Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

...

  • Issue discussion/Dev updates
    • L3AF R2
      • RBAC https://github.com/l3af-project/l3af-arch/discussions/57
        • Option 1: RBAC framework using x.509 PKI Certificate Attributes
          • Not every CA will issue those types of certs (w/usernames)
        • Option 2 OATH
          • No work required. Just consume already existing resources.
          • Many enterprises already using it.
            • ex: Windows Active Directory
        • Option 3. Digital Signature based Authorization with mTLS
          • Minimal overhead.
          • Partly extensible. Partly standards compliant.
          • Protocols mature, framework not so mature.
        • Option 4. SHA256 Hash based Authorization with mTLS
          • Don't want l3af to be the actual auth service.
          • Custom implementation
      • We don't want to take ownership by building our own RBAC
        • Building an e2e RBAC does not align with L3AF goals
          • Also managing the RBAC lifecycle
        • Enterprises should use their own control plane to manage L3AFd
        • Supporting only 2 roles at first is okay, but we have to be extensible
        • Most enterprises will have central control.
          • Leave it up to them.
        • Option 2. mTLS with OAuth 2.0 Client Authentication, but:
          • If nobody is going to use anything other than read/write then we do not need to build RBAC now.
            • We will document how to integrate RBAC option 2.
              • Document how L3AFd could integrate with the above
      • feat: introduce interface-based data types #229 - https://github.com/l3af-project/l3afd/pull/229
        • Standardize to open source.
        • Finish most of R2 PR then merge this.
        • Approach agreed upon.
      • Update configs from command line argument #242 https://github.com/l3af-project/l3afd/pull/242
        • Please review
      • Update native loading of root programs #245
      • Loading XDP and TC program blockers
    • L3AFD v2.1
    • L3AF on Windows
    • DT&F
      • 5 am PST L3AF project update
      • Shankar 5G uF


  • Release Management


...

  •  Dhivya R Release Management Plan- add milestones for testing, documentation, package. What else is needed from a delivery standpoint?
  •  LJ Illuzzi  Open SSF Scorecard. Is it visible on LFX Security
  •  LJ Illuzzi Draft LFN Board response to eBPF standards

...