You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: meetings/2020_11_24/README.md
+5-3Lines changed: 5 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -30,7 +30,7 @@
30
30
31
31
## Administrivia
32
32
33
-
Following a brief discussion, it was decided to move new meeting minutes to the [ros-security/github repo](https://github.com/ros-security/community). Existing meeting minutes in the [ROS wiki](http://wiki.ros.org/ROS2/WorkingGroups/Security) will not be ported.
33
+
Following a brief discussion, it was decided to move new meeting minutes to the [`ros-security/community` Github reposityr](https://github.com/ros-security/community). Existing meeting minutes in the [ROS wiki](http://wiki.ros.org/ROS2/WorkingGroups/Security) will not be ported.
34
34
35
35
The [vulnerability remediation procedure PR](https://github.com/ros-security/community/pull/8) is still open for comments.
36
36
@@ -45,13 +45,15 @@ Goal would be to demonstrate "Hey, look, here's an example of a real system that
45
45
This example will also be useful for us to find issues with the security implementation on a complex system to test: CPU / network utilization, what to sign, what to encrypt, overall impact to the system.
46
46
This also becomes a proving ground for NoDL.
47
47
48
+
Use this implementation to configure security levels per topic, following the ones supported by DDS-Security: NONE, SIGN, ENCRYPT. Currently SROS2 is all or nothing, either all topics are encrypted or no security feature is used at all. See [Tracking ticket #130, "Provide some granularity for individual topic protection"](https://github.com/ros2/sros2/issues/130).
49
+
48
50
Simulation may be challenging; a simulated implementation may not quite match the real world implementation. However, we should be able to spec the project in stages. Start simple and build upon the demo.
49
51
50
52
### Enable DDS security without a file system
51
53
52
54
The scope of this issue is much wider than just security. Success depends upon buy-in from both the micro-ROS community and from Open Robotics.
53
55
54
-
The agrees to continue to move the discussion forward to flesh out a design, but not to perform any work on the code at this time.
56
+
The WG agrees to continue to move the discussion forward to flesh out a design, but not to perform any work on the code at this time.
@@ -86,7 +88,7 @@ ROS launch status: the initial launch is working but does not include access con
86
88
87
89
Marco suggested [the Robotics Middleware Framework (RMF)](https://github.com/osrf/rmf_demos) as a reference implementation for ROS security. This should be ready to run with ROS 2; they have already done some work with security as well.
88
90
89
-
Marco also asked about revoking keys: there's a need to handle that within RMF should an individual robot in a fleet be physically compromised. @JaimeMartin provided [information on CRLs from eProsima](https://fast-dds.docs.eprosima.com/en/latest/fastdds/security/auth_plugin/auth_plugin.html#generating-the-certificate-revocation-list-crl).
91
+
Marco also asked about revoking keys: there's a need to handle that within RMF should an individual robot in a fleet be physically compromised. Jaime provided [information on CRLs from eProsima](https://fast-dds.docs.eprosima.com/en/latest/fastdds/security/auth_plugin/auth_plugin.html#generating-the-certificate-revocation-list-crl).
0 commit comments