Closed brianwarner closed 2 years ago
Hi @brianwarner, thank you very much for bringing this up! I would very much like to see all/most CCC projects involved with GSoC and other mentorship programs. I believe they'll help us to promote Confidential Computing and grow a healthy community!
Much like Outreachy, we are hoping to apply to GSoC as a Consortium if there's enough interest (instead of just Enarx alone):
https://github.com/enarx/outreach/issues/15
I'm also in touch with the leadership behind LFX Tools, who has been very supportive. I believe all CCC projects can benefit from LFX tools like Mentorship and Insights.
We just released a Fellowship Guide, which I tried to keep as generic as possible so that other CCC projects could use as a baseline:
https://enarx.dev/docs/Fellowship/Introduction
Some relevant blog posts are available here:
https://blog.enarx.dev/confidential-computing-fellowship/
https://blog.enarx.dev/welcome-outreachy-interns/
https://blog.enarx.dev/lfx-mentorship/
I'll be speaking more about this with @stephenrwalli next week.
@dthaler was also kind enough to add this topic as part of the TAC Tech Talk (just confirmed for the 10th of February).
Hopefully the CCC can establish a mentorship program as mature as CNCF's, which should serve as an inspiration:
https://github.com/cncf/mentoring
Please count on me to move this forward!
@brianwarner @nickvidal I would like to contribute to your organization. Also, I have seen you are going to take part in GSOC, LFX Mentorship would like to join that program too. Is there any community channel?
Hoping to hear from you soon!
Attested SSH
With the move within the industry to blind hypervisors, there is going to be a trend where cloud providers provision customer provided VM images into realms. However, how can the customer be sure that the VM they are communicating with (typically via SSH, at least to start) is inside a realm and the image they provided? This proposal will integrate an attestation flow into the SSH protocol, to assure users of these facts. As a first step, this should be done with AWS Nitro enclaves (as this is likely the easiest), but can be extended to other technologies, such as AMD SEV, Intel SGX, or Arm CCA. Ideally, the solution will utilize the Proxy Attestation infrastructure from the Veracruz project.
Users should have the option of transparently SSHing into protected VMs and automatically be assured that it is protected and is their image. It should be as easy as SSH is today, to encourage client take-up.
The usability of the SSH connection should be the same as one without attestation.
175 hours
medium
Unfortunately we received notice yesterday that our projects weren't accepted this year. Thank you mentors for offering to be a part of this!
Separately, @nickvidal notes that CCC has been accepted for Outreachy (thanks for coordinating this, Nick). We can handle that in a separate discussion. I'll close this issue for now.
Unfortunately we received notice yesterday that our projects weren't accepted this year. Thank you mentors for offering to be a part of this!
hi Brian, quick question: was the reject reason communicated in some way?
Hi @thomas-fossati, this is the message that we got:
Thank you for applying to be a Google Summer of Code 2022 mentor organization. Sadly, we were unable to accept Confidential Computing Consortium this year. We had many more applications than available slots. We hope you will apply again in the future!
This is the official blog post from GSoC:
https://opensource.googleblog.com/2022/03/Google-Summer-of-Code-2022-mentoring-orgs-revealed.html
After reviewing over 350 mentoring organization applications, we are excited to announce that 203 open source projects have been selected for Google Summer of Code (GSoC) 2022. This year we are welcoming 32 new organizations to mentor GSoC contributors.
The first time an organization is approved for GSoC, it can select 2 interns maximum. Ideally we want to achieve a state where every CCC project can receive 1 intern.
I hope we can try again next year.
But we have been accepted for Outreachy and the good news is that in this case we can have up to 6 interns overall.
I'm glad to see that Arm has some mentors available. I've been able to speak with folks from Veracruz about this.
Let's schedule a call to move this forward.
We received an email a few days ago that the GSoC application period for open source projects will be Feb 7 - Feb 21.
If this is something we want to participate in as the CCC, we'll need to assemble the following:
This year projects can be for 175 hours or 350 hours. This corresponds roughly to five or nine weeks, plus a three week bonding period between student acceptance and the beginning of the work.
I'd like to recommend the following process. Please add any ideas or indicate willingness to be a mentor in comments on this thread prior to February 7. If we have enough ideas (per Google, at least four) and paired mentors on February 7th to form a viable application, I will assemble the suggestions into an ideas page and submit the application prior to the program deadline.
Here are some reference documents regarding GSoC:
Finally, if projects in the CCC community want to apply to GSoC directly, this is of course wonderful and encouraged, especially if they have an internal process for matching ideas with mentors. The intent of this particular thread is to organize interest from any projects that don't plan to apply on their own and would like to use Consortium resources to help coordinate this process.
Ideas
If you have a project idea, here's a template with the questions we'll need to answer on the application:
Mentoring
If you're willing to be a lead mentor or co-mentor for an idea someone else proposed, please add a comment to this thread and link to the idea you'd like to help with.
If you do volunteer, please ensure you can provide whatever level of mentorship you've offered should the idea be funded. This is to ensure we can meet our commitments to the students and to the program.
If you have any questions, please ask!