►
From YouTube: CNCF SIG Security 2020-10-28
Description
CNCF SIG Security 2020-10-28
A
A
A
A
A
B
All
good
awesome,
thank
you,
pardon.
I
had
myself
on
mute
for
30
seconds.
I
feel
silly
so
take
two
good
day.
Everyone
welcome
to
this
week's
cncf
security
weekly
meeting,
I'm
just
gonna.
I
just
posted
a
link
to
the
meeting
docs,
and
I
meant
to
do
that
to
everyone
literally
today
is
not
my
day
and
I'm
just
going
to
ask
if
anyone
is
able
to
take
over
for
a
scribe
role
today,
essentially
meeting
minute,
slash
note-taking.
B
B
A
A
So
I've
also
heard
about
the
ctf
that
we'll
be
running
on
cloud
native
security
day
and
it
sounds
like
it's
going
to
be
super
awesome.
So
if
you
know
of
anybody,
that's
interested
in
a
ctf
we're
going
to
be
running
one
that
day,
all
they
need
to
do
is
join
in
for
security
day,
we'll
also
be
promoting
the
security
day
event
on
the
cncs
twitch
channel.
So
if
you're
unswitched
or
interested
or
noah
folks,
that
want
to
learn
more
about
it.
A
I
believe
we're
doing
that
next
wednesday
about
an
hour
and
a
half
after
the
meeting
or
maybe
within
an
hour
of
the
meeting,
so
that's
coming
up
and
then
the
cloud
native
security
white
paper
we
eradica
had
mentioned
in
the
chat
that
she
got
a
lot
of.
Compliments
on
the
paper
and
the
quality
of
the
content.
A
So
she
wanted
to
pass
on
kudos
to
the
team,
but
I
also
wanted
to
mention
that
we
got
over
1200
suggestions,
changes
and
comments
about
the
document
which
more
than
80
of
them
were
included
or
had
slight
tweaks
before
being
included,
so
really
awesome
job
by
the
working
group
to
get
that
done.
So
the
review
has
officially
ended.
A
I'm
still
waiting
on
that
paragraph
from
the
storage
team,
they're
working
diligently
on
it
to
get
it
over
to
me,
and
I
will
have
it
added
in
and
then
we
are
presenting
it
to
the
talk
next
week
during
their
meeting
to
get
buy-in
and
feedback
off
of
that
and
next
steps.
So
right
now
everything
is
on
hold.
A
So
those
are
my
updates.
Does
anybody
have
any
questions
about
any
of
those
things
so
emily?
Do
we
have
to
incorporate
these
comments
before
kubecon,
so
everything
was
already
merged
into
the
paper.
So
all
of
the
comments
that
we
got,
I
think
you
and
I
know-
jj
and
myself-
went
through
the
document
and
started
adjudicating
several
of
the
comments,
but
there
shouldn't
be
any
of
them
that
are
outstanding.
At
this
point,.
A
A
Next
up,
you
probably
have
seen
changes
to
the
google
doc
for
the
meetings,
and
that
was
at
the
suggestion
of
one
of
our
members
to
make
it
a
little
bit
easier
for
scribes
to
use
the
document.
I
don't
know
that
we
had
anybody
sign
up
to
scribe
today.
We
do
yes,
excellent,
so
want
to
make
sure
that
the
new
format
is
much
easier
to
use.
A
A
A
B
I
was
matthew
here
I
was
just
going
to
ask
on
the
template.
What's
the
best
way
for
someone
to
reuse
it
like
is
the
at
the
very
bottom
of
the
document
in
the
heading
section,
there's
something
I
think
titled
meeting
templates
and
I
was
wearing.
Should
we
just
purge
everything
beneath
that
and
put
a
new
one.
That's
pretty
much
a
copy
past
of
the
one
we're
using
today.
Just
so
people
can
copy
paste
it
page
break
at
the
top
and
put
a
new
one
in
and
keep
it
in.
Sync.
A
Yeah,
so
that's
a
good
question.
I
moved
the
temp
all
right.
I
made
a
template
off
of
one
of
the
suggestions
and
linked
it
within
the
document.
So
if
you
scroll
up
above
the
security
meeting
for
today,
you'll
see
a
couple
of
arrows
over
linked
to
copy
meeting
notes
template
instead
of
scrolling
to
the
bottom.
So
if
you
open
that
document,
it's
a
blank
template
that
you
could
just
copy
in
and
move
over,
but
open
to
suggestions.
B
A
A
We
have
a
label
that
we
can
affix
to
issues
that
are
like
needs,
help,
help
wanted
good,
beginner
issues
so
going
through
and
starting
to
review
them
if
others
want
to
jump
in
and
take
a
look
at
them
as
well
and
see
if
there's
something
that
might
be
good
for
a
new
member
in
the
repo
to
get
involved
with.
That
would
be
super
awesome,
but
also
wanted
to
try
to
clean
up
some
of
our
older
issues
in
our
queue
and
sarah
had
submitted
a
ticket
on
key
elements
of
trustworthy
systems,
which
is
issue
number
20..
A
I
wanted
to
see
who
all
was
interested
and
kind
of
furthering
that
conversation
determining
whether
or
not
it
was
still
a
need.
My
initial
look
of
the
google
doc
linked
in
the
ticket
that
I
just
dropped
into
the
chat
looks
like
it
could
be
a
follow-up
to
the
white
paper
and
potential
new
working
group
for
the
for
the
sig.
A
A
B
A
B
Is
this
meant
to
be
like
a
general
say
guideline,
or
is
it
more
like
an
official
prescription
like
these
are
sort
of
some
baselines?
People
should
cover
in
general,
and
here
are
certain
tools
or
whatnot
that
go
into
the
pieces
when
designing
a
distributed
infrastructure
like
is
it
something
we
sort
of
would
put
cncf
security's
name
on
as
we
endorse?
This
is
the
way
thou
shalt
set
up
a
baseline,
distributed
system
for
security,
or
is
it
more?
These
are
best
practices.
I
guess
what's
the
intended
audience
of
it.
A
So
so
that's
what's
not
entirely
clear
and
sarah
could
probably
speak
a
little
bit
more
to
it,
but
I
wanted
to
try
to
make
people
aware
of
it
and
start
having
that
discussion
is.
I
believe
it's
intended
to
be
a
best
practices,
documents
and
more
of
things
that
you
should
be
considering
in
your
organization,
so
kind
of
using
as
a
reference.
C
E
E
White
paper
itself
is
more
of
a
descriptive
thing.
The
key
elements
of
trustworthy
system
should
be
more
aligned
with
the
landscape
and
should
be
more
of
a
prescriptive
thing,
so
between
white
paper
and
landscape.
I
think
we
can
probably
merge
this
to
be
like
a
one
thing
not
have
to
have
this
separate.
E
E
B
To
make
sure
I
didn't
miss
your
one
part
earlier
is
the
intent
that
this
issue
20,
that
this
document
would
become
a
section
of
say
the
white
paper
at
one
point
like
a
chapter
prescribed
best
practices,
sort
of
thing
or
long
term.
Would
they
remain
as
separate
entities.
This
document,
plus
the
white
paper
so.
E
I
would
until
we
finished
landscape
it,
it
might
be
worthwhile
to
defer
this
until
we
finished
landscape,
because
landscape
will
cover
a
bunch
of
what
needs
to
be
covered
here
and
then
it's
possible
that
we
don't
have
to
do
this
or
we
may
have
a
need
to
do
like
a
best
practices
based
off
of
the
review
of
paper
and
landscape
together
right.
So
I
don't
know
how
prescriptive
will
go
in
the
landscape
until
we
finish
the
landscape,
so
it
might
be
a
bit
too
early
to
see.
B
E
E
D
E
E
B
Okay,
so
I
think
I
get
a
better
idea
of
this.
My
this
is
probably
me
putting
a
cart
before
the
horse,
so
I'll
bring
it
up.
But
I've
heard
of
colleagues
have
noticed
have
found
that
into
the
cncf.
Interactive
landscape
is
pretty
darn
just
because
they're
sort
of
gives
them.
This
burst
view
of
what
they
need
for
their
projects
in
general
know
what
they
don't
know
and
take
it
from
there.
B
So
maybe
a
nice
little
prettification
down
the
road,
it
could
be
possible
best
practices,
document
links
into
say
a
separate
instance
of
that
landscape.
With
just
the
security
focused
pieces,
one
needs
an
ingress
controller.
One
needs
a
an
admission
controller,
maybe
a
mutating
emission
controller
policy,
enablements
service
and
stuff,
like
that
it
might
be
some
sort
of
onboarding
tool
to
supplement
work.
That's
already
in
the
that
argument,
just
my
two.
E
A
B
B
Okay,
pardon
for
the
delay.
I
didn't
see
additional
updates
on
the
meeting
minutes,
there's
just
waiting
for
the
doc
to
reload
and
I
don't
see
any
old,
check-ins
or
anything
from
cigs
or
groups,
so
at
points
I'll,
just
open
the
floor
for
anyone
that
wants
to
grab
the
mic
or
bring
up
any
topics
or
tickets
that
need
attention
and
after
that,
if
there's
any
new
people
that
would
like
to
introduce
themselves
I'll
open
the
floor
for
that.