From 0b48a55108a1c40300f72cc05868f0508b4a480b Mon Sep 17 00:00:00 2001 From: Lars Wirzenius Date: Mon, 15 Feb 2021 07:40:42 +0200 Subject: docs: update roadmap --- roadmap.mdwn | 40 +++++++++++++--------------------------- 1 file changed, 13 insertions(+), 27 deletions(-) diff --git a/roadmap.mdwn b/roadmap.mdwn index 9d77f47..f7ff707 100644 --- a/roadmap.mdwn +++ b/roadmap.mdwn @@ -8,38 +8,24 @@ data, and is ready to ask others to try the software. goal: label: "Lars can suggest to other they try Obnam" depends: - - encryption_ac - - releases - - configfile - - geninfo - - codecleanup + - encryption -encryption_ac: - label: "Subplot has initial set of scenarios for encryption" - -releases: - label: "There is a proper release of Obnam" +encryption: + label: "Obnam backups are encrypted well" depends: - - letsencrypt - -letsencrypt: - label: "Obnam server Ansible set up TLS cert with Let's Encrypt" - -configfile: - label: "There's an easy way to specify the default config file should be used" - status: finished + - encrypted_file_data + - encrypted_file_metadata + - encrypted_backup_metadata -summary: - label: "'obnam backup' writes a summary of the backup run" - status: finished +encrypted_file_data: + label: "Backed up file contents are encrypted" + status: next -geninfo: - label: "Obnam can show information about a generation" - depends: - - summary +encrypted_file_metadata: + label: "Metadata about encrypted files is encrypted" -codecleanup: - label: "LocalGeneration manages its own temporary files" +encrypted_backup_metadata: + label: "Metadata about backups is encrypted" ~~~ -- cgit v1.2.1 From 3723a0b6a910dc7c6066a9f7bc12114c52ee17d7 Mon Sep 17 00:00:00 2001 From: Lars Wirzenius Date: Mon, 15 Feb 2021 08:42:46 +0200 Subject: planning meeting for new iteration --- blog/2021/02/15/iteration.mdwn | 101 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 101 insertions(+) create mode 100644 blog/2021/02/15/iteration.mdwn diff --git a/blog/2021/02/15/iteration.mdwn b/blog/2021/02/15/iteration.mdwn new file mode 100644 index 0000000..d38038d --- /dev/null +++ b/blog/2021/02/15/iteration.mdwn @@ -0,0 +1,101 @@ +[[!meta title="Iteration planning: February 15"]] +[[!tag meeting]] +[[!meta date="Mon, 15 Feb 2021 07:42:15 +0200"]] + +# Assessment of the iteration that is ending + +The goal for the [iteration that has just ended][] was: + +> By the end of this iteration, Obnam will have a first draft of a the +> simplest threat model that is still useful, and documentation for +> its architecture and implementation to support evolution of the +> threat model in future iterations. +> +> A new release will be made at the end of the iteration. + +That goal was not reached. There is a (very) simple threat model. The +software architecture documentation was improved somewhat, and that +process may have to continue as long as the project is alive. However, +no release was made. There were relatively few code changes, so the +lack of a release is not a big problem, but it's a failure to uphold +the intended release cadence, and that's bad. + +[iteration that has just ended]: /blog/2021/01/31/iteration + +# Discussion + +There was discussion about [content addressable storage][], see +[[!issue 69]]. I am not convinced it's the right way to go, but the +discussion and the ticket aren't closed yet. + +Alexander Batischev did a trial run of Obnam on his own data ([[!issue +71]]). There were some problems, which will be addressed, hopefully +soon, each in their own issue. + +I wrote up a [[/contributing]] guide for Obnam. It's preliminary and +rough, and feedback is welcome. + +Other than that, I clearly took on too much work for this iteration, +and found it too hard to enjoy the development process. It also made +it hard to react to new input and interruptions. + +Much of the overload came from not leaving room for debugging: I spend +about a third of the time I had for this project and this iteration on +debugging a failure in my CI system. Debugging always takes time, and +it's never possible to estimate it beforehand, and yet it's always a +surprise how long it takes and when it needs to happen. I need to +allow more time for debugging. + +[content addressable storage]: https://en.wikipedia.org/wiki/Content-addressable_storage + + +# Goals + +## Goal for 1.0 (not changed this iteration) + +The goal for version 1.0 is for Obnam to be an utterly boring backup +solution for Linux command line users. It should just work, be +performant, secure, and well-documented. + +It is not a goal for version 1.0 to have been ported to other operating +systems, but if there are volunteers to do that, and to commit to +supporting their port, ports will be welcome. + +Other user interfaces is likely to happen only after 1.0. + +The server component will support multiple clients in a way that +doesn't let them see each other's data. It is not a goal for clients +to be able to share data, even if the clients trust each other. + +## Goal for the next few iterations (not changed for this iteration) + +The goal for next few iterations is to have Obnam support encryption +well. This will involve having a documented threat model, which has +been reviewed by all stakeholders participating in the project, and +Obnam defending against all the modeled threats. + +## This iteration + +By the end of this iteration, Obnam will have a plan for how to +implement encryption for the initial [threat model][] of the server +operator reading backed up data. This will cover the encryption +algorithm, how the encryption secret is handled, and Obnam can change +its encryption in the future. + +A new release will be made by the end of the iteration. + +[threat model]: https://doc.obnam.org/obnam.html#threat-model + + +# Tasks for this iteration + +For this iteration, I'm committed to resolving the following issues: +[[!issue 43]] (1h), +[[!issue 57]] (0.25h), +[[!issue 72]] (0.25h), +[[!issue 76]] (0.25h), +[[!issue 83]] (4h). + +Total of just under 6 hours, rough estimate. + +Created [[!milestone 5]] for this iteration. -- cgit v1.2.1