...
This document may contain notes on follow-ups.
February 15, 2023
Attendees
- Nils Semmelrock (TNG, devops)
- Som Sikdar (Meta, PM)
- Jordan Vrtanoski (Connect5G, TSC chair)
- Lucas Gonze (OSPOCO, security TPM)
- Micky Kumar (Wavelabs, testing)
- Prabina (Wavelabs, data plane, MME)
- Tapas (Wavelabs, devops, CI/CD)
- Bikram (Wavelabs, CI/CD)
Agenda
- Big picture "Near-Future of Magma Security"
- Credential handling is revised #14947
- Review open tickets
- Task List, Prioritized
Follow-ups
- Increase frequency to weekly, possibly with a smaller group
- Submit proposal on OpenSSF Scorecard to TSC. Program management on results. Make the scorecard value visible e.g. in a badge on the repo.
- Triage project board and consolidate documents. Create a single source of truth for security program management.
- Add security review to design phase and PR review or design review. Develop community processes to incorporate this. Document.
- Sytematize onboarding and offboarding. Review current membership. Consider a requirement that tokens and keys have expiration.TBD
March 1, 2023
Agenda
- Review open tickets
- TBD
...