So, I really like this idea. I think it would be a really fun and productive time. I think security is a good topic, but it'll be good to see if anyone else has other ideas. I think we have quite a few things we could cover in the security realm though, like you listed. I'd prefer to stay away from the last week of August/first week of September, because for me (and possibly others -- Ian?) classes will just have started back up. I'd vote for earlier, maybe the end of July? Or the first week or two of August? Beyond that us college-goers will probably be getting ready for the semester. I don't have a lot of preference on location, either of your ideas are about the same distance from me, personally. But yes, I'm very interested in this, I think it would be a lot of fun, and I think we could get a lot done. -re On 06/12/2012 07:03 PM, Kevin Fenzi wrote: > Greetings. > > I've been toying with the idea of a Fedora Infrastructure FAD (Fedora > Activity Day) around getting our security tasks further along/mapped > out, or just done. We can do all these things remotely, but sitting > down with less distractions and getting things done or deciding on > roadmaps may work faster/better in person. > > More information on FAD's: > http://fedoraproject.org/wiki/Fedora_Activity_Day_-_FAD > > Some possible Goals: > > * Put in place our 2 factor authentication solution. > - Enable globally for sudo. > - Come up with plan/roadmap for applications 2 factor > authentication. > - enable more 2nd factors if we only have one working. > (yubikey, google authenticator, others?) > * Revamp firewall rules to further restrict traffic between machines. > * Come up with a better plan for signing servers > - In puppet or out of puppet? > - On demand vs always on > - ssh access, console, 2factor? > * Hash out a roadmap or plans around git commit signing. > - See if this is something we want to do > * Work on FAS security enhancements > - backup email address? > - security questions? > - better gpg integration? > - handling for 2 factor auth > * Setup a simple IDS of some kind? > - Notice non standard traffic in our internal nets > * Finish up keys.fedoraproject.org and announce it. > * Clean up selinux AVCs and move more things to enforcing. > * Your brilliant Fedora Infrastructure security related idea here. > > Possible dates: > > last week of Aug, First week of Sept? > (This puts us between the Alpha and Beta freezes, and is possibly > enough notice to get better airfair/etc rates). > somewhere in 2012-08-27 to 2012-09-10 > > First 2 weeks in Nov? > (After F18 is released, before thanksgiving) > somewhere in 2012-11-05 to 2012-11-16 > > Right before next Fudcon? > 2013-01-15 to 2013-01-17? > > Your exciting better dates here. > > Possible locations: > > Red Hat HQ in RDU? > pros: can probably get a room/network and pull in other RH folks > > Westford, MA > pros: could probably get a room/network and pull in other RH > engr folks. > > Other location here: > must be cheap to fly to/stay at, and have a facility we could > meet at and use. > > So, this is more a 'is there enough interest in this to peruse it' type > of email. > > How many folks would be interested in going to something like this? > > What dates or places would you prefer? > > Is there another topic that would be a better thing to do than > Security? I can think of several more topics if we would prefer > something else (Fixing our application logging could be it's own FAD by > itself). > > Thoughts? > > kevin > > > > _______________________________________________ > infrastructure mailing list > infrastructure@xxxxxxxxxxxxxxxxxxxxxxx > https://admin.fedoraproject.org/mailman/listinfo/infrastructure >
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ infrastructure mailing list infrastructure@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/infrastructure
