BRIDGE: https://zoom.us/j/661303200?pwd=TFdRd0c2MTJUem8xa252UGJHTE1Mdz09

Passcode: 209247

We will start our meetings by mentioning the project's Antitrust Policy, which you can find linked from the LF and project websites. The policy is important where multiple companies, including potential industry competitors, are participating in meetings. Please review and if you have any questions, please contact your company legal counsel. Members of the LF may contact Andrew Updegrove at the firm Gesmer Updegrove LLP, which provides legal counsel to the LF.

Attendance is taken purely upon #info in Zoom Chat 

Zoom Chat Log 

07:00:19 From Timo Perala (Nokia) to Everyone:
#info Timo Perala, Nokia
07:00:24 From Dong Wang (China Telecom) to Everyone:
#info Dong Wang, China Telecom
07:00:38 From Alla Goldner to Everyone:
#info Alla Goldner, Amdocs
07:01:02 From Yuanhong Deng (China Mobile) to Everyone:
#info proxy Yuanhong Deng,
07:01:05 From Andreas GEISSLER (DT) to Everyone:
#info Andreas Geissler, DT
07:01:14 From Ranny HAIBY (Samsung) to Everyone:
#info Ranny Haiby, Samsung
07:01:21 From Yuanhong Deng (China Mobile) to Everyone:
#info proxy Yuanhong Deng, China Mobile
07:02:43 From Ciaran Johnston (Ericsson) to Everyone:
#info Ciaran Johnston, Ericsson
07:04:26 From bin.yang@windriver.com to Everyone:
#info Bin Yang, Wind River
07:07:38 From Srini Addepalli (Intel) to Everyone:
Sorry, I am late.
07:07:44 From Srini Addepalli (Intel) to Everyone:
#info Srini Addepalli, Intel
07:07:48 From Amy Zwarico to Everyone:
#Amy Zwarico AT&T - proxy for Catherine Lefevre
07:08:01 From Kenny PAUL (LFN) to Everyone:
@Srini, Amy thanks
07:08:15 From Amy Zwarico to Everyone:
#info Amy Zwarico, AT&T - proxy for Catherine Lefevre
07:25:50 From Kenny PAUL (LFN) to Everyone:
https://lf-onap.atlassian.net/wiki/x/3X37
07:26:34 From Fernando (Fred) Oliveira to Everyone:
#info Fred Oliveira, Verizon
07:26:43 From Fernando (Fred) Oliveira to Everyone:
Sorry I’m late.
07:31:53 From Jason Hunt to Everyone:
#info Jason Hunt, IBM

Zoom auto-transcript service - These are often translated incorrectly and can be misleading. They are NOT Authoritative!   Information as to why .
They are included here as a time stamp cross-reference for the recording only!  The notes above this line and the actual recordings are authoritative. 

07:03:54 have turned on.
07:03:57 Transcript
07:04:05 reminder everyone's muted when you come in please keep yourself muted unless you're speaking.
07:04:11 If you're on the phone you can use star six to unmute yourself if you happen to send me a private chat message, it'll become part of the public record when I cut and paste it into the meeting minutes.
07:04:26 And we'll start the meeting, by mentioning our anti trust policy notice.
07:04:31 You can find this link from both the lF, and any other project websites, its policies important, and we've got multiple companies including potential industry competitors participating in these meetings.
07:04:42 Please review it. If you have any questions please company, and please.
07:04:49 If you have any questions, contact your company's legal counsel.
07:04:55 Members of the lF may also contact Andrew up to grow with firm up Grove LLP, which provides legal counsel to the Linux Foundation.
07:05:10 Let me share
07:05:16 this here.
07:05:20 And if I can get somebody to the gatekeeper please
07:05:30 Can I cannot do it again. Okay, Karen Thank you,
07:05:43 Karen Where did you go there you are.
07:05:48 Thank you, sir.
07:05:50 Been. Thank you.
07:05:57 Okay, I'm
07:06:01 in three days a week away.
07:06:03 Talk a little bit about what's going on there.
07:06:10 We'll get back into the discussion about
07:06:14 om moving to get lab.
07:06:17 We had a long discussion on the easy CLA support last week we'll pick that back up.
07:06:24 Thanks Jim on for
07:06:30 being the ppl for policy and Liam is now the new ptl so
07:06:43 graduations there.
07:06:43 We'll have a discussion about maintain projects.
07:06:49 And then some of the other standard stuff that we normally talk about anything else that anyone needs to add.
07:07:03 Okay, I'm
07:07:08 David release.
07:07:10 All right. Can I share screen, Kenny.
07:07:25 Alright, So I normally just, you know, defer to the weekly status report but there are a couple of important issues that I wanted to bring up the status report is linked here.
07:07:39 So, please review that if you haven't had chances to already.
07:07:46 First I just wanted to make sure that everyone is aware that in three is coming up.
07:07:53 August 26.
07:07:59 That's one week from today.
07:08:04 I sent out an email yesterday.
07:08:09 It seems like there's some confusion about em three and four.
07:08:14 There's a link here to my email, but basically am three marks the end of code submission.
07:08:24 other than bug fixes.
07:08:29 And then we have about a three week break.
07:08:33 At the end of which we deliver containers, which is tied to em for.
07:08:59 So the major point of creating and for was to create a separation between the end of code submission, and the delivery of containers.
07:08:54 And we had a meeting in there and one of our meetings in the spring. We went through the.
07:09:02 The am three tasks and split those out between em three and then four.
07:09:08 And I will be publishing those and four tasks soon.
07:09:13 Does anyone have any questions about that difference between them three and number four.
07:09:21 Okay.
07:09:25 Also, I received an email from Timo and he pointed out to me that last spring The TASC approved requirements 760 as a global requirement and yet it was not showing up under the global requirements for on the assembled requirements page.
07:09:52 And I confirm buddy was saying was true I went back and looked at my query. And I realized that I had when I, when I created the query.
07:10:07 Last year, In my head I was thinking that the global requirements are tied to the release and of course they're not, they, they continue on from a release to release so there that are actually independent of any given release.
07:10:20 However, my query was still filtering on the Honolulu release.
07:10:25 So, It filtered out requirements 760.
07:10:31 So I corrected the query so now the requirement is showing up on the.
07:10:39 The assemble requirements page.
07:10:44 But that's only half of the issue, because the the other problem that came from that is that if we look at the impact view page, for example, and we go down here to the table.
07:11:00 That covers, best practices and global requirements, you'll see that requirements 760 doesn't show up here. And I'm I don't know for sure but I, I'm guessing that.
07:11:16 That's because it was not on the assemble page so.
07:11:19 So the mistake that I made rolled over into the and impacted.
07:11:28 This page as well, which means that we did not collect input from details on their commitment to global requirements.
07:11:41 760.
07:11:44 So that's not great. However,
07:11:49 in an email exchange with Timo and Catherine, Catherine pointed out that, I think that only om is affected by this, so we may still be okay here, and Timo.
07:12:02 Do you want to talk a little bit more about that.
07:12:07 Well, I think what what you have said is central to right. I actually discussed with Damien who's who's the owner of this one.
07:12:19 He, he would be able to join this call, maybe give a little bit more details of of the matter but only after the top of the hour so fairly late to the call.
07:12:34 So, but basically I think what, what you're saying is true, it mostly now has an impact on on om in eastern gold release sink and then. So the.
07:12:51 Basically, what we could do is, is to refer agree that this is the situation for a free stumble and then for from checkers downwards then should be dealt with us as any other global requirements and hopefully have green across the table.
07:13:11 So that's pretty much all I cannot really talk into, into the details of the requirements, other than they just know the third release when we have this dual stack related activity, ongoing so it's been kind of building over the three releases.
07:13:35 So it's not anything really new.
07:13:39 So, kind of, I guess that's the reason why it was done at the end. Agreed as a proper requirement this one.
07:13:48 So most of the projects that will be would be having kind of an immediate impact been involved with one way or the other student previous releases. That's my understanding but but really, I think, that means Damion would have the details.
07:14:16 Alright thanks Timo.
07:14:18 So, Kenny.
07:14:21 When Damien joined sometime after the top of the hour.
07:14:28 If you could carve out some time to jump back to this issue then we could get a little bit more detail from Damien.
07:14:41 Okay.
07:14:43 Does anyone have any questions about
07:14:48 requirements 760 or release status in general.
07:14:58 All right, Kenny I'll turn it back over to you.
07:15:14 So, anything specific range related.
07:15:23 Not from my side.
07:15:28 Okay.
07:15:31 So, Om moving it to get lab discussion last week.
07:15:38 Regarding
07:15:41 the fact that easy CLA is the integration is a work in progress, and not done. There was a proposal by the om team to write their own tooling that would validate against the
07:16:10 validate against the existing
07:16:15 Garrett list for folks that have signed the CLA.
07:16:24 That's an action item took that back to the legal team had them review it.
07:16:32 Just one second.
07:16:33 Just one second, sorry.
07:16:45 Sorry about that, took it to the legal team have them review what was being proposed.
07:16:56 Conceptually, The feedback was that if
07:17:02 it's the existing last being referenced.
07:17:10 And there's nothing new being added in the context of folks that are approved. So there's no kind of validation, other than, are you all have you already signed, and that it is temporary that it seems like a reasonable workaround.
07:17:27 But the recommendation was that the TASC should have a very clear understanding of how this is going to look from a code perspective, etc etc.
07:17:45 So I guess that would put the ball in the om teams court to come back to the TASC with the details on how this would all work, and then the TSP could decide upon it.
07:18:11 Yeah, thanks Kenny, I think. Today we don't have stuff who proposed this mechanism. So, be a proxy and share that information with him and ask him to get back to the TASC.
07:18:28 Okay.
07:18:29 Thank you, Annie.
07:18:35 Yeah, there's is as long as we're doing it going that route it would be good.
07:18:42 The one thing that I can state, is that, In terms of the, the range team.
07:18:53 That's going to be a completely hands off exercise for anything that might be required.
07:19:00 Since there is the other ongoing work, and
07:19:05 based upon what crystal said last week it shouldn't require the release engineering to do any work on it so anyways.
07:19:15 need the official proposal.
07:19:18 So we'll put that on on the docket for next week and then.
07:19:33 So I guess we'll move on to and maintained elements.
07:19:42 Hi Kenny, and going through the US, the global requirements for that sec com has put in place, we have identified a component called the NF SDK.
07:19:58 There's agent that is no longer supported it has vulnerabilities in it but there is nobody left to make changes update packages. And these were actually findings from the code itself.
07:20:23 The BFS DK that sorry the DNS vas agent code it's that was written.
07:20:19 So these are sonar cloud findings.
07:20:22 I sent out an email to own up discuss I don't think I've gotten anything back on it yet, asking our projects. Is there still a dependency on this repo, because I think we have to decide if there is a dependency on it, how do we actually keep it secure.
07:20:39 And if it's not, if there's no dependency then we would propose that this be moved on maintain state, and it.
07:21:01 Amy Did you get any feedback from the VNF SDK to
07:21:11 misunderstand Wouldn't it be when this fall under the NF SDK.
07:21:17 So, the VNF SDK is the team that knows whether or not they still support the support it, but they don't necessarily know who has a dependency on their on and is actually using that agent.
07:21:27 Okay. So somebody may be using the agent.
07:21:35 We just don't know.
07:21:32 So I think that that so you make a good point. I'll reach out to the VNFSDKPTL as well.
07:21:40 To find out if they still use it if they still do it as a, as a piece of component, an active component in their application.
07:21:55 But again we have yet another case where we've got something unsupported.
07:22:00 And how do we handle that.
07:22:15 Are we looking for a cure.
07:22:20 I don't think we can have a boat Yeah, it's just this is really meant for awareness of the TSA that we are investigating this to find out if it is still an actively used component within, within own app,
07:22:36 or if it has been superseded by something else and just the repo, and the container never got removed from the release.
07:23:20 Put that in quotes.
07:23:28 Can you hear me, you might want to capture that is also going to follow up with the VM Fs DKPTO.
07:23:58 Garage.
07:24:09 Alright, is out of date here. OK, now it's kind of garage. That's kng is no
07:24:17 think that's okay, I thought it was K and a, an ag.
07:24:34 Okay, I thought it was KNANAG.
07:24:38 Okay.
07:24:39 Anything else on that.
07:24:43 No, that's all. Thank you.
07:24:56 So, cup Task Force next meetings coming up on nine one for the enterprise please take a look at that.
07:25:06 wiki to auto Task Force I don't think there's been any activity on that.
07:25:12 See if there was a meeting this morning,
07:25:16 anything worth mentioning there.
07:25:19 No, it was kind of lightweight in terms of participants so we didn't cover much today.
07:25:32 Hey, kind of little words.
07:25:35 The, I've got the link here I will drop the
07:25:44 link into the chat
07:25:49 box can start
07:25:53 filling that out I will send the mail.
07:25:57 On that out as well so doing it basically the same way as before.
07:26:04 If you remember last time we had a little bit of an issue where.
07:26:09 With regards to the actual voting.
07:26:11 So community members are encouraged to nominate folks, and then the TSP will vote on them.
07:26:20 If you're doing the demonstration awards.
07:26:24 And there's a link there to follow.
07:26:27 There's a link there to follow. Click on that, add the link to your demo and then the TLC will pick the top there their top three fit, top, top, their three favorite demos for that.
07:26:45 And then I will be filling in the
07:26:52 awards for code development which is derived specifically
07:26:57 from the merge code metric between m one and the sign off date for the release.
07:27:26 Fred Thank you.
07:27:34 I'm casting it put that note in there.
07:27:32 Okay.
07:27:37 See Toronto.
07:27:41 I'm going to finish it this week.
07:27:44 I have to stay up 24 hours I'm going to finish it this week.
07:27:52 And then get that out there so folks can get voted on that and then we can get the election kicked off in September.
07:28:01 Security Forum.
07:28:04 Allah fan that I think kicked off this week did it not.
07:28:08 Yes, we had an official kickoff meeting, but mailing list has been up for a while and so is the wiki space and people are welcome to join, or just have a look at the stuff that's there and see if they want to take part.
07:28:27 I'll paste the link to the wiki.
07:28:41 A few words about what is the what are the goals for this is the critical.
07:28:46 Yeah, sure. Good question.
07:28:49 So first and foremost it's a it's a forum for sharing knowledge.
07:28:53 We don't intend to create any new conformance requirement or whatever it's just a place where elephant projects can learn from other projects experience, and it's one project did something to address security issues.
07:29:15 The these two have other projects benefit from that. Or, focus on other projects learn from that. So, we're running it first and foremost is that knowledge sharing forum that's the idea.
07:29:26 So we have a wiki space where people can upload their security related work, and we have, we probably have monthly meetings to kind of walk through the new material that's getting added, but anyone who is interested in security of open source software
07:29:48 in elephant projects is welcome to join and either just learn or share their experience.
07:29:57 Company share the link to the wiki page you mentioned granny.
07:30:02 Yeah, I'm just not very good at multitasking So speaking of good
07:30:12 probably go up here.
07:30:26 Okay, and he'll drop that link him in and I'll paste it in.
07:30:36 There was a blog post sent out last week or the week, or on what the protocols are going to be for in person events.
07:30:49 And that link is here I would encourage folks to look at it.
07:30:55 One summits coming up.
07:30:58 In October,
07:31:02 gotten I've received mail from a few folks saying that well the doesn't really look like I'll be able to travel to that.
07:31:12 Even if I can on my end it doesn't look like the US is going to be letting folks in the event will be a hybrid event.
07:31:26 However, the timing of that will be set to
07:31:33 West Coast, hours, as the event is going to be in Los Angeles.
07:31:39 So, not sure exactly how that is going to work.
07:31:47 There may have been an email sent out by the events team on that.
07:31:54 However, if so I have not quite seen it yet, so my apologies for that.
07:32:00 Jason thanks.
07:32:07 I didn't mean interrupt Kenny. That's okay.
07:32:18 Um. One of the things that we are setting up is
07:32:24 a reception for the community for folks that will be on site.
07:32:30 This is going to be basically a kind of a community Thank you event
07:32:38 information on that will be forthcoming.
07:32:41 The next
07:32:45 DTDTF that we do will be in January, that'll be virtual.
07:32:53 Then one summit is being scheduled for Antwerp, second week of March,
07:33:03 talked about having a developer event, then the two days following.
07:33:10 Want to get input on from the community, if y'all think that's a good idea.
07:33:29 Whether in person is a good idea or what. Sorry.
07:33:32 Well, I'm sorry. the.
07:33:36 We're trying, I'm sorry.
07:33:39 I'm trying to get back into the
07:33:43 cadence that we had previously so
07:33:50 have the a shorter event and then a longer event.
07:33:58 I guess.
07:34:02 I guess maybe I should have taken more than just two days off.
07:34:06 That's fine. So, but the question Kenny is do is, does the TASC and anybody else on the call see value in having a two day developer.
07:34:28 Yeah.
07:34:33 I think it's gonna.
07:34:38 I think it's okay. I mean, in retrospect I think the one for example that we had last time was fairly useful, at least from my point of view. So I think that that's a proof point that such short.
07:34:55 Even following the summit might be useful.
07:35:00 Of course depends on on where we are with them.
07:35:04 For example, with the release at the moment and and so forth. So, dynamics may have changed but I think my default would be that maybe we should plan for that and see if it.
07:35:17 If it. If it, then, is actually useful.
07:35:27 Okay.
07:35:30 Thank you.
07:35:33 Well, that's it for the light agenda we had today.
07:35:40 No know we talked about, Damien joining at the top of the hour but
07:35:47 we seem to be done.
07:35:49 Yeah, we could probably defer that to next week. Since I don't think it's super urgent.
07:35:59 At this point.
07:36:02 Hey, David. This is a shocker so as he was speaking I went back and started to look at the 570.
07:36:12 Because I I do recall that we did an architectural review on the dual stack support ipv4 or ipv6.
07:36:21 So, let me share with you what I what I found, and then we'll figure out how we want to move forward.
07:36:29 The, The our EQ the requirement that we reviewed at the architecture subcommittee was our eq 537.
07:36:41 And then somehow, some way or eq 537 became our eq 760.
07:36:49 So if you look at the Honolulu release under our eq 537.
07:36:56 You will see the long term support for ipv4 ipv6 dual stack.
07:37:03 And it was listed as a park.
07:37:05 And if I look at our eq 760.
07:37:11 It's not labor, no longer labeled a park.
07:37:15 It is the epic name now became a global requirements. I'm sorry, what was the one five was wreck what 535 37530. Yes, 537 was the initial one or at least the one about the architecture subcommittee reviewed.
07:37:36 So if you look at 537, you'll see that is an ipv4 ipv6 dual stack global requirements.
07:37:45 Yeah, I noticed that Damian has a comment on 537.
07:37:53 And he specifically says after the review and ppl call April 12 I am closing the size and scope has been completed, the own Advil stack based ci environment is up and running and available here.
07:38:09 Next step, establish a global requirement on dual stack networking in assemble release, which I think is what
07:38:19 760 is.
07:38:21 So just to just to clarify, so in Honolulu be had actually two requirements that referred to do our stack.
07:38:44 in the community to to do, do the testing.
07:38:49 And then there have been two other requirements in Honolulu, it was 432.
07:38:55 And in dealing It was 385, that we're developing capabilities in various on a project for the last tech support.
07:39:06 So there has been, like I said in the beginning there has been a fair amount of work done during the past two releases plus. Now in a stumble, and then know in Istanbul time.
07:39:20 It was the time to kind of bring this forward so
07:39:28 as a global requirements because basically that's what we are looking for on up to support.
07:39:38 So I don't see, I don't see any contradiction.
07:39:43 There shocker so it looks like 537 was kind of laying the groundwork in support of 760 as a global requirement.
07:39:53 That's good, that's fine. Yeah, as long as we flag it somewhere. So, I mean, the reason I'm raising the point is because some projects may have implemented our eq 537 right and now they knew they would need to make sure that 760537 out of one in the same.
07:40:16 the same. So you don't have to track a global requirements that is implemented but just because of the way we're tracking the JIRA tickets.
07:40:26 It could be misunderstood or considered not implemented, that's, that's the only reason I mentioned it and at least from tracking perspective from the architecture subcommittee I'm going to go back and a note put a note on the review that the architectural
07:40:42 review for 4537 applies also to 760.
07:40:51 Right, okay. Yeah, I actually I now I do see the problem because it was identified as a global requirement.
07:41:02 and a PLC and then was Mark done. Yeah, and generally our global requirements are not mark to remain open. You can't have a yeah I see that problem but you can't have a global requirement against the PLC.
07:41:21 Because of TLC is, is by definition not part of the release. Yeah, that does that does seem yeah that that is contradiction. Anyway, I think, I mean this this issue has been closed and we have.
07:41:34 Yes. 760 which is open now. So, yeah, five through seven is problematic, but it's no longer open so it's not really conflicting with 760, any longer just by virtue of the fact that it's no longer open so, I think, probably, I would just ignore 537 and
07:41:59 focus on 760 can be my suggestion.
07:42:04 Okay, my suggestion. That's fine. I will go back like I said I go back to the architecture review 4537, and we'll put a note there but it does that, it also applies to 760 as well, if that's okay with everybody, because it seems to me that the two are
07:42:22 one in the same.
07:42:29 Okay.
07:42:34 Well, I'll go ahead and do that.
07:42:35 Thank you.
07:42:44 Good. Okay. Anyone else have anything else.
07:42:54 Just wondering I don't know, I think David you're in the best position to to answer, is this something this stack copper requirement that should be brought up at the PTO call on Monday or is it just PSS table.