====== Security Group 25/03/2015 ======


**Attendees:** 

  * Luke Hinds (Nokia) - Chaired
  * Marcel Winandy (Huawei) 
  * Juan Antonio Osorio Robles (Ericsson) 
  * Ari Pietikäinen (Ericsson)
  * Brian Smith (Bell Canada)
  * Bryan Sullivan (AT&T)
  * Ashutosh Dutta (AT&T)

  * please note, to be marked as attended, add your name to the meeting etherpad https://etherpad.opnfv.org/p/opnfv-sec-meetings


**Agenda**

  * Agenda Bashing
  * Agree Last Minutes
  * Review Work Items
  * Vulnerbility Management - Luke
  * Internal Security Polices - Marcel
  * Gerrit Code Review - Juan
  * Any other business


**Minutes**
  * **Agreed agenda** 
  * **Agreed last meetings minutes**
  * **OPNFV Security Vulnerability Management**
    * Luke updated that he is still working on the 'in the wild' process. 
    * He has the opnfv added as stakeholders to the OpenStack VMT process
    * The list will be changed to osvm@lists.opnfv.org
  * **Internal Security Policies**
    * Marcel provided an overview and feedback was provided.
    * Marcel will continue to develop the internal process, but asked for help if available. 
  * **Gerrit Code Review**
    * Juan is going to request 'security@lists.opnfv.com for the gerrit reviews' 
  * **Ashutosh showed an interest in attestation as a research item** 
  * **OSVM Members**
    * Luke requested that members nominate themselves for OSVM. We should try for 3 members, and one TSC member.
  * **Iben will get the tools set up (jira / git)** 
    * Luke will peform intial commits to create repository
    * Iben will also help with getting the osvm 'security report' function in place. 
  * **Luke mentioned the [[:moon|moon project proposal]]** 


**Meeting Etherpads**

  * https://etherpad.opnfv.org/p/opnfv-sec-meetings # Agenda

**Meetbot Log**

  * http://ircbot.wl.linuxfoundation.org/meetings/opnfv-sec/2015/opnfv-sec.2015-03-25-14.01.txt