toggle quoted messageShow quoted text
I am Jacob Wilson, previously a consultant in software security assurance and
offensive security testing... a servant leader and computer hacker of 15 years
:) I’ve held a number of
roles serving financial services, automotive OEMs, government, and internet service
Most pertinent to this election, I led the effort for Synopsys
to become the 3rd OpenChain Global Certifier, and first partner
in the service provider, vendor, and certifier categories. I subsequently
developed multiple consulting offerings focused on maturing OSPOs in multinational
companies. With formal mentors in leadership of our partnering SPDX standard, I
assembled the training and professional consulting services to accompany the
commercial tooling for open source scanning.
I have now moved client
side into the crypto and blockchain space, which allows me to step away from
the partnerships and have an unbiased role. I have dedicated my career to supply
chain security and am looking forward to fostering a sense of community within
OpenChain. Please consider me for the specification working group security candidate, and see my github, linkedin, https://twitter.com/jacobdjwilson/twitter,
and personal website for more details
and to stay in touch.
On Wed, Nov 16, 2022 at 4:04 AM Shane Coughlan <scoughlan@...
Steve, Helio, Jacob and Chris, I would like to invite you to share a brief bio of yourself in this thread to help our potential votes to understand who you are. Given our wide community, not everyone makes our calls, and may not know you from your active contributions there and on GitHub, etc.
> On Nov 16, 2022, at 9:59, Shane Coughlan via lists.openchainproject.org <scoughlan=linuxfoundation.org@...> wrote:
> OpenChain Specification Chair Election Period Now Open
> The OpenChain Project is running an election for co-chairs of the Specification Work Group. The election period is from today (2022-11-16) until 2022-11-22 Close of Business UTC.
> Here are our current nominees:
> • Steve Kilbane, Analog Devices
> • Helio Chissini de Castro, CARIAD
> • Jacob Wilson, Gemini
> • Chris Wood, Lockheed Martin
> Everyone is invited to vote for their preferred chairs. Here is how:
> • You have two votes.
> • One is licensing focused (Steve or Helio) and one is security focused (Jacob or Chris).
> • You can vote by (a) signing up to our Specification mailing list (because this mailing list is our single source of truth for specification work) and (b) sending an email to operations@... with the subject “Specification Chair Elections” and the following content:
> My name is NAME and my votes are as follows:
> NAME for licensing
> NAME for security
> YOUR NAME
> Some notes:
> • The email address ending your vote must be subscribed to the specification mailing list.
> • Any vote not provided in this format will be invalid.
> • You can vote for yourself.
> • You can only submit your votes once.
> More Details
> How we are running this election is split into two lengthy descriptions below. We are striving to do two things:
> • Create an open election process
> • Address the potential we have to have multiple domain experts sharing work
> Because this is our first major election for Specification Chair, the process may have some rough edges. If there are any critical issues, we will address them.
> How We Are Running The Elections
> The OpenChain Governing Board is formally considering who should be appointed by the board for the position(s) of OpenChain Specification Chairperson, and invites the broader OpenChain community to provide their perspective.
> In this process, the broader OpenChain community will have nominees proposed and voted on to provide a recommendation. That recommendation will be passed to the OpenChain Governing Board for review, approval and ratification at their next meeting.
> The specific process on behalf of the community is to undertake a voting process after a period of nomination. The community will vote in the following manner:
> Votes for chairpeople will be sent by email to operations@...(received by the OpenChain General Manager and Project Manager).
> Each member of our specification@ can cast *one* vote. All members of main@ are entitled to join specification@. The requirement to join the specification list is to maintain that list as the “single source of truth” for our specification-editing and other core specification work.
> The votes will be tallied by the General Manager and prepared for the OpenChain Governing Board to review.
> The tally will be reported to the OpenChain governing board. Their feedback and final decision will be provided to the community-at-large after their next formal governing board meeting.
> For the 2022 OpenChain Specification Work Group elections the following notes are provided:
> (1) we are operationally splitting the specification work group into two work groups: licensing and security, reflecting our two specifications in-market.
> (2) for *this* specific election, we will split the election into two threads: one license biased (two nominees) and one security biased (two nominees). The result will be two chairs to fill the co-chair positions after approval by the OpenChain Governing Board.
> (3) this means everyone on specification@ should vote for:
> (i) their preferred choice for license work group chair;
> (I) their preferred choice for security work group chair.
> (4) these votes may be cast between the 16th and 22nd of November 2022.
> (5) the OpenChain Governing Board will receive the tally of votes expressing community feedback, and will review it formally at their next meeting on the 8th of December 2022.
> (6) it is expected that at this juncture the community will receive a response from the OpenChain Governing Board regarding their decision(s) around specification chairperson(s) circa 9th December 2022, and our new specification chairs will begin their term of office prior to 2023.
> This process may be adjusted at any time by the governing board, and feedback to improve the process is always welcome, with the optic of ensuring that we continually refine the process as time progresses.
> For This Specific Election
> For the nomination period, we happen to have two people well versed in license compliance (Steve and Helio) and two people with a security background (Jacob and Chris). This suggest that our co-chair election – for *this* specific election, should break into two threads: one license biased (two nominees) and one security biased (two nominees). The result will be two chairs to fill the co-chair positions after approval by the OpenChain Governing Board.
> However, for clarity, the intent is not to split the development of our licensing and security specifications into two different paths. The intent is that both chairs will work on both specifications by helping to collect community feedback and so on, with this feedback being provided to the Steering Committee for formal review and ratification if and when we decide to produce new versions of our standards.