#opendaylight-meeting: OpenDaylight TSC Mtg - 05-15-2014

Meeting started by phrobb at 16:59:16 UTC (full logs).

Meeting summary

    1. dmm (dmm, 16:59:31)

  2. TSC Members please #info in (phrobb, 16:59:35)
    1. regXboi is on the way (regXboi, 17:00:44)
    2. Kent Watsen (kwatsen, 17:01:19)
    3. Ed Warnicke (edwarnicke, 17:02:47)
    4. regXboi has made it (regXboi, 17:03:12)
    5. Madhu Venugopal (Madhu_Idle, 17:03:17)
    6. Madhu Venugopal (for Chris Wright) (Madhu_Idle, 17:03:32)

  3. Agenda Bashing (phrobb, 17:03:45)
    1. welcome regXboi to TSC! (tbachman, 17:04:05)
    2. agenda bashing to a minimum in favor of creation reviews (regXboi, 17:04:29)
    3. Chris Price (ChrsPriceAB, 17:04:56)

  4. Creation Reviews AAA Service (phrobb, 17:04:57)
    1. https://wiki.opendaylight.org/view/Project_Proposals:AAA_Service (regXboi, 17:05:08)
    2. regXboi makes a scribe request to have the slides linked to the project proposal page (regXboi, 17:09:43)
    3. question about authorization being for the bundle itself (regXboi, 17:11:47)
    4. question and does this include certificates, etc. (regXboi, 17:12:04)
    5. answer yes, bundles would be signed and use osgi security to make this work (regXboi, 17:12:22)
    6. concerns mentioned on having an Auth system without audit capabilties (phrobb, 17:14:26)
    7. Ryan Moats (IBM) suggests he would like to see "Auditing" added to the AAA proposal (RobDolin, 17:19:49)
    8. Chris Price (Ericsson) asks if committers are interested in doing auditing (RobDolin, 17:20:37)
    9. discussion continues on the need for auditing vs the TSC mandating the addition of functions to a project brought forward (phrobb, 17:22:33)
    10. concerned raised that retro-fitting auditing is difficult so if it isn't part of the this proposal, fixing it's absence later will be hard (phrobb, 17:24:05)
    11. question for TSC "are we comfortable having authentication/authorization without auditing? (phrobb, 17:24:41)
    12. compromise suggested to have Auditing hooks at a minimum (phrobb, 17:25:12)
    13. regXboi volunteers to find resource to add at least auditing hooks… did i get that right regXboi ? (phrobb, 17:26:03)
    14. question asks on RBAC Auth - will there be roles, answer is "yes" (phrobb, 17:31:52)
    15. question: will this be mandatory for other projects to use (regXboi, 17:32:18)
    16. answer: that is out of scope for creation review (regXboi, 17:32:34)
    17. VOTE: Voted on "Shall AAA Service project be accepted into ODL as an incubation project?" Results are, +1: 7 (phrobb, 17:33:16)
    18. AGREED: AAA service is moved to Incubation (phrobb, 17:33:42)

  5. L2 Switch Creation Review (phrobb, 17:33:50)
    1. question - Reactive with Packet-In, but is there any pro-active behavior in this L2 switch? (phrobb, 17:40:40)
    2. no value-added service for pro-active planned. It is possible, but not inplan (phrobb, 17:41:19)
    3. lenrow (lenrow, 17:42:24)
    4. the project can add proactive as an addition to flow-writer service… this will be added as an official feature (phrobb, 17:42:30)
    5. quiet applause for the inclusion of lenrow as the newest TSC member (phrobb, 17:43:25)
    6. question how will L2 switch interact with other sevices such as simple forwarder? (phrobb, 17:45:23)
    7. A: L2 switch and other services will need to be configurable to avoid conflicts (phrobb, 17:46:15)
    8. Q: what is the view of the project regarding dealing with tunnels and packets where L2 can talk about both an inside and outside header? (phrobb, 17:48:07)
    9. additionally, can we recurse through this to get interesting vswitch behavior where pealing off encapsulation to do multi-level decoding (phrobb, 17:49:33)
    10. not to mandate scope, just wanting to understand how that would work (phrobb, 17:49:56)
    11. for Multi-tenancy there are as yet unscoped features that will be interesting in this project (phrobb, 17:51:20)
    12. more investigation will be needed for multi-tenancy and the full system-wide implications (phrobb, 17:52:48)
    13. As a general project proposal comment, scoping the project is separate from feature-sets planned for a given simultaneous release (phrobb, 17:53:49)
    14. VOTE: Voted on "Shall L2 Switch project be accepted into ODL as an incubation project?" Results are, 0: 1, +1: 6 (phrobb, 17:58:03)
    15. AGREED: L2 Switch is moved to incubation within ODL (phrobb, 17:58:20)

  6. Creation Review Service Function Chaining Project (phrobb, 17:58:41)
    1. Thank you to everyone on behalf of the L2 Switch Project team! (raghu67, 17:59:03)
    2. https://wiki.opendaylight.org/view/Project_Proposals:Service_function_chaining (regXboi, 17:59:38)
    3. Q how does this relate to NSH? (phrobb, 18:09:54)
    4. A: NSH shims between the transport headers and the original payload (phrobb, 18:10:15)
    5. Q what is openflow doing here? (phrobb, 18:11:26)
    6. Q: How does the instantiation of services occur?…A: this project assumes that the service is instantiated outside of the scope of this project (phrobb, 18:13:27)
    7. Q what service chaining types will be possible in this first version? (phrobb, 18:15:02)
    8. VOTE: Voted on "Shall Service Function Chaining project be accepted into ODL as an incubation project?" Results are, +1: 7 (phrobb, 18:19:05)
    9. AGREED: Service Function Chaining is moved to Incubation (phrobb, 18:19:23)

  7. Secure Network Bootstrapping Infrastructure Creation Review (phrobb, 18:20:02)
    1. https://wiki.opendaylight.org/view/Project_Proposals:Secure_Network_Bootstrapping_Infrastructure (regXboi, 18:20:06)
    2. regXboi thanks snbi team for linking slides to proposal page (regXboi, 18:21:11)
    3. Q: the tunnel infra is created hop by hop. Is the encryption hop by hop? A: Yes, encryption is hop by hop (phrobb, 18:30:28)
    4. Q: Do you assume the virtual forwarding elements will also be part of this? (phrobb, 18:34:14)
    5. Q: Does this framework only work for physical forwarding elements or will this also work for virtual forward elements… particularly when there can be many, many virtual forwarding elements? Particularly with certificates that are replicated on virtual devices? (phrobb, 18:36:00)
    6. be sure to take a look at draft-kwatsen-netconf-zero-touch too ;) (kwatsen, 18:36:07)
    7. A: that is a very good question. There will need to be a method to handle virtual FEs in this case (phrobb, 18:37:34)
    8. middle attacks in hop by hop encryption where virtual FEs are present is a concern (phrobb, 18:38:31)
    9. https://lists.opendaylight.org/pipermail/project-proposals/2014-April/000137.html - project proposal submitted Apr 29 (edwarnicke, 18:38:51)
    10. Nothing will be done new in how communication happens using certificates and encryption. (phrobb, 18:41:31)
    11. https://wiki.opendaylight.org/view/Project_Proposals:Main#Instructions_For_Submitting_New_Proposals - emailing project-proposals is (currently) the point of reference for a proposal actually being submitted :) (edwarnicke, 18:41:33)
    12. concern/suggestion is that it is better to do end to end encryption from each FE instead of hop-by-hop encrypt/decrypt. (phrobb, 18:42:14)
    13. there is a trade-off in End to end encryption and encryption methods supported and performance vs hop by hop encryption on this management channel (phrobb, 18:44:27)
    14. A it is noted that end to end encryption can still be done outside of this mgmt channel (phrobb, 18:44:55)
    15. Q: does the user get to choose the strength of the encryption? (phrobb, 18:45:37)
    16. A: It is possible for the user to be able to choose (phrobb, 18:46:00)
    17. concern is to deal with export restrictions etc for different uses/locations (phrobb, 18:46:33)
    18. the scope of encryption strength may not fall in Helium/Lithium but it will be possible (phrobb, 18:47:15)
    19. can a non snbi enabled FE be part of the network? (regXboi, 18:48:28)
    20. Q: elements may not support this feature. If it doesn't, what will happen?… will the FEs be excluded from the topology? (phrobb, 18:48:38)
    21. Madhu asked about what happens if some intermediate node does not have this capability (edwarnicke, 18:48:45)
    22. A: intermediate FEs may end up being separate islands in the mgmt channel, but that should not prohibit connectivity - it will just need to be manually added (phrobb, 18:50:49)
    23. Madhu vote +0 (regXboi, 18:53:38)
    24. (Madhu lost battery, so voice vote above) (regXboi, 18:54:18)
    25. (dmm lost connectivity, so voice vote) (regXboi, 18:54:32)
    26. dmm +1 (regXboi, 18:54:34)
    27. VOTE: Voted on "Shall Secure Network Bootstrapping Infrastructure (SNBI) project be accepted into ODL as an incubation project?" Results are, +1: 5 (phrobb, 18:54:47)
    28. adjustment to +1 6, 0 1 (regXboi, 18:55:10)
    29. AGREED: SNBI moved to Incubation (phrobb, 18:55:19)

  8. NDM Renaming request (phrobb, 18:55:54)
    1. NDM project assumed that ONF would name the standard NDM (regXboi, 18:56:31)
    2. ONF has changed the specification name to TTP (regXboi, 18:56:52)
    3. so project would like to change its name to TTP to align with ONF better (regXboi, 18:57:11)
    4. The project was called NDM because ONF was planning to make the effort called NDM. The ONF has changed the name to the TTP (Table Type Patterns) (phrobb, 18:57:35)
    5. so project would also like to change repo name to ttp (regXboi, 18:57:36)
    6. Q: are we also looking to change the project name to TTP (no objection, just want to make sure we have clarity on the question)  (phrobb, 18:58:50)
    7. A: Repo and Project name is requested to be changed to TTP from NDM (phrobb, 18:59:23)
    8. AGREED: The NDM project and repo name will be changed to TTP (phrobb, 18:59:46)
    9. call dropped... but I do not object (edwarnicke, 18:59:49)


Meeting ended at 19:01:04 UTC (full logs).

Action items

  1. (none)


People present (lines said)

  1. phrobb (70)
  2. regXboi (42)
  3. odl_meetbot (23)
  4. edwarnicke (20)
  5. Madhu (12)
  6. ChrsPriceAB (10)
  7. lenrow (8)
  8. RobDolin (8)
  9. kwatsen (7)
  10. dmm (5)
  11. Madhu_Idle (2)
  12. tbachman (1)
  13. raghu67 (1)
  14. mlemay (1)
  15. regxboi (0)


Generated by MeetBot 0.1.4.