I wonder if CADF notifications can be used for watching for these sorts of attacks
17:48:53 <chair6> #link https://etherpad.openstack.org/p/security-logging-investigation
17:48:56 <hyakuhei> s/PR/recruitment
17:49:00 <tmcpeak> sweet
17:49:02 <tmcpeak> https://docs.google.com/document/d/1g2LVI_oR8sNAuiAB5VW1RYRV9afD_D6BboSYFQX7lDs/edit?usp=sharing
17:49:09 <chair6> nkinder i've been looking at CADF as well, that has some gaps / frustrations too
17:49:23 <elmiko> hyakuhei: do you want just stay in touch via email about the "canhaz" project? ;)
17:49:27 <tmcpeak> so this is something I've written (with hyakuhei's help) for SuperUser magazine
17:49:32 <tmcpeak> the OpenStack thing
17:49:32 <chair6> like it logs a user UUID but not a plaintext username, so it takes some wrapper / work to make it human-useful
17:49:44 <tmcpeak> http://superuser.openstack.org/
17:49:51 <tmcpeak> the idea is to boost our numbers
17:50:05 <tmcpeak> as you all know I've been all "we should have more ppl, we're spread thin, etc"
17:50:05 <hyakuhei> elmiko: yeah, I’ll throw it into google docs and share it with you, which should let us both edit
17:50:20 <tmcpeak> hopefully the superuser article can help us get publicity for our projects and group and get some further fresh blood
17:50:35 <tmcpeak> please take a look, let me know if you like it or hate it, but..
17:50:41 <elmiko> hyakuhei: wish i could just share my google doc... ಠ_ಠ
17:50:42 <tmcpeak> it's pretty much going out regardless :)
17:50:54 <tmcpeak> sent it to the foundation folks
17:51:15 <tmcpeak> aside from that: any of our chapters have any luck scheduling things?
17:51:27 <tmcpeak> or shall I go around and annoy you all until you do it? :P
17:51:38 <tmcpeak> Seattle is GTG
17:51:42 <tmcpeak> UK: where you at?
17:51:46 <tmcpeak> San Antonio?
17:51:48 <mvaldes> I think Michael is working on something for our OWASP chapter
17:51:50 <tmcpeak> Minnesota?
17:52:05 <mvaldes> San Antonio
17:52:08 <dg_> tmcpeak say where and when, we'll be there
17:52:09 <hyakuhei> UK stalled out slightly because of a few things like Discover, I’ll try to make a note to find a venue
17:52:17 <mvaldes> I'll push that along :)
17:52:25 <tmcpeak> hyakuhei, dg_: you guys want to book it yourself or you want me to?
17:52:29 <tmcpeak> I'm happy to do either way
17:52:33 <chair6> turns out i'll be presenting to CSA Seattle on oct 22 so will definitely put in some PR content there
17:52:42 <tmcpeak> chair6: oooh, sweet
17:52:42 <bknudson> I haven't heard about the next minnesota meetup.
17:53:02 <dg_> tmcpeak not fussed
17:53:18 <dg_> i think there is some stuff happening in bristol, but not looked into it
17:53:20 <tmcpeak> browne: I'll ping you offline, looks like I'll be back in the bay in early December so I'll make sure whatever I set up works for both of us, sounds good?
17:54:05 <browne> tmcpeak:  sounds good
17:54:09 <tmcpeak> sweet
17:54:21 <tmcpeak> ok, so hyakuhei will look into Bristol
17:54:28 <tmcpeak> michaelxin: how's San Antonio coming?
17:54:36 <tmcpeak> bknudson: you want help with Minnesota or you good?
17:54:47 <mvaldes> tmcpeak: he got called away
17:54:58 <tmcpeak> ahh ok, you guys can work it and let us know next week
17:54:58 <mvaldes> we are looking at doing something for October OWASP meeting
17:55:03 <tmcpeak> perfect
17:55:21 <mvaldes> and we are speaking at LASCON in October, so can give a mention there as well
17:55:23 <bknudson> tmcpeak: I'm good. The next meetup is this month but it's already booked, so need to get on the agenda for the next one.
17:55:30 <tmcpeak> cool, sounds good
17:55:58 <mvaldes> tmcpeak: the google doc is great and will be a big help
17:56:22 <tmcpeak> mvaldes: great, you mean the deck, right?
17:56:51 <mvaldes> tmcpeak: didnt see that. i was looking at the superuser article
17:57:08 <tmcpeak> oh cool
17:57:10 <tmcpeak> glad you like it
17:57:23 <dg_> got a link to the superuser article?
17:57:27 <tmcpeak> michaelxin should have the link for the deck.  We're hoping that the recruiting efforts can centralize around that
17:57:28 <mvaldes> tmcpeak: can you link to the deck?
17:57:33 <mvaldes> ok cool
17:57:42 <mvaldes> dg_: https://docs.google.com/document/d/1g2LVI_oR8sNAuiAB5VW1RYRV9afD_D6BboSYFQX7lDs/edit?pli=1
17:57:54 <tmcpeak> https://docs.google.com/document/d/1g2LVI_oR8sNAuiAB5VW1RYRV9afD_D6BboSYFQX7lDs/edit?usp=sharing
17:58:18 <dg_> thanks
17:58:23 <tmcpeak> cool, so wrapping up
17:58:27 <tmcpeak> any final words?
17:59:01 <hyakuhei> lgtm :)
17:59:03 <tmcpeak> excellent
17:59:05 <hyakuhei> #endmeeting