Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Meeting 24/05/23 #65

Closed
14 of 23 tasks
THS-on opened this issue May 16, 2023 · 0 comments
Closed
14 of 23 tasks

Meeting 24/05/23 #65

THS-on opened this issue May 16, 2023 · 0 comments
Labels
video-meeting

Comments

@THS-on
Copy link
Member

THS-on commented May 16, 2023
edited
Loading

Attendees

Time: 24/05/23 15:30 GMT, 16:30 CET (https://www.timeanddate.com/worldclock/fixedtime.html?msg=Keylime+Meeting&iso=20230524T1530&p1=769&ah=1)
Link: https://uni-kiel.zoom.us/j/65228204390?pwd=eURBMlhCT3JiWEZLcjZuNTdicWF3Zz09
Meeting ID: 652 2820 4390
Passcode: 234236

Topics

  • Architecture Design Meeting
    • Some initial thoughts described here Keylime New Architecture Design Meeting (TDB) #64 (comment)
    • "Low-hanging fruit" items:
      • "Pluginization" of MB and IMA (already in progress)
      • Removal of tpm2-tools (already in progress) :
    • Important functionality which could be introduced without disruption
      • "Auto add" agents to verifiers (i.e., registrars run part of tenant code)
      • Attest a fixed number of times and then stop (i.e., do not fail)
      • "Confidential Computing" (basically VMs) plugin (for registrar)
    • Fundamental (breaking, yet necessary) changes, requiring broader agreement among maintainers :
      • Push model
      • IDevID and IAK support
      • Bootstrap protocol (without K -> U/V) redesign
      • Verifier main loop redesign
  • Technical debt
    • Make sure Durable Attestation with MB/IMA works from any "point in time"
    • A more robust (survivable to transient failures) SQLAlchemy interface
  • Make Keylime easily deployable in Kubernetes/ Openshift environments:
  • Agreement from maintainers on "stable branches" (Draft a policy/strategy for stable branches keylime#1362)
  • Collaboration with Veraison (https://github.com/veraison)
    • Agreeing on standards: RATS, EAR, DICE
    • Discuss architectural differences, plugin architecture
    • Joining the Veraison Zulip: https://veraison.zulipchat.com/

Actions

Meeting notes
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
video-meeting
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@THS-on