Basic info
- Time: Wednesday 17 May 2023 at 13:00 CET (12:00 UTC)
- Place: #openvpn-meeting channel on LiberaChat IRC network
Topics
Current topics
- 2.6.5 release plans
in about 4 to 8 weeks from now so anywhere between half june and half july
- PGP signing key for OpenVPN releases
djpig noticed an issue with the gpg signing key.
accidentally used recently revoked key instead of new key from recent key rotation.
also apparently latest debian release's gpg does not like sha1 anymore.
- Status of PoC using Gerrit for code review.
cron2 took a look, hopefully it will be working now.
- Security assessment of OpenVPN2 codebase.
what was result of last week's meeting?
- security@… mailing list
company is trying to get to soc2 compliance.
probably will need a simple nda to be signed by recipients of emails to security@…
company guy took standard nda we use for contractors, suggests to use that.
novaflash thinks we should review that first to see if it's really suitable or not, community members are not contractors after all.
- Website release process woes
website team claims their solution is 95% done. we'll see.
Topics on standby
- Another key signing topic
company switched EV code signing to cloudhsm, this is same cert type we use for driver signing, is also suitable for binary signing.
in future we could possibly switch community to that same key. saves having to maintain 2 different keys.
depends on how hard/easy it is to access company key signing thingee from community infrastructure.
also no high priority at the moment, we have a working solution now.
- SBOM topic
cron2 was asked if openvpn has a software bill of materials. answer was no.
coincidentally, in openvpn inc a security requirement is to have an SBOM so this is on our list of things to do
when we pick up this task we can coordinate on it.
- Forums machine on community infrastructure is only non-Linux system.
mattock made a new forums system that runs on rocky linux 8 as agreed with ecrist.
ecrist has looked at it but the current state of the migration is unknown.
- OpenVPN 2.6 performance results.
We should work on an article to publish some performance results when 2.6 is out as stable. but first press release.
- Management interface documentation on main website will be updated with info from doc/management-notes.txt
novaflash will pick this up at some point
- https://openvpn.net/community-resources/openvpn-quickstart/ will be updated from /doc/man-sections/example-fingerprint.rst information.
Static-key will be deprecated and contents updated with peer-fingerprint stuff.
novaflash will pick this up again as time permits and other more important topics are done.
Download in other formats: