Date

25 Jan 2017

Attendees

  • Silvia d'Ambrosio
  • Nino Ciurleo
  • Linus Nordberg
  • Magnus Ahltorp

  • David Schmitz

     

Goals

 

  • Status Updates of work items (FOD/SecEventProcessing/CT)
  • Status of DDoS Detection/Mitigation WG
  • F2F-Meeting-Planning
  • Review Open Action Points from last VC(s)
  • AOB

Discussion items

TimeItemWhoNotes
 Fod Status 
  • Tomas implemented port range feature for new git version of FOD (with python 2.7).
    • started to tested at FOD test machine(s), (Tomas will provide vagrant scripts to allow to identically recreate his test VM)
    • seems not to be fully working yet (GUI form field does not accept any input)
 DDoS Detection/Mitigation WG 
  • RadWare POC at GARR
    •  started together with one GARR user institution (CNR) in December for 3 months, Nino will provide experience about it later when it is available-
    •  currently in learning mode (link between GARR and CNR) to determine baseline
  • fastnetmon testing at GARR:
    •  cooperation with University in Milano regarding the use of 1G Intel NIC supported by fastnetmon in full capture mode (no sampling necessary)
  • new Foodle for DDoS D/M WG VC
    • Tomas plans to present new CESNET DDoS detection/mitigation system (washing machine) there
  • DDoS D/M Survey:
    • -> extend duration and extend list of receiver mailing lists (e.g. NREN NOCs)
    • -> find suitable candidates: e.g. APM mailing list
    • -> discuss with Evangelos about it
 CT status 
  • Currently working on the 0.10 release, basically planned for release on 2017-01-31 (next week)
    • work on parallel processing of batched certificates, especially for phase where a new log is joining
    •  work on (automated) distributed key/config management
    • testing of it to be done

  • Gossip IETF draft
    • last call, for 1st of Feb, draft would get experimental RFC
    • cancel request by Linus because of missing implementation,
    • but after discussion in the IETF group mailing list he thinks about withdrawing the cancellation as missing implementation is not an issue for experimental RFC
    • nevertheless, Mozilla and Google are now thinking more about an implementation, especially as now a co-author of Gossip Draft is working now for Mozilla

  • Task-internal Demo (user view of CT) planned for mid-Feb 2017
 F2F Meeting Planning 
  • new Foodle for it, but answer may be hard if place of meeting not know (because of voyage duration)
  • Maybe Tomas can present the new CESNET DDoS detection/mitigation system (washing machine) live there.
 Next regular T6 VC Next VC: 08.02.2017, 14:15-14:45 CE(S)T

Action items

  • David: discuss with Evangelos about suitable new candidate NOC mailing lists for DDoS survey extension
  • all: think about potential new candidate NOC mailing lists for DDoS survey extension
  • Linus, Magnus: start to think about/prepare CT demo
  • all interested in DDoS D/M WG: fill new foodle
  • all: Next regular T6 VC: 04.01.2017, 14:15-14:45 CE(S)T