Security Group 25/03/2015
Attendees:
Luke Hinds (Nokia) - Chaired
Marcel Winandy (Huawei)
Juan Antonio Osorio Robles (Ericsson)
Ari Pietikäinen (Ericsson)
Brian Smith (Bell Canada)
Bryan Sullivan (AT&T)
Ashutosh Dutta (AT&T)
please note, to be marked as attended, add your name to the meeting etherpad
https://etherpad.opnfv.org/p/opnfv-sec-meetings
Agenda
Agenda Bashing
Agree Last Minutes
Review Work Items
Vulnerbility Management - Luke
Internal Security Polices - Marcel
Gerrit Code Review - Juan
Any other business
Minutes
Agreed agenda
Agreed last meetings minutes
OPNFV Security Vulnerability Management
Luke updated that he is still working on the 'in the wild' process.
He has the opnfv added as stakeholders to the OpenStack VMT process
The list will be changed to osvm@lists.opnfv.org
Internal Security Policies
Marcel provided an overview and feedback was provided.
Marcel will continue to develop the internal process, but asked for help if available.
Gerrit Code Review
Juan is going to request 'security@lists.opnfv.com for the gerrit reviews'
Ashutosh showed an interest in attestation as a research item
OSVM Members
Luke requested that members nominate themselves for OSVM. We should try for 3 members, and one TSC member.
Iben will get the tools set up (jira / git)
Luke will peform intial commits to create repository
Iben will also help with getting the osvm 'security report' function in place.
Luke mentioned the
moon project proposal
Meeting Etherpads
https://etherpad.opnfv.org/p/opnfv-sec-meetings
# Agenda
Meetbot Log
http://ircbot.wl.linuxfoundation.org/meetings/opnfv-sec/2015/opnfv-sec.2015-03-25-14.01.txt