[openstack-dev] [kolla][tc] [security] threat analysis, tags, and the road ahead
Hayes, Graham
graham.hayes at hpe.com
Tue Apr 12 18:29:59 UTC 2016
On 12/04/2016 18:39, Jeremy Stanley wrote:
> On 2016-04-01 15:50:57 +0000 (+0000), Hayes, Graham wrote:
>> If a team has already done a TA (e.g. as part of an internal
>> product TA) (and produced all the documentation) would this meet
>> the requirements?
>>
>> I ask, as Designate looks like it meets nearly all the current
>> requirements - the only outstanding question in my mind was the
>> Threat Analysis
>
> Seems fine to me, though in the interest of openness that
> documentation should probably be licensed such that it can be
> published somewhere for the whole community to read (once any
> glaring deficiencies are addressed anyway).
>
Definitely - I have a request in to open the analysis for public
distribution.
My feeling is that it should land somewhere in our docs, and be
covered by the same license as them. (I *think* that is MIT for
us)
- Graham
More information about the OpenStack-dev
mailing list