Wednesday, 2016-11-30

« Tuesday, 2016-11-29 Index Thursday, 2016-12-01 »
*** VW has joined #craton00:25
*** VW has quit IRC00:30
*** valw has quit IRC01:24
*** valw has joined #craton01:25
*** Syed has quit IRC01:26
*** valw has quit IRC01:57
*** VW has joined #craton02:43
*** VW has quit IRC02:51
*** VW has joined #craton02:52
*** valw has joined #craton03:05
*** valw has quit IRC04:28
*** VW has quit IRC05:15
*** Mudpuppy has quit IRC06:04
*** Mudpuppy has joined #craton06:05
*** Mudpuppy has quit IRC06:09
*** sorrison_laptop has joined #craton08:36
*** sorrison_laptop has left #craton08:36
*** mdorman_ has joined #craton10:17
*** mdorman has quit IRC10:19
*** logan- has quit IRC10:19
*** palendae has quit IRC10:19
*** logan- has joined #craton10:20
*** Guest46299 has joined #craton10:28
*** Mudpuppy has joined #craton11:06
*** Mudpuppy has quit IRC11:11
*** valw has joined #craton13:00
*** valw has quit IRC13:05
*** valw has joined #craton13:25
*** valw has quit IRC13:48
*** Mudpuppy has joined #craton14:11
*** Mudpuppy has quit IRC14:11
sulosigmavirus: will you be loooking at harry's pr's today ? it would be nice to get those in for some other cleanup work14:21
*** VW has joined #craton14:41
*** valw has joined #craton14:47
*** valw has quit IRC14:47
*** valw has joined #craton14:47
*** VW has quit IRC14:51
*** VW has joined #craton14:51
*** valw has quit IRC15:13
*** valw has joined #craton15:17
*** Mudpuppy has joined #craton15:25
*** valw has quit IRC15:29
*** valw has joined #craton15:39
*** valw has quit IRC15:42
*** valw has joined #craton15:42
*** valw has quit IRC15:45
*** Syed_ has joined #craton15:51
*** valw has joined #craton15:53
*** valw has quit IRC15:58
*** valw has joined #craton16:20
*** Guest46299 is now known as palendae16:24
*** valw has quit IRC16:25
*** valw has joined #craton16:27
*** valw has quit IRC16:36
*** valw has joined #craton16:36
*** valw has quit IRC16:45
*** valw has joined #craton16:46
*** valw has quit IRC16:50
*** valw has joined #craton17:04
*** valw has quit IRC17:10
*** valw has joined #craton17:10
*** valw has quit IRC17:15
jimbakersigmavirus, just a minor fix necessary for https://review.openstack.org/#/c/401438/17:21
jimbakerotherwise it looks good17:21
*** valw has joined #craton17:41
*** valw has quit IRC17:42
*** valw has joined #craton17:42
*** VW has quit IRC18:02
*** VW has joined #craton18:11
*** valw has quit IRC18:33
*** valw has joined #craton18:47
*** valw has quit IRC18:52
*** valw has joined #craton18:57
*** valw has quit IRC19:36
*** valw has joined #craton19:38
*** VW_ has joined #craton20:00
*** VW_ has quit IRC20:01
*** VW_ has joined #craton20:02
*** VW_ has quit IRC20:03
*** VW has quit IRC20:04
*** VW has joined #craton20:05
*** valw has quit IRC20:26
*** valw has joined #craton20:29
jimbakerSyed_, any questions on rbac? especially next steps?20:47
jimbakerright now i'm focused on blueprints for virtualized variables and encrypting variables20:47
jimbakeralso will try to get some more reviewing done20:47
Syed_jimbaker: still searching on oslo.policy to enforce rules, going through their documentation20:48
jimbakerSyed_, good stuff20:49
Syed_blueprint seems good to me, gives a clear picture ahead, i went through the article you posted20:49
jimbakeri suggest writing a custom rule20:49
Syed_jimbaker: i have a question though, not related to rbac :)20:49
Syed_so for testing routes in endpoints as per schemas20:50
jimbakeralso worth trying out the naive approach where everything is in the policy.json - so duplicates what the blueprint suggests would be managed by the db20:50
Syed_i am thinking to do a check of routes with https://github.com/openstack/craton/blob/master/craton/api/v1/schemas.py#L179020:50
jimbakerSyed_, i haven't looked at any of those details20:50
Syed_hmm ...20:50
jimbakersulo is certainly the most knowledgeable here - i did one little thing on flask at this point :)20:51
Syed_maybe i will ping sulo then20:51
Syed_jimbaker: i will read more depths and search over it today evening on oslo policies :)20:51
jimbakerSyed_, almost certainly the best for that work. i'm going to try to avoid getting sucked into flask other than when i sees something obvious. git-harry seems to be pretty on top of it as well, but i believe he's out all this week20:52
jimbakerSyed_, yeah, just want to involve you here, since this is an interest of yours20:53
Syed_jimbaker: appreciate it, yeah rbac is really cool stuff, i wanna know more on how we get that going in openstack20:53
jimbakeri plan to do the same with jovon re api stuff20:53
jimbakerSyed_, yeah, it's going to be super interesting work. lots of opportunities to further apply to other projects as well20:54
jimbakerSyed_, is jovon around today?20:54
Syed_jimbaker: jovon i guess is off today, i haven't seen him from morning20:54
jimbakeranyway, i want to get him going on some more of the stuff we discussed20:55
jimbakerno worries, i will keep putting that together, and we can discuss when we have a chance20:55
jimbakerhopefully tomorrow20:55
Syed_jimbaker: actually my security professor who taught me advance computer security is a very well known name in rbac, thats when i found out about access control and its importance20:56
jimbakerbasically trying out the changes in the python client. want to get this tested and documented20:56
jimbakerSyed_, name?20:56
Syed_Ravi Sandhu20:56
Syed_jimbaker: http://www.profsandhu.com/20:56
jimbakerSyed_, nice. when i know a bit more about this topic, i'm sure to reach out to him - with you as well20:56
Syed_jimbaker: sounds good20:57
jimbakeras a sort-of academic, i do enjoy these discussions20:57
jimbakerright now, i'm trying to figure out rbac myself :) and next step, how this fits into some of the approaches20:58
jimbakerto describe20:58
Syed_jimbaker: i really liked this article when i first studied that, http://csrc.nist.gov/rbac/sandhu96.pdf20:59
jimbakerfor example: i'm pretty sure we can easily prove the equivalence of the model i have in that blueprint with what the naive policy.json can do20:59
jimbakeri handwave it in the blueprint20:59
jimbakerit will be interesting to map some of the formal models to what oslo.policy itself doea21:00
jimbakerdoes21:00
jimbakerso that could be a great point of contact with ravi. i'm sure he would appreciate us reaching out to him21:00
Syed_Yes indeed, will be researching more into oslo.policy more today21:00
jimbakerso basically the baker model :) looks more like the active directory model21:00
jimbakermore or less like21:01
jimbakerwhich we can then rewrite to oslo.policy21:01
jimbakerwhich is probably equivalent to say an attribute extension of rbac in the formal models21:01
jimbakerthat's the path i would take21:01
Syed_makes sense.21:02
*** VW has quit IRC21:31
*** VW has joined #craton21:32
*** VW has quit IRC21:36
*** VW has joined #craton21:41
*** valw has quit IRC21:53
*** valw has joined #craton21:55
*** Mudpuppy_ has joined #craton22:06
*** Mudpuppy has quit IRC22:10
*** Mudpuppy_ has quit IRC22:11
*** valw has quit IRC22:31
*** VW has quit IRC22:44
*** valw has joined #craton23:42
*** valw has quit IRC23:49
« Tuesday, 2016-11-29 Index Thursday, 2016-12-01 »

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!