Friday, 2016-05-27

« Thursday, 2016-05-26 Index Monday, 2016-05-30 »
*** austin987 has quit IRC00:00
*** sdake_ has joined #openstack-security00:00
*** sdake has quit IRC00:02
*** austin987 has joined #openstack-security00:13
*** browne has quit IRC00:19
*** markvoelker has joined #openstack-security00:29
*** tkelsey has joined #openstack-security00:30
*** bpokorny has quit IRC00:31
*** tkelsey has quit IRC00:35
*** markvoelker has quit IRC00:36
*** mdong has joined #openstack-security00:36
*** browne has joined #openstack-security00:46
*** browne has quit IRC00:46
*** diazjf has joined #openstack-security00:58
*** diazjf1 has joined #openstack-security01:02
*** diazjf has quit IRC01:04
*** mdong_ has joined #openstack-security01:34
*** diazjf1 has quit IRC01:34
*** mdong has quit IRC01:37
*** mdong_ is now known as mdong01:37
*** vinaypotluri has quit IRC01:40
*** sdake has joined #openstack-security01:45
*** tmcpeak has quit IRC01:47
*** sdake_ has quit IRC01:48
*** bpokorny has joined #openstack-security02:06
*** bpokorny_ has joined #openstack-security02:08
*** nkinder has quit IRC02:08
*** bpokorny has quit IRC02:11
*** bpokorny_ has quit IRC02:12
*** tmcpeak has joined #openstack-security02:20
*** tmcpeak1 has joined #openstack-security02:22
*** tmcpeak1 has quit IRC02:23
*** ccneill has quit IRC02:23
*** tmcpeak1 has joined #openstack-security02:24
*** tmcpeak has quit IRC02:25
*** sdake_ has joined #openstack-security02:26
*** sdake has quit IRC02:28
*** openstackgerrit has quit IRC02:36
*** hockeynut has quit IRC02:36
*** hockeynut has joined #openstack-security02:37
*** openstackgerrit has joined #openstack-security02:42
*** yuanying has quit IRC02:50
*** openstackgerrit has quit IRC02:56
*** jamielennox is now known as jamielennox|away03:01
*** hockeynut has quit IRC03:04
*** sdake has joined #openstack-security03:07
*** hockeynut has joined #openstack-security03:08
*** sdake_ has quit IRC03:11
*** openstackgerrit has joined #openstack-security03:18
*** dave-mccowan has quit IRC03:22
*** mdong has quit IRC03:35
*** bpokorny has joined #openstack-security03:41
*** yuanying has joined #openstack-security03:48
*** tmcpeak1 has quit IRC03:51
*** diazjf has joined #openstack-security04:05
*** diazjf has quit IRC04:05
*** sdake_ has joined #openstack-security04:25
*** edtubill has joined #openstack-security04:26
*** edtubill has quit IRC04:27
*** sdake has quit IRC04:27
*** sdake has joined #openstack-security04:31
*** tkelsey has joined #openstack-security04:32
*** markvoelker has joined #openstack-security04:32
*** sdake_ has quit IRC04:33
*** tkelsey has quit IRC04:36
*** markvoelker has quit IRC04:37
*** bpokorny has quit IRC04:44
*** salv-orlando has joined #openstack-security05:33
*** sdake_ has joined #openstack-security05:53
*** sdake_ has quit IRC05:53
*** sdake_ has joined #openstack-security05:53
*** sdake has quit IRC05:56
*** sdake_ has quit IRC05:59
*** rcernin has joined #openstack-security06:05
*** rcernin has quit IRC06:15
*** rcernin has joined #openstack-security06:20
*** salv-orlando has quit IRC06:24
*** markvoelker has joined #openstack-security06:33
*** tkelsey has joined #openstack-security06:34
*** markvoelker has quit IRC06:38
*** tkelsey has quit IRC06:39
*** B_Smith has quit IRC07:00
*** B_Smith has joined #openstack-security07:15
*** tesseract has joined #openstack-security07:36
*** salv-orlando has joined #openstack-security07:50
*** lhinds has joined #openstack-security08:11
*** lhinds has quit IRC08:30
*** lhinds has joined #openstack-security08:36
*** tkelsey has joined #openstack-security08:42
*** dmk0202 has joined #openstack-security08:46
*** yuanying has quit IRC08:47
*** lhinds has quit IRC08:48
*** yuanying has joined #openstack-security08:53
*** yuanying has quit IRC08:54
*** lhinds has joined #openstack-security09:05
*** lhinds has quit IRC09:08
*** lhinds has joined #openstack-security09:10
*** yuanying has joined #openstack-security09:10
*** yuanying has quit IRC09:15
*** lhinds is now known as lhinds|afk09:15
lhinds|afkjust going out , I have my phone and will be back in hour09:15
*** tkelsey has quit IRC09:25
*** salv-orl_ has joined #openstack-security09:38
*** salv-orlando has quit IRC09:40
*** yuanying has joined #openstack-security10:11
*** markvoelker has joined #openstack-security10:34
*** markvoelker has quit IRC10:39
*** openstackgerrit has quit IRC10:47
*** openstackgerrit has joined #openstack-security10:48
*** lhinds|afk is now known as lhinds11:09
lhindsderp, wrong channel11:10
*** openstackgerrit has quit IRC11:47
*** openstackgerrit has joined #openstack-security11:48
*** lhinds has quit IRC12:03
*** markvoelker has joined #openstack-security12:08
*** lhinds has joined #openstack-security12:08
*** salv-orl_ has quit IRC12:13
*** salv-orlando has joined #openstack-security12:16
*** aurelien__ has joined #openstack-security12:41
*** openstackgerrit has quit IRC12:48
*** openstackgerrit has joined #openstack-security12:48
*** edmondsw has joined #openstack-security12:49
*** dave-mccowan has joined #openstack-security13:14
*** cleong has joined #openstack-security13:23
*** aurelien__ has quit IRC13:26
*** aurelien__ has joined #openstack-security13:27
*** bknudson has left #openstack-security13:33
*** aurelien__ has quit IRC13:34
*** aurelien__ has joined #openstack-security13:34
*** bknudson has joined #openstack-security13:36
*** aurelien__ has quit IRC13:47
*** jhfeng has joined #openstack-security14:01
*** mvaldes has joined #openstack-security14:04
*** jmckind has joined #openstack-security14:06
*** aurelien__ has joined #openstack-security14:09
*** openstackgerrit has quit IRC14:18
*** openstackgerrit has joined #openstack-security14:18
*** tmcpeak has joined #openstack-security14:23
*** salv-orlando has quit IRC14:24
*** jhfeng has quit IRC14:30
*** aurelien__ has quit IRC14:30
*** jhfeng has joined #openstack-security14:32
*** dmk0202 has quit IRC14:35
*** nkinder has joined #openstack-security14:42
*** vinaypotluri has joined #openstack-security14:44
*** tesseract has quit IRC15:11
*** yaya has joined #openstack-security15:17
*** mvaldes has quit IRC15:21
*** salv-orlando has joined #openstack-security15:23
*** rcernin has quit IRC15:24
*** austin987 has quit IRC15:34
*** salv-orl_ has joined #openstack-security15:37
*** rous has joined #openstack-security15:40
*** salv-orlando has quit IRC15:40
rousk15:41
*** rous has left #openstack-security15:41
*** sigmavirus24 is now known as m3du5a15:43
*** m3du5a is now known as sigmavirus2415:44
*** austin987 has joined #openstack-security15:47
*** dave-mccowan has quit IRC15:57
*** mdong has joined #openstack-security15:58
*** mvaldes has joined #openstack-security15:59
*** bpokorny has joined #openstack-security16:00
*** ccneill has joined #openstack-security16:02
*** aurelien__ has joined #openstack-security16:08
*** salv-orl_ has quit IRC16:12
*** diazjf has joined #openstack-security16:33
*** salv-orlando has joined #openstack-security16:33
*** diazjf has quit IRC16:35
*** aurelien__ has quit IRC16:41
*** Mimhoz has joined #openstack-security16:44
*** Mimhoz has quit IRC16:45
*** can8dnSix has joined #openstack-security16:47
*** sdake has joined #openstack-security16:52
sdakeheyfolks16:52
sdakehttps://github.com/openstack/security-doc16:52
*** mvaldes has quit IRC16:53
sdakewhere does this repo's documentation get publshed to on the internets?16:53
tmcpeaksdake: the whole thing doesn't, it's a central repo for sec guide, OSSN, and other stuff16:57
tmcpeaksec guide is published here: http://docs.openstack.org/security-guide/16:57
tmcpeaksdake: wiki form of OSSN: https://wiki.openstack.org/wiki/Security_Notes16:58
sdaketmcpeak i am fixing the governance repo16:58
sdakeand someone asked me to link to the speicfic docs16:58
sdakei guess i'll sort it out - thanks ;)16:59
tmcpeakhmm16:59
tmcpeakok, no prob16:59
*** jhfeng has quit IRC17:11
*** austin987 has quit IRC17:16
sdaketmcpeak who maintians security-doc repo?17:21
tmcpeakhyakuhei or sicarie17:21
tmcpeakI mean a bunch of us do, but depending on what you're after those are your best bet17:22
sdakehere is what i'm after17:22
sdakehttps://review.openstack.org/#/c/321468/17:22
sdakesee last comment from tristan17:22
sdakethey want me to change the VMT tagging to have all documentation go into the security-doc repo17:23
tmcpeakI don't see a comment from tristan17:23
sdakesorry wrong review17:23
sdakehttps://review.openstack.org/#/c/300698/17:23
sdakeI just updated the review17:24
sdakewith tristan17:24
*** salv-orlando has quit IRC17:24
sdakebut i htink before we head down this road, we want to make sure the  security team is good with all the reviews/tas/etc going into the security-doc repository17:24
tmcpeakOK, yeah I think it's a good place for TA artifacts to live17:25
sdakeit may be more then just ta artifacts17:25
sdakeit may be audits or security reviews as well17:25
*** yojanset has joined #openstack-security17:25
tmcpeakhmm17:25
tmcpeakmy only concern would be the repo getting really large17:26
tmcpeakbut if we had to we could split it out I guess17:26
tmcpeakTA could generate a lot of images and other binary data, I'm not sure git is the best solution for stuff like that17:26
*** yojanset has quit IRC17:27
tmcpeakI still don't see Tristan's comment btw17:27
tmcpeakoh his link?17:27
tmcpeakto this one? https://review.openstack.org/#/c/22071217:27
sdaketmcpeak say I want to add Rob as a reviewer17:28
sdakebut I am having trouble finding him in gerrit17:28
sdakeany tips on that?17:28
tmcpeakhyakuhei17:28
tmcpeakI'll add him17:28
sdaketmcpeak i added him17:28
sdakeis this the review you are speaking of ? https://review.openstack.org/#/c/30069817:28
tmcpeaklol17:29
tmcpeakI thought you were talking about this - https://review.openstack.org/#/c/22071217:29
sdakeya i had the wrong link i think17:29
sdakethis is sepcifically for the governance repository17:30
tmcpeakI still think I'm missing context17:31
tmcpeakso VMT is asking for guidance about where these things are going to live?17:31
sdakeok basically VMT previously did not include threat analysis as an option17:31
tmcpeakand you're asking if we're ok with having all of that in security-doc repo?17:31
tmcpeakan option for what?17:31
sdakeso I added that as a review17:31
sdakean option to get the vmt tag17:32
sdakeso yes, the tc wants the docs to live "somewhere"17:32
tmcpeakok based on our discussion at the summit you're saying you are adding TA as one of the ways to get a VMT tag, right?17:32
sdakebut its more then just tas, its also reviews and audits17:32
sdaketmcpeak that has been in the review queue for about a month and has wide buyin from the tc17:32
sdakewe are just fine tuning at  this point, and the fine tuning is around *where* to store the results17:33
tmcpeakok cool, so the only question is where to store these things?17:33
tmcpeakgotcha17:33
tmcpeakwell can we start with them living in security doc and move them later if there's a problem?17:33
sdakeok - as long as the security team doesn't mind it :)17:33
sdakei'm good with it17:33
sdakethat is my concern - overload on docs submission17:33
tmcpeakyeah17:34
tmcpeakand git doesn't handle a bunch of binary very well17:34
sdakethe approval of the docs and submission of the docs are two separate things17:34
sdakeas the vmt section 5 change is worded17:34
tmcpeakany reason we can't make a new repo for it?17:34
sdakeno reason at all17:34
tmcpeakallright, let's do that just to be safe then17:35
sdakeassuming hyakuhei is good with that living under security governance17:35
tmcpeakI don't know how big these things are going to get17:35
sdakei dont just want a repo hanging out without being reviewed ;)17:35
tmcpeakallright, probably double check with him but that sounds reasonable17:35
sdaketmcpeak are you doug?17:35
sdakei dont know nick->name mappings atm ;)17:36
tmcpeakno, I'm Travis17:36
sdakehey travis17:37
sdakeim sorry i dont recall if we met, I met like hundreds of people at summit :)17:38
sdaketo top it off i' mbad on names17:38
tmcpeakno worries, dg is Doug17:39
tmcpeakwe did meet, on the last day I was working with a couple Kolla folks on snowflake mappings17:39
sdaketmcpeak oh yes, for what you have done for me, I should remember your name17:46
sdakemy total and complete bad17:46
sdakei was doing the snowflake mappings then too :)17:47
tmcpeaksdake: heh, no worries, I'm crap with names myself17:48
tmcpeakgood times that snowflake mapping :)17:49
tmcpeakwe have plans to continue that work and finish the TA?17:49
*** mvaldes has joined #openstack-security17:49
*** yaya has quit IRC17:52
*** sdake_ has joined #openstack-security17:52
*** sdake has quit IRC17:55
*** jhfeng has joined #openstack-security17:56
*** bpokorny_ has joined #openstack-security17:57
*** yaya has joined #openstack-security17:59
*** bpokorny has quit IRC18:01
*** sdake_ is now known as sdake18:06
*** mvaldes has quit IRC18:22
*** yaya has quit IRC18:24
*** jhfeng has quit IRC18:27
*** jhfeng has joined #openstack-security18:30
*** yaya has joined #openstack-security18:33
sdaketmcpeak i mailed the mailing list with a question regarding next steps18:47
sdakei think where we are is rob had done a sequence diagram18:47
sdakei was going to get the kolla coresec team to do the speical snowflakes sequence diagrams18:47
sdakebut need an eample to work from18:47
sdakerob had done the original sequence diagram for the least privileged case18:47
tmcpeaksdake: gotcha18:48
sdakeso basically i need the src to the sequence diagram he created18:48
sdakewhich i dont know where is located18:48
tmcpeakhrmm, I expect he's out for the weekend18:49
sdakeafter the sequence diagrams are done (a concrete next step) I dont know what follows next18:49
tmcpeakprobs check back Monday morning is the best18:49
sdakei mailed the list monday ;)18:49
tmcpeakwe'll need to coordinate a time and place for us to at least hangouts18:49
tmcpeakwalk through them and do the analysis part of the TA18:49
sdakei'd like to record it if possible so i can capture it in a doc18:50
sdakewould you be open to webex instead?18:50
tmcpeaksure18:50
sdakeok but first we need the sequence diagrms right?18:50
tmcpeakyep yep18:51
sdakeis there anything else we need besides the sequence diagrams?18:51
tmcpeakalso I don't remember how far we got with a basic description of assets, etc18:51
tmcpeak^18:51
sdakewe described all the assets18:51
sdakeI have a photograph18:52
tmcpeakok cool18:52
sdakeand I htink you took one too18:52
tmcpeakyeah I do remember that18:52
sdakei hope i took one18:52
sdakei may hae menat to take one and didn't18:52
tmcpeaklet's double check with dg and hyakuhei but that should be enough to do analysis18:52
sdakeany chance you can send me the photo you toook?18:53
tmcpeaksure, pm me email18:53
tmcpeaklet me make sure I have it18:53
sdakestdake@cisco.com18:53
sdakemy phone is out of juice18:53
sdakeand i want to get rolling - aslo was thinking of twittering the photo :)18:54
tmcpeakinstagram <318:54
tmcpeaksent18:55
sdakeya i'm an old fuddyddudy18:55
sdakestill learning twitter :)18:55
tmcpeakyou're a braver man than I, I get enough spam as it is without dropping my email in the channel :P18:55
sdakei have extremely effective filters18:55
tmcpeakTwitter is good :)18:56
*** blackman_12345 has joined #openstack-security18:57
*** blackman_12345 has left #openstack-security18:58
*** bpokorny_ has quit IRC18:58
*** bpokorny has joined #openstack-security18:59
*** sdake_ has joined #openstack-security19:09
*** sdake has quit IRC19:10
*** mvaldes has joined #openstack-security19:11
sdake_tmcpeak check this out - the threat analysis photo was my 100th tweet ;)19:12
tmcpeakallright!19:12
tmcpeakmoving up in the world19:12
*** sdake has joined #openstack-security19:18
*** sdake_ has quit IRC19:19
*** nkinder has quit IRC19:23
*** yaya has quit IRC19:31
*** salv-orlando has joined #openstack-security19:39
*** openstack has joined #openstack-security21:42
*** unrahul has joined #openstack-security21:51
« Thursday, 2016-05-26 Index Monday, 2016-05-30 »

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!