|
| 1 | +# Jupyter Security Bi-weekly Meeting |
| 2 | + |
| 3 | +## March 21, 2023 |
| 4 | + |
| 5 | +| Name | affiliation| username | |
| 6 | +| -------------------| -----------| -----------------| |
| 7 | +| Rick Wagner | UCSD | @rpwagner | |
| 8 | +| Matthias Bussonnier| Quansight | @Carreau | |
| 9 | +| Jason Grout | Databricks | @jasongrout | |
| 10 | +| Rollin Thomas | NERSC | @rcthomas | |
| 11 | + |
| 12 | +* Maybe use the JupyterCon room during the setup day for SSC/EC meeting. |
| 13 | +* Joe Lucas will be driving, but will try to call in |
| 14 | +* [TrustedCI Summit and Workshop in October 24-26](https://www.trustedci.org/2023-cybersecurity-summit) at LBNL |
| 15 | + * Recap: |
| 16 | + * Met w/Deputy Director of TrustedCI, Sean Peisert, on possibility to have Jupyter-related events at TrustedCI summit |
| 17 | + * First day is half-day, full day workshop/tutorial type things |
| 18 | + * Then main summit conent, 3 days |
| 19 | + * Then last day has more workshop type things |
| 20 | + * Time is good for for some kind of Jupyter security get-together |
| 21 | + * Suggested plan is something on |
| 22 | + * Reviving the Jupyter security training done at PEARC etc for first day |
| 23 | + * Then Jupyter security workshop on the last day |
| 24 | + * Having a story by the time of JupyterCon would be good |
| 25 | + * Enabling folks coming for Jupyter content maybe also to go to the TrustedCI summit itself |
| 26 | + * Contributions of travel/registration funding from other sources to enable this, e.g. Anaconda |
| 27 | + * Example: Zeek (intrusion detection) + Jupyter conversation, connecting Jupyter + security community |
| 28 | + * Do we have a way for people from either side to participate in the other? |
| 29 | + * Longer term topic, relationship is workshop/tutorials angle: |
| 30 | + * JupyterCon 2024 |
| 31 | + * Expanding to 5 days, having workshops and tutorials as part of that? |
| 32 | + * This year it's 3 days because that's what we could get more. |
| 33 | + * Depends on budget outcome of 2023 |
| 34 | + * For this JupyterCon (2023): |
| 35 | + * May be possible to have some space/time for talking security/building momentum for the TrustedCI |
| 36 | + * There's an existing tutorial room possibly on Wednesday for a day... could use that? |
| 37 | + * Yes for some structured discussion (more than a BoF, less than a tutorial/workshop)? |
| 38 | + * Have the security training in shape by then? |
| 39 | + * Seems tempting to Rick since he has such positive feedback from the Jupyter community |
| 40 | + * Rick favors Wednesday morning 2.5h |
| 41 | + * => Folks need to respond to the doodle poll (first dates as early as tomorrow or next week) |
| 42 | +* An async update about bug bounty: |
| 43 | + * JupyterHub, JupyterLab, and Jupyter Server accepted |
| 44 | + * Jason to send email to those not accepted leting them know |
| 45 | + * Jason to send a scheduling email |
| 46 | +* Interaction with TideLift from Matthias |
| 47 | + * What TideLift brings us |
| 48 | + * How money is handled |
0 commit comments