2021-06-02 TAC Minutes
- Casey Cain
- Kenny Paul
- Jim Baker
Attendees & Representation (default sort: member first name)
TAC Members and Project representatives should mark their attendance below
Non-TAC project reps do not count towards meeting quorum
X = Present | P = Proxy (Indicate in the table with @name for @name
Member | Representing | Member | Representing | Member | Representing | |||
|---|---|---|---|---|---|---|---|---|
@Alex Vul (Deactivated) | ODIM (sandbox) | @Ed Warnicke | FD.io (TAC) | @Morgan Richomme | Orange | |||
@Al Morton | Anuket (TAC) | @Eyal Felstaine | Amdocs | @Olaf Renner | Nokia | |||
@Anil Guntupalli | Verizon | @Frank Brockners | Cisco | TF (incubation) | ||||
@Anil Kapur | Juniper | @djhunt | IBM | @Ramesh Nagarajan | ||||
@FREEMAN, BRIAN D | AT&T | @Kalyankumar Asangi | Huawei | @Ranny Haiby | Samsung | |||
@cl664y@att.com - proxy: @Timo Perala | ONAP (TAC) | @Lingli Deng | China Mobile | @Robert Varga | ODL (TAC) | |||
@ChangJin Wang | ZTE | @Marc Fiedler | Deutsche Telekom | @Timothy Verrall (Deactivated) | Intel | |||
@Christian Olrog Atlassian | Ericsson | @Martin Jackson | Walmart | @thomas nadeau | Red Hat | |||
@Dhananjay Pavgi | Tech Mahindra | @Mike Lazar | OPX (sandbox) | @Xiaojun Xie | China Telecom | |||
@Qihui Zhao | XGVela (sandbox) |
LF Staff: @Kenny Paul, @Casey Cain, @LJ Illuzzi, @Brandon Wick , @Jim Baker
Others: @Amy Zwarico, @Nicholas Karimi, @Tina Tsou (Deactivated)
Agenda
Start the Recording
We will start by mentioning the project's Antitrust Policy, which you can find linked from the LF and project websites. The policy is important where multiple companies, including potential industry competitors, are participating in meetings. Please review and if you have any questions, please contact your company legal counsel. Members of the LF may contact Andrew Updegrove at the firm Gesmer Updegrove LLP, which provides legal counsel to the LF.
Roll Call Today's Quorum == 7
Action Items Review
Agenda Bashing
General Topics
Developer & Testing Forum Update
Introduction of Committer Representative to the TAC @Amy Zwarico
TAC attendance at TSC meetings
Committer representative election mechanics
Discussion: how to resolve communities that have different voting populations for different classes in a TSC? Community picks which voting class or take the broadest class.
VOTE: For the committer representative election, the eligible voter population for each community will match that community's voting population for their TSC elections.
Whitepaper updates @Ranny Haiby
LFN-wide security - discussion @Ranny Haiby @Amy Zwarico
Any Other Topics
Minutes
Introduction of @Amy Zwarico
Active in SECCOM.Policy, and Integration team in ONAP
Representing the concerns of the committers to the GB
during introductions @Casey Cain noted that TF rep has left the community and a new TAC rep has not been selected yet.
Developer & Testing Forum
Next week: Jun 7, 2021 - Jun 10, 2021
Please register, it's free!
TAC members attending TSC meetings
Intent: Get TAC members to attend the project TSC meetings that are not a part of the daily working routine to gain more perspective
@Casey CainTo share out the meeting schedules for all the TSC meetings to facilitate TAC member drop-ins
LFN-wide Security
@Ranny Haiby On-going need for security best practice exchange for all LFN projects
Perhaps a forum for on-going dialogue on security topics?
Informal engagements - not a requirements generation body
Also need a unified LFN messaging about security
@Amy Zwarico Great idea - ONAP experience has given some best practices
Security includes additional work for all project teams
Getting LFN wide approaches to security would be useful
Security requirements are a part of every release
Some interdependencies between projects exist - so uniform approaches are important (eg. ONAP and ODL)
EVERY component of ONAP pulls in other upstream code - many external dependencies
@FREEMAN, BRIAN D SolarWinds was a supply chain attack - so treating all the attack surfaces and supply chain is essential
A TAC recommendation would be useful to help establish the minimum acceptable
The component list is long: MariaDB, K8s, etc. - all have extensive SW BOM
Next Steps
Proposal: Start with a mailing list and wiki space for sharing security tools/processes
@Morgan Richomme A TAC recommendation on basics would be useful
Build/publish docker containers should be more automated with more scanners as provided by LF IT
Claiming security when not being thorough is worse than not claiming/doing anything.
Committer representative election mechanics
How to enable communities that have different structures than just committers/contributors?
Proposal: Each community provides the list of eligible voters for the committer representative election
RESOLVED: The TAC agrees that the eligible voter population for the Committer Representative shall match that community's voting population for their TSC General Elections.
#agreed
Feedback:
@Al MortonEmail discussion was supportive of community designated voter population
@Ranny Haiby No perfect solution - error on the side on inclusivity
@djhunt Agree allow communities to designate the voter pool per community
@djhunt Multiple voting populations should be MORE inclusive (use the largest population)
@FREEMAN, BRIAN D If they can vote for TSC members - then they can vote for the committer representative
@Kenny Paul ONAP and Anuket have broad inclusion in elections. ODL TSC has two classes: committers AND active community members. FD.io - no data
@FREEMAN, BRIAN DAll populations that can vote for general TSC seats, also can vote for the committer representative