This was extracted (@ 2023-02-28 12:10) from a list of minutes
which have been approved by the Board.
Please Note
The Board typically approves the minutes of the previous meeting at the
beginning of every Board meeting; therefore, the list below does not
normally contain details from the minutes of the most recent Board meeting.
WARNING: these pages may omit some original contents of the minutes.
Meeting times vary, the exact schedule is available to ASF Members and Officers, search for "calendar" in the Foundation's private index page (svn:foundation/private-index.html).
Teaclave is a universal secure computing platform.
Teaclave has been incubating since 2019-08-20.
### Three most important unfinished issues to address before graduating:
1. Improve project structure and documentation.
2. Grow the community. (attracting more committers, contributors, users)
3. Publish Apache releases. (resolving logistics on Apache release)
### Are there any issues that the IPMC or ASF Board need to be aware of?
None
### How has the community developed since the last report?
Since the last report, we are pleased to receive project donation
proposals from external teams. They want to donate their JavaEnclave project
to Teaclave. We are facilitating the donation process.
We also have two new PPMC members elected since the last report:
- 2022-08-16: Yuan Zhuang (volcano0dr)
- 2022-08-17: Ran Duan DemesneGH)
### How has the project developed since the last report?
Here are the summaries of recent progress of our three sub-projects:
Teaclave Faas Platform
v0.4.0 new changes:
- Merged PRs:
<https://github.com/apache/incubator-teaclave/pulls?q=is%3Apr+is%3Aclosed+me
rged%3A2022-05-01..2022-10-23+base%3Amaster+>
Teaclave TrustZone SDK
v0.2.0 new changes:
- Add tls server/client example
- Add signature verification example
- Add Building Rust CA as Android ELF documentation
- Add Expanding TA Secure Memory on QEMUv8 documentation
- Merged PRs:
<https://github.com/apache/incubator-teaclave-trustzone-sdk/pulls?q=is%3Apr+
is%3Aclosed+merged%3A2022-05-01..2022-10-23+base%3Amaster+>
Teaclave SGX SDK
Since the last report, this project is developing v2.0 and maintaining
v1.1.
v2.0 is a revamped version. It is much more developer friendly compared to
v1.1.
- Supports cargo build + no_std, xargo build and cargo-std-aware mode.
- Refactored Intel's SDK using Rust. Only a small portion of Intel's SDK
is required.
- Improved testing framework. sgx_tstd is well tested now.
- No need to maintain 100+ 3rd party dependencies. Most dependencies are
use-able without any change.
- Branch:
<https://github.com/apache/incubator-teaclave-sgx-sdk/tree/v2.0.0-preview>
v1.1 new changes:
- Version bump to 1.1.6
- Support rust-nightly-2022-10-22
- Version bump to 1.1.5
- Support intel sgx sdk 2.17.1 and and DCAP 1.14
- Support rust-nightly-2022-02-23
- Fix thread_local macro
- Merged PRs:
<https://github.com/apache/incubator-teaclave-sgx-sdk/pulls?q=is%3Apr+is%3Ac
losed+merged%3A2022-05-01..2022-10-23+base%3Amaster+>
### How would you assess the podling's maturity?
Please feel free to add your own commentary.
- [ ] Initial setup
- [ ] Working towards first release
- [X] Community building
- [ ] Nearing graduation
- [ ] Other:
### Date of last release:
2022-04-18
### When were the last committers or PPMC members elected?
- 2022-08-16: Yuan Zhuang (Apache ID: yuanz), PPMC
- 2022-08-17: Ran Duan (Apache ID: rduan), PPMC
### Have your mentors been helpful and responsive?
Yes, our mentors work responsively to help us with electing new mentors,
developing new features, fixing bugs, and expanding the community.
### Is the PPMC managing the podling's brand / trademarks?
We don't find any 3rd parties incorrectly using the podling's name and
brand. The VP, Brand has approved the project name.
(PODLINGNAMESEARCH-175)
### Signed-off-by:
- [X] (teaclave) Felix Cheung
Comments:
- [X] (teaclave) Furkan Kamaci
Comments:
- [ ] (teaclave) Jianyong Dai
Comments:
- [ ] (teaclave) Matt Sicker
Comments:
- [ ] (teaclave) Zhijie Shen
Comments:
- [ ] (teaclave) Gordon King
Comments:
### IPMC/Shepherd notes:
Teaclave is a universal secure computing platform.
Teaclave has been incubating since 2019-08-20.
### Three most important unfinished issues to address before graduating:
- Improve project structure and documentation
- Grow the community (attracting more committers, contributors, users)
- Publish Apache releases (resolving logistics on Apache release)
### Are there any issues that the IPMC or ASF Board need to be aware of?
None.
### How has the community developed since the last report?
Since the last report, we have organized three monthly virtual meetups. For
each meetup, we have write-ups published on the Teaclave blog.
- Teaclave Meetup #10:
<https://teaclave.apache.org/blog/2022-02-24-teaclave-meetup-10/>
- Teaclave Meetup #11:
<https://teaclave.apache.org/blog/2022-03-31-teaclave-meetup-11/>
- Teaclave Meetup #12:
<https://teaclave.apache.org/blog/2022-04-28-teaclave-meetup-12/>
We also released two versions of the Teaclave platform and Teaclave
TrustZone separately:
- Teaclave 0.4.0:
<https://teaclave.apache.org/blog/2022-04-18-announcing-teaclave-0-4-0/>
- Teaclave TrustZone SDK 0.2.0:
<https://teaclave.apache.org/blog/2022-04-18-announcing-teaclave-trustzone-s
dk-0-2-0/>
### How has the project developed since the last report?
Here are the summaries of recent progress:
Teaclave Faas Platform:
- Merged PRs:
<https://github.com/apache/incubator-teaclave/pulls?q=is%3Apr+is%3Aclosed+me
rged%3A2022-01-01..2022-05-01+base%3Amaster>
Teaclave TrustZone SDK
- Merged PRs:
<https://github.com/apache/incubator-teaclave-trustzone-sdk/pulls?q=is%3Apr+
is%3Aclosed+merged%3A2022-01-01..2022-05-01+base%3Amaster+>
Teaclave SGX SDK
- Merged PRs:
<https://github.com/apache/incubator-teaclave-sgx-sdk/pulls?q=is%3Apr+is%3Ac
losed+merged%3A2022-01-01..2022-05-01+base%3Amaster+>
Website
- [blog] Teaclave Meetup #10:
<https://teaclave.apache.org/blog/2022-02-24-teaclave-meetup-10/>
- [blog] Teaclave Meetup #11:
<https://teaclave.apache.org/blog/2022-03-31-teaclave-meetup-11/>
- [blog] Teaclave Meetup #12:
<https://teaclave.apache.org/blog/2022-04-28-teaclave-meetup-12/>
- [blog] Announcing Apache Teaclave (incubating) 0.4.0:
<https://teaclave.apache.org/blog/2022-04-18-announcing-teaclave-0-4-0/>
- [blog] Announcing Apache Teaclave TrustZone SDK (incubating) 0.2.0:
<https://teaclave.apache.org/blog/2022-04-18-announcing-teaclave-trustzone-s
dk-0-2-0/>
### How would you assess the podling's maturity?
- [ ] Initial setup
- [ ] Working towards first release
- [X] Community building
- [ ] Nearing graduation
- [ ] Other:
### Date of last release:
2021-04-18: Apache Teaclave (incubating) TrustZone SDK 0.2.0
### When were the last committers or PPMC members elected?
- 2022-04-26: Qinkun Bao (Apache ID: qinkun), Committer
### Have your mentors been helpful and responsive?
Yes, our mentors work responsively to help us with electing new mentors,
developing new features, fixing bugs, and expanding the community.
### Is the PPMC managing the podling's brand / trademarks?
We don't find any 3rd parties incorrectly using the podling's name and
brand. The VP, Brand has approved the project name. (PODLINGNAMESEARCH-175)
### Signed-off-by:
- [X] (teaclave) Felix Cheung
Comments:
- [X] (teaclave) Furkan Kamaci
Comments:
- [ ] (teaclave) Jianyong Dai
Comments:
- [ ] (teaclave) Matt Sicker
Comments:
- [ ] (teaclave) Zhijie Shen
Comments:
- [ ] (teaclave) Gordon King
Comments:
### IPMC/Shepherd notes:
### Three most important unfinished issues to address before graduating:
- Improve project structure and documentation
- Grow the community (attracting more committers, contributors, users)
- Publish Apache releases (resolving logistics on Apache release)
### Are there any issues that the IPMC or ASF Board need to be aware of?
None.
### How has the community developed since the last report?
Since the last report, we have organized two montly virtual meetups. For
each meetup, we have write-ups published on the Teaclave blog.
- Teaclave Meetup #8:
<https://teaclave.apache.org/blog/2021-10-14-teaclave-meetup-8/>
- Teaclave Meetup #9:
<https://teaclave.apache.org/blog/2021-11-30-teaclave-meetup-9/>
We also published a security advisory on a recent vulnerability on Intel
SGX SDK.
- SECURITY ADVISORY OF SMASHEX AND CVE-2021-0186:
<https://teaclave.apache.org/blog/2021-10-25-security-advisory-of-smashex-an
d-cve-2021-0186/>
To promote the recent TrustZone SDK in the Chinese community, we
published a blog on getting started with the SDK for newcomers.
- 使用 TEACLAVE TRUSTZONE SDK 开发 TRUSTZONE 应用:
<https://teaclave.apache.org/blog/2021-10-15-developing-teaclave-application
-with-teaclave-trustzone-sdk/>
### How has the project developed since the last report?
Here are the summaries of recent progress:
Teaclave Faas Platform
- [docker] start Teaclave docker services with auto-detection mechanism
- Support selectively including executors (#574)
- Optimize RPC memory footprint of serde (#577)
- Persistent MockDB in test mode. (#580)
- Flush DB and compact_range after dequeue operation
- API updates (#588): UpdateFunction, ListFunciton, DeleteFunction,
UserUpdate, UserRegister, UserUpdate
- Introduce role-based user management and access control
- Bug fixes and code refactoring
Teaclave TrustZone SDK
- Update Rust toolchain to nightly-2021-09-20 an std to 1.56.1
Teaclave SGX SDK
- Support Intel SGX SDK 2.15, DCAP 1.12
- Update rust toolchain to nightly-2021-11-01
Website
- [blog] Teaclave Meetup #8:
<https://teaclave.apache.org/blog/2021-10-14-teaclave-meetup-8/>
- [blog] Teaclave Meetup #9:
<https://teaclave.apache.org/blog/2021-11-30-teaclave-meetup-9/>
- [blog] SECURITY ADVISORY OF SMASHEX AND CVE-2021-0186:
<https://teaclave.apache.org/blog/2021-10-25-security-advisory-of-smashex-an
d-cve-2021-0186/>
- [blog] 使用 TEACLAVE TRUSTZONE SDK 开发 TRUSTZONE 应用:
<https://teaclave.apache.org/blog/2021-10-15-developing-teaclave-application
-with-teaclave-trustzone-sdk/>
### How would you assess the podling's maturity?
Please feel free to add your own commentary.
- [ ] Initial setup
- [ ] Working towards first release
- [X] Community building
- [ ] Nearing graduation
- [ ] Other:
### Date of last release:
2021-08-23: Apache Teaclave (incubating) 0.3.0
### When were the last committers or PPMC members elected?
- 2021-09-20: Yuan Zhuang (Apache ID: yuanz), Committer
- 2021-09-20: Rong Fan (Apache ID: fanrong), Committer
### Have your mentors been helpful and responsive?
Yes, our mentors work responsively to help us with electing new mentors,
developing new features, fixing bugs, and expanding the community.
### Is the PPMC managing the podling's brand / trademarks?
We don't find any 3rd parties incorrectly using the podling's name and
brand. The VP, Brand has approved the project name. (PODLINGNAMESEARCH-175)
### Signed-off-by:
- [ ] (teaclave) Felix Cheung
Comments:
- [ ] (teaclave) Furkan Kamaci
Comments:
- [ ] (teaclave) Jianyong Dai
Comments:
- [ ] (teaclave) Matt Sicker
Comments:
- [ ] (teaclave) Zhijie Shen
Comments:
- [X] (teaclave) Gordon King
Comments:
### IPMC/Shepherd notes:
Teaclave is a universal secure computing platform, making computation on
privacy-sensitive data safe and simple.
Teaclave has been incubating since 2019-08-20.
### Three most important unfinished issues to address before graduating:
- Improve project structure and documentation
- Grow the community (attracting more committers, contributors, users)
- Publish Apache releases (resolving logistics on Apache release)
### Are there any issues that the IPMC or ASF Board need to be aware of?
None.
### How has the community developed since the last report?
Since the last report, we have organized one monthly virtual meetup (we
skipped
one due to the public holiday). For each meetup, we have minutes write-up
published on the Teaclave blog.
- Teaclave Meetup #7:
<https://teaclave.apache.org/blog/2021-08-26-teaclave-meetup-7/>
Starting from this meetup, we use Google Calendar to show the meetup
schedule
and location (i.e., the Zoom link).
- Teaclave Community Calendar:
<https://calendar.google.com/calendar/u/0/embed?src=l1q5osem2br8i4bj7dgik5sa
e4@group.calendar.google.com>
We also have two new members elected since the last report:
- 2021-09-20: Yuan Zhuang (Apache ID: TBD), Committer
- 2021-09-20: Rong Fan (Apache ID: TBD), Commiter
### How has the project developed since the last report?
Here are the summaries of recent progress:
Teaclave Faas Platform
- Add TVM MNIST example
- Add IDE helper script
- Add license header and include SkyWalking Eyes in CI for automatic
checking
- Release v0.3.0: https://teaclave.apache.org/download/#teaclave
- Consolidate `docker-compose` scripts for servers with different SGX
drivers
Teaclave TrustZone SDK
- TEE Socket APIs and examples
- Upgrade building docker to Ubuntu 20.04
- Switch to GitHub Actions
- Add -rs to examples and update test scripts
- Update to OP-TEE 3.14.0
Teaclave SGX SDK
- Intel SGX SDK 2.14
- Move wiki pages to the document directory for homepage rendering
- Better project template
Website
- [blog] 使用 Teaclave SGX SDK 开发 SGX 应用 · Aug 24 2021:
<https://teaclave.apache.org/blog/2021-08-25-developing-sgx-application-with
-teaclave-sgx-sdk/>
- [blog] Announcing Apache Teaclave (incubating) 0.3.0 · Sep 30 2021:
<https://teaclave.apache.org/blog/2021-10-01-announcing-teaclave-0-3-0/>
- [style] Update the contributors page to include Apache ID and tags for
each committers
Community Collaboration
- Teaclave/Intel: Integrating Graphene as a new Library OS executor
- Teaclave/OP-TEE: Integrating examples in Rust TrustZone SDK in OP-TEE
### How would you assess the podling's maturity?
Please feel free to add your own commentary.
- [ ] Initial setup
- [ ] Working towards first release
- [X] Community building
- [ ] Nearing graduation
- [ ] Other:
### Date of last release:
2021-08-23: Apache Teaclave (incubating) 0.3.0
### When were the last committers or PPMC members elected?
- 2021-09-20: Yuan Zhuang (Apache ID: TBD), Committer
- 2021-09-20: Rong Fan (Apache ID: TBD), Committer
### Have your mentors been helpful and responsive?
Yes, our mentors work responsively to help us with electing new mentors,
developing new features, fixing bugs, and expanding the community.
### Is the PPMC managing the podling's brand / trademarks?
The VP, Brand has approved the project name. (PODLINGNAMESEARCH-175)
### Signed-off-by:
- [X] (teaclave) Felix Cheung
Comments:
- [ ] (teaclave) Furkan Kamaci
Comments:
- [ ] (teaclave) Jianyong Dai
Comments:
- [ ] (teaclave) Matt Sicker
Comments:
- [ ] (teaclave) Zhijie Shen
Comments:
- [ ] (teaclave) Gordon King
Comments:
### IPMC/Shepherd notes:
Teaclave is a universal secure computing platform, making computation on
privacy-sensitive data safe and simple.
Teaclave has been incubating since 2019-08-20.
### Three most important unfinished issues to address before graduating:
- Improve project structure and documentation
- Grow the community (attracting more committers, contributors, users)
- Publish Apache releases (resolving logistics on Apache release)
### Are there any issues that the IPMC or ASF Board need to be aware of?
None.
### How has the community developed since the last report?
Since the last report, we have organized three monthly virtual meetups.
Many people from the community share their usage experience of Teaclave.
Also, we invited some contributors to talk about some technical details of
the design and implementation. For each meetup, we have minutes write-up
published on the Teaclave blog.
- Teaclave Meetup #4:
<https://teaclave.apache.org/blog/2021-04-29-teaclave-meetup-4/>
- Teaclave Meetup #5:
<https://teaclave.apache.org/blog/2021-06-24-teaclave-meetup-5/>
- Teaclave Meetup #6:
<https://teaclave.apache.org/blog/2021-07-29-teaclave-meetup-6/>
We also have two new members:
- 2021-07-09, Hongbo Chen (ya0guang), Commiter
- 2021-07-25, Gordon King (garyw), Mentor
### How has the project developed since the last report?
Here are the summaries of recent progress of our three sub-projects:
Teaclave:
- Change the executor's payload type from `String` to `Vec<u8>`.
- Unify the launch of teaclave services.
- Add WebAssembly Executor and corresponding examples.
- Upgrade Intel SGX SDK to the latest release (SGX 2.14.100.2, DCAP
1.11.100.2).
- Some minor fixes of the building system and documentation.
Teaclave SGX SDK:
- Minor bug fixes.
Teaclave TrustZone SDK:
- Release the first Apache Incubator version 0.1.0: [Announcing Apache
Teaclave TrustZone SDK (Incubating)
0.1.0](https://teaclave.apache.org/blog/2021-06-16-announcing-teaclave
-trust zone-sdk-0-1-0/).
- Update to OP-TEE 3.13.0.
- Implement the `iSocket` APIs and corresponding examples.
- Implement loadable plugin for TA and corresponding examples.
- Some minor fixes and repository cleanups.
### How would you assess the podling's maturity?
Please feel free to add your own commentary.
- [ ] Initial setup
- [ ] Working towards first release
- [X] Community building
- [ ] Nearing graduation
- [ ] Other:
### Date of last release:
2021-06-10: Apache Teaclave TrustZone SDK (incubating) 0.1.0
### When were the last committers or PPMC members elected?
2021-07-25, Gordon King (garyw), Mentor
### Have your mentors been helpful and responsive?
Yes, our mentors work responsively to help us with electing new mentors,
proposing new features, and expanding the community.
### Is the PPMC managing the podling's brand / trademarks?
We don't find any 3rd parties incorrectly using the podling's name and
brand. The VP, Brand has approved the project name. (PODLINGNAMESEARCH-175)
### Signed-off-by:
- [X] (teaclave) Felix Cheung
Comments: good progress
- [X] (teaclave) Furkan Kamaci
Comments:
- [ ] (teaclave) Jianyong Dai
Comments:
- [ ] (teaclave) Matt Sicker
Comments:
- [ ] (teaclave) Zhijie Shen
Comments:
- [ ] (teaclave) Gordon King
Comments:
### IPMC/Shepherd notes:
Teaclave is a universal secure computing platform, making computation on
privacy-sensitive data safe and simple.
Teaclave has been incubating since 2019-08-20.
### Three most important unfinished issues to address before graduating:
1. Improve project structure and documentation
2. Grow the community (attracting more committers, contributors, users)
3. Publish Apache releases (resolving logistics on Apache release)
### Are there any issues that the IPMC or ASF Board need to be aware of?
None.
### How has the community developed since the last report?
Since the last report, we have started monthly virtual meetups for three
times. Many people from the community share their usage experience of
Teaclave. Also, we invited some contributors to talk about some technical
details of the design and implementation. For each meetup, we have minutes
write-up published on the Teaclave blog.
- Teaclave Meetup #1:
https://teaclave.apache.org/blog/2021-01-27-teaclave-meetup-1/
- Teaclave Meetup #2:
https://teaclave.apache.org/blog/2021-02-24-teaclave-meetup-2/
- Teaclave Meetup #3:
https://teaclave.apache.org/blog/2021-03-24-teaclave-meetup-3/
In addition, we have one more project (Crust Network) powered by Teaclave
joined in our "Powered By" page on the Teaclave homepage.
- https://teaclave.apache.org/powered-by/
### How has the project developed since the last report?
During this period, we also accepted the Rust OP-TEE TrustZone SDK project
to Teaclave as a sub-project, named as Teaclave TrustZone SDK. Similar to
Teaclave SGX SDK, Teaclave TrustZone SDK will be the foundation of the
Teaclave FaaS platform to support multiple trusted execution environments.
- Welcome Rust OP-TEE TrustZone SDK TO Teaclave:
https://teaclave.apache.org/blog/2021-03-14-welcome-rust-optee-trustzone-sdk
/
We published a project roadmap in 2021:
- Roadmap in 2021: Project Maturity and Community Buildup:
https://teaclave.apache.org/blog/2021-01-19-roadmap-in-2021-project-maturity
-and-community-buildup/
We also announce the 0.2.0 release. In 0.2.0, we focus on various
components including built-in functions, SDKs in different languages,
docker, command line interface, documents, etc.
- Announcing Apache Teaclave (incubating) 0.2.0:
https://teaclave.apache.org/blog/2021-03-01-announcing-teaclave-0-2-0/
### How would you assess the podling's maturity?
Please feel free to add your own commentary.
- [ ] Initial setup
- [ ] Working towards first release
- [X] Community building
- [ ] Nearing graduation
- [ ] Other:
### Date of last release:
2021-03-02: Apache Teaclave (incubating) 0.2.0
### When were the last committers or PPMC members elected?
2020-10-22, Ran Duan (rduan), Committer
### Have your mentors been helpful and responsive?
Yes, our mentors work responsively to help us with accepting new project
donation into Teaclave.
### Is the PPMC managing the podling's brand / trademarks?
We don't find any 3rd parties incorrectly using the podling's name and
brand. The VP, Brand has approved the project name. (PODLINGNAMESEARCH-175)
### Signed-off-by:
- [X] (teaclave) Felix Cheung
Comments:
- [X] (teaclave) Furkan Kamaci
Comments:
- [ ] (teaclave) Jianyong Dai
Comments:
- [ ] (teaclave) Matt Sicker
Comments:
- [ ] (teaclave) Zhijie Shen
Comments:
### IPMC/Shepherd notes:
Teaclave is a universal secure computing platform.
Teaclave has been incubating since 2019-08-20.
### Three most important unfinished issues to address before graduating:
1. Improve project structure and documentation
2. Grow the community (attracting more committers, contributors, users)
3. Publish more Apache releases
### Are there any issues that the IPMC or ASF Board need to be aware of?
None.
### How has the community developed since the last report?
- We received contributions from a new external contributor.
- We found a new project using Teaclave SGX SDK called Veracruz, which is
a
framework for defining and deploying collaborative, privacy-preserving
computations amongst a group of mutually mistrusting individuals.
- We summarized the community and projects powered by Teaclave and
published
a blog on our homepage.
- Rust TrustZone SDK will be accepted in Teaclave as a subproject. The
community
is discussing and voting the acceptance.
- The community has accepted a new committer.
### How has the project developed since the last report?
- Add PCA function in the builtin executor.
- Add exposed password checking function in the builtin executor.
- Add the attestation subcommand to display attestation reports form the
Intel attestation service.
- Add document to support deploying on Azure confidential computing VM.
### How would you assess the podling's maturity?
Please feel free to add your own commentary.
- [ ] Initial setup
- [ ] Working towards first release
- [X] Community building
- [ ] Nearing graduation
- [ ] Other:
### Date of last release:
2020-10-09 (version 0.1.0)
### When were the last committers or PPMC members elected?
2020-10-22 (Ran Duan, commiter, rduan@apache)
### Have your mentors been helpful and responsive?
Yes, our mentors are very helpful and responsive on our discussion about
security reporting and new projects acceptance voting.
### Is the PPMC managing the podling's brand / trademarks?
We don't find any 3rd parties incorrectly using the podling's name and
brand.
The VP, Brand has approved the project name. (PODLINGNAMESEARCH-175)
### Signed-off-by:
- [x] (teaclave) Felix Cheung
Comments:
- [X] (teaclave) Furkan Kamaci
Comments:
- [ ] (teaclave) Jianyong Dai
Comments:
- [ ] (teaclave) Matt Sicker
Comments:
- [ ] (teaclave) Zhijie Shen
Comments:
### IPMC/Shepherd notes:
Teaclave is a universal secure computing platform, making computation on
privacy-sensitive data safe and simple.
Teaclave has been incubating since 2019-08-20.
### Three most important unfinished issues to address before graduating:
1. Improve project structure and documentation
2. Grow the community (attracting more committers, contributors, users)
3. Publish Apache releases (resolving logistics on Apache release)
### Are there any issues that the IPMC or ASF Board need to be aware of?
None.
### How has the community developed since the last report?
Since the last report, we received contributions from a new contributor.
We also received many issue reports and questions regarding the usages, bugs,
and roadmap of Teaclave. Also, we presented the Teaclave project in recent
ApacheCon to the community and received some useful feedback.
### How has the project developed since the last report?
The main goal of development since the last report is to resolve logistics
towards the first Apache release. This includes license checking, building
system improvement, documentation and write-ups. On Oct 9th, the Teaclave
community and incubator has passed 0.1.0 release voting.
### How would you assess the podling's maturity?
Please feel free to add your own commentary.
- [ ] Initial setup
- [X] Working towards first release
- [X] Community building
- [ ] Nearing graduation
- [ ] Other:
### Date of last release:
2020-10-09
### When were the last committers or PPMC members elected?
We haven't started new committers or PPMC members elections yet.
Currently,
our work focuses on the first Apache release. We'll switch to community
building in the next quarter. Currently, we already have potential
candidates for the new PPMC members election.
### Have your mentors been helpful and responsive?
Yes. They have been helpful and very responsive for the first public
release.
### Is the PPMC managing the podling's brand / trademarks?
We don't find any 3rd parties incorrectly using the podling's name and
brand. The VP, Brand has approved the project name.
(PODLINGNAMESEARCH-175)
### Signed-off-by:
- [X] (teaclave) Felix Cheung
Comments: congrats on the first release
- [X] (teaclave) Furkan Kamaci
Comments:
- [ ] (teaclave) Jianyong Dai
Comments:
- [ ] (teaclave) Luciano Resende
Comments:
- [ ] (teaclave) Matt Sicker
Comments:
- [ ] (teaclave) Zhijie Shen
Comments:
### IPMC/Shepherd notes:
Teaclave is a universal secure computing platform, making computation
on privacy-sensitive data safe and simple.
Teaclave has been incubating since 2019-08-20.
### Three most important unfinished issues to address before graduating:
1. Improve project structure and documentation
2. Grow the community (attracting more committers, contributors, users)
3. Publish Apache releases (resolving logistics on Apache release)
### Are there any issues that the IPMC or ASF Board need to be aware of?
No.
### How has the community developed since the last report?
Since the last report, we started to reach out to people using the
project and collect suggestions and encourage them to join in the
community. We have found four organizations and eight projects that
are using either the Teaclave platform and Teaclave's Rust SGX SDK.
We also created a website for the project:
https://teaclave.apache.org/, which contains project description,
community, contributors, documentations and blog posts.
We started a thread to discuss the logo design, but haven't received
any proposal for now. We will drive this issue in the next few weeks.
We observed more people posting feature suggestions and
build/deployment issues. More than five new contributors begin to
contribute bug fixes and introduce new examples.
We started preparing the first Apache release such as logistics on
licenses of third-party libraries.
### How has the project developed since the last report?
Since the last report, we have completed the development roadmap
towards the first public release
(https://github.com/apache/incubator-teaclave/issues/121) proposed
last year. We began to put more efforts on improving documents and
building community.
We wrote many documents in recent weeks including:
- Try: Tutorials on using the Teaclave platform.
- Design: Some explanations of design choices we made.
- Contribute: Documents on contributing to Teaclave, such as
debugging tips and Rust development guideline.
- Codebase: Documents for each sub-directory (i.e., libraries in
Teaclave).
- API Docs: Generated API documentations like APIs of Client SDK.
We also provided more examples to help beginners to understand the
basic usages of the projects.
### How would you assess the podling's maturity?
- [ ] Initial setup
- [X] Working towards first release
- [X] Community building
- [ ] Nearing graduation
- [ ] Other:
### Date of last release:
N/A
### When were the last committers or PPMC members elected?
We haven't started new committers or PPMC members elections yet.
Currently, our work focuses on improving the documents to make the
project more approachable for newcomers. Additionally, we see some
regular contributors recently mainly focus on helping to improve
examples, SDK, etc.
### Have your mentors been helpful and responsive?
Yes, our mentors help us with the website development and logo design.
Also, our mentors provided valuable thoughts regarding Intel's recent
security issues.
### Is the PPMC managing the podling's brand / trademarks?
We don't find any 3rd parties incorrectly using the podling's name and
brand. The VP, Brand has approved the project name.
(PODLINGNAMESEARCH-175)
### Signed-off-by:
- [X] (teaclave) Felix Cheung
Comments: good progress!
- [X] (teaclave) Furkan Kamaci
Comments:
- [ ] (teaclave) Jianyong Dai
Comments:
- [X] (teaclave) Luciano Resende
Comments:
- [ ] (teaclave) Matt Sicker
Comments:
- [ ] (teaclave) Zhijie Shen
Comments:
### IPMC/Shepherd notes:
Teaclave is a universal secure computing platform.
Teaclave has been incubating since 2019-08-20.
### Three most important unfinished issues to address before graduating:
1. Improving project structure and documentation
2. Grow the community (committers, contributors, users)
3. Publish Apache release
### Are there any issues that the IPMC or ASF Board need to be aware of?
No.
### How has the community developed since the last report?
- Since last report, one external contributor has became our regular
contributor.
- Compared to the last report, we have seen more pull request from
external contributors.
- We received emails from some companies which are interested in the
project and willing to make some contributions for the secure computing
community.
- Since we are mainly working on GitHub, with the help of the INFRA team,
we can sync the notifications of GitHub with our mailing list.
### How has the project developed since the last report?
- Since last report, the whole project has been refactored to be more
functional, as well as readable and approachable for new contributors.
- We have rewrote the framework for implementing enclave services. Also,
we have redesigned current services into seven core services
including access control, authentication, execution, frontend,
management,
scheduler, and storage service. Communication protocols between services
are defined in protobuf.
- RPC between services has been redesigned to supported TLS-based
attestation.
- We have added DCAP attestation algorithm in the platform so that people
can deploy the system in environments without Intel's attestation service.
- Communication between app and enclave has been also redesigned
with better APIs.
- All updates is currently in the `develop` branch. We plan to merge
into `master` when main refactoring is done.
### How would you assess the podling's maturity?
Please feel free to add your own commentary.
- [ ] Initial setup
- [X] Working towards first release
- [ ] Community building
- [ ] Nearing graduation
- [ ] Other:
### Date of last release:
N/A
### When were the last committers or PPMC members elected?
We haven't started new committers or PPMC members elections yet.
Currently, our
work focus on improving the design and documents to make the project more
approachable for newcomers.
### Have your mentors been helpful and responsive?
Yes, our mentors help use to resolve the mailing list moderator issues.
### Is the PPMC managing the podling's brand / trademarks?
We don't find any 3rd parties incorrectly using the podling's name and
brand.
The VP, Brand has approved the project name. (PODLINGNAMESEARCH-175)
### Signed-off-by:
- [X] (teaclave) Felix Cheung
Comments:
- [X] (teaclave) Furkan Kamaci
Comments:
- [ ] (teaclave) Jianyong Dai
Comments:
- [ ] (teaclave) Luciano Resende
Comments:
- [ ] (teaclave) Matt Sicker
Comments:
- [ ] (teaclave) Zhijie Shen
Comments:
### IPMC/Shepherd notes:
Teaclave is a universal secure computing platform.
Teaclave has been incubating since 2019-08-20.
### Three most important unfinished issues to address before graduating:
1. Improving project structure and documentation
2. Grow the community (committers, contributors, users)
3. Publish Apache release
### Are there any issues that the IPMC or ASF Board need to be aware of?
No.
### How has the community developed since the last report?
- Since last report, we planned to schedule an online meetup recently.
- We have also received contributions of two new contributors.
- We draft a roadmap RFC for discussion.
- We use GitHub issues to track bugs, features, enhancements. Issues
labeled with "good first issues" is more approachable for newcomers.
### How has the project developed since the last report?
- Resolve all renaming issues of INFRA (INFRA-19532)
- Refactor four core components
- Rewrite README.md to clearly explain the project's highlights in
security, functionality, and usability.
- Start to use protobuf for RPC definition
- SGX SDK starts to use Intel SGX SDK v2.7.1
### How would you assess the podling's maturity?
- [ ] Initial setup
- [x] Working towards first release
- [ ] Community building
- [ ] Nearing graduation
- [ ] Other:
### Date of last release:
N/A
### When were the last committers or PPMC members elected?
We haven't started new committers or PPMC members elections yet.
Currently, our work focus on improving the design and documents to
make the project more approachable for newcomers.
### Have your mentors been helpful and responsive?
Yes. Last month, we changed name from MesaTEE to Teaclave. There are a
lot of changes need to be done. The mentors and infra teams help us a
lot on the transfer.
### Is the PPMC managing the podling's brand / trademarks?
We don't find any 3rd parties incorrectly using the podling's name and
brand. The VP, Brand has approve the project name.
(PODLINGNAMESEARCH-175)
### Signed-off-by:
- [ ] (teaclave) Felix Cheung
Comments:
- [X] (teaclave) Furkan Kamaci
Comments:
- [ ] (teaclave) Jianyong Dai
Comments:
- [X] (teaclave) Luciano Resende
Comments:
- [X] (teaclave) Matt Sicker
Comments: Thanks to some mailing list configuration updates,
communication is happening more often on-list.
- [ ] (teaclave) Zhijie Shen
Comments:
### IPMC/Shepherd notes:
MesaTEE is the next-gen solution to enable general computing service for
security-critical scenarios. It will allow even the most sensitive data to
be securely processed to enable offshore businesses without leakage.
MesaTEE has been incubating since 2019-08-19.
### Three most important unfinished issues to address before graduating:
1. Finish the initial setup for MesaTEE and its sub-repos.
2. Choose a suitable name for MesaTEE and rename the repos.
3. Make the access control mechanism and RPC framework more scalable and
ergonomic.
### Are there any issues that the IPMC or ASF Board need to be aware of?
Regarding to the CI system, we do have some problem with migrating the
webhooks. MesaTEE definitely requires CI runs on customized hardware.
However, the Apache INFRA team is pretty conservative on adopting novel CI
systems which support customized hardware and self-hosted agent, such as
Github Action, Drone etc. We observed that Apache projects depending on CI
running on customized hardware, such as incubator-tvm, experienced
difficulty to migrate its webhooks and was challenged several times on the
reason of using customized hardware in CI. Besides, we observed that
Apache Spark is using Github Action, while we are blocked on it (see
INFRA-19381).
The bootstrapping process seems slow due to the above problem. We have a
temporary workaround to use our Drone CI system. It leverages a sync bot
which automatically sync up incubator-mesatee and a testing fork and
triggers the webook of the testing fork. For management, we force the
developers to put the link of CI status for each PR in their PR message.
It works, but we really desire the integration to new CI and self-hosted
CI agents.
For the renaming, we found a new name "Teaclave" which is not used
anywhere.
### How has the community developed since the last report?
MesaTEE has one more contributor this month, and merged 50+ PRs from 13
contributors.
### How has the project developed since the last report?
We implemented the new access control system in MesaPy, and merged into
MesaTEE. The new access control system is much more powerful and flexible
than traditional user/role/group based access control system, and is
memory-safe and trusted with the help of MesaPy and MesaTEE.
We improved the MesaTEE infrastructure to make it k8s-friendly. We
refactored parts of the MesaTEE system and are doing on others.
We improved the build system. We deprecated the old-fashioned Makefile,
and only kept the cmake system.
We figured out a temporary solution for integrating the Drone CI system
and self-hosted agents by syncing up incubator-mesatee and testing fork,
and triggering tests on the testing fork.
We are improving the built-in RPC framework to use prost to automatically
generate Rust source codes from protobuf's protocol definitions.
We fixed a couple of bugs reported from the open source community.
### How would you assess the podling's maturity?
Please feel free to add your own commentary.
- [x] Initial setup
- [ ] Working towards first release
- [ ] Community building
- [ ] Nearing graduation
- [ ] Other:
### Date of last release:
N/A
### When were the last committers or PPMC members elected?
N/A
### Have your mentors been helpful and responsive?
We received instructions on the project renaming process from our mentors.
Thanks to every one!
### Is the PPMC managing the podling's brand / trademarks?
Yes. We don't find any 3rd parties incorrectly using the podling's name
and brand for now. Also, PPMC is working on the podling name search.
### Signed-off-by:
- [x] (MesaTEE) Felix Cheung
Comments: sounds like the issue in INFRA-19381 on the way, is that
still blocked or just need more time?
- [X] (MesaTEE) Furkan Kamaci
Comments:
- [ ] (MesaTEE) Jianyong Dai
Comments:
- [X] (MesaTEE) Luciano Resende
Comments:
- [ ] (MesaTEE) Matt Sicker
Comments:
- [ ] (MesaTEE) Zhijie Shen
Comments:
### IPMC/Shepherd notes:
MesaTEE is the next-gen solution to enable general computing service for
security-critical scenarios. It will allow even the most sensitive data to
be securely processed to enable offshore businesses without leakage.
MesaTEE has been incubating since 2019-08-19.
### Three most important unfinished issues to address before graduating:
1. Finish the initial setup for MesaTEE and its sub-repos.
2. Choose a suitable name for MesaTEE and rename the repos.
3. Make the access control mechanism and RPC framework more scalable and
ergonomic.
### Are there any issues that the IPMC or ASF Board need to be aware of?
Regarding to the CI system, we do have some problem with migrating the
webhooks. Currently the CI system is managed using drone, an open-sourced
CI infrastructure. It requires R+W access to the Github organization to
set up the webhooks. However, the INFRA team does not grant W access to
3rd party infrastructure. Should we migrate to Github Action, or try to
get a way to keep using drone? We started a discussion in dev mailing
list, but the answer from mentor differs from the answer from INFRA team.
The bootstrapping process seems slow due to the above problem. If we
cannot find a way to properly set up the CI system, we cannot merge any
codes after the repo transfer completed. To this end, we are doing our
best on fitting into Github Action.
Lack of communication in dev mailing list. We, the PPMC members, realized
that we cannot only talk offline. So we are starting to use the dev
mailing list for discussion and issue tracking, and we received lots of
comments and feedbacks from mentors. Next time I think we will do better
on the collaboration and be more interactive with the lovely mentors.
Since Baidu does not donate the brand name "MesaTEE" to ASF, we need a
new brand name. To solve this, PODLINGNAMESEARCH issue 169 is initiated
one month ago. And recently the discussion on new name seems come to an
conclusion in dev mailing list. The next step is to do the rename as
discussed.
### How has the community developed since the last report?
Now we have 12 contributors for MesaTEE main repo, and 16 contributors
for MesaTEE-SGX. Since the first day of incubation, MesaTEE merged 3 PRs
from the community, and MesaTEE-SGX merged 7 PRs from the community.
### How has the project developed since the last report?
Since the MesaTEE project joined incubator, we improved its build system,
SDK, CLI, and fit it to the latest Intel SGX SDK v2.6. MesaTEE-SGX and
its ecosystem has been periodically updated so as to eliminate
bugs/vulnerabilities from 3rd party libraries.
We just finished repo transfer for MesaTEE-SGX, and we are still working
on repo transfer for MesaTEE main repo.
It is worth mention that the comprehensive tests of MesaTEE and
MesaTEE-SGX helped finding bugs in their dependencies, and we managed to fix
them in upstream libraries. One case is the "official" numeric library family
of Rust ecosystem: rust-num. It's build script did not work well with
MesaTEE's build system and we filed [num-traits issue
139](https://github.com/rust-num/num-traits/issues/139). Then we fixed in
[PR 140](https://github.com/rust-num/num-traits/pull/140). More fixes in
this family are pending to merge. Another case is in the official Intel
SGX SDK. MesaTEE-SGX's CI reported failure after migrating to Intel SGX SDK
v2.7 release. We created [linux-sgx issue
457](https://github.com/intel/linux-sgx/issues/457) and Intel resolved it
a week later in [PR 461](https://github.com/intel/linux-sgx/pull/461).
### How would you assess the podling's maturity?
Please feel free to add your own commentary.
- [x] Initial setup
- [ ] Working towards first release
- [ ] Community building
- [ ] Nearing graduation
- [ ] Other:
### Date of last release:
N/A
### When were the last committers or PPMC members elected?
N/A
### Have your mentors been helpful and responsive?
Luciano helped us a lot. He helped with catching up the schedule and the
SGA. We learned a lot from him and started managing MesaTEE in Apache's
style.
Zhijie Shen helped us a lot with the initial setup, such as signing the
iCLA, account creation, mailing lists.
Justin Mclean helped us a lot on this report. We received a lot of
feedbacks from him and we updated this report according to these
comments. These comments are really helpful and make us realize how to
work in the Apache way. Thanks Justin!
We appreciate the help from the mentor group. Mentors are really
professional and helpful!
### Signed-off-by:
- [x] (MesaTEE) Felix Cheung
Comments:
- [X] (MesaTEE) Furkan Kamaci
Comments:
- [ ] (MesaTEE) Jianyong Dai
Comments:
- [x] (MesaTEE) Luciano Resende
Comments: For the rename, I would recommend only performing the rename
after a namesearch is completed. Please close the old one, and create a
new one for the new name.
- [x] (MesaTEE) Matt Sicker
Comments: Slow start, but renaming is being done early on to minimize
problems.
- [ ] (MesaTEE) Zhijie Shen
Comments:
### IPMC/Shepherd notes:
MesaTEE is a framework for universal secure computing
MesaTEE has been incubating since 2019-08-20.
### Three most important unfinished issues to address before graduating:
1.
2.
3.
### Are there any issues that the IPMC or ASF Board need to be aware of?
Slow starting up.
### How has the community developed since the last report?
Initial committers have not yet signed up to mailing lists
(only 4 subscribers, all mentors?)
### How has the project developed since the last report?
Initial setup in incubator (mailing list, whimsy).
### How would you assess the podling's maturity?
Please feel free to add your own commentary.
- [x] Initial setup
- [ ] Working towards first release
- [ ] Community building
- [ ] Nearing graduation
- [ ] Other:
### Date of last release:
(none)
### When were the last committers or PPMC members elected?
(none)
### Have your mentors been helpful and responsive?
No answer
### Signed-off-by:
- [ ] (mesatee) Felix Cheung
Comments:
- [X] (mesatee) Furkan Kamaci
Comments:
- [ ] (mesatee) Jianyong Dai
Comments:
- [X] (mesatee) Luciano Resende
Comments: Mailing lists were created Sep 24 and
Podling roaster is updated. Have requested
podling members to use mailing list and start
moving their git repositories.
- [x] (mesatee) Matt Sicker
Comments: I filed the account requests for all the initial
committers on 3 Oct as well as an initial suitable
name search ticket.
- [ ] (mesatee) Zhijie Shen
Comments:
### IPMC/Shepherd notes:
The project is just starting up and did not get a report ready this
month.
The champion need to work on migrating the initial committers and
eventually wider developer community to the apache.org mailing lists.
-stain