<div dir="ltr"><div><div><div><div>Hi Pino,<br><br></div>Thank you for your time demonstrating Tatu.<br><br></div>If you like we could incubate Tatu into the security SIG. This would mean no change to project structure / governance etc, its more the project gains a regular slot on our weekly meetings to help get patches reviewed and encourage other contributors / feedback etc. We did this with projects such as Bandit before, until it found its own legs and momentum. <br><br></div>Cheers,<br><br></div>Luke<br><div><div> <br></div></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Mon, Feb 12, 2018 at 8:45 AM, Luke Hinds <span dir="ltr"><<a href="mailto:lhinds@redhat.com" target="_blank">lhinds@redhat.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><br><div class="gmail_extra"><br><div class="gmail_quote"><span class="">On Sun, Feb 11, 2018 at 4:01 PM, Pino de Candia <span dir="ltr"><<a href="mailto:giuseppe.decandia@gmail.com" target="_blank">giuseppe.decandia@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr">I uploaded the demo video (<a href="https://youtu.be/y6ICCPO08d8" target="_blank">https://youtu.be/y6ICCPO08d8</a>) and linked it from the slides.</div></blockquote><div><br></div></span><div>Thanks Pino , i added these to the agenda:<br><br><a href="https://etherpad.openstack.org/p/security-ptg-rocky" target="_blank">https://etherpad.openstack.<wbr>org/p/security-ptg-rocky</a><br><br></div><div>Please let me know before the PTG, if it will be your colleague or if we need to find a projector to conference you in.<br><br></div><div><div class="h5"><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div class="m_6557602862850990716gmail-HOEnZb"><div class="m_6557602862850990716gmail-h5"><div class="gmail_extra"><br><div class="gmail_quote">On Fri, Feb 9, 2018 at 5:51 PM, Pino de Candia <span dir="ltr"><<a href="mailto:giuseppe.decandia@gmail.com" target="_blank">giuseppe.decandia@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr">Hi Folks,<div><br></div><div>here are the slides for the Tatu presentation: <a href="https://docs.google.com/presentation/d/1HI5RR3SNUu1If-A5Zi4EMvjl-3TKsBW20xEUyYHapfM" target="_blank">https://docs.goo<wbr>gle.com/presentation/d/1HI5RR3<wbr>SNUu1If-A5Zi4EMvjl-3TKsBW20xEU<wbr>yYHapfM</a></div><div><br></div><div>I meant to record the demo video as well but I haven't gotten around to editing all the bits. Please stay tuned.</div><div><br></div><div>thanks,</div><div>Pino</div><div><br></div></div><div class="m_6557602862850990716gmail-m_4977712826997920710HOEnZb"><div class="m_6557602862850990716gmail-m_4977712826997920710h5"><div class="gmail_extra"><br><div class="gmail_quote">On Tue, Feb 6, 2018 at 10:52 AM, Giuseppe de Candia <span dir="ltr"><<a href="mailto:giuseppe.decandia@gmail.com" target="_blank">giuseppe.decandia@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr">Hi Luke,<div><br></div><div>Fantastic! An hour would be great if the schedule allows - there are lots of different aspects we can dive into and potential future directions the project can take.</div><div><br></div><div>thanks!</div><div>Pino</div><div><br></div><div><br></div></div><div class="m_6557602862850990716gmail-m_4977712826997920710m_-5674636377926446635HOEnZb"><div class="m_6557602862850990716gmail-m_4977712826997920710m_-5674636377926446635h5"><div class="gmail_extra"><br><div class="gmail_quote">On Tue, Feb 6, 2018 at 10:36 AM, Luke Hinds <span dir="ltr"><<a href="mailto:lhinds@redhat.com" target="_blank">lhinds@redhat.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><br><div class="gmail_extra"><br><div class="gmail_quote"><span>On Tue, Feb 6, 2018 at 4:21 PM, Giuseppe de Candia <span dir="ltr"><<a href="mailto:giuseppe.decandia@gmail.com" target="_blank">giuseppe.decandia@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr">Hi Folks,<div><br></div><div>I know the request is very late, but I wasn't aware of this SIG until recently. Would it be possible to present a new project to the Security SIG at the PTG? I need about 30 minutes. I'm hoping to drum up interest in the project, sign on users and contributors and get feedback.<br><div><br></div><div>For the past few months I have been working on a new project - Tatu [1]- to automate the management of SSH certificates (for both users and hosts) in OpenStack. Tatu allows users to generate SSH certificates with principals based on their Project role assignments, and VMs automatically set up their SSH host certificate (and related config) via Nova vendor data. The project also manages bastions and DNS entries so that users don't have to assign Floating IPs for SSH nor remember IP addresses.</div><div><br></div><div>I have a working demo (including Horizon panels [2] and OpenStack CLI [3]), but am still working on the devstack script and patches [4] to get Tatu's repositories into OpenStack's GitHub and Gerrit. I'll try to post a demo video in the next few days.</div><div><br></div><div>best regards,<br></div><div>Pino</div><div><br></div><div><br></div><div>References:</div><div><ol><li><a href="https://github.com/pinodeca/tatu" target="_blank">https://github.com/pinodeca/ta<wbr>tu</a> (<span style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:small;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">Please note this is still very much a work in progress, lots of TODOs in the code, very little testing and documentation doesn't reflect the latest design).</span>
<br></li><li>
<a href="https://github.com/pinodeca/tatu-dashboard" style="color:rgb(17,85,204);font-family:arial,sans-serif;font-size:small;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:left;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255)" target="_blank">https://github.com/pinodeca/ta<wbr>tu-dashboard</a>
<br></li><li><a href="https://github.com/pinodeca/python-tatuclient" target="_blank">https://github.com/pinodeca/py<wbr>thon-tatuclient</a><br></li><li><a href="https://review.openstack.org/#/q/tatu" target="_blank">https://review.openstack.org/#<wbr>/q/tatu</a><br></li></ol></div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:small;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial"><br></div><div><br></div></div></div></blockquote><div><br></div></span><div>Hi Giuseppe, of course you can! I will add you to the agenda. We could get your an hour if it allows more time for presenting and post discussion?<br><br>We will be meeting in an allocated room on Monday (details to follow).<br><br><a href="https://etherpad.openstack.org/p/security-ptg-rocky" target="_blank">https://etherpad.openstack.org<wbr>/p/security-ptg-rocky</a><span class="m_6557602862850990716gmail-m_4977712826997920710m_-5674636377926446635m_8152258518092528956HOEnZb"><font color="#888888"><br><br></font></span></div><span class="m_6557602862850990716gmail-m_4977712826997920710m_-5674636377926446635m_8152258518092528956HOEnZb"><font color="#888888"><div>Luke<br></div></font></span><div><div class="m_6557602862850990716gmail-m_4977712826997920710m_-5674636377926446635m_8152258518092528956h5"><div><br><br></div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div><div></div><div> </div></div></div><div class="m_6557602862850990716gmail-m_4977712826997920710m_-5674636377926446635m_8152258518092528956m_7074499419356719529gmail-HOEnZb"><div class="m_6557602862850990716gmail-m_4977712826997920710m_-5674636377926446635m_8152258518092528956m_7074499419356719529gmail-h5"><div class="gmail_extra"><br><div class="gmail_quote">On Wed, Jan 31, 2018 at 12:03 PM, Luke Hinds <span dir="ltr"><<a href="mailto:lhinds@redhat.com" target="_blank">lhinds@redhat.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><br><div><div class="gmail_extra"><div class="gmail_quote"><span>On Mon, Jan 29, 2018 at 2:29 PM, Adam Young <span dir="ltr"><<a href="mailto:ayoung@redhat.com" target="_blank">ayoung@redhat.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr">Bug 968696 and System Roles. Needs to be addressed across the Service catalog.<br></div></blockquote><div><br></div></span><div>Thanks Adam, will add it to the list. I see it's been open since 2012!<br> </div><span><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"></div><div class="gmail_extra"><br><div class="gmail_quote"><div><div class="m_6557602862850990716gmail-m_4977712826997920710m_-5674636377926446635m_8152258518092528956m_7074499419356719529gmail-m_6167754246749216729m_-512747683943631821gmail-h5">On Mon, Jan 29, 2018 at 7:38 AM, Luke Hinds <span dir="ltr"><<a href="mailto:lhinds@redhat.com" target="_blank">lhinds@redhat.com</a>></span> wrote:<br></div></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div><div class="m_6557602862850990716gmail-m_4977712826997920710m_-5674636377926446635m_8152258518092528956m_7074499419356719529gmail-m_6167754246749216729m_-512747683943631821gmail-h5"><div dir="ltr">Just a reminder as we have not had many uptakes yet..<br><br>Are there any projects (new and old) that would like to make use of the security SIG for either gaining another perspective on security challenges / blueprints etc or for help gaining some cross project collaboration?<br><div><div class="gmail_extra"><br><div class="gmail_quote">On Thu, Jan 11, 2018 at 3:33 PM, Luke Hinds <span dir="ltr"><<a href="mailto:lhinds@redhat.com" target="_blank">lhinds@redhat.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div><div><div>Hello All,<br><br></div>I am seeking topics for the PTG from all projects, as this will be where we try out are new form of being a SIG.<br><br></div>For this PTG, we hope to facilitate more cross project collaboration topics now that we are a SIG, so if your project has a security need / problem / proposal than please do use the security SIG room where a larger audience may be present to help solve problems and gain x-project consensus.<br><br></div>Please see our PTG planning pad [0] where I encourage you to add to the topics.<br><br>[0] <a href="https://etherpad.openstack.org/p/security-ptg-rocky" target="_blank">https://etherpad.openstack.org<wbr>/p/security-ptg-rocky</a><span class="m_6557602862850990716gmail-m_4977712826997920710m_-5674636377926446635m_8152258518092528956m_7074499419356719529gmail-m_6167754246749216729m_-512747683943631821gmail-m_675569033147061823HOEnZb"><font color="#888888"><span class="m_6557602862850990716gmail-m_4977712826997920710m_-5674636377926446635m_8152258518092528956m_7074499419356719529gmail-m_6167754246749216729m_-512747683943631821gmail-m_675569033147061823m_5386217011277693840HOEnZb"><font color="#888888"><br clear="all"><div><div><div><div><br>-- <br><div class="m_6557602862850990716gmail-m_4977712826997920710m_-5674636377926446635m_8152258518092528956m_7074499419356719529gmail-m_6167754246749216729m_-512747683943631821gmail-m_675569033147061823m_5386217011277693840m_5651169919334559417gmail_signature"><div dir="ltr"><div><div dir="ltr"><span style="font-size:12.8px">Luke Hinds</span></div><div>Security Project PTL<br style="font-size:12.8px"></div></div></div></div>
</div></div></div></div></font></span></font></span></div>
</blockquote></div><br></div></div></div>
<br></div></div>______________________________<wbr>______________________________<wbr>______________<br>
OpenStack Development Mailing List (not for usage questions)<br>
Unsubscribe: <a href="http://OpenStack-dev-request@lists.openstack.org?subject:unsubscribe" rel="noreferrer" target="_blank">OpenStack-dev-request@lists.op<wbr>enstack.org?subject:unsubscrib<wbr>e</a><br>
<a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev" rel="noreferrer" target="_blank">http://lists.openstack.org/cgi<wbr>-bin/mailman/listinfo/openstac<wbr>k-dev</a><br>
<br></blockquote></div><br></div>
<br>______________________________<wbr>______________________________<wbr>______________<br>
OpenStack Development Mailing List (not for usage questions)<br>
Unsubscribe: <a href="http://OpenStack-dev-request@lists.openstack.org?subject:unsubscribe" rel="noreferrer" target="_blank">OpenStack-dev-request@lists.op<wbr>enstack.org?subject:unsubscrib<wbr>e</a><br>
<a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev" rel="noreferrer" target="_blank">http://lists.openstack.org/cgi<wbr>-bin/mailman/listinfo/openstac<wbr>k-dev</a><br>
<br></blockquote></span></div><span class="m_6557602862850990716gmail-m_4977712826997920710m_-5674636377926446635m_8152258518092528956m_7074499419356719529gmail-m_6167754246749216729HOEnZb"><font color="#888888"><br><br clear="all"><br>-- <br><div class="m_6557602862850990716gmail-m_4977712826997920710m_-5674636377926446635m_8152258518092528956m_7074499419356719529gmail-m_6167754246749216729m_-512747683943631821gmail_signature"><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><span style="font-size:12.8px">Luke Hinds | NFV Partner Engineering | CTO Office | Red Hat</span><br style="font-size:12.8px"><span style="font-size:12.8px">e: </span><a href="mailto:lhinds@redhat.com" style="color:rgb(17,85,204);font-size:12.8px" target="_blank">lhinds@redhat.com</a><span style="font-size:12.8px"> | irc: lhinds @freenode |</span><span style="font-size:12.8px"> t: </span>+44 12 52 36 2483<br style="font-size:12.8px"></div></div></div></div></div></div>
</font></span></div></div></div>
<br>______________________________<wbr>______________________________<wbr>______________<br>
OpenStack Development Mailing List (not for usage questions)<br>
Unsubscribe: <a href="http://OpenStack-dev-request@lists.openstack.org?subject:unsubscribe" rel="noreferrer" target="_blank">OpenStack-dev-request@lists.op<wbr>enstack.org?subject:unsubscrib<wbr>e</a><br>
<a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev" rel="noreferrer" target="_blank">http://lists.openstack.org/cgi<wbr>-bin/mailman/listinfo/openstac<wbr>k-dev</a><br>
<br></blockquote></div><br></div>
</div></div><br>______________________________<wbr>______________________________<wbr>______________<br>
OpenStack Development Mailing List (not for usage questions)<br>
Unsubscribe: <a href="http://OpenStack-dev-request@lists.openstack.org?subject:unsubscribe" rel="noreferrer" target="_blank">OpenStack-dev-request@lists.op<wbr>enstack.org?subject:unsubscrib<wbr>e</a><br>
<a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev" rel="noreferrer" target="_blank">http://lists.openstack.org/cgi<wbr>-bin/mailman/listinfo/openstac<wbr>k-dev</a><br>
<br></blockquote></div></div></div><div><div class="m_6557602862850990716gmail-m_4977712826997920710m_-5674636377926446635m_8152258518092528956h5"><br><br clear="all"><br>-- <br><div class="m_6557602862850990716gmail-m_4977712826997920710m_-5674636377926446635m_8152258518092528956m_7074499419356719529gmail_signature"><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><span style="font-size:12.8px">Luke Hinds | NFV Partner Engineering | CTO Office | Red Hat</span><br style="font-size:12.8px"><span style="font-size:12.8px">e: </span><a href="mailto:lhinds@redhat.com" style="color:rgb(17,85,204);font-size:12.8px" target="_blank">lhinds@redhat.com</a><span style="font-size:12.8px"> | irc: lhinds @freenode |</span><span style="font-size:12.8px"> t: </span>+44 12 52 36 2483<br style="font-size:12.8px"></div></div></div></div></div></div>
</div></div></div></div>
</blockquote></div><br></div>
</div></div></blockquote></div><br></div>
</div></div></blockquote></div><br></div>
</div></div></blockquote></div></div></div><div><div class="h5"><br><br clear="all"><br>-- <br><div class="m_6557602862850990716gmail_signature"><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><span style="font-size:12.8px">Luke Hinds | NFV Partner Engineering | CTO Office | Red Hat</span><br style="font-size:12.8px"><span style="font-size:12.8px">e: </span><a href="mailto:lhinds@redhat.com" style="color:rgb(17,85,204);font-size:12.8px" target="_blank">lhinds@redhat.com</a><span style="font-size:12.8px"> | irc: lhinds @freenode |</span><span style="font-size:12.8px"> t: </span>+44 12 52 36 2483<br style="font-size:12.8px"></div></div></div></div></div></div>
</div></div></div></div>
</blockquote></div><br><br clear="all"><br>-- <br><div class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><span style="font-size:12.8px">Luke Hinds | NFV Partner Engineering | CTO Office | Red Hat</span><br style="font-size:12.8px"><span style="font-size:12.8px">e: </span><a href="mailto:lhinds@redhat.com" style="color:rgb(17,85,204);font-size:12.8px" target="_blank">lhinds@redhat.com</a><span style="font-size:12.8px"> | irc: lhinds @freenode |</span><span style="font-size:12.8px"> t: </span>+44 12 52 36 2483<br style="font-size:12.8px"></div></div></div></div></div></div>
</div>