[Suggestion] Requesting a security representative for the Kubernetes Data Protection WG

[xing-yang]

Description: What's your idea?

In the charter of the Kubernetes Data Protection WG, we have a note that we'll consult CNCF TAG Security for security related issues:
https://github.com/kubernetes/community/blob/master/wg-data-protection/charter.md
However, we don't have a security representative in the WG.
I'm opening this issue to see if there's anyone interested in helping out.

Impact: Describe your hopes for how this would reduce risk for the cloud native ecosystem. Who will this help? How will it help them?

This security representative will bring in security awareness to the K8s DP WG.

Scope: How much effort will this take? ok to provide a range of options if or "not yet determined"

Not yet determined.

Additional info:

• Reference to supporting material
• Links to related site
• Feel free to delete this section if you don't have more info

[lumjjb]

Hi @xing-yang , would you or someone from the WG be able to come to talk a bit more about this during our weekly TAG meetings? It can definitely help with figuring out the scoping!

[xing-yang]

Hi @lumjjb, sure! I can join one of your weekly meeting to talk about this. I'll see if anyone else from our DP WG is interested as well. It looks like your next meeting (U.S. time) is on 2/22 at 10am ET? Does that work or would you suggest a different time?

[lumjjb]

Hi @xing-yang , would you be able to do the next meeting on the 8th of March at 1pm ET? Sorry missed this previous message.

[jkjell]

In a past life, I worked on data protection. 😅 I'm interested in helping out if I can, depending on what sort of help you're looking for.

[xing-yang]

Hi @lumjjb and @jkjell, sorry that I missed these messages! We are working on a design to support Changed Block Tracking. We'd like someone with security background to weigh in. Let me ping you after KubeCon. Thanks!

[stale]

This issue has been automatically marked as inactive because it has not had recent activity.

[anvega]

Designated @lumjjb and @jkjell. Hopefully you've been able to connect and progress the collaboration directly. Feel free to reopen the issue if you seek out additional reps.

[xing-yang]

Thank you, @anvega @lumjjb @jkjell !

[xing-yang]

We have a WIP KEP that needs to be updated based on the new design. Will ping you folks when that's ready for review.

[anvega]

Thanks @xing-yang

[xing-yang]

@lumjjb and @jkjell, this KEP is ready for review now. Would appreciate if you could take a look. Thanks!

[PushkarJ]

@xing-yang do you mind sharing / if I share this KEP in SIG security slack channel and then you can add more context as needed ?

This way we may get more eyes on it outside and within TAG security folks

[anvega]

@lumjjb @jkjell @PushkarJ Did the review of the KEP take place?

[PushkarJ]

@anvega Not yet as far as I can tell
@xing-yang I will go ahead and share it, if you don't have any concerns

[xing-yang]

Hi @PushkarJ , here's the KEP. Please go ahead and share it. Thanks!