Equinox Security - Weekly Status

Overview

We'll be hosting a call on Tuesday mornings from 10:00-11:00 EST to discuss progress and problems over the previous week. We'll also make time to lay out upcoming development and technical issues that require discussion.

The agenda will be driven via a page on the wiki.

Call in details: (866) 880-0098 w/passcode 9639110

Add to calendar:

Tuesday Oct. 23, 2007

Meeting attendees:

  • Pascal Rapicault (P2)
  • Jeff McAffer (Equinox lead)
  • Matt Flaherty
  • Ted Habeck
  • Tom Watson
  • Oleg Besedin
  • Eric W Li

Updates:

  • Dove right into the P2 discussion.. Overview of needs:
    • Verify signatures on content as it is downloaded
    • UI for signature information about signed content
    • UI for certificate details attached to a signature
    • Prompt for trust when downloading signed content
    • Secure connections to the repositories
    • Prompt for passwords, etc when connecting to repositories
    • Prompt for trust when making SSL connections to repositories
    • UI for managing trusted certificates for SSL
    • Protect platform from users not authorized to update (potentially NOT SecurityManager based)
    • FUTURE: a way to model "trusted repositories" that will allow content to bypass ancillary signature checks
    • FUTURE: a method to secure data (probably encrypt) is some storage area
    • FUTURE: permissions for install related actions

Actions:

  • Matt and Pascal to work detailed requirements into existing and new Bugzillas via equinox-dev
  • Tom and Matt to look over .provisional verifier API and come up with a graduation plan.
  • Matt, Eric and Jay to produce high-level overview for security model by COB Monday
  • Matt to invite Scott Lewis of ECF to a security meeting
  • Matt to reach out to the UI designers w.r.t. prompting and management UI for alerts

Tuesday Oct. 16, 2007

Meeting attendees:

  • Paul Trevithick (Higgins)
  • Mary Ruddy (Higgins)
  • Matt Flaherty
  • Ted Habeck
  • Tom Watson
  • Oleg Besedin
  • Eric W Li
  • Jay Rosenthal

Updates:

  • Paul gave an overview of Higgins, we focused on the end user scenario of Eclipse RCP as an "Identity Agent"
  • Discussed some of the details of protecting the local CardStore (if necessary). Pins vs/in addition to Master passwords were discussed. Paul & Matt to follow up.
  • Walked through the Eclipse scenario of needing a secure 'password manager' for CVS passwords, etc. Paul will investigate legacy support for Name&Password.
  • Matt and Tom discussed Unit test/performance test scenarios for signed jar verification code.
  • Tom and Matt on proxy code in ExtLoginModule code
  • Eric committed some code to Incubator branch of org.eclipse.osgi around security alerts

Actions:

  • Matt & Paul to keep in touch wrt. master passwords/pins and name/password support
  • Matt & Tom to work up a performance/unit test plan by 10/30
  • Tom creating cleanup Bugzilla & patch for auth code.
  • Eric and Jay to create Wiki design doc for policy and alerts code
  • Matt to try and schedule P2 discussion next week
  • Jay and Eric to reach out to ECF on SSL policy/API usecase

Tuesday Oct. 09, 2007

Meeting attendees:

  • Matt Flaherty
  • Ted Habeck
  • Tom Watson
  • Oleg Besedin
  • Eric W Li
  • Jay Rosenthal

Updates:

  • Matt quick update on java.security and configuration UI work. Announced Higgins interop meeting next week (10/16).
  • Tom and Oleg discussion on UserAdmin and how it intersects with JAAS. UserAdmin feels like a user registry for OSGI. Matt&Oleg to learn more.
  • Ted and Oleg on JVM agnostic permission sets. Question "what permissions do I need granted in order to run on any JVM?" Ted has answer, just refining brevity of UI.
  • Jay, Eric on policy API for security operations and associated UI. Will check in proposed API (across install-time,load-time & SSL) ASAP, and post doc on Wiki by next meeting
  • Tom and Matt dive on provider APIs, will continue discussion in Bugzilla

Actions:

  • Matt and Tom to finalize provider API
  • Eric and Jay to commit code and create Wiki doc
  • Matt to look into UserAdmin with Oleg
  • Jay and Eric to reach out to ECF on SSL policy/API usecase

Tuesday Oct. 02, 2007

Meeting attendees:

  • Matt Flaherty
  • Ted Habeck
  • Tom Watson
  • Oleg Besedin
  • Eric W Li

Updates:

  • Tom gave updates on Equinox Summit: P2 security and login were big interest. Trusted bundles (ie: load-time) seemed to go over well as a looser grained authorization solution
  • Talked at length about potential consumers of login, including newcomers like R.A.P. (RCP server side). Need to decide on a login integration point
  • Matt talked about completion of security M2. Provider plumbing is mostly in place, some configuration UI, all code is Equinox code-style compliant
  • Oleg gave Equinox Summit updates: saw interest in JAAS, roles, load-time (trusted bundles)
  • Discussed role-based authorization decisions based on JAAS

Actions:

  • Matt to start discussion on p2 security model going forward on equinox-dev
  • Tom to look over some of the security API, eye towards non-typical Lotus scenarios like server-side (use of statics, etc)
  • Eric and Jay are working on API and UI for code security based alerts, will get with Tom to discuss .provisional jarverifier code
  • Matt and Oleg to go over security function, agree on exposed API
  • Ted working on JRE-agnostic scanning results

Tuesday Sept. 25, 2007

Meeting attendees:

  • Matt Flaherty
  • Ted Habeck
  • Tom and Oleg did not attend (at Equinox Summit)

Updates:

  • Discussed integration of o.e.e.security.boot.*, o.e.e.security.provider and o.e.e.security.provider-feature into the Equinox build
  • Brainstormed potential enhancements to the SWORD4J scanning on Equinox site: using a database backend to store code snippets, link to bugzillas
  • Talked about upcoming UI work for viewing security config, and touch-less secure launch

Actions:

  • Matt to start discussion on p2 security model going forward on equinox-dev
  • Matt to create security configuration viewer UI and default java.security file
  • Matt to create demo and documentation for provider work
  • Eric and Jay will generate proposal for policy API and UI for load-time alert
  • Ted to consider lowest-common-denominator results for scanning that accommodates different JREs

Tuesday Sept. 18, 2007

Meeting attendees:

  • Matt Flaherty
  • Ted Habeck
  • Oleg Besedin

Updates:

  • Discussed completion status of 1.5 provider work. 1.4.x functionality will be implemented next
  • Code cleanup discussion. Most plugins have Equinox code standards applied except for o.e.e.security.boot.* and o.e.e.security.provider
  • Looked at ViewCVS integration of code scan results. Sample (might not be up long)
  • Discussed condition where different scans will be generated depending on JRE upon which scan has been run.
  • Discussed Equinox Summit participation for security. Neither Ted nor Matt are coming, but Matt will help with slides for Oleg.
  • Tom graciously applied HEAD changes in o.e.osgi to security incubator

Actions:

  • Matt to start discussion on p2 security model going forward on equinox-dev
  • Matt to complete 1.4.x provider work and generate stand-alone feature
  • Matt to create demo and documentation for provider work
  • Eric will generate proposal for UI for load-time alert
  • Ted to consider lowest-common-denominator results for scanning that accommodates different JREs
  • Oleg and Matt to work on slides for Equinox Summit
  • Oleg to apply Equinox code standards to o.e.e.security.boot.* and o.e.e.security.provider.

Tuesday Sept. 11, 2007

Meeting attendees:

  • Matt Flaherty
  • Eric W Li
  • Ted Habeck
  • Oleg Besedin
  • Tom Watson

Updates:

  • Welcome to Oleg and Tom
  • Discussion of security provider architecture, and why extclasspath changes (#22082) are needed
  • Discussion of more complicated P2 provisioning use cases, and how they relate to trust management
  • Code scanning update and potential enhancements to connect to ViewCVS
  • Where can Oleg get involved with integrating contributions into Eclipse proper

Actions:

  • Matt to start discussion on p2 security model going forward on equinox-dev
  • Matt to finish testing of Tom's patch for (#22082)
  • Matt to deliver changes to support extclasspath fragment for provider
  • Eric to merge in changes in resolver code from 3.4 head to incubator copy of org.eclipse.osgi
  • Ted to look into scan results linked to ViewCVS
  • Oleg to consider integration points of JAAS code into eclipse. Startup sequence, getSubject() in context, etc

Tuesday Sept. 04, 2007

Meeting attendees:

  • Matt Flaherty
  • Eric W Li
  • Ted Habeck

Updates:

  • Matt completed with 3.4 M1 update page, and defined 3.4 M2 plan.
  • Matt working on integrating the proxy jar into OSGi (#196988).
  • Eric is creating a design doc for an API and prompt for load time security which will be reusable for runtime (and SSL trust as well) (#199943).
  • Ted has successfully posted a SWORD4J scan to the security site, and is working towards making it repeatable weekly.

Other notes:

Request to make JAAS work in an OSGi-only environment (remove extension dependency?): #202156