[Security_sig] 03/17 Conf. call minutes

Chris Wright chrisw at osdl.org
Thu Mar 17 09:42:21 PST 2005

	Joseph Cihula (Intel)
	Ed Reed (Novell)
	Emily Ratliff (IBM)
	Serge Hallyn (IBM)
	Chris Wright (OSDL)
	Matt Anderson (HP)

	- CGL spec ownsership
	- DCL spec ownership
	- any other business

	Chris: Find editable version of CGL spec.

Ed: Do OSDL working groups take a stance on TPM?

Chris: No stance on judgement of TCG spec, but CGL hardware spec calls
out TPM hardware, and thusly software spec requires drivers when
hardware is present.

Chris: CGL spec co-editor needed.  We've lost Ge for now ;-(

Joseph: Not much spec writing, more editing, writing some use cases and
reviewing the current implemenation listings.

Emily: Could you give quick overview of DCL status/needs?  I think it
should get to something like the CGL spec.

Chris: Sure, the assumptions that you've seen/commented on went out in
1.1.  Next step is to turn that all into something that looks much more
like CGL.

Emily: I'll volunteer to help on the DCL spec.

Matt: I can jump in if nobody else will (re: CGL).

Chris: Great.  I'm sure Ed and Joseph will welcome the help.

Emily: What's the time frame.

Chris: DCL needs solid draft in July.

Joseph:  CGL is May 3rd.

Chris: Should we consider a meeting at OLS.

Emily: That'd be great.  Quite a few members from my team will be there.

Chris: I think the BoF slots are full, I can double check on that.

Ed: (describes his view of content for DCL spec)

Ed: What I don't konw how to do is end up with list of rpms.

Chris:  Likely to not get to that granularity.  BTW, I didn't get good
notes for your description, they'll be lacking in the minutes.

Ed: It's basically a Security Target.

Ed: Feature set that appears to be relevant for securing an enterprise
data center linux machine.  Database/app server/public protocol server/

Emily: Do you plan to allow for options?  So when we talk about
containment there may be a few options listed?

Ed: Yes, you're right.  So it's somewhere inbetween a Protection Profile
and a Security Target.

Emily: It also helps people who may not be familiar with security to
understand the requirement when seen with an example that they may have
heard of.

Ed: Can we categorize things into specific sections, like containment,
separation of duties, audit, etc.  And have a small top-down list for
each category.

Emily: Are you ready for volunteers yet?

Chris: He's almost done writing ;-)

Ed: Just got details yesterday afternoon.

Emily:  Pedantic checks up front, or broader comments first?

Ed: I don't mind keeping wordsmithing as we go, it's better than doing
it at the end.

Matt: Do we have an editiable doc for CGL.  Only see PDF.

Chris: Yes, I think I have one, and Ed needs it too.  If I don't Joseph
or Ge should be able to get it to us.

Chris: And I'd prefer to see it done in OpenOffice format.

Linux Security Modules     http://lsm.immunix.org     http://lsm.bkbits.net

More information about the security_sig mailing list