Security Group 18/03/2015

Attendees:

• Luke Hinds (Nokia) - Chaired
• Marcel Winandy (Huawei)
• Juan Antonio Osorio Robles (Ericsson)
• Ari Pietikäinen (Ericsson)
• Brian Smith
• Bryan Sullivan (AT&T)

• please note, to be marked as attended, add your name to the meeting etherpad https://etherpad.opnfv.org/p/opnfv-sec-meetings

Agenda

• Agenda Bashing
• Agree Last Minutes
• Review Work Items
• Vulnerbility Management - Luke
• Internal Security Polices - Marcel
• Members Elections
• IPv6
• Any other business

Minutes

• Agreed agenda
• Agreed last meetings minutes
• Draft proposal for OPNFV Security Vulnerability Management
  • We should add a process for when a vulnerability is in the wild and we need to act quick. I.e. provide a mitigation and advice, and then follow up with a patch. Luke to develop and include this for review at the next meeting.
  • Luke informed that opnfv had been put forward as stakeholders in the openstack VMT.
• Internal Security Policies
• Gerrit Code Review
  • Juan is looking into getting hooks configured and will update next week.
  • Marcel gave first over of work items, document will be posted to wiki and we can discuss next week as we ran out of time.
• IPV6 was suggested as an agenda
  • Luke will include email for all, and we can review next meeting or discuss over email /irc.
• Members Elections
  • Luke gave an overview of how members / osvm team would be elected. The image will be posted to the wiki page.

Meeting Etherpads

• https://etherpad.opnfv.org/p/opnfv-sec-meetings # Agenda

Meetbot Log

• http://ircbot.wl.linuxfoundation.org/meetings/opnfv-sec/2015/opnfv-sec.2015-03-18-14.01.txt