►
From YouTube: ROS 2 Security Working Group (2020-02-11)
Description
Meeting notes: https://wiki.ros.org/ROS2/WorkingGroups/Security
A
B
So
so,
really
the
status
of
this,
as
far
as
I
can
tell
is
that
there
are
numerous
pull
requests
pending
for
both
our
CL
arm,
W
and
fast,
our
TPS.
To
enable
this
switch
on
our
side.
We
need
to
actually
start
supporting
the
context
in
our
policies
which
rough
and
you
have
good
timing.
I'm
gonna
ambush
you
now,
which
is
something
that
Ruffin
said,
he'd,
be
able
to
do.
I
I
wanted
to
talk
about
both
the
latest
status
that
we
have
on
on
our
side
of
this.
B
B
C
B
C
B
The
yeah
there's
there's
several
poor
requests
that
you
can
take
a
look
at
the.
If
you
look
at
the
agenda,
you'll
see
at
least
the
RCL
one,
but
I'll
share
that
as
a
link
here
as
well.
That's
really
where
the
meat
of
this
is
happening
and
then
you'll
find
fast,
our
TPS
and
arm
W
ones
that
are
related
as
well.
You
know,
depending
on
how
far
down
this
deck,
you
have
a
look,
but
but
that's
the
that's
the
big
one
right
there,
but
to.
D
Answer
your
question:
roughing
the
main:
it's
amazing
we
just
get
silent
changed,
so
the
pubs
that
need
to
change
in
their
suicides
are
all
the
same,
and
so
what
we
assess
last
time,
I
was
messing.
I
haven't
been
in
the
tea
is:
what
is
he
actually
default
name
of
the
context
in
the
quraan
tio,
so
that
yeah
I
think
we
need
to
know
otherwise
like
that
will
be
more
less
the
same
and
they
are
us
besides.
B
C
B
D
Sorry
I
was
muted.
Sorry,
there
was
an
ego
so
yeah.
My
understanding
was
that
we
would
have
like
two
different
thread
structures,
because
if
we
can
actually,
if
you
put
everything
and
are
just
the
context
thing
but
have
different
permissions
file
and
the
different
subfolders
for
node
I'm,
not
sure
how
it
didn't
work
on
the
RCL
side,
if
we
don't
give
a
single
permission
file
for
the
entire
box
events,
so
my
understanding
was
that
we
would
have
just
an
option
in
the
tool
in
the
command
line
of
the
tool,
which
is
just
use
the
context.
D
And
then
we
would
like
collapse
of
the
permissions
of
the
other
things,
use
a
single
identity
and
and
create
one
thing,
a
permission
file
for
everything
in
the
context
and
if
that
is
not
specified
which
keep
the
current
behavior,
which
is
just
like,
when
does
it
enter
node
and
to
one
identity?
Panel
you're.
B
D
B
D
C
D
B
D
To
be
very
fair,
I
would
have
preferred
if
we
could
like
keep
this
idea
of
participant
and
have
a
way
to
implement
this
logic.
That
cyclin
has
which
is
just
like.
Let's
use
the
same
communication
specs
if
we
need
to
but
like
have
different
official
facilities
and
in
the
new
years
like
because
it
allows
us
to
keep
access,
control
and
everything
simple
participant.
Oh
yeah,.
B
A
Yeah
so
I
think
we're
at
the
end
of
our
ten
minutes
for
this
section.
If
we
want
to
continue
this,
maybe
we'll
start
am
a
thread
in
matrix.
So
then
I'm
just
trying
to
keep
us
on
track
for
this
meeting.
The
next
discussion
again
cut
hard
in
the
discussion
today.
Just.
D
C
C
B
Shoot
well
we'll
make
sure
we
get
you
advantage
of
the
matrix
room.
Okay
and
and
we'll
have
we'll
have
a
more
detailed
conversation
there
actually
I
guess
we
don't
need
to
invite
him.
Do
it
go
go
here
and
you
should
be
able
to
just
join
it
or
obviously
we
can
chat
on
this
course
as
well.
Okay,
now
now
we
can
move
on
Joe.
A
Well,
this
is
a
very
interesting
topic
that
I
think
will
be
an
easy
way
to
increase
overall
security
once
again,
not
going
for
that
impenetrable,
lock,
but
just
to
add
a
really
good
layer
in
that
we
can
build
on
to
improve
security
down
the
road
so
Kyle.
This
is
your
s
across
to
default
policy.
Yeah.
B
B
And-
and
so
let
me
let
me
try
to
expand
on
this
a
little
bit
one
of
the
problems
with
enabling
a
let's
ignore
access
control
for
a
second
listen.
One
of
the
problems
with
enabling
encryption
by
default
is
that
every
debug,
tooling,
every
every
tool
you
want
to
use
would
need
to
have
a
key
pair.
We
need,
you
know
to
mean
it's
it's.
B
B
So
you
could
actually
make
all
your
debug
tools,
look
there
and
then
yeah
that
one,
it's
basically
the
same
idea,
but
using
an
agreed
upon
context,
name
for
that
type
of
tooling,
so
that
you
can
actually
have
an
encryption
enabled
by
default
and
still
just
use
those
tools
and
then
in
production
mode.
Maybe
that's
something
you
can
turn
off
it
defends
against.
B
I
mean
right
now
by
default,
when
you're
using
Ross
everything's
just
happening
in
the
clear
right
and-
and
if
you,
if
you
don't
know
any
better
and
you
stand
you,
you
know
start
selling
a
robot
like
that.
That's
that's
problematic,
but
even
just
encrypting.
Everything
with
the
same
keys
is
better
than
that.
B
B
C
B
C
This
is
a
slightly
different
because
we're
like
a
distributed
framework
very
real,
spoke
kind
of
framework
to
you.
You
have
one
kind
of
key
server
tool,
she's
like
any
more
than
one
and
then
the
user,
when
they
like
wanting
attitude
under
device
or
robot,
is
that
they
roll
and
they
register
the
node
device.
A
That's
a
great
idea,
I'm
thinking
of
if
anybody
here
is
used
flasks,
so
by
default
I
like
the
Python
flash
module
if
you
started
up
in
SSL,
so
it's
it's
a
lightweight
web
server.
It's
like
Django
bit
simpler.
It
started
up
using
SSL,
it
just
generates
its
own
key,
but
it
prints
out
a
message,
basically
saying
that
it's
you
know,
there's
a
self-signed
certificate.
So
maybe,
if
we
have,
you
know
sort
of
a
dev
mode
version
of
it,
we
have
it
print
out.
A
Maybe
we
have
it
print
out
some
sort
of
message
like
that.
So
it's
easy
to
easy
understand.
This
shouldn't
be
shipped
into
production.
I
would
I,
would
I
want
to
make
sure
we
we
don't
we
don't
design.
We
don't
spend
too
much
time
designing
something
that
and
never
get
it
actually
out
the
door,
but
I
also
don't
want
to
designs
in
this
that
fools
us
in
the
complacency.
So
maybe
we
can
also
once
again
follow
up
offline
with
with
design
options
and
and
see
what
we
can
do
and
was
there
anything
else.
B
Something
else
to
consider
is
is
ignoring
the
the
encryption
by
default,
which
actually
I
mean
it
has
other
ramifications
right,
which,
which
Miguel
pointed
out
right
performance
ramifications
that
things
that
people
may
not
want
to
opt
into
about
to
fall.
The
a
very
very
similar
problem
is,
is
really
you're.
B
Just
talking
about
the
developer
tooling,
like
let's
say,
let's
say
it
wasn't
an
able
of
by
default,
but
once
you
do
enable
encryption
once
you
do
enable
you
know
the
the
security
plugin
is
where
you
need
the
key
store
and
stuff,
then
you
get
into
the
position
of
the
debug
feeling
really
being
really
hard
to
use,
especially
now
that
at
least
with
the
way,
the
RCL
is
they're.
Removing
that
node
path
variable.
B
It
can
be
yeah,
it
will
list,
and
it's
one
of
the
things
that's
making.
There's
I
think
they're
willing
to
put
it
back.
If
we,
if
we
argue
about
it
but
I,
feel
like
if
we,
if
we
can
agree
on
like
a
a
tooling
context
name
to
use,
then
that's
something
we
can
enable
in
if
developer
mode
is
enabled
in
the
S
rust
to
CLI,
so
that
all
of
the
developer
tools
are
useful.
C
B
D
D
A
D
Any
Rafi
and
I'll
send
you
a
link
to
that
part
of
the
thread
because
I
know,
like
you've,
been
the
biggest
user
and
advocate
for
that
node
variable
that
I
in
love.
Using.
Does
that
feel
like
more
your
thing
and
I
thought
I?
Thank
you,
but
maybe
I
didn't
on
it.
So
I
just
thank
you
so
that
we
can
improve
on
that
as
well
and.
B
A
Cool
okay,
great
I'll,
take
any
action
that
we're
just
gonna
explore
this
some
more,
and
maybe
we
talk
about
again
when
we
meet
in
two
weeks
in
the
next
topic
is
so
someone
on
github
I'm
sorry,
someone
had
suggested
integrating
quality
categories
into
the
packaging,
and
so
can
we
integrate
security
with
that.
So
my
Kyle
your
names.
Next
to
this
one,
you
can
of
course
run
with
it
again.
I
can
go.
B
B
It
is
a
proposal
to
introduce
package,
quality
categories
and
and
know
we're
in
here.
Right
now
is
his
security,
discussed
and
and
I
think
William
would
would
like
there
would
like
it
to
be
there,
but
would
like
our
input
in
order
to
to
have
it.
I
think
this.
This
impacts
the
other
side
of
the
vulnerability
disclosure
policy
that
we've
been
working
on.
B
There
needs
to
be
a
clear
way
for
for
those
vulnerabilities
to
be
disclosed
to
individual
package
authors
and
also
for
us
to
know
whether
they're
going
to
be
responsive
to
those
or
not,
and
that
can
kind
of
come
back
to
our
VDP
scoping
right.
So
if
we
can
have
a
set
of
categories
that
include
yes,
I
will
be
responsive
to
vulnerability
disclosures
within
a
certain
time
frame.
Then
that
can
trickle
all
the
way
back
to
our
VDP,
and
we
can
say
we
cover.
We
cover
projects.
B
You
know
in
the
in
the
standard
library
that
make
this
quality
standard
and
that's
something
that
I
think
that
makes
a
lot
of
sense,
but
but
it's
something
that
needs
some
thought
and
so
I
wanted
to
make
sure.
We
were
all
aware
that
this
was
out
there
and
and
to
start
thinking
about
it,
and
please
please
comment
on
that.
Pr
is
appropriate.
A
Maybe
just
food
for
thought:
in
soon
abouttwo
we've
got
you
know
main
and
universe
and
to
get
into
main
a
package.
We
do
a
main
occlusion
review.
So
we
review
everything.
We
review
the
history
of
CDs
package
up
to
et
cetera,
but
we
take
a
look
at
the
time
from
vulnerability
being
disclosed
attempt
to
patch
and
use
that
to
verify
whether
not
it
could
be
in
main
so
I
would
say
this
isn't
a
totally
new
concept.
A
It's
just
me
applying
something
I
think
that
works
pretty
well
for
for
for
our
open
source
project,
but
you
know
layering.
This
doubles
works
project
on
top,
so
I
think
that
would
be
a
I
think
it'd
be
some
criteria
that
we
can
set.
I
think
we
even
have
another.
Oh,
not
often
used
community
supported
packaging
in
our
universe,
which
basically
someone
you
know,
I'd
use
an
example.
I
don't
know.
Gnome
has
said,
it'll
support
this
package
and
they'll
guarantee
to
take
care
of
it
in
this
manner.
B
That
was
that
was
the
biggest
feedback
I
had
after
a
quick
read
through
this
was
I
think
the
goal
is
admirable,
but
there
needs
to
be
a
way
for
users
to
actually
consume
that
and
and
and
there
isn't
right
now
and
actually
I
used
our
components.
Our
repositories
is
an
example
of
a
way
to
do
that.
Ross
only
has
the
one
component
right
now,
but
they
could
using
product
category
project
categories,
split
it
out
into
multiple
components
now
I
mean
that's
obviously
been
to
specific.
But
but
the
idea
is
is
an
interesting
one.
Right.
D
That's
an
idea
I,
like
actually
I
mean
my
self-assembly
milk
I,
haven't
put
in
my
river
yet,
but
I
feel
merciful
requests
for
the
Ross
to
spend
on
average
library
where
it
could
actually
be
a
way
to
define
the
rest
and
on
library
which
is
like
what
is
considered
as
standard
library,
highly
reliable.
It
also
also
like
security
patched
and
and
basically
meets
all
these
criterias
at
all.
D
In
this
like
level
one
tool,
and-
and
at
that
point
we
could
just
say
that
the
working
group
and
the
good
lvd
basically
like
cover
only
that
and
so
yeah
I,
don't
know
in
which
rap
which
would
it
should
be,
but
I
totally
agree,
attack
an
ID
and
everyone.
Most
people
using
rows
are
familiar
with
Ubuntu
ACO
system,
and
so
it's
not
going
to
be
foreign
to
everyone.
D
If
we
take
that
example
I'm
having
the
officially
support,
you
think
four
companies
would
be
very,
very
valuable
because
it
would
say:
okay,
I
know
that
anything
in
that
list
is
okay,
anything
nothing.
That
least
requires
closer
attention,
so
I'm
all
up
for
it.
Regarding
security,
things
itself,
I,
don't
know,
like
my
only
concern
with
this
self-declared
quality
level,
is
the
self-declared
pulp.
D
A
A
Thinking
on
whether
or
not
like,
if
you,
for
instance,
if
you
run
a
tool
like
Coverity
on
Python,
it
doesn't
give
you
a
response
back
on
actual
the
security
of
Python
just
on
the
code
quality
more
than
if
you
run
Coverity
against
C
it'll,
actually
give
you
the
the
vulnerability
assessment
as
well.
So
it's
it's.
We
used
to
be
careful
that
we
don't
give
false
positives,
so
we
have
to,
but
it's
a
great
idea:
what's,
let's
think
it
through
come
every
season.
B
In
some
respect,
talking
about
like
the
self-certifying
aspect
of
this
right,
especially
if
we're
three
good
with
regards
to
handling
disclosures
right,
it
requires
the
the
maintainer
to
to
make
a
guarantee
of
some
kind.
Whether
or
not
they'll
meet
it
is
is
one
thing,
but
they've
said
they
will
right
and
automatic
scanning
isn't
really
I
mean
said.
It's
me,
I
guess,
I
think
it's
interesting
and
important,
but
it's
it's
a
little
bit
tangential
to
to
what
they're
trying.
A
B
A
D
B
D
D
A
We
started
using
a
new
tool:
go
security
as
part
of
our
when
we're
looking
at
go
packages.
So
yeah
stuff
comes
out
all
the
time,
so
cool,
okay,
Pam
will
I
just.
C
C
B
C
B
A
Okay,
cool
and
then
the
moving
on
to
the
last
topic
for
today,
/
technically,
but
will
will
gender
soon
because
it's
a
short
one,
Kyle
again
Kyle
just
get
more
people
involved
in
the
topic.
Discussions
is
actually
a
good
topic
yeah.
This
was
to
get
announced.
Take
it
so
you
don't
have
the
only
one
talking
this
whole
tool.
Yeah
get
people
to.
Maybe
if
they
want
to
you
in
the
beginning
or
maybe
we'll
do
it.
Actually,
let's
do
it
at
the
end.
A
So
we
have
time,
for
everybody
will
carve
off
ten
minutes,
maybe
or
five
minutes
coming
up
how
many
people
are
on
the
call
to
talk
about
the
what
they've
been
working
on
in
the
security
space
since
the
last
call.
So
we
could
talk
about
some
of
the
work
we're
doing
with
odl,
etc
then
going
forward,
maybe
having
people
do
that
sort
of
like
a
quick
stand
up
and
we'll
time
box
it.
So
you
only
have
a
minute
or
something
depending
upon
the
number
of
people
on
the
call
all
right,
they're
people
in
agreement
with
that.
A
A
D
Would
be
interested
in
exhaust
specific
topics
that
I'm
interested
in
hearing
more
about
that
have
been
mentioned?
Sometimes
that's
like
not
exposed
to
Z,
so
I,
don't
know
if
it's
something
that
we
can
like
be
put
on
the
agenda
ahead
of
time.
Saying:
okay,
I
would
like
to
see.
Okay,
I
talked
about
this
awesome
thing
and.
A
B
D
B
B
A
Discourse,
but
we
can
put
it
open,
encounter
absolutely
everyone,
it
cost
overall
at
it
absolutely,
and
maybe
if
we
have
a
really
interesting
topic,
we
can
do
a
separate
if
there's
enough
people
we
can
do
a
know
about
you,
but
sometimes
we
can
go
over.
Things
can
take
a
long
time
to
discuss
in
a
chat
or
an
email
or
a
github
pull
request.
A
If
there
is
something
that's
critical,
we
can
always
do
a
one-off
call
and
devote
it
to
one
specific
topic,
but
well
also
the
time
box
that
so
we
don't
delve
down
to
bike
shedding
of
everything
about
that.
So
roughly
I
think
we
were.
You
had
one
last
thing
to
know:
yes,
I'm
a
make
a
tree
of
your
chance.
A
A
So
what
we
remember
now
we're
meeting
twice
a
month
instead
of
once
a
month,
so
we've
got
much
more
time
to
chat
and
if
we're
finding
that
a
half
an
hour
is
too
short
we
didn't
extend.
These
is
sometimes
hard
with
everybody's
calendar
to
get
an
hour,
but
we'll
try
half
an
hour
for
a
few
more
cycles
and
see
how
this
goes
before.
We
try
to
steal
more
of
your
time.
A
Okay,
cool
I,
put
in
the
notes,
so
I'll
be
able
to
bug
you
about
it:
cool,
okay,
well,
everybody
thank
you.
So
much
for
joining
will
post
these
on
this
course.
All
the
notes
from
today
well
I'll
update
the
calendar
and
write
to
have
these
notes
in
it
and
we'll
have
next
time.
So
have
a
great
rest.
Your
day,
everybody
thanks
for
joining
awesome.