I am at the OpenStack Ops Midcyle Meetup in San Antonio and asked to moderate the Security session here (like how Bryan and I did in Atlanta). I am looking at feedback from Atlanta meetup and one of the feedback from operators was regarding more clarity on the classification. I see some note saying "need to work on formal process'. What is our current status on the same? Anything I can point to? Here is the etherpad from Atl: https://etherpad.openstack.org/p/juno-summit-ops-security - 4) Are there objective measures on severity/ classification? - - Informal as of now. Need to work on a formal process -- Thanks, -Sriram 425-610-8465 www.sriramhere.com | www.clouddon.com -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.openstack.org/pipermail/openstack-security/attachments/20140825/637c2151/attachment.html>