diff options
| author | Rey Lejano <rlejano@gmail.com> | 2021-04-21 14:51:03 -0700 |
|---|---|---|
| committer | Rey Lejano <rlejano@gmail.com> | 2021-04-21 14:51:03 -0700 |
| commit | 1c18ed3a38cae5aeb2696d74d5eccc0fc8b27170 (patch) | |
| tree | 5b37f0a2115125d83f2057cdb40baeffd61c7f69 | |
| parent | f35cd8f060c228f63fe1586a50bee66d5998b717 (diff) | |
Update RFP closure dates and audit timeline
| -rw-r--r-- | sig-security/security-audit-2021/RFP.md | 15 |
1 files changed, 9 insertions, 6 deletions
diff --git a/sig-security/security-audit-2021/RFP.md b/sig-security/security-audit-2021/RFP.md index 377f780f..52c50ce3 100644 --- a/sig-security/security-audit-2021/RFP.md +++ b/sig-security/security-audit-2021/RFP.md @@ -19,7 +19,7 @@ These findings, below, paint a broad picture of Kubernetes security, as of versi This subsequent audit is intended to be the second in a series of recurring audits, each focusing on a specific aspect of Kubernetes while maintaining coverage of all aspects that have changed since the previous audit ([1.13](../security-audit-2019/findings/)). -The scope of this audit is the most recent release (1.21 at the close of this RFP) of the core [Kubernetes project](https://github.com/kubernetes/kubernetes) and certain other code maintained by [Kubernetes SIGs](https://github.com/kubernetes-sigs/). +The scope of this audit is the most recent release at the close of this RFP of the core [Kubernetes project](https://github.com/kubernetes/kubernetes) and certain other code maintained by [Kubernetes SIGs](https://github.com/kubernetes-sigs/). This audit will focus on the following components of Kubernetes: @@ -63,9 +63,12 @@ If your proposal includes subcontractors, please include relevant details from t ### Anticipated Selection Schedule -This RFP will be open between 2021/02/08 and 2021/04/09. +This RFP will be open until 4 proposals have been received. +The RFP closing date will be set 1 calendar week after the fourth proposal is received. +The working group will announce the vendor selection 2 calendar weeks after the RFP closes. +Upon receipt of the fourth proposal, the working group will update the RFP closure date and vendor selection date in this document. -The working group will answer questions for the beginning of the RFP period. +The working group will answer questions for the RFP period. Questions can be submitted [here](https://docs.google.com/forms/d/e/1FAIpQLScjApMDAJ5o5pIBFKpJ3mUhdY9w5s9VYd_TffcMSvYH_O7-og/viewform). All questions will be answered publicly in this document. @@ -75,12 +78,12 @@ Proposals should be submitted to kubernetes-security-audit-2021@googlegroups.com * 2021/02/08: RFP Open, Question period open * 2021/03/26: Question period closes -* 2021/04/09: RFP Closes -* 2021/04/20: The working group will announce vendor selection +* TBD: RFP Closes +* TBD: The working group will announce vendor selection ## Methodology -We are allowing roughly 12 calendar weeks for this audit, start date can be negotiated after vendor selection. +The start and end dates will be negotiated after vendor selection. The timeline for this audit is flexible. The working group will establish a 60 minute kick-off meeting to answer any initial questions and discuss the Kubernetes architecture. |