aboutsummaryrefslogtreecommitdiff
path: root/archive/2021-11-23--meeting-minutes
blob: 69540fc7c5920a839672b5022443a96091e09f60 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
Date: 2021-11-23, 1300 CEST
Meet: https://meet.sigsum.org/sigsum
Chair: rgdd

Agenda
	* Hello
	* Status round
	* Discuss
	* Next steps

Hello
	* rgdd
	* ln5

Status round
	* [rgdd] half-baked idea that is related to signing format
		* https://git.sigsum.org/sigsum/tree/archive/2021-11-23-idea-related-to-ssh-format
	* [rgdd] sketched on updated meet structure
		* https://git.sigsum.org/sigsum/tree/archive/2021-11-23-meet-structure-notes
	* [ln5] continued work on ssh signing format proposal
		* as discussed in irc we are also considering to move:
			* shard hint into namespace (leaf)
			* key hash into namespace (tree head)
		* pros, especially for leaves:
			* simplifies tooling
			* cleaner separation of data and context
			* can get the "remove arbitrary bytes" proposal for free, see above idea

Discuss
	* Decision: update meeting structure to s/Discuss/Decision
	* Decision: start using open-ended shard-interval
		* https://git.sigsum.org/sigsum/tree/doc/proposals/2021-11-open-ended-shard-interval.md
		* start next shard when the open-ended shard-interval is tagged in sigsum-log-go
		* let our current ("completed") shard continue running until the above is fixed

Next steps
	* [ln5] continue on ssh singing format proposal and deploy next shard when possible
	* [rgdd] implement open-ended shard interval, if time start defining work packages

Other useful links
	* [rgdd] additional links from kpcyrd about pacman-bintrans
		* (Recall: https://github.com/kpcyrd/pacman-bintrans)
		* Signature index
			* List that allows mapping signature -> package name after discovery in log
			* https://pacman-bintrans.vulns.xyz/sigs/
		* Package index
			* https://archive.archlinux.org/packages/