1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
|
[[!meta title="Iteration planning: February 15"]]
[[!tag meeting]]
[[!meta date="Mon, 15 Feb 2021 07:42:15 +0200"]]
# Assessment of the iteration that is ending
The goal for the [iteration that has just ended][] was:
> By the end of this iteration, Obnam will have a first draft of a the
> simplest threat model that is still useful, and documentation for
> its architecture and implementation to support evolution of the
> threat model in future iterations.
>
> A new release will be made at the end of the iteration.
That goal was not reached. There is a (very) simple threat model. The
software architecture documentation was improved somewhat, and that
process may have to continue as long as the project is alive. However,
no release was made. There were relatively few code changes, so the
lack of a release is not a big problem, but it's a failure to uphold
the intended release cadence, and that's bad.
[iteration that has just ended]: /blog/2021/01/31/iteration
# Discussion
There was discussion about [content addressable storage][], see
[[!issue 69]]. I am not convinced it's the right way to go, but the
discussion and the ticket aren't closed yet.
Alexander Batischev did a trial run of Obnam on his own data ([[!issue
71]]). There were some problems, which will be addressed, hopefully
soon, each in their own issue.
I wrote up a [[/contributing]] guide for Obnam. It's preliminary and
rough, and feedback is welcome.
Other than that, I clearly took on too much work for this iteration,
and found it too hard to enjoy the development process. It also made
it hard to react to new input and interruptions.
Much of the overload came from not leaving room for debugging: I spend
about a third of the time I had for this project and this iteration on
debugging a failure in my CI system. Debugging always takes time, and
it's never possible to estimate it beforehand, and yet it's always a
surprise how long it takes and when it needs to happen. I need to
allow more time for debugging.
[content addressable storage]: https://en.wikipedia.org/wiki/Content-addressable_storage
# Goals
## Goal for 1.0 (not changed this iteration)
The goal for version 1.0 is for Obnam to be an utterly boring backup
solution for Linux command line users. It should just work, be
performant, secure, and well-documented.
It is not a goal for version 1.0 to have been ported to other operating
systems, but if there are volunteers to do that, and to commit to
supporting their port, ports will be welcome.
Other user interfaces is likely to happen only after 1.0.
The server component will support multiple clients in a way that
doesn't let them see each other's data. It is not a goal for clients
to be able to share data, even if the clients trust each other.
## Goal for the next few iterations (not changed for this iteration)
The goal for next few iterations is to have Obnam support encryption
well. This will involve having a documented threat model, which has
been reviewed by all stakeholders participating in the project, and
Obnam defending against all the modeled threats.
## This iteration
By the end of this iteration, Obnam will have a plan for how to
implement encryption for the initial [threat model][] of the server
operator reading backed up data. This will cover the encryption
algorithm, how the encryption secret is handled, and Obnam can change
its encryption in the future.
A new release will be made by the end of the iteration.
[threat model]: https://doc.obnam.org/obnam.html#threat-model
# Tasks for this iteration
For this iteration, I'm committed to resolving the following issues:
[[!issue 43]] (1h),
[[!issue 57]] (0.25h),
[[!issue 72]] (0.25h),
[[!issue 76]] (0.25h),
[[!issue 83]] (4h).
Total of just under 6 hours, rough estimate.
Created [[!milestone 5]] for this iteration.
|
