<div dir="ltr">Someone left an OpenStack registration bag at the lunch (with a L t-shirt in it). If you'd like it back, just come find me :-)<br><br>-bryan<br></div><div class="gmail_extra"><br><br><div class="gmail_quote">
On Tue, Nov 5, 2013 at 2:24 PM, Sriram Subramanian <span dir="ltr"><<a href="mailto:sriram@sriramhere.com" target="_blank">sriram@sriramhere.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="ltr"><div class="gmail_extra">Some of the items discussed, followed by Action Items:</div><div class="gmail_extra"> </div><div class="gmail_extra">1) How can one get invovled - Wiki will direct<br>2) Where to pick up security tasks from? <br>
- wiki is the starting point<br> - people sign up via mailing list <br> <br> <br>3) threat analysis<br> - Static Analysis, Formal Verification on projects was proposed by James. <br> - <br> - static analysis on python is not very useful; whole projects will take a long time<br>
- </div><div class="gmail_extra">4) Threat modeling -<br> - <div class="gmail_extra"><strong>Action item</strong> (James Kempf) : share the results from Folsom for TM around Keystone</div><br> - Rob can get resources towards this <br>
- get started with core or knowledgeable people<br> - Ideally, Secuirty Reviews Per month per project. Review coordinator prepares the arch diagram before the review day</div><div class="gmail_extra"> </div><div class="gmail_extra">
5) security review - HP's review process; what it translates to for OpenStack?</div><div class="gmail_extra"> </div><div class="gmail_extra">6) Attacker model <br> - single or many<br> - </div><div class="gmail_extra">
7) Tracking the CVEs, publish in the format<br> <br> - <strong>Action Item</strong>: Daniel (Red Hat) to start discussin in the mailing list<br> - Format: </div><div class="gmail_extra">8)</div><div class="gmail_extra">
Getting the word out (wiki, how to contribute, what is going on)<br> - Minutes for the meet<br> - Community Manager<br> - Sprints:<br> - Running the sprint<br> <div class="gmail_extra"><strong>Action Items:</strong></div>
- Eric Windisch to Identify topic to set the sprint/ hackathon and time.<br></div><div class="gmail_extra"> </div><div class="gmail_extra">Thanks,</div><div class="gmail_extra">-Sriram</div><div class="gmail_extra">
</div></div>
<br>_______________________________________________<br>
Openstack-security mailing list<br>
<a href="mailto:Openstack-security@lists.openstack.org">Openstack-security@lists.openstack.org</a><br>
<a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-security" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-security</a><br>
<br></blockquote></div><br></div>