►
From YouTube: ROS 2 Security Working Group (2020-04-14)
Description
Meeting notes: http://wiki.ros.org/ROS2/WorkingGroups/Security
C
The
the
bit
is
the
keys
or
the
environment.
Variables
used
to
be
like
security
root
directory
and
security
directory
override,
and
they
would
just
be
path
files
that
you've
either
they're
specified
to
the
root
at
the
key
store
or
the
particular
folder.
With
the
node
security
artifacts,
we
kind
of
changed
things
a
little
bit
up
to.
While
we
were
migrating
to
unclutch.
C
Instead
of
having
it
again
to
be
another
path,
I
mean
that
that
path
is
already
two
paths
to
the
key
store
that
prefix
is
already
specified
in
the
key
store
environment
variable,
so
it
seemed
kind
of
redundant.
What
you're,
really
just
trying
to
do
is
specify
what
name
you
wanted
to
force
like
just
the
root
name,
enclave
or
maybe
a
debug
Enclave
name.
So,
in
that
sense,
this
change
also
includes
where,
instead
of
the
path,
you
just
specified
the
fully
qualified
enclave
name
and.
C
So
that
way
later,
if
we,
if
we,
if
we
decide
to
support
different
URIs
for
the
keystore
like
something
like
vault
limits,
go
goes
make
sense.
Yeah,
yeah,
I,
agree
yeah,
you
you
you,
you
can
still
change
the
Enclave
override
and
you
just
specify
a
different
URI
to
the
keystore
environment.
Variable.
D
C
Yeah
so
I
was
thinking
like
you
know,
if
the
way
the
use
cases,
if
you
had
a
process-
and
you
want
to
use
the
override
to
point
to
an
entirely
different
context
in
a
different
key
store
in
the
issue,
I
kind
of
I
have
to
kind
of
make
it
a
lot
of
argument
that
you
know
that
that
might
be
easier
to
shoot
yourself
in
the
foot,
because
you
know
they
come.
The
key
stores
won't
have
common
certificate
authorities
or
source
of
trusts
and
for
advanced
users.
C
C
That
that's
about
it
I
think
the
CI
is
a
little
red
right
now,
but
I
think
once
it's
back
up,
we'll
just
run
the
test
and
if
any
of
you
guys
want
to
look
at
the
changes
here
up
is
mo
most
of
it's
relatively
simple,
except
for
maybe
like
the
one
advanced
thing.
It's
like.
Maybe
the
RCL,
the
system,
security
tests
or
I
just
kind
of
changed
it
up
to
match
the
lookup
behavior
of
how
the
override
works
and.
B
I
just
wanted
to
kind
of
reach.
This
topic
Gilliam
a
lot
more
about
it
later,
but
something
we're
going
to
start
working
on
here
shortly.
You
kind
of
set
the
groundwork
for
it
is
to
create
a
CIS
benchmark
for
both
Roz
1
and
Ross,
not
sure
how
much
you're
familiar
with
the
benchmarks.
It's
definitely
something
for
a
lot
of
enterprise
customers
interested
in
securing
and
Street
best
practice
standards,
and
so
on.
B
So
we're
gonna
start
working
towards
building
out
a
benchmark.
What
that
means
very
practically
is
we're
going
to
take
the
Ubuntu
1804
benchmark
that
exists,
apply
that
to
Roz
one
yeah.
There's
some
sample
environments
make
sure
everything's
working
and
then
put
that
how
there's
a
draft
for
community
feedback
so
and
then
that
opens
up
the
benchmark
to
see.
Is
members
this
it
in
order
to
participate
directly
with
the
benchmarking
you
do
have
to
be
a
CIS
member
I'm,
not
sure
who
here
is
a
member
but
a
I'm
sure.
B
D
B
D
B
D
B
Know
there
are
limits
and
I
know
for
sure
that
you
can't
get
the
tools
without
the
without
a
paid
account,
but
you
can
download
the
PDF
files
that
make
up
with
the
benchmark.
So
so
there's
some
things
that
are
available
without
membership.
Other
things
you
require
membership,
so
we'll
continue
exploring
that
I
think
the
other
thing
to
note
and
it
gets
weird-
we
are
going
to
start
with
the
abun
to
benchmark,
but
the
cia's
benchmarks
have
the
ability
to
like
two
of
Raw's
benchmark
on
top
of
other
operating
systems.
A
Security
and
it's
a
sort
of
industry
accepted
standard,
it's
really
common
in
cloud
and
enterprise.
So
it's
a
it's
something
we're
doing
for
for
it's
an
open
benchmark
once
they're
published.
Never,
we
can
say
we're
at
this
level
of
security
through
the
CIS
group.
So
it's
a
lot
of
things
like
a
lot
of
useful
things
like
firewalls
and
password
standards,
and
then
a
lot
of
what
could
be
argued
is
a
little
bit
nitpicky
like
changing
default,
new
mask
and,
and
things
like
that,.
A
Well,
that
was
him
well.
That
was
a
bunch
of
what
we'd
consider
best
practices.
That's
that's
us
telling
you
what
to
do.
What
we
think
is
the
best
practice.
Whereas
CIS
is
not-for-profit
group,
that's
setting
their
standards,
though
it
sort
of
more
a
neutral
party,
that's
accepted
in
all
actually
accepted
by
also
it
goes
to
I
would
say
when
you're
going
in,
to
get
roz
accepted
from
another.
You
know
in
a
certain
deployment,
you
don't
have
to
come
up
with
a
security
standard.
You
can
say
we
meet
this
benchmark.
B
We
have
them
yeah,
so
it's
just
yeah,
just
a
little
bit
background.
I
mean
the
CNAs
benchmarks
are
tend
to
be
invaluable.
If
you
think
about
an
organization,
it
wants
to
bring
in
a
piece
of
technology
and
they
want
to
make
sure
it's
secure.
You
can
either
read
through
all
the
documentation
and
understand
all
the
standards
or
you
can
just
take
the
benchmark
and
apply
the
benchmark
and
find
those
things
that
don't
work
for
your
specific
environment
and
then
from
a
security
standpoint.
B
From
a
from
a
defensive
standpoint,
when
you're
done,
you
can
say,
I
am
in
adherence
with
best
practice
standards,
so
I'm
as
good,
at
least
as
good
as
as
the
other
guy.
So
it
gives
you
a
really
nice
kind
of
comfort
level.
You
know
from
management
as
well
as
from
practical
and
also,
if
you're
going
to
implement
something
like
Ross.
You
don't
have
to
dig
into
all
the
details
about.
B
You
know
which
directories
need
to
be
set
which
services
should
be
turned
off,
which
which
things
you
allow
through
the
firewall
that
should
all
come
with
the
default
benchmark.
So
well
I
mean
it's
it's
it's
recognized
too.
It's
a
growing
thing.
You
know
it's
gonna,
take
a
lot
of
growth.
You
know
it's
crawl,
walk
run,
so
we're
gonna
get
something
out
the
door
and
then
over
time,
we'll
have
something
that
we
can
continue
to
yeah,
tweaked
and
tuned
to
make
a
secure
deployment.
D
Syd
you,
if
you
could
take
a
minute
to
find
the
link
to
the
event
to
one
I
think
that
might
be
helpful
for
for
the
notes
for
people
to
learn
what
you
know.
What
this
looks
like.
A
Yeah
and
a
cool
thing
about
it:
it's
not
binary,
it's
not!
You
are
CIS
or
you're,
not
like
it's
not
like
hips
compliance.
It's
it's
a
score,
so
you
can
do
what
works
for
your
environment
yeah.
So
there's
you
know,
C
is
for
almost
all
distros,
and
so
obviously
you
can
tailor
it
towards
your
use
case,
but
it's
it
helps
further
Roz.
We
don't
approve
that
we're.
You
know
we're
doing
this
with
a
tour.
We've
invented
this
standard,
we're
adopting
industry-wide
standard.
A
A
D
We
can
continue
that
design
next
cycle,
but
but
just
to
allow
people
to
start
playing
with
it.
You
know
to
make
to
make
it
so.
The
security
logging
is
experimental
and
foxy.
We
need
something
on
the
arm,
W
side
to
actually
turn
it
on,
and
that's
what
this
board
of
quest
does
and
actually
I
thought.
Maybe
I'd
share
my
screen
with
you
to
show
you
what
this
looks
like
and,
of
course,
I
have
several
terminal
windows
that
are
named
the
same
to
figure
out
which
one
this
is.
D
C
The
one
question
I
have
is
in
the
spec.
It
was
really
vague
on
like
what
an
event
was
and
how
good
in
capsulated
did
you
figure
out
what
kind
of
primitives
and
and
format
that
you
wanted
to
report
like
one
thing
would
be
useful
for
security
is
like
this
handshake
baled,
and
this
is
the
participant
I
tried
to
connect
to,
or
this
was
the
topic
I
tried
to
access,
and
this
is
such-and-such
what
reason
yeah.
D
There's
not
really
much
of
a
standard,
a
good,
a
good
example
to
go
off
of
those
you
can
use
this
pull
request
with
connect,
stand
actually
play
with
those
things.
I
was
gonna.
Show
you
ping
nabbit
will
show
you
an
example
of
exactly
a
an
unauthenticated
participant
joining
for
example,
and
it'll
show
you
that
it
failed
to
let
that
one
join
but
I
mean.
Basically,
it's
right
now
connects
logs
all
security
events
to
the
log,
along
with
everything
else,
so
it
this
isn't
actually
adding
anything.
D
It's
just
pulling
the
security
events
out
of
the
existing
login
and
allowing
it
to
be
extracted
into
another
system.
It's
not
actually
adding
any
information,
so
I
click,
Next
and
and
faster
DBS
is
gonna
work.
This
it
was.
It
works
the
same
way.
I
guess
is
landed.
Now
when
you
enable
security
logging,
you
actually
take
the
security
events
out
of
the
existing
log
and
you
pull
them
into
the
security
log.
D
F
I'll
have
the
moment
as
far
as
I
know,
things
are
looked
to
a
file
I
natural
bodka.
Next,
maybe
it
also
has
implemented
log
over
DDS,
but
that
you
can
choose
that
configuration
time
if
you
want
it
to
log
to
a
file
and
which
file
the
file
path.
And
if
you
want
it
to
look
also
over
DDS,
they
are
not
exclusive.
C
Winner,
this
may
be
a
little
bit
tangent.
Do
you
think
you
might
have
the
chance
later
to
write
a
sort
of
a
nerve
security
plug-in
like
it
does
all
the
checks,
but
it
doesn't
do
the
enforcement
now
Mike
it
and
might
help
with
synthesizing
these
events,
while
not
necessarily
blocking
the
topology.
The
graph,
like
you
want
to
do
a
dry
run
saying
you
know:
what's
what's
gonna
fail
with
these
security
policies,
but
don't
stop
my
application
because
it's
stateful
and
it
needs
to
reach
to
some
whatever
other
state
that
serves
yeah.
C
F
C
A
F
Yeah
yeah,
we
could
add
some
review
and
again
the
changes
are
actually
very
small.
We
just
want
you
know
a
check
on
the
new
environment
variables
we
are
introducing
and,
as
Kyle
mentioned,
the
design.
The
current
proposed
design
isn't
perfect,
but
we
don't
have
time
to
reiterate
over
it
for
this
cycle
and
we
can
totally
change
it
for
the
next
Ross
cycle.
D
Sounds
good
and
I
can
I
mean
I
can
give
you
guys
a
demo
outside
of
the
meeting
too,
but
yeah.
So
over
the
last
week
we've
been
working
on
moving
all
of
the
extras
to
API
that
was
just
sort
of
public
by
default,
but
not
actually
not
needing
to
be
public.
We
moved
it
private
and
we're
going
through
the
process
of
curating
the
public
API,
so
that
we
can
actually
agree
to
support
that.
For
you
know
the
LTS
that
is
foxy.
D
We've
got
a
document
started
that
outlines
the
the
functionality
that
we
that
we
think
we
need
and
what
it
might
look
like,
but
we
would
love
some
more
some
more
voices
there
and
you
know
the
ability
to
actually
make
a
decision
and
make
it
happen.
So
if
you
guys
want
your
voices
heard,
please
jump
in
on
that
doc.
Let
us
know
if
any
of
the
functionality
that
you
need
is
not
going
to
be
considered
public
and-
and
we
can
revamp
that
so
yeah
I
just
wanted
to
give
you
guys
the
link
to
that
doc
and.
A
Cool,
so
this
is
the
first
time
we
are
actually
done
ahead
unless
anyone
wants
to
cover
Mikhail's
discussion
about
that,
I
think
we're
I
think.
D
We
just
I'll
cover
that
real,
quick
I
think
we've
copied
it
from
the
last
agenda
because
that
what,
during
our
last
meeting,
we
thought
foxy
would
be
closed
by
now
and
we
could
we
could
make
a
call
on
this
or
but
it's
not
okay
and
the
contact
stuff,
The,
Enclave
stuff
is
still
sort
of
in
flight.
So
I
think
we
need
to
kick
this
one
more
time.
Okay,.
A
Cool
anybody
have
something
that
that
you
want
to
talk
about
then
once
twice
okay.
On
that
note,
everybody
gets
six
minutes
back.
So
have
a
great
rest
of
your
day
and
we'll
talk
to
you
in
two
weeks.