►
From YouTube: CNCF Notary v2 Key Management 2020-07-24
Description
CNCF Notary v2 Key Management 2020-07-24
A
B
A
All
right,
marina,
do
you
know
if
justin
is
going
to
be
joining
today.
B
A
Meeting,
I'm
not
sure,
let's
get,
let's
give
it
a
couple
of
minutes
and
see
if
else.
A
A
A
I
think
we
can
get
started.
I
don't
think
anyone
else
is
joining
today.
The
what
I
kind
of
wanted
to
get
done
today
was
go
over
the
pull
request
and
finalize
that
and
marco,
I
think,
you've
already
taken
a
look
at
it.
Justin
have
you
had
a
chance
to
review
it
and
come
up
with
some
comments
or
feedback.
D
Is
this
what
I
was
looking
at
last
week
or
I
just
want
to
make
sure
I'm
talking
about
the
same
thing?
Can
you
just
post
the
link
in
chat,
so
I
can.
A
Yep
I'll
put
the
link
in
chat.
It's
the
same
one.
I
added
in
some
of
the
the
reasoning
like
we
discussed
last
week
so
to
clarify.
So
let
me
put
this
in.
D
D
D
So
one
thing:
okay,
so
you
talk
about
the
publisher.
D
D
Yeah,
okay
and
the
publisher
is
the
person
who's
actually
creating
the
containers
and
then
there's
another
party
here
that
I
think
is
implicit,
which
is
sort
of
the
person
who's
running
the
registry.
D
Yeah-
and
I
don't
know
how
relevant
this
is,
but
I'm
just
curious
about
one,
a
couple
of
things
that
come
up
when
I
start
to
think
through
them
and
what
they
are
supposed
to
be
trusted
to
do
and
what
they're
supposed
to
not
be
trusted
to
do
more.
Specifically,
because
I
think
in
your
system,
you
want
the
the
publisher
like
someone
who
is
a
publisher,
which
I
noticed,
do
you
have
like
the
publisher,
admin
and
builder
and
signer?
A
So
what
do
you
mean
by
which
images
are
trusted
right
in
the
sense
that
there's
two
there's
two
different
definitions
of
trust
here
right
one,
the
employer
is
saying
here
are
the
different
publishers.
I
trust
if
anything
is
signed
by
them.
A
I
will
trust
that
software
and
then
there's
the
other
component
of
trust
where
a
publisher
is
saying
here
are
the
here:
are
the
containers
or
things
that
I
have
signed
that
I'm
saying
you
can
trust
that
having
come
from
me
right
so
which
one
of
those
are
you
are
you
referring
to
here.
D
I
I
think
they're
both
very
related,
because
I
think
the
first
one
deals
with
who
you
trust
and
the
second
one
deals
with.
As
I
understand
what
you're
saying
the
second
part
deals
with
what
the
people,
who
you
trust,
say
right
and
so
in.
D
In
the
end,
I
think
the
like,
I
think,
the
design
you're
in
part
arguing
for
which
I
think
is
which,
as
I
as
I
understand
it,
and
is
that
the
publisher,
like
some
set
of
people
who
are
the
publishers,
are
the
people
that
the
deployer
who
has
picked
those
publishers
has
enabled
to
decide
what
containers
should
be
installed
when,
when
you
know
when
the
deployer
goes
to
make
a
request.
C
Go
ahead
so,
from
my
perspective,
I
think
we
we
should
split
these
scenarios
a
bit
from
two
to
two
angles,
so
you
have
the
consumer
part
where
you
would
like
to
know.
Okay,
what
are
designed
images
and
and
what
are
the
keys,
which
I
trust.
C
So
I
think
that
somewhere
covered
using
these
root
keys,
which
you
can
somehow
white
list
on
on
your
registry,
but,
on
the
other
hand,
that's
the
topic
we
at
philips
are
trying
to
resolve
with
notary
v1
today
is
how
do
we
manage
which
developer
or
which
ci
job
is
able
to
sign
an
image
at
which
point
in
time?
C
C
In
that
case,
we
want
to
be
have
the
team
be
able
to
self-manage
the
delegations
for
the
given
target
repositories,
but
on
the
other
hand,
we
also
want
to
have
control
on
creating
target
keys
and
removing
target
keys
and
and
and
doing
things
like
key
rotation
and
that's
more
or
less
a
administrator
kind
of
rule.
C
The
first
thing
you
will
do
is
request
for
a
target
signing
key
to
this
administrator
team.
They
will
create
you
this
target
key
and
on
this
target
key.
You
can
create
your
delegations
or
remove
the
allegations
or
replace
your
key
with
with
a
new
one.
C
So
that
kind
of
things
and
for
this
we
we
have
this
proof
concept
justin
you.
You
missed
that
as
you
learned
in
in
that
meeting
where
I
gave
the
demo,
but
but
it's
available
open
source,
it
comes
with
it
with
a
small
web
interface
to
to
manage
these
kind
of
things,
but
I
think
in
auto
revv2.
As
far
as
I
can
see
now
in
in
the
design,
this
is
not
not
covered.
A
Well,
I
think,
actually,
if
you
look
at
the
hybrid
signing
use
case
and
then
the
signing
by
build
machines
or
dedicated
machines,
that
does
cover
some
of
that
right,
we're
talking
about
the
administrator,
creating
a
a
root
key
and
then
delegating
access
for
the
the
entity,
that's
essentially
being
designer,
whether
that's
a
developer,
whether
that's
a
build
machine
to
be
able
to
actually
get
delegate
keys
that
change
from
the
root.
So
that's
something
yeah.
I
think
the
coverage.
A
I
think
that's
that's
I
I
can.
I
can
take
elaborating
kind
of
like
who
can
take
on
those
different
roles,
but
I
still
don't
think
we've
answered
justin's
initial
question,
which
was
around:
how
are
we
determining
which
artifacts
we
are
going
to
trust
overall
ray?
I
think
justin
here
the
way
I
was
envisioning
it
is
that
you
know
you're
essentially
like
you
call
that
the
deployer
is
trusting
some
entity
to
say
these
artifacts
are
trusted.
A
These
artifacts
are
okay
to
run,
and
then
it
is
up
to
the
entity,
that's
being
trusted,
in
this
case
the
publisher,
to
kind
of
manage
how
they
say
here
are
here's
here's,
the
ones
where
we
have
signed,
and
we
we.
We
want
our
sort
of
like
consumers
to
say
they
can
trust
us,
and
then
they
have
also
mechanisms
to
say
something
that
we
have
provided.
Trust
us
before
is
no
longer
trusted
right.
A
D
I
mostly
want,
I
think
it
would
be
helpful
to
be
very
explicit
that
this
administrator
party
is
not
trusted
like
the
registry
party
and
to
be
clear
about
that
part
of
the
process,
because
actually,
I
think
the
biggest
concern
that
that
we
have
overall
is
that
that
a
party
that
has
control
over
a
registry
can
do
things
that
are
extremely
damaging
and-
and
so
you
know,
I've
heard
some
discussion
and
some
you
know
like
oh
well.
D
Obviously
you
know
if
what
we're
supposed
to
be
having
here
is
we're
supposed
to
have
the
the
publishers
and
the
people
at
the
organizations
actually
deciding
what
gets
installed
and
and
what's
trustworthy,
then
than
that
those
are
kind
of
very
different
models
than
one
where
oh
well,
I
just
trust
the
registry,
and-
and
you
know
I
don't
need
to
sign
anything
because
it
comes
from
the
registry.
The
registry
is
a
good
guy
which
isn't
isn't
the
model
that
steve
or
anybody's
proposing.
But
I
think
there's
flavors
of
that
that
creep
in
in
places.
C
I
I
think,
that's
that's
also
what
I
meant
with
we.
We
should
split
more
the
the
the
role
of
the
consumer
and
design
also
also
in
in
the
admin
part
you
have
the
admin
part
where
you
trust
keys,
which
are
derived
from
a
from
a
given
root
or
a
given
intermediate,
where
you
can
white
list.
What
what
is
the
things?
C
We
really
trust
so
that
that
could
be
a
subset
of
images
from
different
registries
and,
on
the
other
hand,
you
have
the
part
where
you
are
managing,
who
is
able
to
sign
the
images
for
a
given
repository.
A
Yeah,
I
think
the
part
of
the
goal
here
was
to
completely
remove
the
role
of
the
registry
in
the
trust
components,
and
I
think
that
can
be
addressed
by
adding
in
a
registry
persona
that
says
that
here
are
the
places
where
the
registry
owner,
if
you
will
gets
involved,
what
does
their
role
mean?
What
do
they
add
and
where
are
they
required?
A
A
You
can
validate
and
upload
to
the
registry
whether
this
actually
was
signed
by
the
developer
in
question
or
not
or
the
publisher
in
question
or
not,
but
even
then
the
when
those
container
images
are
being
pulled
down
by
the
deployer
they're,
essentially
still
able
to
revalidate
that
and
that's
happening
independent
of
the
registry
right.
A
So
I
think,
if
I
add,
in
a
registry,
persona
and
kind
of
show
the
end-to-end
workflow
of,
like
you,
know,
a
container
being
signed,
getting
uploaded
and
getting
pulled
out
and
deployed
and
show
sort
of
like
what
role
each
persona
has
there.
I
think
that
might
address
some
of
the
concerns
I'm
carrying,
because
I
think
that
is
missing
and
clarity
from
the
the
scenarios
right
now.
D
I
I
think
that
would
be
interesting.
I
think
that
would
be
helpful
to
see.
I
have
a
couple
of
other
little
questions,
but
I
don't
want
to
kind
of
monopolize
the
the
meeting
here,
but
what
one.
A
D
Okay,
like
root,
revocation,
which
you
say
compromise
a
compromise
route,
should
not
be
needed
in
process
to
designate
itself
as
revoked.
D
Don't
really
understand
this!
Well,
I,
how
does
okay
so.
D
You've
you
describe
a
way
this
could
be
done,
which
basically
means
you
have
to
have
a
way
to
touch
all
of
the
clients
in,
like
the
second
to
last
step.
A
Yeah,
the
part
of
where
this
comes
in
from
is
in
notary
view.
One
one
of
the
big
concerns
is
if
your
root
is
compromised,
that
root
can
itself
then
be
used
to
rotate
to
a
new
version
of
the
root,
and
so
I
think
separating
out
like
how
you
do
root,
revocation
from
sort
of
like
essentially
other
revocation,
was
one
of
the
areas
that
we
wanted
to
address
in
arabi
too
right
with
roots.
A
D
Okay,
so
they
have
those
two
things.
Let's
say
they
have
those
two
things:
okay,
so
now
you
have
two
possible
designs.
Design
one
is:
is
the
original
tough
notary,
v1
design
where
they
then
can
rotate
the
route?
Okay?
So
then
they
rotate
it
to
a
new
thing.
D
D
You
know
like
it's:
it's
it's
information
for
a
small
group
of
developers
not
like,
like
every
repository
that
exists
or
something
on
docker
hub;
okay.
So
so
that's
scenario
one
so
so
they
can
take
things
over
install
what
they
want.
But.
D
D
D
A
So
I
think
part
of
it
is
the
requirement
to
have
to
go
to
the
clients
to
enforce
that
right.
So
with
an
automated
rotation,
I
think
there's
a
there's
a
potential
that
the
root
that's
like.
A
If
the
root
is
being
used
to
kind
of,
say,
here's
how
we're
rotating
it,
then
the
the
attacker
can
change
the
route
right
and
then,
from
that
point
forward,
you're
automatically
locked
up
from
rotating
the
route
yourself,
because
you
no
longer
have
access
to
the
new
route
that
the
attacker
used
to
kind
of,
like
the
sign
to
do
the
rotation
with
right.
D
D
A
I
think
what
what
I'm
proposing
here
is
that
the
clients
have
a
mechanism
to
understand
what
the
routes
are,
and
this
is
not
using
the
the
the
keys
that
are
being
used
for
signing
the
containers
and
images
right,
so
this
would
be
kind
of
where
I
think
the
notary
server
morphs
into.
So,
if
you
think
of
notary
server
as
being
like
a
repository
of
keys
that
are
trusted
for
different
entities,
then
you
can
essentially
check
the
notary
service
to
see
what
the
latest
set
of
trusted
routes
are.
A
This
way,
if
someone
wants
to,
like
you
know,
say
like
here's,
a
new
set
of
routes
that
we
want
to
use,
they
can
upload
that
to
notary
server,
and
you
can
your
clients
can
check
that
to
see
what
the
new
set
of
trusted
groups
are.
So
that
allows
you
to
do
group
rotation
without
having
to
use
the
the
root
as
sort
of
like
a
as
an
authentication
mechanism.
If
you
will.
D
A
It
yeah-
I
think
this
is
this-
is
this-
is
something
that
we
can
look
into
more
in
the
design,
but
essentially
what
I'm?
What
I
think
comes
out
of
this
as
a
requirement
is,
we
need
a
component
that
is
telling
you
what
the
latest
routes
to
trust
are
for
any
publish
for
for
a
publisher
without
having
to
use
the
keys
themselves,
as
as
as
mechanisms
for
authentication.
A
D
Are
you
talking
about
like
in
in
like
a
tough
repository
or
are
you
talking
about
in
just
in
general,.
A
A
So
this
could
be
sort
of
like
you
know
if
you're
saying
like,
I
trust,
let's
say
I
don't
know,
let's
say,
let's
make
up
a
company
if
I
trust
acme,
here's
where
I
know
acnes,
like
keys,
are
published
from,
and
here's
where
I'm
going
to
go
to
get
that
key
information,
because
I
trust
acme
as
a
publisher,
then
anything
that
I
see
signed
with
acme's
key.
I
can
verify
that
they
change
from
their
root.
D
Right
but
but
the
reason
why
the
ca
system,
like
does
all
this
and
works
is,
is
because
effectively
a
bunch
of
rules
and
regulations
were
written
around
what
it
means
to
be
a
ca
and
how
to
do
things
and
the
ca
system,
because
it
has
a
lot
of
parties
involved
and
has
a
lot
of
trust
in
those
parties
has
actually
been
a
pretty
big
example.
D
In
many
cases
of
of
sort
of,
like
the
trust
system,
gone
awry,
so
I,
like
you,
know
the
fact
that
you
have
500
certificates
like
for
different
cas.
All
completely
trusted
by
your
browser
is
is,
is
you
know
not
a
not
a
great
situation
given
all
the
digi
noter
and
other
hacks
that
have
happened
in
the
past,
but
but
how
would
you
I
like?
D
I
think
I
need
to
digest
this,
but
to
me
it
feels
like
you're
taking
and
you're
you're,
creating
a
new,
very
trusted
party.
That
is
the
like.
A
third
party.
You
you're,
I
think
the
way
you're
talking
about
this
is
this
is
some.
Is
this
a
server
that
everybody
sets
up
individually?
Every
individual
party
sets
up
a
server
that
has
these
root
keys.
B
A
More
into
sort
of
like
how
that
is
set
up
right,
like
that,
could
be
done
in
a
combination
of
ways
for
for
publishers
that
have
a
strong
notion
of
trust
where
it's
kind
of,
like
you
know,
hey
like.
I
absolutely
want
to
make
sure
that
no
one
else
is
able
to
kind
of
compromise
me
like
have
like
you
know,
like
you
know
like.
A
If
you
have
someone
you
could
set
up
this
yourself
and
then
this
information
yourself
on
the
flip
side
like
if
you
would
want
to
kind
of
go
down
the
ca
model
and
say,
like
you
know,
I
don't
want
to
run
the
server
myself.
You
could
potentially,
like
you
know,
designate
a
third
party
to
establish
and
share
that
trust
for
you
right.
I
think
this
really
goes
up
to
like
each
individual
publisher
determining
what
their
trust
boundary
looks
like.
A
C
So
so
let's
say
we
have
many
notary
servers,
and
many
of
these
notary
servers
could
be
cloud
could
be
private
ones,
and
let's
say
I
would
like
to
run
a
private
server
in
my
close
to
network
environment,
but
I
still
want
to
be
able
to
trust
some
of
the
images
from
docker
hub
based
on
trusting
a
route
or
trusting
some
other
level
of
certificate
so
shouldn't
there
be
also
some
something
to
administer,
how
your
server
exchanges
the
root
certificate
information
with
other
notary
servers.
C
So
you
can
basically
build
a
swarm
of
servers
where
this
information
can
be
retrieved
from
so
my
client
only
needs
to
connect
with
my
particular
notary
server
and
then
just
propagates
to
two
different
servers
to
to
retrieve
the
the
information
which
is
not
stored
locally.
So
I'm
more
talking
about
a
distributed
model
where
you
see
nowadays,
a
lot
of
things
are
moving
into
these.
These
distributed
models
where
the
information
is
not
on
one
server
but
where
it's
just
spread
across
the
cloud
or
the
internet.
A
That
presents
some
risk
in
the
sense
that
if
you
have
a
distributed
model
of
trust
where
this
information
is
propagating
through
whenever
you're
doing
a
rotation,
you
also
need
to
kind
of
make
sure
that
it's
going
through
in
a
reliable
manner
to
all
of
the
all
of
the
distributed
hosts
and
things
like
that.
Right,
yeah.
A
So
I
think,
having
a
central
server
makes
more
sense
in
the
sense
in
time
in
terms
of
making
sure
that,
if
you
in
in
this
in
the
regards
secure
rotation
or
vacation,
there's
a
central
authority
that
you
can
essentially
go
and
verify
that
information
from
for
air
gapped
environments
right.
I
think
this
is
one
of
that.
A
I
have
a
section
in
the
trust
or
configuration
which
we
can
expand
on.
The
idea,
essentially,
would
be.
You
can
periodically
check
if
you
want
and
pull
in
that
information,
but
you
wouldn't
get
that
sort
of,
like
you
know,
immediate
information,
if,
like
a
revocation
or
something
happen,
it
is,
though,
that,
like
you
know,
we
could
kind
of
come
up
with
some
kind
of
a
notification
mechanism
that
you
could
set
up.
A
C
Yeah,
so
in
that
situation
you
would
need
a
secure
trusted,
synchronization
protocol
or
something
like
that,
not
sure
how
that
would
look
like,
but
that
that
would
be
definitely
something
that
that
you
would
require.
But
let's
say,
if
we
stick
with
with
with
the
central
server,
I
foresee
one
wants
one
issue
there,
that's
with
some
of
these
big
enterprises,
even
even
in
some
of
our
own
products
or
things
which,
which
are
deployed
at
hospitals.
We
simply
are
not
allowed
to
do
a
network
connection
outside
of
the
trust
network
and
stuff.
C
C
C
We
should
also
give
a
thought
because
at
the
moment,
with
notary
v1,
what
I
see
with
most
people
is
that
they
they
find
it
difficult
difficult
to
understand,
difficult
to
manage
with
all
the
constraints
they
are
also
getting
from
from
clients
like
I
just
explained,
but
there
are
also
use
cases
where,
where
it
is,
of
course
it's
not
applicable
where
it's,
where
it's
a
lot
more
straightforward
and
yeah
more
cloud
agnostic.
A
So
there
is
a
workaround
that
would
currently
work
in
that
sense
that
you
don't
necessarily
need
to
go
to
a
server
to
get
the
keys.
You
can
also
configure
the
keys
yourself
right
so
in
an
air
gap
environment.
One
of
the
things
you
could
do
is
you
could
look
at
what
keys
are
trusted
and
configure
them
yourself,
but
that
is
at
a
point
sort
of
trust.
A
Right,
like
you
have
to
go
back
and
update
that
at
some
point
I
think
in
a
true
air
gap:
environment
where
you
don't
have
that
network
connectivity
you're
going
to
need
some
manual
process
to
upload
that-
and
I
think
that's
that's-
that
at
least
the
ability
to
kind
of
configure
keys
locally
would
give
you
that
ability.
A
A
section
I
have
a
section
for
that
in
on
line
71,
I
will
expand
that
to
kind
of
show
some
of
these,
because
that
was
something
that
steve
talked
about
as
well,
that
we
should
kind
of
like
clarify
how
air-gapped
environments
would
build
the
trust
and
also
the
signing
as
well.
C
So,
let's
say
someone
managing
who
is
able
to
sign
images
could
potentially
be
someone
with
a
different
world
and
than
someone
who
is
managing
the
the
trust
of
certificates,
roots
and
things
like
that.
C
I
think
making
that
a
more
explicit
split
probably
also
eases
the
discussion
like
who
is
doing
what
and
which
scenario.
Would
they
do
these
kind
of
actions.
A
A
So
this
is
necessarily
like
the
same
way:
publishers
fit
into
an
admin
and
a
signer
deployer
gets
split
into
an
admin,
who's,
configuring,
the
trust
and
the
developer
running
the
or
a
machine.
That's
actually
pulling
the
containers
and
running
them.
So
I
think
I
can
split
deploy
into
two.
So
if
I'm
carrying
the
feedback
on
the
personas,
the
this
really
should
have
five
personas
going
forward
an
admin
and
a
assigner
for
publisher
and
for
deployers.
B
Organization,
I
think,
similarly,
for
that
scaling
property.
It
would
be
nice
if
the
different
personas
can
like
delegate
pieces
of
their
role
to
other
parties,
especially
in
like
a
very
large
organization.
So
like
you
could
have
multiple
people
in
charge
of
a
particular
persona
like
it
doesn't
have
to
actually
be
a
person
or
even
a
single
key
or
anything.
C
C
A
I
think
those
roles
would
make
sense,
but
do
we
want
to
make
that
distinction
now
or
do
we
want
to
work
on
a
design
and
then
figure
out
what
the
different
roles
are
and
come
across?
That?
I
think
what
I
was
attempting
to
do
right
now
was
at
a
very
high
level
capture
what
the
different
use
cases
are.
A
So
we
can
further
blend
it
into
the
design,
and
I
think
that
design
would
spell
out
what
the
different
activities
are
and
then
I
think
we
can
go
more
into
like
what
the
role
distinctions
there
need
to
be.
B
C
A
Sense.
Okay,
so
I
think
what
I'm
going
to
do
next
step
is
add
in
those
additional
personas.
Add
some
more
details
to
the
trust
for
configuration,
use
cases
but
justin.
I
wanted
to
go
back
and
I
think
we
still
around
sort
of
like
the
root
kind
of
management
piece.
We
didn't
quite
really
settle
on
an
answer
there.
What
are
sort
of
like
some
of
the
additional
concerns
that
you
think
we
should
debate.
D
I'm
still
like
I
still
when
I
try
to
kind
of
reason
through
some
of
this,
especially
around
around
this,
like
additional
party
for
root.
Revocation,
I
still
have
a
really
hard
time.
I
think
it's
just.
D
I
need
to
to
go
through
the
scenarios
because,
as
I
kind
of
map
this
out
in
my
mind,
it
feels
like
this
is
just
adding
another
party,
and-
and
I
I
I
you
know-
I'm
gonna
probably
go
back
through
the
recording
for
this
and
try
to
understand
better
where
you're
coming
from,
but
I
I
still
have
like
from
just
a
security
trust
standpoint.
It
it
feels
like
this
just
makes
this
design
weaker
than
than
having
the
root.
D
Do
the
rotation
like
like
you're,
adding
in
another
party
and
and
I'll
try
to
have
a
an
easier
way
to
reason
about
it,
but
like
fundamentally,
the
way
I
the
way
I
still
see
it
is.
Is
that
the
the
the
trust
like
you
you're
you're,
just
adding
a
party
that
you're
that
you're
relying
on
even
more
and
you
already
were
in
trouble
if
the
route
was
compromised?
D
But
now,
if
this
other
party
that
serves
as
the
central
like,
I
don't
know
what
you
want
to
call
them,
but
the
is
that
that's
not
the
trust
store
right
or
is
it.
A
No,
it
isn't.
The
truster
essentially
is
the
deployer
configuring
which
keys
or
which
entities
they
trust.
So
that's
not
the
truster.
A
I
think,
let's
do
this,
I'm
going
to
clean
up
some
of
the
language
here
if
you
want
to
take
a
look
at
it
next
week
and
then
come
up
on
friday
with
sort
of
like
where
you
see
sort
of
like
the
concerns
being.
Maybe
we
can
address
this
in
the
next
meeting.
C
A
A
A
C
A
A
Okay,
was
there
anything
else
I
didn't
have
any
other.
I
think
I've
gotten
some
good
feedback
today
as
well
for
the
next
round
of
changes
on
this
stock.
D
Yeah,
I
still
need
some
some
time.
I'm
sorry!
I
didn't
prepare
well
enough
for
this
meeting.
I
still
need
some
time
to
digest
this,
but
I'll
have
more
feedback.
Next
week
too,
okay
sounds.
A
Good
marco
marina,
thomas.
B
A
Okay,
I'll
go
ahead
and
publish
another
update
by
monday
morning,
and
then
we
can,
if
once
you
guys,
get
a
chance
to
review.
If
you
put
in
comments,
I
can
also
start
looking
at
it
for
the
friday
meeting,
but
next
friday,
I'd
like
to
close
this
and
the
monday
after
just
shares
what
we've
agreed
upon
with
the
larger
audience,
then
we
can
start
like
focusing
on
the
design
aspect
of
this.
A
All
right,
thank
you
all.
I
think.