2024-08-29 Meeting notes
Date
Attendees
Name | Present | Planned Absences |
---|---|---|
Yes | ||
Yes | time collision | |
Kevin Day | Yes | |
Jens Heinrich | Out next week |
Discussion items
Time | Item | Who | Notes |
---|---|---|---|
5 min | Proxy for Dev-Setup | John + Team |
Today:
|
5 min | Cookie SameSite topic raised in Slack | Team + Zak |
Today:
|
1 min | Update on SECURITY-159 / FOLIO-4012 | Craig | We're on track here. Ian H. applied mitigation. Upgrade will happen when John Malconian returns from vacation.
Today
Response from John on : the ID side of the DevOps team is in a state of flux. We are in the process of hiring a DevOps person who can dedicate a certain percentage of their time to FOLIO Devops. At the moment, we are stretched thin and do what we can which is mostly triage at the moment. - FOLIO-4012Getting issue details... STATUS Still need to schedule this, but aiming to complete before Sept 1. NOTE: Sept 1 is this Sunday, and next week is a holiday in the US, so I guess we'll just check in with John again next week? |
0 min | Jira Group and Security Level review | Team | From Craig in slack:
TODO:
Today:
|
< 5 min | Team |
Today:
| |
25 min | Anything Urgent? Under Review Filter: Getting issues... | Team |
Today:
|
Topic Backlog | |||
Time permitting | Advice for handling of sensitive banking information | Team | From slack conversation, I think I've gathered the following:
Let's review and discuss before providing this feedback to Raman. Axel Dörrer also suggested that defining classes of sensitivity could help teams determine which techniques are applicable in various situations. I agree having some general guidelines on this would be helpful.
It would probably help to provide concrete examples of data in each class. This can be a longer term effort, we don't need to sort out all the details today.
Today: Axel Dörrer to do a first draft as a base for further discussions |
Status on pentesting works within Network traffic control group | Due to some absences on different reasons the group stalled. Axel will try to reactivate the group. |