OpenDNSSEC Meeting Minutes 10-07-2009 14:00 - 16:00

Present: Rickard, Patrik, Jakob, Rick, Stephen, Roy, Sion, Alex, Jelte, Matthijs

0. Who will write minutes?
Matthijs

1. Agree on the agenda.
Yes

2. Discussions about each component.

Signer Engine:
<Jelte> Apart from the threading: syslog, calling of the auditor. Should be there shortly.
<Rickard> Is the threading go into alpha version?
<Jelte> I haven't decided yet. I am getting a max of 4.500 signatures with 10 threads, SUN SCE (random zone, 1.5 million delegations)
<Roy> Is the HSM actually the bottleneck?
<Jelte> SCE is not the bottleneck, but the processing of the zone is the bottleneck. Also the outputting of the zone, which has to be sorted.
<Rick> These processes are unrelated.
<Jelte> Yes, but the sorting is currently necessary before signing. These issues should go away with the second version of OpenDNSSEC

Enforcer:
<Sion> Nothing much has happened lately, the logging configuration (works on linux). Most of work was for the libksm.

libksm:
<Sion> No more dependency for perl. All the kaspimport stuff is in libksm now. enumerates functionality.
<Jakob> Later on, we need a cleanup call, or we need to adjust the update command.
<Rickard> Which commands kick the communicator? 
<Sion> Currently, only rollover.
<Sion> ksmutil only outputs to stdout or stderr, is that ok?
<Stephen> For alpha, yes. Is perl no dependency?
<Sion> It is still in the build process.
<Jakob> Remove kaspimport from the build process, keep in in the repository for a while.
<Sion> I will remove it
<Jakob> It's been done
<Stephen> I'll remove it from the guide.

SoftHSM:
<Rickard> Released versions A1 and A2.
<Rick> There was a remark on the ML, they don't want to require autoconf stuff. 
<Jakob> This is not necessary for the tarballs.
<Rickard> Botan is releasing 1.8.3. Some warnings in the build process there.

Auditor:
<Alex> Version 1 of the auditor worked fine. It is completely rewritten.
<Rickard> How is the communication with the Signer Engine?
<Alex> It should all be there.
<Jelte> I still must do the Signer part.

3. HSM Compliancy Tool
<Rick> Jakob is adding the configure magic. But due to holidays, nothing is happening at the moment.
<Rickard> SHA1 in the HSM? Also in the buyers guide?
<Rick> I'll add it.

4. Are we near an Alpha version?
<Rickard> Let's check the Alpha version. 
<Rickard> Could we release it today?
<Jakob> No.
<Stephen> Let's first discuss testing.

6. System testing
<Stephen> I have written rather extensive tests. Multiple zones, rollover, ... I am on holiday, but the requirements document can steer my replacement very well.
<Rickard> I can volunteer.
<Stephen> Let's discuss this offline.
<Rickard> How well cover the system tests our system.
<Stephen> It checks with 2 zones, It checks the basics, such as rollover, different policies
<Stephen> Will it actually sign a zone with 10 million names? For the moment, we can say 850.000 is enough (capacity of .se).

4. Back to point 4.
<Jakob> Use backlog for things that haven't been done yet. One can ignore the deadline and date. I have added some stuff that is more for beta versions.
Everything for the alpha version is @pivotal. Or is something missing?
<Rickard> I see only one thing, serial in the signer engine.
<Jakob> That is because its past the deadline.
<Jelte> I see 26 things in the backlog.
<Jakob> Not all are necessary for the alpha.
<Jakob> Is there anything below the alpha release marker that should be above it?
<*> No.
<Jakob> Is there anything above the alpha release marker that should be below it?
<Rickard> sanitize ksmutil?
<Jakob> That has been done?
<Sion> Yes, that was covered over multiple things, so not sure what to do.
<Jakob> Kill!
<Jelte> Bootstrap script?
<Jakob> Yes, it is nice to have, that's why it is below.
<Rickard> Does someone have too much work, or can everyone finish it before the IETF?
<Alex> It does most checks, maybe there will be some checks missing, but it works allright for the rest. Finished next week.
<Sion> There is enough in ksmutil for the alpha version.
<Jelte> I have three items that I can manage. But I am more afraid of the work that comes out of testing.
<Rickard> Should we prioritize bugs or features?
<Jakob> Normally, bugreports first. But we have some essential features for the alpha release.
<Jakob> Auditor stuff is nice too have, but not required right? But Alex just mentioned that it will be done.

<Rickard> Do we need more code reviewing?
<Stephen> Suggestion to do it after the alpha release. 
<Jakob> +1.

<Stephen> Policy checker is above the alpha release, is it absolutely necessary?
<Jakob> That was my question earlier.
<Stephen> syslog for Signer Engine needed for alpha version?
<Jelte> No, that one is actually needed.
<Stephen> Can't we use the same logging facility the signer engine uses for the alpha? What is more important? Nice logging or something that works at july. Look at the tasks with priority.
<Jelte> I can manage my tasks.
<Matthijs> But you still can prioritize within the necessary tasks for alpha. 
<Stephen> The more tasks, the less time for testing.
<Jelte> We need to have test data and results before we can fix the bugs. So we need to finalize our tasks in the start of next week.

<Jakob> We still have a meeting just before the IETF right?
<Rickard> Yes.

5. Checklist
<Rickard> Should we have one tarball of five single tarballs?
<Stephen> From user point of view, one tarball.
<Jakob> We need a toplevel build, but not sure if we can do that for alpha.
<Rick> You may want to include softHSM.
<Stephen> Yes.
<Rickard> For the future, we want one major configure script.
<Jakob> Pacakge maintainers.
<Jelte> We need individual version numbering for the packages
<Rick> What concludes a package.
<Jelte>Big architecture: signer engine and kasp as two major modules.
<Rick> Why? (devils advocate)
<Jakob> In the original design, please mail this question.
<Jakob> we tag trunk as A1. If we have time, we can make we implement one configure script.
<Rickard> So for the alpha release
<Matthijs> Olaf is planning to do a install, and if he cannot do it in 2hrs, we should not release it. That sounds reasonable.
<Rickard> We should try it ourselves.
<Jelte> I have improved the build script for Ubuntu 8.04.
<Rickard> So makedist for each component.
<Jakob> Could you add the release notes to the wiki?
<Rickard> Ok.
<Jakob> Question about version numbering of SoftHSM, the minor minor versioning seems complicated.
<Rickard> Versioning of libraries, not for software.
<Jakob> You are pulling some trick. ?
<Rickard> So it is major, minor, fix.

7. MySQL in libksm
<Sion> Can we get rid of mysql?
<Rickard> Yes.
<Jelte> Do we have choice?
<Sion> I may have the time.
<Jakob> Is there an audience for that?
<Stephen> It started out with MySQL.
<Jakob/Stephen> Comment it out and remove it from the install guide.
<Rick> Redundancy in MySQL that might be useful in the future. Keep it in mind.
<Stephen> Make it easy to add it later on.
<Rickard> Can we make it invisible from the tarball.
<Matthijs> Can't we keep the code in a different branch?
<Jakob> We make it hard enough already?
<Rickard> Sion, you have enough information?
<Sion> Yes.

8. Should the zone list be generated by ksmutil/Communicator?
<Rickard> Future thingy: Should the ksmutil create the zonelist.xml?
<Jakob> Originally, the zonelist.xml is created by an external thingy. You import it.
<Jelte> Than people should not use add zone.
<Jakob> That has been an issue for me since the beginning.
<Patrik> Very hard to manage 100.000 zones.
<Jakob> Zonelist manager program.
<Patrik> Add / remove zone updates issues.
<Rickard> Currently, we should keep the zonelist.xml intact, not generated by ksmutil.
<Sion> Is addzone command wrong then?
<Rickard> But it also updates the zonelist.xml?
<Sion> Yes.
<Rickard> Can we find a middle way?
<Sion> We need a skeleton zonelist.xml file.
<Sion> Maybe we should remove the addzone functionality for the alpha version. Or: you need permission to the file to use addzone.

9. The OpenDNSSEC technology preview release party
<Patrik> It is in a bar, not close to the IETF. 200 People to invite.
<Jelte> Isn't that a lot?
<Patrik> Yes.
<Stephen> Is someone going to talk about OpenDNSSEC?
<Roy> Is it integrated with the IETF?
<Patrik> No, completely seperated.
<Roy> We can invite people at ISOC meeting.
<Jelte> It should say alpha and technology preview very clear.
Copy is being sent.
<Stephen> Who wrote it.
<Jakob> Marketing
<Stephen> We should definitely see it in advance.
<Matthijs> Is it just a party with a flyer and some beers, without talking?
<Rickard> We have an attendee list, in google docs. Send me your google account and you can add people.
<Jelte> Google account <sigh>

10. The new WordPress site
Not many people have seen it.
<Jakob> Please let the marketing guys show their marketing stuff to us, before printing it to paper and stuff?
<Rickard> We have send them that message.
<Jakob> But the flyers were already printed?
<Rickard> But from now on, they will await a go-or-no-go.

<Rickard> We have to populate the WordPress site.
<Patrik> Information, Downloads, Buyers Guide, links to the mailing list, Bugreports.
<Jelte> and Announcements
<Roy> Why we need a WordPress site? Wasn't we going to put that all on our own website?
<Rickard> We opened it up for people to add stuff.
<Roy> Marketing should be driven fom ground up, from us.
<Patrik> That is what they are doing.
<Patrik> We need to fill WordPress, I will e-mail a list of text stuff to fill. It is mostly copy from the wiki.
<Jakob> If you need an WordPress account, e-mail me.

11. Creating more mailing lists for announce, users, ...?
<Roy> opendnssec-users ML is in progress.
<Rickard> We have an announce list.
<Jakob> Now we have a users list, lists should be write permission for members only. Developers and OTR and announce should be moderated for member subscriptions.

12. Plan the next two weeks
<Rickard> A lot to do. Coding, System testing, Bugfixing, Makedist stuff, Documentation, Website.
<Stephen> Another teleconf before Stockholm?
<*> Naah
<Stephen> I am away for the next 5 weeks, maybe a short meeting?
<Roy> Who is going to IETF?
Jelte, Matthijs, Roland, Roy, Patrik, Rickard, Jakob, ...
<Roy> Do we need to provide facilities for people not present.
<Rickard> I will check if we can provide that.

<Rickard> So short one at the monday 20th 14:00 - 15:00 CET.
<Jakob> Leaves for holiday.
<Roy> Do we have something to report.
<Jelte> Plan it and see if it is necessary.

Next Meeting: Monday 20 July 14:00 - 15:00 CET.

13. Other questions.
No