►
From YouTube: Kubernetes SIG Security 20210603
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
It's
five
after
thank
you
all
for
your
patience
as
we
have
come
to
quorum.
I'm
super
glad
to
see
everybody
again
for
another
kubernetes
sig
security
looks
like
we
have
a
couple
of
things
here
on
on
slack
ray
said
that
he
wouldn't
be
able
to
attend.
So
anybody
who
is
closer
to
external
audit
than
myself
wants
to
wants
to
pipe
up
about
external
audit.
Otherwise
I'll
do
my
best.
A
All
right,
yeah
like
it
like
it
says
in
the
notes,
the
rfc
remains
open,
still
hoping
to
get
more
proposals,
but
apparently
there
have
been
further
good
questions
from
vendors
who
are
interested
in
potentially
making
proposals
and
so
I'll
be
going
and
lgtming
that,
after
the
meeting
with
the
updates
to
the
rfp
with
those
questions
and
the
answers
to
them,
and
otherwise
it's
it's
continuing
to
try
to
get
the
word
out
and
and
drum
up
interest.
A
So
that's
that's
what
I
know
there
next
thing.
I
did
in
fact
make
it
its
own.
I
did
in
fact
bump
it
out
to
the
left
one
notch
to
make
it
its
own
bullet
point
pusher.
Do
you
want
to
tell
us
about
the
cluster
api.
B
Yes,
so
real
quick
update,
we
have
a
new
dedicated
slack
channel
for
this
to
have
a
focus
discussion.
B
Six
security
assess
cappy
if
I'm
not
wrong,
and
what
we
have
set
in
terms
of
expectation
is
the
progress
considering
all
the
people
around
will
be
slow
but
reasonable
in
terms
of
pace
and
as
a
first
step
of
what
we
are
trying
to
do
is
gather
some
documents
for
talks,
videos,
tutorials,
etc
to
learn
more
about
cluster
api,
so
it
kind
of
works
essentially
like
a
homework
schedule
for
all
of
us
to
do
before
we
start
with
the
self-assessment.
B
So
that's
where
we
are
anyone
interested
feel
free
to
join
that
channel
and
chime
in
into
the
discussions.
Also,
I
love
your
cat.
Thank
you.
A
All
right
I
will,
I
will
get
the
slack
channel.
I
just
double
checked
it
here
on
my
ipad
I'll
get
the
slack
channel
typed
into
the
notes.
C
A
For
for
docs,
no,
no
updates,
no
updates
right
now.
One
thing
that
I
do
think
is
interesting
was
a
thread
on
kdev
about
helping
to
protect
users
from
inadvertent,
coupe
ctl
deletes
this
you
know
has
intersections
with
ui
and
with
security
and
policy
and
and
authentication
all
of
all
of
these
things.
You
know
it's
certainly
a
thing
that
I
have
thought
about
in
a
professional
capacity
and
there's
there's
a
lot
of
options
there.
A
So
I'm
glad
to
see
that
that
discussion
has
gotten
a
lot
of
input
from
a
broad
variety
of
people.
They've
had
an
ad
hoc
meeting
about
it.
If
you,
I
think
they're
probably
going
to
have
more
so
if
you,
if
you
find
that
interesting,
you
can
go
to
the
kubernetes
dev
email
list.
If
you
haven't
already
seen
the
thread
check
out
the
thread
there.
D
Hi,
it's
glad
to
be
here,
so
I
just
wanted
to
give
a
quick
update
on
this.
Can
anybody
hear
me
all
right
because
I'm
wearing
masks.
A
D
Sounds
good,
so
quick
update
was
that
I
went
to
the
signord
meeting
and
asked
them
for
help
on
this,
and
we
got.
I
think,
three
people
to
sign
up
to
look
at
different
things.
I
think
there's
somebody
who
look
at
continuity.
D
Some
people
look
at
crio
and
also
the
cri
api
changes
that
we
are
proposing
for
this.
So
the
question
that
remains
is:
is
there
someone
from
security
score
working
group
who
can
volunteer,
as
liaison
for.
D
D
C
A
Yeah
yeah,
she
won't
be
able
to
do
that
like
in
an
official
capacity
right
now,
but,
but
I
think
like
for
the
purposes
of
this
cap,
it's
really
just
more
someone
who
is
interested
in
you
know
being
able
to
use
this
feature
in
in
you
know,
helping
them
to
model
out
what
are
the?
A
What
are
the
potential
good
and
bad
repercussions
of
enabling
this
feature
that
that
sort
of
thing
you
know,
I'm
I'm
happy
to
contribute
there,
as
you
know,
as
as
well
as
in
a
lot
of
places,
but
but
if,
if
we
have
somebody
who
can
commit
to
it
more
firmly
than
I
can,
that
would
certainly
be
awesome.
A
Related
related
question
about
this:
do
you
feel,
like
you,
have
good
engagement
with
with
sigoth
on
this?
I
think
that
they
also
will
have
folks
that
will
have
good
input
and
you've
you've
done
a
great
job
of
getting
engagement
with
sig
node.
So
that's
awesome.
If
you
need
a
hand
with
getting
engagement
from
sigoth,
you
know
happy
to
help
with
that
or
or
if
you
feel
like
you've.
D
D
Policy
plus
engagement
is
that.
A
A
You
know
in
general,
they've
had
a
lot
of
they've
had
a
lot
of
good
historical
context
around.
B
D
Yeah,
that's
the
great
I'll.
Do
that
I'll
go
to
their
next
meeting
and
kind
of
add.
Add
it
to
their
agenda
to
review
this
account
so.