Meeting-20130209: Difference between revisions
(→Schedule for the Day: Presentation topics no longer TBD) |
m (→Speaker/Presentation: Added a link to my software license summary.) |
||
(9 intermediate revisions by 3 users not shown) | |||
Line 11: | Line 11: | ||
2:30pm - Presentations (topics listed below) |
2:30pm - Presentations (topics listed below) |
||
4:30pm - Meeting ends, everyone out. Some of us may go to [http://www.ds6pax.com/ D's 6pack] for beer and dogs. |
|||
== Business Meeting == |
== Business Meeting == |
||
Line 18: | Line 18: | ||
* Reports of officers (10 minutes) |
* Reports of officers (10 minutes) |
||
* Cast/count ballots for bylaws amendment advanced at January GUM (10 minutes) |
* Cast/count ballots for bylaws amendment advanced at January GUM (10 minutes) |
||
* [[Commission to Reform WPLUG]] presents Reform Package 2, a collection of changes designed to take WPLUG on an exciting new direction |
|||
* New business |
* New business |
||
== Speaker/Presentation == |
== Speaker/Presentation == |
||
⚫ | |||
Presenter: [[User:Patbarron|Pat Barron]] |
*Presenter: [[User:Patbarron|Pat Barron]] |
||
There are a number of instances where a system administrator may wish to use certificate-based encryption to for security, to prevent spying on network traffic (for instance, running your own web server that is secured using HTTPS, so that web traffic is encrypted before being sent over the network), or to implement client authentication for something like a VPN. This generally requires that a Certificate Authority (CA) issue certificates for your use - you might choose to use self-signed certificates instead, but this will result in dire security warnings from web browsers about certificates issued by an "untrusted issuer", and some things won't allow you to use self-signed certificates at all. But why pay a recognized CA to issue certificates for you, that are probably going to be used by no one other than yourself and possibly your friends, and which don't need to be trusted by the general public? |
|||
⚫ | |||
The no-cost alternative is to create your own private CA, and register it as a trusted certificate issuer on your systems. Linux distributions already include all the tools you need to do this, in the OpenSSL package - but the procedures for creating a CA and issuing certificates using the raw OpenSSL tools are obscure, complicated, and can only be done from the command line. |
|||
''(Abstract to follow)'' |
|||
In this presentation, I will give a (very) brief overview of Public Key Infrastructure (a/k/a "PKI" - the general framework that supports certificate-based security), and talk just a little about how it works and what it's used for. You will learn about "xca" (packaged for many mainstream Linux distros, and also available for Windows and Mac OS), an open source GUI interface to OpenSSL that makes managing a private CA quick and simple. You will learn how to use "xca" to create a private root CA and generate your first server certificate - a process that, using the "xca" GUI, can be completed in two minutes or less. You will learn how to register your private root CA as a trusted certificate issuer in Firefox and Internet Explorer (yeah, I know ... but people do use it...). Finally, I will briefly describe how to use the server certificate you generated from your private root CA to secure your Apache-based web server. |
|||
⚫ | |||
If there is interest, possible future presentations may cover topics such as how to use your private CA to issue client certificates that can be used for client-based web authentication, and to secure private VPNs (such as you might build using OpenVPN, for remote connectivity into your home network, etc.). |
|||
⚫ | |||
⚫ | |||
⚫ | |||
"In the span of just three years, webOS went from being a media darling to a running gag. What happened? How did it |
"In the span of just three years, webOS went from being a media darling to a running gag. What happened? How did it |
||
end up contributing to Android's development? I'll also be giving a hands-on demonstration of Open WebOS, the most current iteration of webOS, since I own one of the three Android devices that is capable of running it." |
end up contributing to Android's development? I'll also be giving a hands-on demonstration of Open WebOS, the most current iteration of webOS, since I own one of the three Android devices that is capable of running it." |
||
There is still room on the schedule for one additional 20 to 30 minute presentation. If you're interested in making a presentation, please contact the Program Committee: [mailto:events@wplug.org events@wplug.org]. |
|||
'''"Hot Seat" Discussion Event: Open Source License Smackdown!''' |
|||
*Participants: Pat Barron, Justin Smith, Terry Golightly, Joe Prostko, plus anyone else who wants to try |
|||
We're going to put the names of 6 open source licenses in a hat: |
|||
*LGPL v3 |
|||
*GPL v3 |
|||
*Apache License |
|||
*MIT License |
|||
*Mozilla Public License |
|||
*Microsoft Reciprocal License |
|||
Everyone who wants to participate will take a license from the hat and defend why it's the "best" for 5 minutes or so. The event will be a series of rapid-fire discussions like you might see on ESPN. |
|||
At the very least, four members of our Board of Directors - Chair Pat, Vice Chair/Secretary Justin, Treasurer Terry, and Director-at-Large Joe - will participate. If other people want to try, we'll add more licenses to the hat as necessary to accommodate them. If you get a license you don't know about, we'll give you basic information about it and a few minutes to think over what to say. |
|||
If you don't want to sit in the hot seat, that's fine! Just sit back, relax, and learn about all the different ways you can "do" open source. Will someone who hates one of these licenses have to defend it? (I hope I don't get Apache or MIT...) Which poor sap will get the Microsoft license? Tune in and find out! |
|||
If you'd like to learn more about software licenses, Justin put together a handout that gives a plain English, one-page summary for each of the six in our debate panel (MIT, Apache, Mozilla Public, Microsoft Reciprocal, LGPL, GPL). It also includes an "inheritance chart" that shows how the licenses get progressively more complex. If you'd like a copy, here's the link: |
|||
http://www.js-wordsmith.com/wp-content/uploads/2013/02/software-license-notes-final.odt |
|||
== Meeting Minutes == |
== Meeting Minutes == |
||
'''MEETING START''' |
|||
To be posted after the meeting is over. |
|||
The meeting was called to order at 2:08 P.M. |
|||
The reading of the previous meeting's minutes was dispensed. |
|||
'''REPORT OF WPLUG BOARD OF DIRECTORS''' |
|||
Chair Pat Barron reports that there is a vacancy in the Board of Directors now that former Director-at-Large John Lewis has resigned. This matter will be discussed at the upcoming board meeting on February 19th. Any WPLUG member who is interested in running for office in a special election should contact a [http://www.wplug.org/wiki/WPLUGBoard board member]. |
|||
Vice chair Justin Smith reports that the February GUM was heavily advertised in local events calendars. Since some potential attendees may have trouble finding the Wilkins School Community Center (where WPLUG currently meets), he has re-activated WPLUG's Google Voice phone number and set it to redirect calls to his cell phone number. The WPLUG phone number will be included with advertisement, but will ''only'' be active on the day of events. |
|||
As chair of the Public Relations Committee, Justin has decided to adopt Google+ and Twitter as WPLUG's official social media outlets. Google+ will be main focus; "Hangouts," Google+'s built-in video chat that supports live broadcasts via YouTube, may be used in future WPLUG events. Twitter will be used for general outreach and to "live-tweet" from events that WPLUG attends. |
|||
Secretary Justin Smith has nothing to report. |
|||
Treasurer Terry Golightly reports that WPLUG has $734.81 in the bank, $45 in outstanding deposits, and $45 in cash. |
|||
Director-at-Large Joe Prostko has nothing to report. |
|||
'''NEW BUSINESS''' |
|||
The final votes for last month's [http://www.wplug.org/w/images/0/01/Jan2013BylawsAmend.pdf bylaws proposal] took place. The measure passed, 7-0. Pat directed Justin to update the bylaws page on the WPLUG wiki. |
|||
Justin proposed three bylaws amendments: |
|||
* In Section 7.1, strike the word Internet and replace with Technology Maintenance. (In effect, this renames the Internet Committee to the Technology Maintenance Committee). The measure was passed, 7-0. It will be committed to absentee ballot. |
|||
* In Section 7.2, strike the word Program and replace it with Events Planning. (In effect, this renames the Program Committee to the Events Planning Committee). The measure was passed, 7-0. It will be committed to absentee ballot. |
|||
* In Section 7.3, strike the word Investigating and replace it with Disciplinary. (In effect, this renames the Investigating Committee to the Disciplinary Committee). After debate and disagreement over the change, the measure was withdrawn. |
|||
Justin read through a [http://www.wplug.org/wiki/Commission_to_Reform_WPLUG#Accepted_Reform_Package_2_Proposals list of recommendations] from the [[Commission to Reform WPLUG]] that will be forwarded to the WPLUG Board of Directors. |
|||
In regard to CRW's recommendation to dissolve the Wilkins School Networking Committee, WPLUG member Vance Kochenderfer pointed out that it was created as an "ad hoc" committee, meaning that it was supposed to dissolve automatically at a certain point, such as after delivering a "final" report. |
|||
WPLUG member Stanley Slomberg suggested that WPLUG form a "special interest group," a type of study group that is geared toward beginners. The Board of Directors concurs with Stanley's assessment and will discuss it at the next board meeting. |
|||
'''MEETING END''' |
|||
Justin moved to adjourn the meeting; Terry seconded the motion. The meeting was adjourned at 3:01 p.m. |
|||
== Meeting Staff == |
== Meeting Staff == |
||
Line 48: | Line 116: | ||
* Snacks/Refreshments: Your name here |
* Snacks/Refreshments: Your name here |
||
* Setup: Your name here |
* Setup: Your name here |
||
* Clean Up: Your name here |
* Clean Up: [[User:Vance|Vance Kochenderfer]], Your name here |
||
== Carpooling == |
== Carpooling == |
Latest revision as of 04:20, 14 February 2013
WPLUG will hold a general user meeting on Saturday, February 9, 2013 at the Wilkins School Community Center in Swissvale, PA. You don't need to be a member of WPLUG to come to our meetings, and there is no cost to attend.
After our "business meeting," which typically doesn't take more than half an hour, we'll open the floor to presentations, discussions, and generally just hanging out. If you're interested in having fun with other Linux and open source enthusiasts in the area, we invite you to stop by!
Schedule for the Day
1:30pm - Doors open, set up
2:00pm - Business Meeting starts
2:30pm - Presentations (topics listed below)
4:30pm - Meeting ends, everyone out. Some of us may go to D's 6pack for beer and dogs.
Business Meeting
- Review of minutes (5 minutes)
- Reports of officers (10 minutes)
- Cast/count ballots for bylaws amendment advanced at January GUM (10 minutes)
- Commission to Reform WPLUG presents Reform Package 2, a collection of changes designed to take WPLUG on an exciting new direction
- New business
Speaker/Presentation
Presentation: Build Your Own Certificate Authority Using xca
- Presenter: Pat Barron
There are a number of instances where a system administrator may wish to use certificate-based encryption to for security, to prevent spying on network traffic (for instance, running your own web server that is secured using HTTPS, so that web traffic is encrypted before being sent over the network), or to implement client authentication for something like a VPN. This generally requires that a Certificate Authority (CA) issue certificates for your use - you might choose to use self-signed certificates instead, but this will result in dire security warnings from web browsers about certificates issued by an "untrusted issuer", and some things won't allow you to use self-signed certificates at all. But why pay a recognized CA to issue certificates for you, that are probably going to be used by no one other than yourself and possibly your friends, and which don't need to be trusted by the general public?
The no-cost alternative is to create your own private CA, and register it as a trusted certificate issuer on your systems. Linux distributions already include all the tools you need to do this, in the OpenSSL package - but the procedures for creating a CA and issuing certificates using the raw OpenSSL tools are obscure, complicated, and can only be done from the command line.
In this presentation, I will give a (very) brief overview of Public Key Infrastructure (a/k/a "PKI" - the general framework that supports certificate-based security), and talk just a little about how it works and what it's used for. You will learn about "xca" (packaged for many mainstream Linux distros, and also available for Windows and Mac OS), an open source GUI interface to OpenSSL that makes managing a private CA quick and simple. You will learn how to use "xca" to create a private root CA and generate your first server certificate - a process that, using the "xca" GUI, can be completed in two minutes or less. You will learn how to register your private root CA as a trusted certificate issuer in Firefox and Internet Explorer (yeah, I know ... but people do use it...). Finally, I will briefly describe how to use the server certificate you generated from your private root CA to secure your Apache-based web server.
If there is interest, possible future presentations may cover topics such as how to use your private CA to issue client certificates that can be used for client-based web authentication, and to secure private VPNs (such as you might build using OpenVPN, for remote connectivity into your home network, etc.).
Presentation: The Rise and Fall of the WebOS Mobile Operating System
- Presenter: Justin Smith
"In the span of just three years, webOS went from being a media darling to a running gag. What happened? How did it end up contributing to Android's development? I'll also be giving a hands-on demonstration of Open WebOS, the most current iteration of webOS, since I own one of the three Android devices that is capable of running it."
"Hot Seat" Discussion Event: Open Source License Smackdown!
- Participants: Pat Barron, Justin Smith, Terry Golightly, Joe Prostko, plus anyone else who wants to try
We're going to put the names of 6 open source licenses in a hat:
- LGPL v3
- GPL v3
- Apache License
- MIT License
- Mozilla Public License
- Microsoft Reciprocal License
Everyone who wants to participate will take a license from the hat and defend why it's the "best" for 5 minutes or so. The event will be a series of rapid-fire discussions like you might see on ESPN.
At the very least, four members of our Board of Directors - Chair Pat, Vice Chair/Secretary Justin, Treasurer Terry, and Director-at-Large Joe - will participate. If other people want to try, we'll add more licenses to the hat as necessary to accommodate them. If you get a license you don't know about, we'll give you basic information about it and a few minutes to think over what to say.
If you don't want to sit in the hot seat, that's fine! Just sit back, relax, and learn about all the different ways you can "do" open source. Will someone who hates one of these licenses have to defend it? (I hope I don't get Apache or MIT...) Which poor sap will get the Microsoft license? Tune in and find out!
If you'd like to learn more about software licenses, Justin put together a handout that gives a plain English, one-page summary for each of the six in our debate panel (MIT, Apache, Mozilla Public, Microsoft Reciprocal, LGPL, GPL). It also includes an "inheritance chart" that shows how the licenses get progressively more complex. If you'd like a copy, here's the link:
http://www.js-wordsmith.com/wp-content/uploads/2013/02/software-license-notes-final.odt
Meeting Minutes
MEETING START
The meeting was called to order at 2:08 P.M.
The reading of the previous meeting's minutes was dispensed.
REPORT OF WPLUG BOARD OF DIRECTORS
Chair Pat Barron reports that there is a vacancy in the Board of Directors now that former Director-at-Large John Lewis has resigned. This matter will be discussed at the upcoming board meeting on February 19th. Any WPLUG member who is interested in running for office in a special election should contact a board member.
Vice chair Justin Smith reports that the February GUM was heavily advertised in local events calendars. Since some potential attendees may have trouble finding the Wilkins School Community Center (where WPLUG currently meets), he has re-activated WPLUG's Google Voice phone number and set it to redirect calls to his cell phone number. The WPLUG phone number will be included with advertisement, but will only be active on the day of events.
As chair of the Public Relations Committee, Justin has decided to adopt Google+ and Twitter as WPLUG's official social media outlets. Google+ will be main focus; "Hangouts," Google+'s built-in video chat that supports live broadcasts via YouTube, may be used in future WPLUG events. Twitter will be used for general outreach and to "live-tweet" from events that WPLUG attends.
Secretary Justin Smith has nothing to report.
Treasurer Terry Golightly reports that WPLUG has $734.81 in the bank, $45 in outstanding deposits, and $45 in cash.
Director-at-Large Joe Prostko has nothing to report.
NEW BUSINESS
The final votes for last month's bylaws proposal took place. The measure passed, 7-0. Pat directed Justin to update the bylaws page on the WPLUG wiki.
Justin proposed three bylaws amendments:
- In Section 7.1, strike the word Internet and replace with Technology Maintenance. (In effect, this renames the Internet Committee to the Technology Maintenance Committee). The measure was passed, 7-0. It will be committed to absentee ballot.
- In Section 7.2, strike the word Program and replace it with Events Planning. (In effect, this renames the Program Committee to the Events Planning Committee). The measure was passed, 7-0. It will be committed to absentee ballot.
- In Section 7.3, strike the word Investigating and replace it with Disciplinary. (In effect, this renames the Investigating Committee to the Disciplinary Committee). After debate and disagreement over the change, the measure was withdrawn.
Justin read through a list of recommendations from the Commission to Reform WPLUG that will be forwarded to the WPLUG Board of Directors.
In regard to CRW's recommendation to dissolve the Wilkins School Networking Committee, WPLUG member Vance Kochenderfer pointed out that it was created as an "ad hoc" committee, meaning that it was supposed to dissolve automatically at a certain point, such as after delivering a "final" report.
WPLUG member Stanley Slomberg suggested that WPLUG form a "special interest group," a type of study group that is geared toward beginners. The Board of Directors concurs with Stanley's assessment and will discuss it at the next board meeting.
MEETING END
Justin moved to adjourn the meeting; Terry seconded the motion. The meeting was adjourned at 3:01 p.m.
Meeting Staff
If you'd like to assist with this meeting, please add your name to one or more of the categories below.
- Host: Your name here
- Co-Host: Your name here
- Snacks/Refreshments: Your name here
- Setup: Your name here
- Clean Up: Vance Kochenderfer, Your name here
Carpooling
- Your name/location here