►
From YouTube: Kubernetes SIG Security 20210826
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
All
right,
it
is
for
after
hello,
everyone
thank
you
officially
for
coming
to
another
kubernetes
sig
security,
where
we
can
go
over
what's
going
on
and
what's
on
our
minds
and
how
we
can
continue
to
push
things
forward.
A
So
thank
you,
bushka
for
taking
notes
here
and,
let's,
let's
jump
right
into
hearing
from
what
all
of
the
folks
are
doing
in
subgroups
ray.
I
think
you've
got
a
real
short
update
for
us.
Yeah.
B
I
just
just
want
to
say
that
we're
still
in
progress
and
yeah
and
we'll
get
more
details
as
they
come.
A
A
I
think
I
think
savvita
is
is
not
going
to
to
be
here
to
share
this
progress
with
us.
Does
anybody
does
anybody
else
who
has
been
involved
in
this
want
to
expand
a
little
bit.
C
We
read
the
paper
or
the
guidance
in
the
last
couple
of
weeks
and
added
our
notes
in
a
hackmd
talk,
and
the
idea
now
is
to
start
drafting
a
markdown
blog
around
after
labor
day
weekend,
which
is
september
8th
or
so
and
then
in
a
week
we
hope
to
publish
it.
D
D
D
Cool,
oh
thanks.
A
lot
I've
had
the
I've
had
enough
questions
on
that
document
to
get
asked
to
read
it
a
couple
of
times,
so
I
have
read
it:
okay,
great.
That
would
be
wonderful
one.
Other
quick,
sig,
docs
update,
which
could
be
useful,
is
we're
still
working
on
the
admission
controller
threat
model
and
the
link
I've
put
the
link
to
the
brainstorming
document
in
the
in
the
chat.
We've
already
had
some
great
input
from
bushkar
and
from
tim
mulcair
and
from
jim
as
well.
D
A
Awesome
who
anybody
anybody
have
anything
else
to
add
to
this.
A
All
right,
tooling,
how
are,
how
are
things
going
with
tooling.
C
Yes,
so
we
have
a
couple
of
updates.
We
have
a
scheduling
change
if
you
have
joined
the
meeting
before.
Basically,
if
you
used
to
meet
every
month
third,
tuesday,
and
what
we
found
out
is
there
are
a
lot
of
demo
opportunities
and
learning
opportunities
for
all
of
us
where
guests
from
outside
and
people
within
the
group
can
share
things
that
they've
been
working
on,
so
we're
dividing
or
increasing
the
frequency
to
twice
a
month.
C
Everyone
is
welcome
to
propose
a
topic
for
now.
I'm
happy
to
hear
from
any
one
of
you.
Whichever
way
you
prefer
we'll
eventually,
maybe
create
sort
of
a
table
of
waitlisted
demos,
but
for
now,
just
if
you
have
anything,
let
me
know,
and
then
we
can
schedule
it
accordingly.
C
C
Okay,
I
suppose
we're
good
okay.
Next
one
is
actually
someone
who
is
a
new
contributor
and
I
think
nia
has
joined
today.
I
just
wanted
to
give
a
shout
out
to
her
she's
been
working
on
tooling
for
project
for
about
four
or
four
weeks
now.
She's
finished
the
merge
pr
already
and
is
already
working
on
the
container
image
scanning
with
snake.
So
we
have
progress
in
terms
of
using
s
bombs
to
get
the
container
images
for
every
release.
E
Thanks
pushkar,
I
mean
thank
you
for
providing
me
this
opportunity.
Yeah
I
mean
I'm.
I've
started,
I
mean
started
contributing
to
this
and
and
and
really
like
learning
a
new
things
and
very
helpful.
I
mean
thank
you
all
and
providing
this
opportunity,
and
I
will
do
I
mean
I
will.
I
would
like
to
like
learn
more
from
this
project.
E
A
All
right,
robert,
do
you
want
to
want
to
share
something
here?
What's
going
on
with
the
security
self-assessments
for
sub
projects
and
such.
G
Yeah,
just
a
quick
update,
sorry,
it
has
to
be
a
little
obfuscated
and
I
did
meet
with
a
fairly
large
cloud
provider,
who's
working
with
multi-tenancy
issues
in
cube,
and
they
went
out
of
their
way
to
procure
an
external
audit
focus
specifically
on
you
know:
strategies
around
node,
isolation
and
multi-tenancy.
G
So
the
long
and
short
of
it
is
they
are
going
to
release
a
blog
post.
I
would
have
agreed
to
embargo
our
discussion
until
they
released
that
publicly,
but
they
have
given
the
green
light
for
us
to
fold
that
report
and
the
methodology.
The
the
findings
are,
you
know
interesting.
G
You
know
nothing
that
would
rise
to
the
level
of
have
to
be
reported,
cves
or
anything,
but
I
think
the
methodology
and
their
approach
is
something
that
we
can
absolutely
leverage
for
the
self-assessment,
especially
in
in
specifically
in
terms
of
cappy,
and
there
were
lots
of
kind
of
open
questions
that
their
auditor
pointed
out
and
said.
These
are
things
that
you
guys
might
want
to
review
further,
and
that
seems
like
a
great
place
for
the
community
to
use
the
self-assessment
process,
at
least
to
take
it
to
the
next
step.
G
So
once
once
that
blog
post
comes
out-
and
I
believe
they're
going
to
link
the
full
report
and
that
should
be
wide
open
to
everyone.
A
That's
that's
awesome,
thank
you
for
for
what
you're
doing
there,
with
with
making
that
interface
to
the
bigger
community
outside
of
kubernetes
function?
That's
that's
wonderful
thought.
I
have
a
thought
to
to
kind
of
throw
out
to
the
group
which
is
about
these
about
the
self-assessments.
You
know
we
started.
We
started
doing
the
the
self-assessment
with
cluster
api
because
they
were,
they
were
asking
they
had.
A
They
had
identified
that
they
had
a
need
to
to
to
think
through
these
sorts
of
things,
and-
and
so
we've
had
a
lot
of
good
discussions
about
that
and
we've
we've
come
to
this
place
where
we
are
helping
them
do
self-assessment
in
a
way
that's
inspired
by
what
what
cncf
tag
security
does
for
cncf
projects,
but
you
know
within
the
scope
of
kubernetes
here,
and
that
seems
to
be.
A
That
seems
to
be
really
interesting.
That
seems
to
be
really
useful.
It's
it
seems
like
it
really
has
legs.
Has
the
time
come
for
us
to
start
talking
about
making
a
sub
project
inside
the
sig
that
that
offers
this
service?
That
that
maintains
this
service-
and
you
know,
provides
the
like
kind
of
bureaucratic
structuring
necessary
in
order
to
help
us
to
keep
doing
this.
For
people.
G
I
I
would
say
I'll
just
make
a
couple
of
observations
having
gone
through
the
original
cncf,
safe
transition,
you
know
a
it
would
definitely
build
on
the
foundation
of
the
capi
process
and
the
actual
result
so
that
we
all
together
can
review
what
worked.
What
was
good,
what
was
challenging
and
then,
ultimately,
what
was
the
result,
so
that
kind
of
creates
a
case
study
if
you
will,
but
I
will
say
that
the
observation
from
how
the
cncf
process
evolved
it.
You
know
there
were
obviously
lots
of
opinions
in
differing
forces
design
forces.
G
If
you
will
so.
I
think
we
should
probably
have
that
precursor
discussion
about
what
we
would
want
to.
You
know
what
are
the
explicit
goals,
or
at
least
the
maybe
either
it's
an
ab
type
scenario.
We
want
to
try
these
goals
and
these
goals
and,
let's
see
which
ones
actually
stack
and
kind
of
define
where
we
want
to
go
with
it
before
we
invest
the
time,
and
you
know
just
effort
to
set
up
the
official
structure
but
yeah.
I
think
once
we
go
through
those
kind
of
prerequisites.
C
C
Folks
can
correct
me
if
I'm
wrong,
so
it
might
be
worth
just
having
that
as
a
another
sub
project
which
is
dedicated
on
one's
or
two
specific
goals,
and
then
that
way
we
know
like
if
anyone
needs
security
assessment.
We
know
this
project
is
the
one
people
can
go
to
and
that
can
also
allow
somebody
to
jump
into
a
sub
project
leadership
position,
which
will
be
a
good
opportunity
for
a
contributor.
A
Yeah
to
kind
of
jump
off
of
both
of
those
points
as
a
sig,
we
can
do
the
things
that
that
we
think
are
in
the
best
interest
of
kubernetes
and
and
we
can,
we
can
help
out
the
rest
of
the
project
in
in
the
ways
that
we
identify
that
the
project
needs,
and
so
the
you
know,
the
the
bureaucratic
tools
that
we
put
in
place
are
things
that
we
put
in
place
for
ourselves
and
and
for
the
benefit
of
the
project,
so
so
yeah.
A
If
we
are,
if
we
are
currently
feeling
like
doing
this
without
extra
structure
around
making
it
happen
more
more
often
or
or
more
repeatedly,
is
still
the
right
place
to
be.
Then
then,
let's
keep
up
with
that,
and
then
you
know
look
at
it
when
we're
farther
along
look
at
it.
When
we
are,
we
have
more
knowledge
of
where,
like
the
cluster
api
assessment
has
gone
like
yeah,
keep
it
keep
it
lightweight.
We
want
to
build.
A
You
know
like
with
with
my
chair
hat
on,
like
I
want
to
build
the
right
amount
of
scaffolding
in
order
to
help
everybody
do
the
cool
things
that
they
want
to
do
so.
Yeah
just
keep
the
keep
the
thought
in
mind
if
it.
If
it
does
feel
like
this
is
going
to
be
a
thing,
that's
going
to
be
happening
regularly
and
if
you
all
want,
you
know
more
more
formal
recognition
from
the
project.
A
If
you,
if
you
want
to
be
able
to
have
a
a
guidepost
for
other
parts
of
kubernetes,
like
you
know,
other
cigs
and
sub
projects,
to
know
where
to
come
to
where
to
find
resources
who
to
ask
those
sorts
of
things,
then
we
can
easily.
We
can
easily
spin
up
a
subproject
for
it
when
the
time
comes,
that
it's
needed,
but
also
there's
no
pressure
to
do
it
in
a
hurry,
because
we,
as
this
group,
are
capable
of
of
doing
things
and
learning
from
them.
So.
G
One
other
thought
and
I'll
put
ray
on
the
spot.
You
know
one,
and
this
is
my
particular
vision
of
how
this
could
work
out
so
yeah.
It
could
be
totally
off
base,
but
as
we
start
to
look
at
the
external
audit
process,
rather
than
this
big
bang
once
a
year
or
once
every
two
year
process
that
even
the
external
auditors
are
kind
of
choking
on,
because
it's
so
big
as
we
start
to
move
into
more
iterative,
agility,
smaller
sub,
subpart
audits,
a
kind
of
natural
alignment
of
these
two
is,
you
know.
F
F
G
B
And
I
do
like
that.
I
know
that
is.
That
is
a
process
that
the
cncf
has
as
projects
progress
through
the
different
stages
like
through
incubation,
graduation,
etc.
They
do
they
do
they
do
go
through
a
process
of
self-assessment
before
an
external
audit.
A
Yeah,
I
I
the
way
the
way
this
conversation
has
been
has
been
coming
along.
C
Yeah
I
I
like
that
way.
So
people
can
choose,
because
sometimes
the
projects
are
so
small
that
it
might
be
not
worth
doing
both
and
then
it
can
be.
You
pick
the
one
that
works
for
you
and
if
it's
big
enough
project,
then
we
can
end
up
doing
both
but
the
sequence
I
agree.
The
self-assessment
can
be
first
followed
by
audit
if
needed,.
C
One
more
note,
I
would
say
logistical
for
self-assessment
is:
we
are
meeting
tomorrow-
sorry,
not
tomorrow,
monday
next
week
or
coming
week
morning
for
cluster
api,
specific
discussions
with
some
maintainers.
C
If
anyone
is
interested
to
sort
of
start
contributing,
this
might
be
a
good
meeting
to
join
in
person
get
to
know
folks,
I
can
share
the
link
to
the
meeting.
It's
a
google
meet
link
should
be
open
for
all.
If
you
click
on
the
link,
so
I'll
share
it
on
slack
and
then
if
people
can
join
or
want
to
join,
please
go
for
it.
A
All
right,
I
bumped
up
my
little
thing
here
to
the
beginning
of
this,
because
it's
really
just
an
announcement
thanks
very
much
especially
to
to
put
ray
and
zavita
for
going
through
figuring
out
what
was
what
was
needed
to
have
a
home
for
a
lot
of
the
things
that
your
sub
projects
are
producing,
and
so
I
just
wanted
to
let
everybody
know.
We've
got
this
issue
to
say:
hey,
let's,
please
make
a
repo
under
kubernetes
for
storing
the
things
that
we
have
that
do
not
belong
in
k
community.
A
So
so
that's
that
and-
and
I
hope
it
is
helpful
and
as
always,
you
know,
keep
the
keep
the
discussion
going
and
poke
me
poke
me.
If
you
need
things
that
that
are
not
yet
provided.
C
Tabi
one
thing
I
was
not
clear
and
I'm
gonna
try
that
out
and
see.
If
I
fail
because
of
limited
permissions
was
there
are
some
github
issues
in
community
that
would
be
better
placed
in
the
new
repo.
So
I'm
going
to
try
and
transfer
them
from
community
to
this
new
repo.
C
A
Yeah,
happily,
if,
if
you
can't
do
it-
and
I
can
then
I'm
happy
to
then
I'm
happy
to
do
it
on
your
behalf
and
if
none
of
us
can
do
it,
then
we
ask
our
good
friends
from
contribux.
A
Okay,
sounds
good
okay,
so
I
I
think
this
I
think
this
next
thing
that
we
have
on
here
is
actually
a
great
thing
and
I'm
I'm
really
happy
to
see
it
brought
up
thanks
a
lot
alex.
Do
you
do
you
want
to
just
kind
of
kind
of
share
what
what
you're
thinking
and
and
and
see
where
it
goes.
H
Sure
yeah,
I
I
appreciate
a
few
minutes
of
you
guys
this
time,
I'm
a
regular
in
the
the
cncf
tag
security,
but
I'm
new
to
this
meeting.
Thank.
H
Come
in
and
and
share
this,
so
this
is
so
this
is
these.
Are
these
issues
I
don't
know
if
somebody
who
has
has
these
permissions
wants
to
pop
one
of
them
up
for
for
people
to
see
these
are
just
meant
to
be
conversational
openers.
H
I
this
this
came
out
of
the
nsa
cesa
document
that
that
you
guys
were
referencing
earlier,
that
someone
is
doing
a
write-up
on.
Basically,
as
I
was
reading
through
it.
One
of
the
things
I
noticed
was
a
recurring
phrase
of
something
along
the
lines
of
you
know
this
is
on
by
default,
or
this
is
off
by
default
or
something
and
I,
and
for
some
of
those
I
just
wondered,
would
it
be
possible
to
change
the
default
so
that
it's
it's?
H
It's
changed
to
a
more
secure
setting
out
of
the
box,
and
so
I
just
to
get
the
conversation
started.
I
made
this
series
of
issues
around
several
of
those
things
that
I
thought
were
at
least
theoretically
possible
to
to
do
some
of
them.
It
turns
out,
are
already
done
or
in
the
works,
so
that's
great,
but
for
the
others,
it's
just
a
matter.
These
issues
are
just
there
to
get
the
conversation
started
and
the
the
format
for
all
of
them
is
the
same.
H
It's
got
like
a
quick
little
intro
paragraph
for
me
at
the
top
to
say
this
is
what
this
is,
which
is
basically
what
I
just
told
you
and
then
I
just
quoted
from
the
csa
nsa
document
to
say
here's
what
they
described
as
the
problem.
Here's
what
they
describe
as
the
possible
fix
using.
H
You
know
how
you
change,
what
flags
you
use
or
whatever
to
change
that
default,
and
then
a
question
like
what
would
it
look
like
for
us
to
just
change
the
default
inside
of
kubernetes,
and
it's
just
meant
to
get
conversation
started
around
those
things
and
see
if,
if
there's
any
interest
or
if
there's
any
possibility
of
those
changes
actually
happening,
I'm
sure
that
there
are
great
pros
and
cons
on
both
sides
for
a
lot
of
these
things
or
more
complications
than
I
know
of,
and
so
I
didn't
want
to
like
actually
say
we
should
do
this,
but
I
wanted
to
just
open
up
the
conversation
and
say
what
would
it
look
like
to
do
this?
F
These
are
great
questions.
There's
definitely
been.
I
mean
there
is
interest.
These
are
ongoing
conversations
that
are
you
know
if
you
enjoy
worms,
I
have
some
cans
of
worms
for
you,
you
know,
but
I
I
think
that
you
know
I'm
glad
that
you
are
talking
about
it
and
that
people
are
talking
about
it
and
I
think
it's
changing
slowly,
as
you
can
see
with
some
of
the
issues,
but
it
is
definitely
a
slow
change.
A
Yeah
to
kind
of
amplify
that
a
little
bit
in
a
lot
of
these
in
a
lot
of
these
cases,
there's
there's
appetite
to
do
these
things,
but
you
know
it
can
be.
It
can
be
difficult
to
find
the
right
answer
that
balances
all
of
the
various
promises
that
we
make
to
the
various
end
user
communities,
the
various
end
user,
personas
that
that
are
running
kubernetes
and-
and
that
is
that
is
one
of
the
fundamental
reasons
why
we
operate
the
way
that
we
do
in
this
sig,
because.
A
It
doesn't
really
work
to
go
and
say
this
is
the.
This
is
the
thing
that
has
to
be,
and
I'm
gonna
flip
this
switch
and
deal
with
it.
It
ends
up
being.
How
do
we
get
the
right
people
to
talk
about
this
and
find
find
a
solution
that
we
can
that
we
can
all
live
with
that
we
can
push
into
upstream
kubernetes
so
that
we
can
push
into
the
world
in
a
way
that
makes
things
better.
Overall,
you
know,
without
without
hurting
a
lot
of
things
there
in
the
process
and
so
yeah.
A
That's
that's
why
we
end
up
doing
so
much
fostering
of
conversations
with
the
cigs
that
own
the
code
that
needs
to
be
changed
in
order
to
make
these
kinds
of
changes
and
whatever,
and
so
yeah
like
this
is
this-
is
this
is
a
great
place
to
start,
and
here
in
this
room
is
a
great
place
to
find
other
folks
who
are
interested
in
making
these
things
happen
and
then,
in
most
cases
the
next
step
is,
you
know,
think
through
it
see
see
what
you
think
see
who
has
see
who
has
other
other
thoughts
on
that
and
continue
to
iterate
on
that
you
know,
take
it
to
take
it,
bring
bring
it
up
here,
get
get
some
some
initial
thoughts,
take
those
to
the
the
meetings
or
the
slack
channels
for
the
sigs
that
make
those
things
happen,
and
you
know
every
one
of
these
things
is
a
fence
post
problem.
A
A
C
I
I
love
the
fence
post
club
idea,
alex
related
to
that
I've
been
talking
to
some
of
the
cluster
api
folks
as
part
of
the
assessment,
and
also
this
sort
of
discussion
led
to
another
track
start
opening
up,
so
they
have
a
concept
called
templates
and
cluster
class,
and
the
idea
behind
that
is
you
get
to
define
how
your
cluster
is
going
to
look
like,
which
includes
all
the
configs
that
you
may
want
to
enable
by
default
in
your
cluster,
without
changing,
what's
in
kubernetes
as
a
default,
so
I
asked
them,
would
would
they
be
interested
in
creating
a
secure
by
default?
C
Cluster
template,
which
is
again
would
be
opinionated
and
they
said
yes,
I
think
that
would
work,
but
they
definitely
want
us
to
play
around
and
see
if
that
is
indeed
possible.
So
I'm
going
to
spend
some
time
in
the
next
coming
weeks
or
so
on
that,
if
you
want
to
just
bear
with
me
on
that
and
if
others
want
to
join,
let
me
know
we'll
see
how
that
goes.
I
don't
know
whether
it
will
be
what
we
want
it
to
be,
but
it
something
good
may
turn
out
of
it.
H
That
sounds
like
a
great
way
to
to
start
too
to
you
know,
have
a
baseline
that
we
can
experiment
with
and
see
what
the
ramifications
of
some
of
these
changes
are,
if
you're
trying
it
out
in
another
setting.
C
F
D
Well,
you
know
me
and
security
faults.
I
absolutely
definitely
once
we
can
shift
there'll
be
some.
I
think
that
are
should
be
easier
and
some
that
will
be
a
pain
just
because
trying
to
turn
that
ship.
After
all,
the
years
of
doing
it.
One
way
and
my
experience
of
the
projects
I
have
had
quite
a
few
conversations
about
this
kind
of
thing
is:
there
is,
quite
understandably
a
big
reluctance
anywhere
where
it
could
impact
production
clusters.
You
know
if
this
change
is
going
to
be
a
surprise
to
people
who
are
in
production.
D
There
will
be
you
you'll
have
a
really
good
plan,
but
there's
other
ones,
I
think
which,
which
absolutely
are,
are
doable
and
and
and
absolutely
the
more
these
we
can
change
the
better.
A
A
There's
the
the
feature
gate
that
recently
went
live
that
if
you
turn
on
that
feature,
gate
then
ta-da.
Now
now
the
set
comp
policy
defaults
to
runtime
default
instead
of
being
cleared
and
like
that
is.
A
Clusters
in
different
places
in
the
world,
and
so
yeah
like
these
conversations,
end
up
being
delightful
conversations
because
it's
it's
so
tied
up
in
a
mixture
of
technical
concerns
and
you
know
organizational
concerns
and
not
not
hurting
people.
D
There's
also
a
and
a
wider
source,
if
you,
if
you're
looking
for
like
more
examples
where
there's
of
of
things
that
might
want
to
be
changed,
the
cis
benchmark
probably
has
it's
got
a
wider
coverage.
I
think
than
the
nsa
one
and
there's
some
good
examples.
In
there,
a
good
one
along
the
lines
of
ones
you've
raised
is
cubelet
anonymous,
authentication,
which
is
one
that
should
be
super
easy,
because
pretty
much
every
distribution
turns
that
off,
but
the
kubernetes
default
is
still
on
so
like
a
qb
m.
D
Cluster
will
always
turn
off
so
to
me
that
one
should
be
really
easy
because
like
well,
most
distributions
already
turn
this
off.
So
the
likelihood
of
impact
is
quite
low,
whereas
other
ones
where,
where
you're
changing
existing
behavior
might
be
trickier.
A
Okay,
last
call
for
now
on
on
changing
some
defaults.
Like
pick
your
pick,
your
least
favorite
default,
or
your
your
your
default
that
you
that
you
love
to
hate
and
system.
A
Bring
it
up
with
the
bring
it
up
with
the
folks
that
own
it
bring
it
up
here
we
can.
We
can
help
to
to
provide
backup
and
and
plan
out
ways
to
make
those
improvements.
D
System
masters
is
a
hard-coded
group.
If
you
are
a
member
of
that,
you
always
have
cluster
admin
rights,
even
if
every
rbac
rule
is
removed
from
the
cluster.
Yes,
I
know
it's,
that's
that's
that
one
scares
me
because
a
lot
of
distributions
will
use
that
for
the
initial
break,
glass
user
and
they'll
also
use
a
client
certificate
which
can
be
revoked,
so
you
have
a
client
certificate
that
can
be
revoked,
which
gives
cluster
admin
and
its
rights
cannot
be
removed.
D
D
J
D
J
D
If
you
I
mean
obviously,
ideally,
and
if
it
wasn't
there
that'd
be
great-
I
don't
know,
I
don't
know
what
the
use
case,
but
that's
one
that
would
require
investigation,
I'm
sure,
but
but
is
there
a?
I
know
it's
just
used
for
bootstrapping.
So
if
it's
something
that
could
be
essentially
disabled
once
that
once
our
back
was
running
so
the
history.
J
D
C
D
Think
if
that's
clearly
flagged,
I
just
think
that
there's
quite
a
lot
of
cluster
cluster
distributors
who
are
using
it
and
not
in
that
way,
but
in
a
general
here,
is
the
first
certificate
we
give
out.
I
know
rancher
does
that
I
know
qbdm
does
that.
I
know
some
of
the
cloud
providers
do
that
and
I
don't
think.
J
It's
really
meant
to
like.
I,
I
really
destroyed
myself
and
the
other.
The
other
case
is:
it's
meant
to
be
used
internally
in
the
api
server
process
when
it
talks
to
itself.
So
that
way,
it
doesn't
have
to
authorize
itself
to
do
anything.
It's
just
allowed
to
do
it
that
that
could
be
implemented
internally
in
a
different
way,
because
it
controls
the
code
but
yeah.
We
always
wanted
to
have
at
least
some
means
to.
A
All
right
ray:
can
you
put
on
your
put
on
your
release
hat
and
share
share
some
news
with
us.
Please.
B
All
right
sounds
good,
I'm
going
around
to
different
six,
and
I
want
to
introduce
myself.
I
am
the
1.23
release
lead
which
the
release
cycle
I
started.
This
is
week,
one
we
are
scheduled
to
cut
or
make
a
release
123
on
december
7th.
So
in
this
first
three
weeks
we
are
requesting
sigs
to
opt
in
their
enhancements
they're
targeting
1.23
by
september
9th,
and
I
put
the
spreadsheets
there
for
six
opt-in.
I
know
six
security
is
is
more
of
a
horizontal
sig,
so
we
do
share
lots.
Lots
of
several
caps
enhancements.
B
There
is
a
new
change
for
this
release
cycle.
Is
that
the
production,
along
with
enhancements,
there's
a
production
writing
this
review
questionnaire?
That
is
now
we
have
a
soft
deadline,
and
that
is
the
one
week
before
enhancements
free
start.
So
that's
september,
2nd
now
and
I
have
a
link
to
the
production
writings
for
review.
B
If
anyone
has
more
want
to
learn
more
about
what
that
questionnaire
is,
we
have
them
in
place
only
and
we,
it
was
sent
out
to
a
number
of
different
mailing
lists
on
august
12th,
because
the
production
writings
review
team
is
very,
very
small,
and
so
we
want
to
make
sure
that
they
have
enough
time.
I
was
also
from
requested
by
them
as
well.
B
There
is
one
enhancement
that
was
pinged
in
the
slack
channel
from
jordan,
liggett's
about
pod
security
going
to
beta
and
1.23,
so
that
pull
request
for
that
cap
is
open.
So
something
that
says
like
this
pull
request
should
be
closed
before
september.
It
should
be
should
it
should
be,
closing,
merge
before
september
9th
and
should
be
opted
in
through
the
through
that
opt-in
enhancements
tracking
sheets,
that
that
I
have
linked
if
we
are
to
target
for
beta
in
1.23,
also,
along
with
the
production
writings
running.
B
This
review
questionnaire
for
beta
so
went
pretty
fast,
because
I
never
closing
up
here,
but
any
comments
or
questions.
A
All
right
yeah,
I
think
it.
I
think
it
sounds
good
if
you
have
a
if
you
have
a
favorite
cap
and
you're
concerned
that
that
it
may
not
make
it
then
make
sure
to
talk
to
the
other
folks
who
are
working
on
it,
so
that
it
can
hit
the
deadlines.
A
Yeah.
Thank
you.
Thank
you.
So
much
it's
it's
an
important
seat
too
right.
We
have
fallen
off
of
the
end
of
the
agenda,
which
means
we
are
now
back
to
our
default
thing,
which
is:
does
anyone
have
anything
that
they
want
to
share
like?
Does
anybody
have
anything
that
they
that
they
would
like
to
bring
up
for
discussion?
While
we
have
the
group
here.
F
F
F
K
Yeah,
I
thought
you
just
did
the
bpf,
you
did
a
talk,
then
yeah
yeah.
A
Well,
I
I
listened.
K
A
I
helped
to
I
helped
to
present
the
ctf
challenge
walkthroughs,
which
were
which
were.
C
C
B
A
K
A
Right,
thank
you
all
so
much
and
you
know
when
you
hang
up
and
then
think
of
something
slack
is
open.
24
7.