I have recently accepted a new position with a company that does not work
with OpenStack. As a result, I'll be transitioning away from this
community. As such, I wanted to offer a few quick notes:
* OpenStack Security Guide -- I have transitioned leadership of this
security documentation effort
To security-doc core and other interested parties,
Nathaniel Dillon has been working consistently on the security guide since
our first mid-cycle meet up last summer. In that time he has come to
understand the inner workings of the book and the doc process very well.
He has also been a
Thanks everyone. I've added Nathaniel to security-doc core. Welcome
Nathaniel!
Cheers,
-bryan
__
OpenStack Development Mailing List (not for usage questions)
Unsubscribe:
I would like to try to attend both, assuming the Barbican guys will have me
;-)
-bryan
On Fri, Nov 7, 2014 at 12:02 PM, Clark, Robert Graham robert.cl...@hp.com
wrote:
Hi All,
How many people would want to attend both the OSSG mid-cycle and the
Barbican one? Both expected to be on the west
I plan on attending.
-bryan
On Thu, May 22, 2014 at 10:48 AM, Jarret Raim jarret.r...@rackspace.comwrote:
All,
There was some interest at the Summit in semi-combining the mid-cycle meet
ups for Barbican, Keystone and the OSSG as there is some overlap in team
members and interest areas. The
Is anyone following the openstack-security list and/or part of the
OpenStack Security Group (OSSG)? This sounds like another group and list
we should keep our eyes on.
I'm one of the OSSG leads. We'd certainly welcome your involvement in
OSSG. In fact, there has been much interest in
+1
-bryan
On Wed, Dec 18, 2013 at 10:22 PM, Jay Pipes jaypi...@gmail.com wrote:
On 12/18/2013 12:34 PM, Doug Hellmann wrote:
I have more of an issue with a project failing *after* becoming
integrated than during incubation. That's why we have the incubation
period to begin with. For the
Steven Gonzales stevendgonza...@gmail.com
1 Russell Bryant rbry...@redhat.com
1 Bryan D. Payne bdpa...@acm.org
It appears to be an effort done by a group, and not an individual. Most
commits by far are from Rackspace, but there is at least one non-trivial
contributor (Malini) from
I just wanted to close the loop here. I understand the position that
others are taking and it appears that I'm outnumbered :-) While I disagree
with this approach, it sounds like that's where we are at today. Even with
this decision, I would encourage the horizon dev team to utilize Paul as a
Re: Removing Paul McMillan from core
I would argue that it is critical that each project have 1-2 people on core
that are security experts. The VMT is an intentionally small team. They
are moving to having specifically appointed security sub-teams on each
project (I believe this is what I heard
We can involve people in security reviews without having them on the
core review team. They are separate concerns.
Yes, but those people can't ultimately approve the patch. So you'd need to
have a security reviewer do their review, and then someone who isn't a
security person be able to
2) There is general consensus that the simple config based key manager
(single key) does provide some amount of useful security. I believe it
does, just want to make sure we're in agreement on it. Obviously we
want to improve this in the future.
I believe that it does add value. For
How can someone use your code without a key manager?
Some key management mechanism is required although it could be
simplistic. For example, we’ve tested our code internally with an
implementation of the key manager interface that returns a single, constant
key.
That works for
AM, Bryan D. Payne bdpa...@acm.org wrote:
Thursdays at 1800 UTC.
https://wiki.openstack.org/wiki/Meetings/OpenStackSecurity
-bryan
On Wed, Aug 21, 2013 at 10:57 AM, Sriram Subramanian
sri...@sriramhere.com wrote:
--
Thanks,
-Sriram
This is a quick note to announce that the OpenStack gerrit system supports
a SecurityImpact tag. If you are familiar with the DocImpact tag, this
works in a similar fashion.
Please use this in the commit message for any commits that you feel would
benefit from a security review. Commits with
15 matches
Mail list logo