►
From YouTube: ROS 2 Security Working Group (2020-04-28)
Description
Meeting notes: https://wiki.ros.org/ROS2/WorkingGroups/Security
A
C
Sure
so,
mostly
the
thing
is
to
be
sure,
we're
all
on
the
same
page,
and
we
know
what
I
like
the
Tigers.
We
need
to
extinguish
before
the
festivities,
so
I
I
made
this
ticket
like
I,
don't
know
like
a
month
and
a
half
ago,
but
unfortunately,
it's
been
pretty
tough
to
make
any
progress
and
it's
so
we
have
a
few
things.
I
think
all
the
features
we
want.
It
landed.
The
only
things
that
still
like
on
the
fly
is
cyclone
DDS
security,
plugins,
I,
think
those
tin
nuts
on
the
master
branch.
A
C
C
Can
you
see
my
screen
now?
Yes,
okay,
so
what
I
wanted
to
show?
You
is
basically
these
matrix,
it's
not
a
very
happy
matrix
right
now,
and
so
that's
what
I
would
like
to
know
if
anyone
can
make
give
a
hand
this.
So
basically,
most
of
the
reasons
we
have
read
bedsides
is
because
the
other
robotic
CI
is
not
up
to
date,
and
so
we
have
a
lot
of
fact.
There
use
open
SSL
version
issues
and
things
like
that.
C
One
of
the
main
issues
I
have
is
like
because
I'm
in
Europe,
basically
my
entire
day
like
right
now,
sir
I
still
cannot
test
changes
for
the
roster
CI
because
they
are
still
running
the
nitrous
and
it's
ready
like
6:00
p.m.
here.
So
I
would
like
to
know
if
anyone
would
be
willing
to
like
catch
up
again
catchable
outside
of
this
meeting.
C
If
anyone
wants
so
I
can
show
everything
that
I've
been
doing
and
to
try
to
sync
these
open
robotics
to
get
these
things
going,
I
know
Jacob
started
be
playing
looking
into
it
yesterday
evening.
I
just
would
like
to
make
sure
that
we
can
get
this
done
because
right
now,
I
have
absolutely
no
certainty
that
Ezra
stew
is
working
for
foxy.
C
C
The
feature
freeze
is
already
past,
so
it's
gonna
be
a
bit
tough
to
test
new
features,
and
so
like
this
was
that
thing
that
is
like
on
like
requires
interaction
with
open
robotics,
and
there
is
one
more
thing
that
I
would
like
to
know.
If
anyone
has
time
to
look
at
otherwise,
like
I
won't
have
time
before
next
weekend,
which
is
one
thing.
C
C
Because
there
would
be
a
person
that
knows
the
tears
is
passed.
Okay,
so
same
thing,
I!
Guess
it's
just
like
a
cone
for
anyone
interested
in
looking
at
that
a
bit
closer
and
the
same
I
can
do
a
quick
walk
through
I.
Just
may
not
be
able
to
like
actually
implemented
thing,
and
it
would
be
pretty
sad
to
actually
have
this
feature
lost
in
foxy.
Just
because
the
to
do
was
not
addressed.
It
said:
okay,.
A
C
That's
another
verb
of
that
utility
and
this
one
is
basically
allowing
you
to
monitor,
running
Rus
system
and
just
to
get
the
res
graph
and
based
on
all
the
information
in
the
roadtrip
generator
policy
file.
So
that's
something
that's
like
pretty
convenient
as
soon
as
you
want
to
start
using
security
on
a
bigger
system.
You
don't
want
to
be
writing
all
of
this
by
hand,
and
so
what
this
feature
allows.
You
is
basically
audit
your
running
system
and
like
listen
to
every
connection
and
create
for
you,
a
policy
side.
C
A
B
Ahead,
so
this
is
Roger
strain
with
Southwest
Research
representing
GBS,
see
I,
don't
actually
have
cycles
right
now,
because
we've
got
a
lovely
little
funding
thing.
It
has
to
be
worked
out
before
I'm
allowed
to
actually
charge
project
time.
If
that
comes
through
I
would
love
to
reach
out
to
you
and
try
to
see
if
I
can
figure
out
what
needs
to
be
done
and
if
there's
a
way
that
I
can
help
out.
But
that's
pending
paperwork
happening
in
the
background
before
I
could
jump
in.
C
All
right
sounds
good,
so
I
guess
what
I
do
is
then
I
poke
the
folks
from
Oakland,
robotics,
arms
and
matrix
chat,
see
if
embrasures
are
like
very,
very
busy
as
well,
but
just
to
try
to
get
them
to
pick
up
set
to
do
that.
They
dropped
last
minute
and
and
if
Roger
happens
to
like
be
able
to
work
on
these,
that
would
be
awesome
and
I'm
more
than
happy
to
work
to
walk
you
through
it
and
worst
case
scenario,
I
just
work
late
and
do
it
someday
yeah.
C
Awesome
Thanks,
yes,
I
guess
for
the
foxy
studies,
that
was
it
that
was
basically
always
just
like
I
would
love
us
to
make
sure
we
have
something
that
works
before
the
release
and
AB
all
the
way.
We
have
like
a
couple
of
any
issues,
but
most
of
them
are
like
actual
small
bags.
If
we
could
bag
fix,
even
if
the
API
freezes
past,
so
nothing
is
really
intelligent,
but
that
could
be
also
a
good
opportunity
for
anyone,
like
you
notice,
involved
in
the
project
that
wants
to
like
get
some
like
more
entry-level
issues.
C
C
And
yeah,
until
the
only
other
thing
on
the
concea
agenda
item
is
actually
some
things
that
I
haven't
revisited
yet
and
I
don't
know
if
anyone
else
has
and
because
it
was
mostly
to
change.
I'll,
see
a
PID
for
the
API
freeze,
I,
think
we
miss
the
window
so
I
guess
it's
gonna
sleep
for
another
meeting.
A
Yeah
I
know
I
said
when
I
talked
with
Kyle
Joe
about
that
I
think
our
pressures
we
discussed
it
I
think
one
or
two
meetings
ago
didn't
come
to
a
conclusion
on
it.
I
think
we
want
to
revisit
it,
but
I
think
that
was
just
after
the
freeze
that
we
were
gonna.
You're
gonna
see
what
to
do
about
the
request.
C
All
right
and
the
other
thing,
the
other
thing
we
had
an
outbreak
which
guy
was
to
actually
visit
OCS
trust
to
public
API,
but
does
the
same
thing
like
I
think
the
link
to
the
document
was
there.
So
if
anyone
wants
to
comment
on
it,
it's
still
welcome
I.
Think
so
far
he's
been
on
me
Kai
and
me,
but
that's
the
same
thing
that
this
is
not
a
very
high
priority
thing
anymore.
Now
that
the
api
freezes
past
so
will
remain.
It
makes
meeting
I
guess.
B
Hopefully,
pending
the
future
work
on
policy
generation,
we
can
work
out
policy
generation,
but
right
now
the
minimal
Viable
Product
is
just
going
to
be
no
two
certificates
and
keys,
and
we
have
a
couple
of
architecture
ideas
as
far
as
how
to
implement
that
in
the
existing
launch
code.
But
launch
is
a
very
large,
very
undocumented
project.
So
if
anyone
here
is
particularly
familiar
with
it,
I
would
be
good
to
run
it
by,
like
our
proposed
implementation,
how
we're
gonna
slot
it
into
the
existing
launch
project.
C
B
Yeah
I
was
planning
on
paying
them.
We
have
a
design
doc
that
I'm
gonna
put
up
on
the
forum
soon,
once
I
have
a
minimal
Viable
Product
to
show
so,
hopefully,
when
that's
ready,
I'll
ping,
the
matrix
group,
so
you
guys
can
take
a
look
at
it
and
verify
as
well,
but
they
will
have
a
minimal
Viable
Product
and
an
explanation
of
why
we
put
it
where
we
did
and
hopefully
that
will
also
kind
of
give
people
an
idea
of
what
launch
does
so
that
a
future
B
functionality
we
want.
C
B
Idea
is
when
you're
running
Ross
to
launch
launch
file,
you
can
add
a
secure
tag
and
the
launch
sub
system
will
automatically
in
a
set
temporary
directory,
generate
a
key
store.
Look
up
the
know,
DL
files
for
that
particular
package
that
that
launch
file
is
contained
within
and
generate
the
keys
for
and
certificates
for.
Each
node.
After
evaluating
all
of
the
remapping
arguments
and
substitutions
that
you
specify
in
the
launch
file.
C
C
Authority
to
generate
certificates
like
this
certificate
authority
would
most
likely
never
be
on
a
robot,
but
it
won't
be
pretty
convenient
if
you
could
like
ahead
of
time,
saying:
okay,
like
this
certificate
authority,
that
knows
what
is
going
to
be
deployed
can
just
take
the
entire
application
set
of
large
files
and
introspect
and
generate
and
sign
things.
And
then
this
is
ready
to
be
deployed
on
the
robot,
but
without
actually
launching
the
nest.
B
B
So
part
of
the
issue
is
the
substitution
system,
which
backs
the
remapping
arguments
is
baked
in
the
launch
code
and
it's
only
evaluated
when
the
individual
node
action
in
Ross
launch
is
being
visited
by
the
launch
service.
So
in
the
exact
moments
before
the
node
is
actually
spun
up.
That's
when
the
launch
service
goes
through
this
highly
templated
series
of
strings
and
starts
substituting
in
what
the
nodes
will
you
know
what
the
names
of
the
nodes
and
the
names
of
the
topics
will
end
up
remapping
too.
C
B
C
I
think
maybe
a
good
like
thing
to
think
of
when
you,
when
you
have
this
discussion
with
people
that
know
more
about
launch
that,
like
maybe
I,
feel
like
several
different
timings,
a
in
the
lifecycle
of
a
robot
application.
It's
the
time
where
you
want
to
generate
all
these
artifacts
and
the
time
where
you
want
to
launch
it
on
actual
hover
right.
D
A
quick
point
here
and
it's
more
a
question
to
you:
two
guys
who
seem
to
know
more
about
the
topic.
Are
we
considering,
or
at
least
will
we
consider
situations
or
use
cases
where
CAS
will
essentially
be
active
throughout
the
use
case,
so
that
they
can
enable
external
participants
to
interact
with
the
robotic
application?
Or
are
we
just
assuming
that
the
CIA
is
just
gonna,
be
shut
down
during
production.
A
I
know
I,
know
I.
You
know,
I
thought
about
that,
a
little
bit
and
just
from
what
I've
seen
so
far,
ideally
I
think
the
way
to
do
that
would
be
with
an
intermediate
CA,
which
you
could
kind
of
make
disposal.
Potentially,
you
know,
generate
the
intermediate
CA
and
then
generate
all
the
downstream
key
materials
off
of
it,
and
then
you
can
throw
that
that
CA
away
at
that
intermediate
CA
way
if
you
need
to
without
throwing
away
the
root
CA.
A
The
issue
with
that
is
I,
don't
think
all
the
middleware
support,
even
though
the
spec
says
the
the
DDS
spec
supports
CA
a
hierarchies
from
the
documentation
I've
seen
so
far,
the
intermediate
CAS
aren't
supported.
So
even
though
that
seems
like
that
would
be
the
ideal
route
to
make
it.
If
you
understand
Victor
with
what
you're
saying
make
a
if
you're
gonna
expose
a
CA,
let's
expose
an
intermediate
CA,
not
the
root
CA
and
then,
and
that
way
you
could
revoke
it.
D
So
you
know
yeah,
your
understanding
is,
this
is
correct.
I
mean
my
my
limited
understanding
of
the
DDS
are
TPS
and
secure
extensions
and
plugins
is
that,
according
to
to
my
readings,
several
CAS
are
allowed,
like
you
could
have
a
permissions,
CA
and
and
also
some
additional
ones,
and
and
potentially
even
there
could
be
different
levels.
D
As
you
nicely
point
out,
I
guess:
I
guess
I'm,
just
wondering
that
this
discussion
related
to
launch
files,
and
also
many
of
the
things
Micahel
was
was
kind
of
like
20
before
should
probably
benefit
from
us,
having
some
sort
of
like
use
cases
in
mind
like
just
defining
kind
of
like
a
B
and
C
use
cases,
and
in
trying
to
go
and
implement
towards
them.
I
don't
know.
Maybe
this
has
happened
and
I
just
missed
it
or
or
maybe
use
disagree,
and
this
is
not
helpful
at
all.
C
Now
I
think
I
think
it's
a
great
idea
and
to
answer
the
C
a
question:
that's
something
we
explore
when
we
originally
designed
us.
Russ
I
mean
we.
We
had
the
Assumption
as
first
was
a
placeholder
basically
to
allow
people
to
experiment,
and
so
we
would
not
expect
a
root
CA
to
either
be
shipped
on
the
Roberts.
But
we
always
work
with
yes
like
if
every
step
of
the
process
was
marginal
and
the
fact
that
the
duty
aspects
says
that
there
is
a
respect
of
chain
of
trust.
C
We
should
be
able
to
have
kind
of
disposable
series
like
Sigma's
putting
it
that
could
be
like
shaped
with
Robert
and
I,
sign
things,
extra
things
as
needed
and
and
so
yeah
I
think
released
in
use
cases.
Now,
because
all
these
that
causes
assumptions
were
made
based
on
the
state
of
the
speck
in
the
state
of
how
understanding
multiple
years
ago.
A
Think
that's
a
great
idea,
I
think
one
of
the
things
that
I
it
seems
like
we've
been
silent
on.
Is
it
actually
how
to
manage
those
keys?
So
you
know
once
you
generate
everything
with
the
CA,
you
want
to
protect
the
CA
and
they
think
that
that
goes.
Probably
part
of
that
use
case
is
how
to
take
the
CA
all
flowing,
how
to
protect
private
key
materials
and
so
on
so
yeah.
C
A
C
Part
of
some
things
that
like
came
up
also
when
we
started
to
react,
you
take
the
key
stole
just
like
Oh
foxy,
actually
like
just
recently
when
you
actually
have
this
private
folder,
which
is
a
photo
that
actually
has
a
CAS.
That
is
the
one
that
is
not
expected
to
be
deployed.
So
we
tried
to
like
at
least
highlight
it
in
the
photo
year
hierarchy,
but
our
main
assumption
has
been
that
my
key
didn't
become
true.
C
Like
so
far,
it
didn't
come
true
that
we
would
have
support
for
proper
key
storage,
because
right
now
we're
talking
like
facts
on
the
fact
systems
are
not
protected.
So
four
keys
of
every
node
and
that's
different
is
something
would
like
when
the
various
DDS
implementation
supports
various
GP
ends
and
key
storage
mechanisms.
A
The
one
issue
that's
that's
mentioned
in
the
agenda
there
and
yeah
making
out
feel
free
to
shout
out
on
on
matrix.
If
you
need
more
help
with
that
and
we
talked
about
the
launch
bar
I,
don't
think
we
took
any
action
items
away
from
that,
so
they
pay.
You
have
many
other
final
comments
or
anything
else
to
add.