So, I really like this idea. I think it would be a really fun and
productive time.
I think security is a good topic, but it'll be good to see if anyone
else has other ideas. I think we have quite a few things we could cover
in the security realm though, like you listed.
I'd prefer to stay away from the last week of August/first week of
September, because for me (and possibly others -- Ian?) classes will
just have started back up. I'd vote for earlier, maybe the end of July?
Or the first week or two of August? Beyond that us college-goers will
probably be getting ready for the semester.
I don't have a lot of preference on location, either of your ideas are
about the same distance from me, personally.
But yes, I'm very interested in this, I think it would be a lot of fun,
and I think we could get a lot done.
-re
On 06/12/2012 07:03 PM, Kevin Fenzi wrote:
Greetings.
I've been toying with the idea of a Fedora Infrastructure FAD (Fedora
Activity Day) around getting our security tasks further along/mapped
out, or just done. We can do all these things remotely, but sitting
down with less distractions and getting things done or deciding on
roadmaps may work faster/better in person.
More information on FAD's:
http://fedoraproject.org/wiki/Fedora_Activity_Day_-_FAD
Some possible Goals:
* Put in place our 2 factor authentication solution.
- Enable globally for sudo.
- Come up with plan/roadmap for applications 2 factor
authentication.
- enable more 2nd factors if we only have one working.
(yubikey, google authenticator, others?)
* Revamp firewall rules to further restrict traffic between machines.
* Come up with a better plan for signing servers
- In puppet or out of puppet?
- On demand vs always on
- ssh access, console, 2factor?
* Hash out a roadmap or plans around git commit signing.
- See if this is something we want to do
* Work on FAS security enhancements
- backup email address?
- security questions?
- better gpg integration?
- handling for 2 factor auth
* Setup a simple IDS of some kind?
- Notice non standard traffic in our internal nets
* Finish up
keys.fedoraproject.org and announce it.
* Clean up selinux AVCs and move more things to enforcing.
* Your brilliant Fedora Infrastructure security related idea here.
Possible dates:
last week of Aug, First week of Sept?
(This puts us between the Alpha and Beta freezes, and is possibly
enough notice to get better airfair/etc rates).
somewhere in 2012-08-27 to 2012-09-10
First 2 weeks in Nov?
(After F18 is released, before thanksgiving)
somewhere in 2012-11-05 to 2012-11-16
Right before next Fudcon?
2013-01-15 to 2013-01-17?
Your exciting better dates here.
Possible locations:
Red Hat HQ in RDU?
pros: can probably get a room/network and pull in other RH folks
Westford, MA
pros: could probably get a room/network and pull in other RH
engr folks.
Other location here:
must be cheap to fly to/stay at, and have a facility we could
meet at and use.
So, this is more a 'is there enough interest in this to peruse it' type
of email.
How many folks would be interested in going to something like this?
What dates or places would you prefer?
Is there another topic that would be a better thing to do than
Security? I can think of several more topics if we would prefer
something else (Fixing our application logging could be it's own FAD by
itself).
Thoughts?
kevin
_______________________________________________
infrastructure mailing list
infrastructure(a)lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/infrastructure