Basic info

• Time: Wednesday 5 July 2023 at 13:00 CET (12:00 UTC)
• Place: #openvpn-meeting channel on LiberaChat IRC network

Topics

Current topics

• 2.6.6 release plans
  tentatively last week of July

• cmake work is done, need to decide if to merge that to 2.6 or not
  djpig notes that there are some things to be ironed out before we can backport

• Hackathon arrangements
  See ​https://community.openvpn.net/openvpn/wiki/Hackathon2023

• Security assessment of OpenVPN2 codebase.
  company agreed to publish. novaflash to push this to marketing for a release on site.

• Static-key mini how-to is outdated.
  This page is outdated badly: https://openvpn.net/community-resources/static-key-mini-howto/
  company will send this to tecch writer to redo based on ​https://github.com/OpenVPN/openvpn/blob/master/doc/man-sections/example-fingerprint.rst info
  and also retain a link to that github doc.

• License amendment for OpenVPN2 to solve openssl/mbedtls licensing issues
  we have a deadline at august 1st
  update: 2 additional people reached successfully
  currently attempting 3rd hard-to-reach person

• License amendment for OpenVPN2: keep old openssl exception or no?
  someone mentioned that we should remove the old exception.
  we will, eventually. while we still support openssl 1.0.2 we still need it
  if someone really wants to get rid of the exception they can fork openvpn2

• OpenVPN 2.6 performance results.
  We should work on an article to publish some performance results when 2.6 is out as stable.

• Website release process woes
  website team is working on migrating community downloads content to new cms system.

Topics on standby

• Teach someone other than djpig to do releases
  uddr and djpig will work together so they can share the responsibility/knowledge of openvpn2 releases.
  likewise dazo and djpig will share knowledge about copr/fedora releases.
  update: placed on standby for now because of holidays.

• What's going on with new taskbar icons?
  matt provided icons in ​https://github.com/OpenVPN/openvpn-gui/issues/595\\**update: will be picked up by selva when he has time

• security@… mailing list
  company is trying to get to soc2 compliance.
  probably will need a simple nda to be signed by recipients of emails to security@…
  company guy took standard nda we use for contractors, suggests to use that.
  novaflash thinks we should review that first to see if it's really suitable or not, community members are not contractors after all.

• Another key signing topic
  company switched EV code signing to cloudhsm, this is same cert type we use for driver signing, is also suitable for binary signing.
  in future we could possibly switch community to that same key. saves having to maintain 2 different keys.
  depends on how hard/easy it is to access company key signing thingee from community infrastructure.
  also no high priority at the moment, we have a working solution now.

• SBOM topic
  cron2 was asked if openvpn has a software bill of materials. answer was no.
  coincidentally, in openvpn inc a security requirement is to have an SBOM so this is on our list of things to do
  when we pick up this task we can coordinate on it.

• Forums machine on community infrastructure is only non-Linux system.
  mattock made a new forums system that runs on rocky linux 8 as agreed with ecrist.
  ecrist has looked at it but the current state of the migration is unknown.

• Management interface documentation on main website will be updated with info from doc/management-notes.txt
  novaflash will pick this up at some point

• https://openvpn.net/community-resources/openvpn-quickstart/ will be updated from /doc/man-sections/example-fingerprint.rst information.
  Static-key will be deprecated and contents updated with peer-fingerprint stuff.
  novaflash will pick this up again as time permits and other more important topics are done.