Re: [VOTE] Release Apache TubeMQ (Incubating) 0.6.0-incubating RC0

2020-10-16 Thread Zhijie Shen 
+1. I checked the following:

- Signature
- Checksum
- Run command `mvn clean install -DskipTests`
- Run command `mvn test`

Thanks,
Zhijie

On Sun, Oct 4, 2020 at 4:42 AM Lamber Liu  wrote:

> Dear IPMC members,
>
> We still need 3 binding votes on this release, I was wondering if you
> could review and vote for release Apache TubeMQ (incubating)
> 0.6.0-incubating RC0?
>
> On 2020/10/02 10:39:45, Guangxu Cheng  wrote:
> > +1
> >
> > I checked:
> >
> >- Signature: ok
> >- Checksum : ok
> >- Rat check: ok
> >   - mvn clean apache-rat:check
> >- Built from source: ok
> >- mvn clean install -DskipTests
> >- Unit tests pass: ok
> >- mvn test
> >- incubating in name
> >- disclaimer exists
> >- LICENSE and NOTICE exists
> >
> > --
> > Best Regards,
> > Guangxu
> >
> >
> > lamber liu  于2020年10月1日周四 上午9:55写道:
> >
> > > Hello Incubator Community,
> > >
> > > This is a call for a vote to release Apache TubeMQ (Incubating)
> version
> > > 0.6.0-incubating-RC0
> > >
> > > The Apache TubeMQ community has voted on and approved a proposal to
> > > release Apache TubeMQ (Incubating) version 0.6.0-incubating-RC0
> > >
> > > We now kindly request the Incubator PMC members review and vote on
> this
> > > incubator release.
> > >
> > > TubeMQ community vote thread:
> > >
> > >
> > >
> https://lists.apache.org/thread.html/r7a99ffe1b1d90fade4d8f0b345b9fbe1319e10ad56d164c7dd407605%40%3Cdev.tubemq.apache.org%3E
> > >
> > >
> > >
> https://lists.apache.org/thread.html/r1f35b7e69696072a2e37fa7ab21c0ea83eae5fc49b3c18e43b793e2d%40%3Cdev.tubemq.apache.org%3E
> > >
> > > Vote result thread:
> > >
> > >
> > >
> https://lists.apache.org/thread.html/re53fb50999782b698a1eb266d871c295110a199d44f904180f0d88f0%40%3Cdev.tubemq.apache.org%3E
> > >
> > > The release candidate:
> > >
> > >
> > >
> https://dist.apache.org/repos/dist/dev/incubator/tubemq/0.6.0-incubating-RC0/
> > >
> > > Git tag for the release:
> > >
> https://github.com/apache/incubator-tubemq/tree/0.6.0-incubating-RC0
> > >
> > > Release notes:
> > >
> > >
> > >
> https://github.com/apache/incubator-tubemq/releases/tag/0.6.0-incubating-RC0
> > >
> > > The artifacts signed with PGP key 71BA36A5ED064F12, corresponding
> to
> > > lamber...@apache.org, that can be found in keys file:
> > > https://dist.apache.org/repos/dist/dev/incubator/tubemq/KEYS
> > >
> > > The vote will be open for at least 72 hours or until necessary
> number
> > > of votes are reached.
> > >
> > > Please vote accordingly:
> > >
> > > [ ] +1 approve
> > > [ ] +0 no opinion
> > > [ ] -1 disapprove with the reason
> > >
> > > Thanks,
> > > On behalf of Apache TubeMQ (Incubating) community
> > >
> >
>
> -
> To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org
> For additional commands, e-mail: general-h...@incubator.apache.org
>
>

[Result][VOTE] Accept MesaTEE into Apache Incubator

2019-08-20 Thread Zhijie Shen 
Hi folks,

With 7 +1 binding votes, 1 +1 non-binding votes and no +0 or -1 votes, this
VOTE passes.

Thanks to everyone who voted! Bellow is a voting tally (* is binding):

Stian Soiland-Reyes*
Matt Sicker*
Luciano Resende*
Furkan KAMACI*
Kenneth Knowles*
Wei Mingzhi
Byung-Gon Chun*
Daniel Dai*

The vote thread:
https://lists.apache.org/thread.html/46dc067c4f4d58e947767a8450c11060f671e68a51f47fca6f0b553b@%3Cgeneral.incubator.apache.org%3E

Thanks,
Zhijie

[VOTE] Accept MesaTEE into Apache Incubator

2019-08-14 Thread Zhijie Shen 
Continuous Integration Service ==

MesaTEE currently uses self-hosted continuous integration (CI) service
which can
help developers to automatically test commits. The CI service involves
several
nodes which support Intel SGX. We would like to continue doing so.

= Initial Committers =

The list is sorted alphabetically:

  * Mingshen Sun 
  * Pei Wang 
  * Rundong Zhou 
  * Tao Wei 
  * Tongxin Li 
  * Yiming Jing 
  * Yu Ding 
  * Yulong Zhang 
  * Zhaofeng Chen 

= Sponsors =

== Champion ==

  * Zhijie Shen 

== Nominated Mentors ==

  * Jianyong Dai 
  * Luciano Resende 
  * Matt Sicker
  * Furkan Kamaci

== Sponsoring Entity ==

The Incubator PMC

Re: [DISCUSS] Incubation Proposal of MesaTEE

2019-08-05 Thread Zhijie Shen 
BTW, I saw MSR has an interesting research work to integrate MapReduce with
SGX to analyze big data in an privacy-preserved way:
https://www.microsoft.com/en-us/research/wp-content/uploads/2016/02/vc3-oakland2015.pdf.
I'm looking forward to the potential integration between this project with
a few big data project under ASF.

On Sun, Aug 4, 2019 at 10:07 AM Mingshen Sun  wrote:

> Thanks for your interests.
>
> Regarding to you question, no, you cannot use it to sandbox arbitrary code.
> Trusted computing/confidential computing is not just about isolation and
> sandbox.
> For the SGX setup, because lots of sources (e.g., system calls, IO
> functions, etc.)
> are not trusted, which will break the treat model of trusted computing.
> Normally, you should design a code with “trusted” part and “untrusted”
> part.
> For legacy code, it needs to be carefully tailored or separated. But
> sometimes,
> untrusted sources are still needed (e.g., a web service needs network
> capabilities),
> they should be as minimal as possible and easy to audit.
>
> Yesterday, ted gave a very good use case (
> https://signal.org/blog/private-contact-discovery/).
> But there are others listed in the doc:
> https://github.com/mesalock-linux/mesatee/blob/master/docs/case_study.md
>
>
> > On Aug 4, 2019, at 8:37 AM, Matt Sicker  wrote:
> >
> > I’ve read through a bit of the site and blog posts. I’m pretty interested
> > in the project, especially any efforts to support more programming
> > languages.
> >
> > Is it possible to use this to sandbox arbitrary code?
> >
> > On Sat, Aug 3, 2019 at 17:22, Mingshen Sun 
> wrote:
> >
> >> Yes, this project can be used for securing general computations.
> >> You can simply use the `mesatee_core` library to write an SGX encalve.
> >> In addition, MesaTEE provides others features like function as a
> service.
> >> That’s why we call it a universal securing computing framework.
> >>
> >> Best,
> >> Mingshen Sun
> >>
> >> On 2019/08/03 15:27:41, Matt Sicker  wrote:
> >>> Would this project be useful in securing general computations? You
> >> mention>
> >>> big data and AI a lot, though I’m wondering if this is also usable for>
> >>> things like, say, general multi tenant applications?>
> >>>
> >>> On Sat, Aug 3, 2019 at 03:27, Mingshen Sun 
> >> wrote:>
> >>>
>  Hi,>
> >
>  This is Mingshen Sun from Baidu X-Lab. Recently, we have open-sourced>
>  a universal secure computing framework called MesaTEE (>
>  https://mesatee.org/).>
>  The MesaTEE project enables general computing service for>
>  security-critical scenarios,>
>  which attracts many attentions from academia and industry.>
> >
>  To better build up the whole ecosystem, we decide to donate the
> >> MesaTEE>
>  project to>
>  Apache Foundation. Therefore, we’d like to propose our project to go>
>  through>
>  the incubation process.>
> >
>  Attached is our incubation proposal for open discussion. Thank you so
> >> much.>
> >
>  Best,>
>  Mingshen Sun>
>  Baidu X-Lab>
> >
> >
>  Here is the proposal details:>
> >
>  ==>
> >
>  MesaTEE Apache Incubation Proposal>
> >
>  = Abstract =>
> >
>  MesaTEE is a framework for universal secure computing.>
> >
>  = Proposal =>
> >
>  MesaTEE is the next-gen solution to enable general computing service
> >> for>
>  security-critical scenarios. It will allow even the most sensitive
> >> data to>
>  be>
>  securely processed to enable offshore businesses without leakage.>
> >
>  The solution combines the advanced Hybrid Memory Safety (HMS) model
> >> and the>
>  power of the Trusted Computing technologies (e.g., TPM) as well as
> >> the>
>  Confidential Computing technologies (e.g., Intel SGX).>
> >
>   * Code base:>
> * https://github.com/mesalock-linux/mesatee>
> * https://github.com/baidu/rust-sgx-sdk>
>   * Website: https://mesatee.org>
>   * Documentation: https://mesatee.org/doc/mesatee_sdk/>
> >
>  = Background =>
> >
>  The emerging technologies of big data analytics, machine learning,>
>  cloud/edge>
>  computing, and blockchain are significantly boosting our productivity,
> >> but>
>  at>
>  the same time they are bringing new confidentiality and integrity>
>  concerns. On>
>  public cloud and blockchain, sensitive data like health and financial>
>  records>
>  may be consumed at runtime by untrusted computing processes running
> >> on>
>  compromised platforms; during in-house data exchange, confidential>
>  information>
>  may cross different clearance boundaries and possibly fall into the
> >> wrong>
>  hands;>
>  also not to mention the privacy issue arises in offshore data supply>
>  chains.>
> >
>  Although the consequences of data breaching have been extensively>
>  elaborated, we>
>  should also note