Security Team Meeting Minutes for 2015-10-29
Eric Christensen
sparks at fedoraproject.org
Thu Oct 29 14:25:37 UTC 2015
Meeting started by Sparks at 14:00:27 UTC. The full logs are available
at
http://meetbot.fedoraproject.org/fedora-meeting/2015-10-29/fedora_security_team.2015-10-29-14.00.log.html
.
Meeting summary
---------------
* Roll Call (Sparks, 14:00:33)
* Participants are reminded to make liberal use of #info #link #help
in order to make the minutes "more better" (Sparks, 14:05:51)
* Follow up on last week's tasks (Sparks, 14:05:59)
* ACTION: Sparks to add "issues" to fedora-meeting-report on github
(Sparks, 14:06:12)
* ACTION: Sparks to talk with mattdm regarding private security
tickets in BZ. (Sparks, 14:07:01)
* This discussion has begun on the list with a request for a full
response team. (Sparks, 14:07:13)
* ACTION: Sparks to discuss using Bluejeans for an online GPG key
signing event (Sparks, 14:10:31)
* ACTION: mhayden to get Astradeus' changes to the stats script into
the fedora-security-team git repo (Sparks, 14:10:43)
* ACTION: pjp to give a status update on security policy in the wiki
(carried over) (Sparks, 14:12:45)
* Education and Training (Sparks, 14:13:08)
* LINK: https://fedoraproject.org/wiki/Information_Security_Training
(Sparks, 14:13:15)
* Outstanding BZ Tickets (Sparks, 14:15:56)
* Thursday's numbers: Critical 1 (+1), Important 40 (-3), Moderate 446
(+28), Low 162 (+12), Total 649 (Sparks, 14:16:04)
* LINK: https://bugzilla.redhat.com/show_bug.cgi?id=1256790 (Sparks,
14:19:52)
* Open floor discussion/questions/comments (Sparks, 14:22:21)
Meeting ended at 14:23:52 UTC.
Action Items
------------
* Sparks to add "issues" to fedora-meeting-report on github
* Sparks to talk with mattdm regarding private security tickets in BZ.
* Sparks to discuss using Bluejeans for an online GPG key signing event
* mhayden to get Astradeus' changes to the stats script into the
fedora-security-team git repo
* pjp to give a status update on security policy in the wiki (carried
over)
Action Items, by person
-----------------------
* mhayden
* mhayden to get Astradeus' changes to the stats script into the
fedora-security-team git repo
* Sparks
* Sparks to add "issues" to fedora-meeting-report on github
* Sparks to talk with mattdm regarding private security tickets in BZ.
* Sparks to discuss using Bluejeans for an online GPG key signing
event
* **UNASSIGNED**
* pjp to give a status update on security policy in the wiki (carried
over)
People Present (lines said)
---------------------------
* Sparks (54)
* mhayden (11)
* zodbot (7)
* smdeep (2)
* swati (1)
14:00:27 <Sparks> #startmeeting Security Team Meeting - Agenda:
https://fedoraproject.org/wiki/Security_Team_meetings
14:00:27 <zodbot> Meeting started Thu Oct 29 14:00:27 2015 UTC. The chair is
Sparks. Information about MeetBot at http://wiki.debian.org/MeetBot.
14:00:27 <zodbot> Useful Commands: #action #agreed #halp #info #idea #link
#topic.
14:00:30 <Sparks> #meetingname Fedora Security Team
14:00:30 <zodbot> The meeting name has been set to 'fedora_security_team'
14:00:33 <Sparks> #topic Roll Call
14:00:35 * Sparks
14:01:46 <swati> d
14:01:50 <mhayden> .hello mhayden
14:01:50 <zodbot> mhayden: mhayden 'Major Hayden' <major at mhtx.net>
14:03:13 <Sparks> mhayden: Wow, and I actually had things to talk about today.
14:05:29 <smdeep> .hellomynameis smdeep
14:05:30 <zodbot> smdeep: smdeep 'Sudeep Mukherjee' <smdeep at gmail.com>
14:05:36 <Sparks> mhayden: Okay, I'll run down everything I had and then move
the conversation to the list, I guess.
14:05:39 <Sparks> smdeep: Welcome
14:05:51 <Sparks> #info Participants are reminded to make liberal use of #info
#link #help in order to make the minutes "more better"
14:05:55 <smdeep> Sparks, :)
14:05:59 <Sparks> #topic Follow up on last week's tasks
14:06:12 <Sparks> #action Sparks to add "issues" to fedora-meeting-report on
github
14:06:25 <Sparks> mhayden: Do you recall what I was supposed to be adding
issues about?
14:06:47 <mhayden> i'm not sure :/
14:06:52 <Sparks> Okay then
14:07:01 <Sparks> #action Sparks to talk with mattdm regarding private
security tickets in BZ.
14:07:13 <Sparks> #info This discussion has begun on the list with a request
for a full response team.
14:07:22 <Sparks> #action Sparks to start a discussion on the FST list
regarding an online video GPG key signing event.
14:07:39 <Sparks> #action mhayden to kick off a ML thread about finding a foss
A/V conferencing solution of some sort
14:08:03 <Sparks> mhayden: Oh good, it looks like we're both on the same
action. Anything to report here?
14:08:34 <mhayden> nothing yet... still scratching our heads on this one
14:08:45 <mhayden> Astradeus and i tried out fedora's webrtc but it was really
flaky
14:08:53 <Sparks> mhayden: We may just have to use Bluejeans and move on with
life.
14:09:02 <mhayden> i'm fine with that
14:09:15 <Sparks> #undo
14:09:15 <zodbot> Removing item from minutes: ACTION by Sparks at 14:07:39 :
mhayden to kick off a ML thread about finding a foss A/V conferencing solution
of some sort
14:09:40 <Sparks> Okay, I'll just put that on the list and see if anyone has
any problems with that.
14:10:09 <Sparks> #undo
14:10:09 <zodbot> Removing item from minutes: ACTION by Sparks at 14:07:22 :
Sparks to start a discussion on the FST list regarding an online video GPG key
signing event.
14:10:31 <Sparks> #action Sparks to discuss using Bluejeans for an online GPG
key signing event
14:10:43 <Sparks> #action mhayden to get Astradeus' changes to the stats
script into the fedora-security-team git repo
14:10:47 <Sparks> mhayden: Anything on this?
14:11:00 <mhayden> not yet :P we need someplace to host the file + sqlite
14:11:11 <Sparks> mhayden: fedorapeople?
14:11:18 <mhayden> ah, i didn't consider that
14:11:25 <mhayden> i wonder if we could get that to work there
14:11:30 <Sparks> mhayden: Or maybe we can get a virtual server from Infra
14:11:36 <mhayden> i could give fp a try
14:11:53 <Sparks> Or maybe openshift?
14:11:56 <Sparks> IDK
14:12:45 <Sparks> #action pjp to give a status update on security policy in
the wiki (carried over)
14:13:01 <Sparks> And since pjp isn't here to defend himself we'll move on to
the next topic
14:13:08 <Sparks> #topic Education and Training
14:13:15 <Sparks> #link
https://fedoraproject.org/wiki/Information_Security_Training
14:14:00 <Sparks> I'm working, internally at RH, on education and training
resources for InfoSec. I'm going to try to extend as many of these resources
to the public via Fedora.
14:14:58 <Sparks> Thoughts?
14:15:56 <Sparks> #topic Outstanding BZ Tickets
14:16:04 <Sparks> #info Thursday's numbers: Critical 1 (+1), Important 40
(-3), Moderate 446 (+28), Low 162 (+12), Total 649
14:16:11 <Sparks> +Tickets by Priority--+-------+---------+
14:16:11 <Sparks> | Priority | Count | Owned | Unowned |
14:16:11 <Sparks> +-------------+-------+-------+---------+
14:16:11 <Sparks> | medium | 446 | 45 | 401 |
14:16:11 <Sparks> | low | 162 | 14 | 148 |
14:16:13 <Sparks> | high | 40 | 27 | 13 |
14:16:16 <Sparks> | unspecified | 4 | 0 | 4 |
14:16:18 <Sparks> | urgent | 1 | 0 | 1 |
14:16:21 <Sparks> +-------------+-------+-------+---------+
14:16:24 <Sparks> Anyone have anything related to tickets?
14:16:33 * Sparks goes to query BZ for the new critical
14:16:36 <mhayden> not really -- i've not had the time to jump on them lately
:|
14:19:04 <Sparks> Okay, I'm not sure the critical is a critical.
14:19:52 <Sparks> #link https://bugzilla.redhat.com/show_bug.cgi?id=1256790
14:22:21 <Sparks> #topic Open floor discussion/questions/comments
14:22:27 <Sparks> Okay, does anyone have anything?
14:22:36 <mhayden> not i
14:23:30 <Sparks> Okay, we'll close then.
14:23:49 <Sparks> Thanks, everyone, for coming!
14:23:52 <Sparks> #endmeeting
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.fedoraproject.org/pipermail/security-team/attachments/20151029/16e9ecc3/attachment.sig>
More information about the security-team
mailing list