Skip to main content

Enarx
  • axel
  • Ben
  • Mike
  • Nick
  • Shaun

Agenda

General discussion

Blog

Enarx's Blog is now live. Nick is coordinating with Ashley and the Linux Foundation to configure DNS for blog.enarx.dev. First post about the New Custodian was published yesterday at:

https://enarx.ghost.io/

Enarx Keeploader

As we are getting ready for our first release, Nathaniel has recommended that we give more visibility to enarx-keepldr. We also heard feedback from new users who couldn't find their way around running enarx just by looking at the current enarx/enarx github repo. That's because there is no actual enarx code there, just documentation. So the proposal is to move the enarx/enarx-keepldr code to enarx/enarx, and keep the documentation on enarx/enarx under the wiki. Here's a brief action plan:

  1. Move keepldr code to enarx/enarx (maintains git history)
  2. Remove docs folder from enarx/enarx, and move it to the wiki
  3. Move keepldr wiki (2 pages) to enarx/enarx wiki
  4. Transfer keepldr issues to enarx/enarx
  5. Transfer enarx/enarx non-code issues to enarx/outreach
  6. PRs can still get merged across repos (from keepldr to enarx/enarx)

Vulnerability Disclosure and Embargo Policy

The CCC has again urgently requested that all CCC projects have a disclosure policy. I sent a PR to adopt the Vulnerability Disclosure and Embargo Policy proposed by axel:

https://github.com/enarx/rfcs/tree/master/00002-vulnerability-disclosure-and-embargo-policy

CCC

The TAC has approved Enarx and other CCC projects to be part of the Outreachy program. Besides the benefits of the program itself, another benefit is bringing the CCC projects closer together to collaborate and grow their communities.

Outreachy

The Outreachy community application deadline was extended to October 6. Nick and Ashley already filled out the application.

https://github.com/enarx/outreach/issues/15

https://www.outreachy.org/

Hacktoberfest

Hacktoberfest's website is now live. We are aiming to build simple demos on top of Enarx.

https://github.com/enarx/outreach/issues/14

https://hacktoberfest.digitalocean.com/

Events

Open Source Summit

Some CCC US-based members are currently at the OSS. Mike was in a panel (virtual):

https://osselc21.sched.com/event/lAUA/panel-discussion-evolving-the-confidential-computing-consortium-non-profit-collaboration-for-growth-stephen-walli-aeva-black-microsoft-mike-bursell-congruus

Enigma / Usenix

Results for Enigma will come on the 30th:

https://www.usenix.org/conference/enigma2021/call-for-participation

Cloud Security Alliance

Rolling CFP till 2021-December-31. Let's create a proposal in October/November.

https://www.cvent.com/c/abstracts/6e04faab-fd38-4df4-b2a3-2e2780b7c24b

Nick Vidal

The Enarx project has a rich history around openness and collaboration. It was a key project in the foundation of the Confidential Computing Consortium from the Linux Foundation and played an important role in the Bytecode Alliance, the nonprofit behind the WebAssembly standard. The Enarx project was born when Mike Bursell and Nathaniel McCallum came together in November 2018 with an idea to build a architecture-neutral framework to run applications within Trusted Execution Environments (TEEs).

Source: Enarx's Blog

Link: https://enarx.ghost.io/enarx-and-a-new-custodian/

The Confidential Computing Consortium launched under the Linux Foundation umbrella two years ago. It continues to grow and thrive. This panel looks at why various partners joined and continue to join, the deal for partners, the challenges of managing a non-profit, and the importance of establishing culture early. It tackles it from multiple perspectives (start-ups and well established public companies, and levels of membership). The panel participants have broad experience across a number of non-profit organizations in the broad open source community. The group also represents a diversity of perspectives of the workings of the committees of the Consortium.

Source: Open Source Summit 2021

Link: https://osselc21.sched.com/event/lAUA/panel-discussion-evolving-the-confidential-computing-consortium-non-profit-collaboration-for-growth-stephen-walli-aeva-black-microsoft-mike-bursell-congruus?iframe=no

Enarx
  • axel
  • Ben
  • Mike
  • Nick
  • Shaun

Agenda

General discussion

Blog

Enarx's Blog is now live and the first drafts are being created. The final URL will be: http://blog.enarx.dev

CCC

The TAC has approved Enarx and other CCC projects to be part of the Outreachy program. Besides the benefits of the program itself, another benefit is bringing the CCC projects closer together to collaborate and grow their communities.

Outreachy

The Outreachy community application deadline was extended to September 17. Nick and Ashley will fill out the application on the 15th.

https://github.com/enarx/outreach/issues/15

https://www.outreachy.org/

Hacktoberfest

Hacktoberfest's website is now live. We are aiming to build simple demos on top of Enarx.

https://github.com/enarx/outreach/issues/14

https://hacktoberfest.digitalocean.com/

Events

Open Source Summit

Several CCC members will be presenting at the OSS, but participating will mostly be virtual. Mike will participate in a panel:

https://osselc21.sched.com/event/lAUA/panel-discussion-evolving-the-confidential-computing-consortium-non-profit-collaboration-for-growth-stephen-walli-aeva-black-microsoft-mike-bursell-congruus

Cloud Security Alliance

Rolling CFP till 2021-December-31. Let's create a proposal in October/November. https://www.cvent.com/c/abstracts/6e04faab-fd38-4df4-b2a3-2e2780b7c24b

Book

Mike announced his upcoming book Trust in Computer Systems and the Cloud with a chapter dedicated to Confidential Computing.

Enarx
  • Nick
  • Shaun

Agenda

General discussion

Meetings

Thanks to axel, meetings are now using Jitsi so anyone can participate (no need to request access): https://meet.jit.si/EnarxOutreach

Blog

We'll likely be using Ghost as the blogging platform for Enarx. It's open source, based on Node.js, and has managed hosting. We also looked into WordPress - which is the "standard - but one key advantage of Ghost is that it provides native support for email newsletters. It manages members and subscriptions and allows you to segment the user base. Other advantages of Ghost include: a) native markdown support, b) a more minimalist approach, and c) a more modern architecture. It also provides webhooks and a REST API for integrations. By the next meeting, we should have the Enarx Blog up and running.

CCC

Ashley and Ben both added the Outreachy proposal to the agenda of the CCC Outreach and TAC meetings. The TAC will make a decision by September 9 (TAC's next meeting). The Outreachy community application deadline is September 10.

Outreachy

Nick and Shaun agreed that we should have the Outreachy application ready for both cases, where CCC supports us, or where we apply on our own as Enarx. https://github.com/enarx/outreach/issues/15

Hacktoberfest

We should start planning for Hacktoberfest, with a focus on building simple demos to demonstrate Enarx. Nick will work with Will next week to get this going: https://github.com/enarx/outreach/issues/14

Events

Enigma / Usenix

Proposal sent to Enigma successfully: https://www.usenix.org/conference/enigma2021/call-for-participation

Cloud Security Alliance

Rolling CFP till 2021-December-31. Let's create a proposal in October/November. https://www.cvent.com/c/abstracts/6e04faab-fd38-4df4-b2a3-2e2780b7c24b

Enarx Sticker Design

Added Enarx sticker design to the image assets. Who's traveling to Open Source Summit? Given COVID and the Delta variant, we don't think we'll make it. Should we send stickers to people anyways? To whom? Perhaps a marketing campaign to go along with the CCC Survey Report. https://github.com/enarx/enarx.github.io/tree/master/assets/images

Although WebAssembly brings languages other than HTML, CSS and JavaScript to the browser, it’s not a JavaScript replacement and it takes a very different approach from Flash, Active X plugins and other techniques that encapsulated non-web code for browsers. Think of it as a small, fast, efficient and very secure, stack-based virtual machine that doesn’t care what CPU or OS it runs on, that’s designed to execute portable bytecode — compiled from code originally written in C, C++, Rust, Python or Ruby — at near-native speed. WebAssembly doesn’t only run in the browser: It started on the client, but is proving very useful on the server.

Source: The New Stack

Link: https://thenewstack.io/what-is-webassembly/

Mike Bursell

In the "arms race" of security, new defensive tactics are always needed. One significant approach is Confidential Computing: a technology that can isolate data and execution in a secure space on a system, which takes the concept of security to new levels. This SNIA Cloud Storage Technologies Initiative (CSTI) webcast provides an introduction and explanation of Confidential Computing and features a panel of industry architects responsible for defining Confidential Compute

Source: SNIA

Link: https://www.youtube.com/watch?v=HnLfKUI0_Y4

Mike Bursell
Nathaniel McCallum

How fully can organizations trust the host on which they run their applications? Not just the software stack, but the sysadmins, BIOS, firmware, and the rest? Project Enarx uses TEEs to allow companies to run sensitive applications on fundamentally untrusted hosts, with a minimum trusted compute base. Learn how Enarx combines TEEs, Rust, and WebAssembly to protect workloads.

Source: RSA Conference 2021

Link: https://www.youtube.com/watch?v=ajYWSAwIyPs