Meeting:Board meeting 2008-08-26

= Fedora Project Board Meeting :: Tuesday 2008-08-26 =

Roll Call

 * Attendees: John Poelstra, Paul Frields, Jesse Keating, Matt Domsch, Jef Spaleta, Bill Nottingham, Chris Tyler, Karsten Wade, Spot Callaway, Seth Vidal
 * Regrets: Harald Hoyer

Discussion About Incident Handling

 * Could other groups have been brought into knowledge of the incident earlier?
 * Could the Fedora Board have been notified or kept in the loop better?
 * Would probably require signed NDAs which most are not in favor of
 * Event was complicated by co-announcement made by Red Hat
 * Ongoing tension between Fedora being able to act independently and Red Hat being liable for Fedora's actions
 * Could Community Architecture Group be involved earlier to help facilitate communication?
 * Don't want to get into a situation where every Fedora decision or announcement has to be vetted through Red Hat executive levels
 * Create a predefined flow-chart or decision tree that explains steps that we will take in similar situations
 * one potential flow through could be Red Hat Legal
 * get advanced agreement from all parties involved
 * include time limits where appropriate to speed up the response time and make the decision work flow more efficient.
 * standardize types of messages that should be published and how often
 * one path might be the necessity of shutting down the entire infrastructure--would need to enable the ability to efficiently do that if not already present
 * Cross-link to established industry security standards
 * one condition of agreeing to process flow is that actions could be initiated without requiring constant sign-off which is the intention behind advanced agreement
 * FESCo to discuss proposal from release engineering about updating package signing keys on Wednesday (2008-08-27) at 18:00 UTC: http://lists.fedoraproject.org/pipermail/rel-eng/2008-August/001614.html
 * board members should be aware of and attend as appropriate

Next Meetings

 * No board meeting on September 2, 2008--follows holiday weekend and some people are away
 * Move IRC and Board Q&A meeting to September 9, 2008
 * Next regular board meeting September 16, 2008