2010-12-21 - Special Topic - Updating Security Documentation

Time/Place

This meeting is a hybrid teleconference and IRC chat. Anyone is welcome to join...here's the info:

• Time: 11 am Eastern Standard Time US (UTC-5)
• Voice
  • Via Skype+: Dial from anywhere: \+9900827047086940 (callto://+9900827047086940)
  • Via Phone+: US Number: +1 (201) 793-9022, Room #7086940
• IRC:
  • Join the #duraspace chat room via Freenode Web IRC (enter a unique nick)
  • Or point your IRC client to #duraspace on irc.freenode.net

Agenda

1. Last Meeting for 2010, Date for the next meeting?
2. Status of Git
   1. EOL Handling
3. Critical new items or work-in-progress
   1. newly-submitted issues
4. Special Topic - Updating Fedora Security Documentation
   1. Working pages started here and here (explanation of discussion threads)
   2. Fixing deficiencies and inaccuracies, and making improvements
   3. Lowering the barrier to use
      1. Quick start guide
      2. A comparison are various security features
   4. Update of Repository XACML users documentation
      1. Check the sample rules
      2. Add rule sets for typical uses
      3. Policy Objects
   5. CMA Security Implications
      1. Cacheing implications
      2. Back-end (Deployment Security or lack there-of)
   6. FeSL
      1. Bring guide up to date
      2. Add example rule sets (including for typical uses)
      3. FeSL AuthN and FeSL AuthZ
      4. Interactions between FeSL and Repository XACML enforcement
   7. Update Servlet Filter Documentation
   8. SSL provided by Tomcat (and/or other Application Servers)
   9. Use of Apache as a front-end including security options and operations
   10. Operations security
   11. AuthN
       1. Realms
       2. LDAP Guide
       3. Shibboleth
       4. User-defined
   12. Others?
   13. Solicit help of production operators.
   14. Do we track documentation efforts in Jira?