Date   

OpenChain agenda 10/19

Kelly Williams
 

Hi –

 

Here’s the agenda for our next call on Monday, 10/19 at 9am Pacific.

 

       Supply Chain Mini-Summit recap (All Summit Attendees)

       Review edits on Etherpad from F2F (Team discussion) - http://etherpad.wikimedia.org/p/openchain

       Purpose statement proposal

 

Conference Number: +1 (415) 906-5657 Pin: 88326
UberConference URL: http://uberconference.com/mdolan

 

For international call instructions, please visit the website below. Please note you will have to enter the US Conference number as part of the instructions: http://www.uberconference.com/international/access

 

Screen share (if used): go to http://uberconference.com/mdolan

 

Thanks,

Kelly

 


Re: OpenChain spec v0.1

Kelly Williams
 

Thanks, Sami and Jilayne.  I added the purpose statement to the Etherpad and included it on the agenda for Monday. 

 

From: Jilayne Lovejoy [mailto:Jilayne.Lovejoy@...]
Sent: Thursday, October 15, 2015 3:09 PM
To: Marr, David; Sami Atabani; openchain@...; Williams, Kelly
Subject: Re: [OpenChain] OpenChain spec v0.1

 

Agreed!! :)

 

I think the “purpose” of OpenChain is to establish best practices / guidelines / roadmap (whatever we call it) that supports achieving the goals for the effective management of OSS.  Those goals being, in sum: <insert Sami’s text>

 

This all reminds me - are we supposed to come with a “mission statement” and “purpose” or “vision” or some other such corporate internal marketing–speak, which I’m never quite good at… and never quite sure of the distinction between…

 

I suppose, if I were to take a stab and extend the purpose and goals of OpenChain to what our vision would be (vision = the OpenChain vision of the future!!) it might be:

  • that all (most?) companies in the supply chain follow internal policies and procedures that realize the following goals <Sami’s text>
  • Via collaboratively developed and openly provide guidelines  (the actual stuff OpenChain develops)

 

Oh my… must stop typing now… 

 

Jilayne

 

On 10/14/15, 6:28 PM, "openchain-bounces@... on behalf of Marr, David" <openchain-bounces@... on behalf of dmarr@...> wrote:

 

My impression is that this seems to be a very good capture of our purpose.  Dave

 

From: openchain-bounces@... [mailto:openchain-bounces@...] On Behalf Of Sami Atabani
Sent: Wednesday, October 14, 2015 2:07 PM
To: openchain@...; Williams, Kelly
Subject: Re: [OpenChain] OpenChain spec v0.1

 

Hi Kelly,

 

Unfortunately, I won’t be able to join the next session on Monday due to travel commitment but would be happy for this to be discussed during my absence or delayed for next time.

 

My thoughts are captured below and can be used as the basis for defining the purpose:

 

  • A clear OSS approval process
    • Review and approve incoming OSS based on use case and applicable licence
    • Identify obligations based on licence and use case
    • Track and record key OSS details
  • Verify what OSS is used and distributed in products/deliverables prior to release
    • Identify a bill of material for all OSS used within a product/deliverable through automated scans and/or visual inspections
    • Compare against the list of approved OSS and address any discrepancies
  • Compliance with applicable obligations & post-contract management
    • Confirm that obligations have been fulfilled and put auditable process in place to verify compliance
    • Ensure any outwards licence compatibility issues are considered and addressed

 

I hope this will be useful.

 

Best regards,

 

Sami

 

From:openchain-bounces@... [mailto:openchain-bounces@...] On Behalf Of Sami Atabani
Sent: 07 October 2015 15:41
To: Williams, Kelly; openchain@...
Subject: Re: [OpenChain] OpenChain spec v0.1

 

Hi Kelly,

 

One thought occurred to me while looking at the clean document and was planning to raise during our next session is to have a summary of our initiative at the top of the document to capture the purpose. Perhaps this is something that we can add to our agenda for next time?

 

Best regards,

 

Sami

 

From:openchain-bounces@... [mailto:openchain-bounces@...] On Behalf Of Williams, Kelly
Sent: 06 October 2015 23:11
To:
openchain@...
Subject: [OpenChain] OpenChain spec v0.1

 

Hi Everyone,

 

We’ve done the first pass on cleaning up the spec in particular changing the language to imperative language.  Version 0.1 is now posted on the Etherpad (https://etherpad.wikimedia.org/p/openchain) and the original spec is archived on the wiki.

 

Let me know if you have any questions regarding the scope of the clean-up.

 

Best regards,
Kelly


-- IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

ARM Limited, Registered office 110 Fulbourn Road, Cambridge CB1 9NJ, Registered in England & Wales, Company No: 2557590
ARM Holdings plc, Registered office 110 Fulbourn Road, Cambridge CB1 9NJ, Registered in England & Wales, Company No: 2548782


-- IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

ARM Limited, Registered office 110 Fulbourn Road, Cambridge CB1 9NJ, Registered in England & Wales, Company No: 2557590
ARM Holdings plc, Registered office 110 Fulbourn Road, Cambridge CB1 9NJ, Registered in England & Wales, Company No: 2548782


-- IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

ARM Limited, Registered office 110 Fulbourn Road, Cambridge CB1 9NJ, Registered in England & Wales, Company No: 2557590
ARM Holdings plc, Registered office 110 Fulbourn Road, Cambridge CB1 9NJ, Registered in England & Wales, Company No: 2548782


Re: OpenChain spec v0.1

Dave Marr
 

Yes, and while I’m not sure if this belongs as part of purpose or somewhere else, as a comment on a desired future state – the way different companies will have implemented their OSS management is sufficiently consistent with a normative process standard (OpenChain!) to allow the upstream diligence effort to be potentially more useful to downstream recipients.

 

IMO this is a key value driver -- being a good community citizen; while also getting cost savings; while also reducing time-to-market; while also achieving risk reduction.

 

Yes, we need to capture some of these points in a pitch deck to help folks on this list to get buy-in from their internal stakeholders.  Think I’m the stuckee for that deck which probably explains why it’s not done yet.

 

BTW we had terrific traction at the F2F (thanks to Kate), looking forward to the recap at our next call.

 

From: Jilayne Lovejoy [mailto:Jilayne.Lovejoy@...]
Sent: Thursday, October 15, 2015 3:09 PM
To: Marr, David; Sami Atabani; openchain@...; Williams, Kelly
Subject: Re: [OpenChain] OpenChain spec v0.1

 

Agreed!! :)

 

I think the “purpose” of OpenChain is to establish best practices / guidelines / roadmap (whatever we call it) that supports achieving the goals for the effective management of OSS.  Those goals being, in sum: <insert Sami’s text>

 

This all reminds me - are we supposed to come with a “mission statement” and “purpose” or “vision” or some other such corporate internal marketing–speak, which I’m never quite good at… and never quite sure of the distinction between…

 

I suppose, if I were to take a stab and extend the purpose and goals of OpenChain to what our vision would be (vision = the OpenChain vision of the future!!) it might be:

  • that all (most?) companies in the supply chain follow internal policies and procedures that realize the following goals <Sami’s text>
  • Via collaboratively developed and openly provide guidelines  (the actual stuff OpenChain develops)

 

Oh my… must stop typing now… 

 

Jilayne

 

On 10/14/15, 6:28 PM, "openchain-bounces@... on behalf of Marr, David" <openchain-bounces@... on behalf of dmarr@...> wrote:

 

My impression is that this seems to be a very good capture of our purpose.  Dave

 

From: openchain-bounces@... [mailto:openchain-bounces@...] On Behalf Of Sami Atabani
Sent: Wednesday, October 14, 2015 2:07 PM
To: openchain@...; Williams, Kelly
Subject: Re: [OpenChain] OpenChain spec v0.1

 

Hi Kelly,

 

Unfortunately, I won’t be able to join the next session on Monday due to travel commitment but would be happy for this to be discussed during my absence or delayed for next time.

 

My thoughts are captured below and can be used as the basis for defining the purpose:

 

  • A clear OSS approval process
    • Review and approve incoming OSS based on use case and applicable licence
    • Identify obligations based on licence and use case
    • Track and record key OSS details
  • Verify what OSS is used and distributed in products/deliverables prior to release
    • Identify a bill of material for all OSS used within a product/deliverable through automated scans and/or visual inspections
    • Compare against the list of approved OSS and address any discrepancies
  • Compliance with applicable obligations & post-contract management
    • Confirm that obligations have been fulfilled and put auditable process in place to verify compliance
    • Ensure any outwards licence compatibility issues are considered and addressed

 

I hope this will be useful.

 

Best regards,

 

Sami

 

From:openchain-bounces@... [mailto:openchain-bounces@...] On Behalf Of Sami Atabani
Sent: 07 October 2015 15:41
To: Williams, Kelly; openchain@...
Subject: Re: [OpenChain] OpenChain spec v0.1

 

Hi Kelly,

 

One thought occurred to me while looking at the clean document and was planning to raise during our next session is to have a summary of our initiative at the top of the document to capture the purpose. Perhaps this is something that we can add to our agenda for next time?

 

Best regards,

 

Sami

 

From:openchain-bounces@... [mailto:openchain-bounces@...] On Behalf Of Williams, Kelly
Sent: 06 October 2015 23:11
To:
openchain@...
Subject: [OpenChain] OpenChain spec v0.1

 

Hi Everyone,

 

We’ve done the first pass on cleaning up the spec in particular changing the language to imperative language.  Version 0.1 is now posted on the Etherpad (https://etherpad.wikimedia.org/p/openchain) and the original spec is archived on the wiki.

 

Let me know if you have any questions regarding the scope of the clean-up.

 

Best regards,
Kelly


-- IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

ARM Limited, Registered office 110 Fulbourn Road, Cambridge CB1 9NJ, Registered in England & Wales, Company No: 2557590
ARM Holdings plc, Registered office 110 Fulbourn Road, Cambridge CB1 9NJ, Registered in England & Wales, Company No: 2548782


-- IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

ARM Limited, Registered office 110 Fulbourn Road, Cambridge CB1 9NJ, Registered in England & Wales, Company No: 2557590
ARM Holdings plc, Registered office 110 Fulbourn Road, Cambridge CB1 9NJ, Registered in England & Wales, Company No: 2548782


-- IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

ARM Limited, Registered office 110 Fulbourn Road, Cambridge CB1 9NJ, Registered in England & Wales, Company No: 2557590
ARM Holdings plc, Registered office 110 Fulbourn Road, Cambridge CB1 9NJ, Registered in England & Wales, Company No: 2548782


Re: OpenChain spec v0.1

Jilayne Lovejoy <Jilayne.Lovejoy@...>
 

Agreed!! :)

I think the “purpose” of OpenChain is to establish best practices / guidelines / roadmap (whatever we call it) that supports achieving the goals for the effective management of OSS.  Those goals being, in sum: <insert Sami’s text>

This all reminds me - are we supposed to come with a “mission statement” and “purpose” or “vision” or some other such corporate internal marketing–speak, which I’m never quite good at… and never quite sure of the distinction between…

I suppose, if I were to take a stab and extend the purpose and goals of OpenChain to what our vision would be (vision = the OpenChain vision of the future!!) it might be:
  • that all (most?) companies in the supply chain follow internal policies and procedures that realize the following goals <Sami’s text>
  • Via collaboratively developed and openly provide guidelines  (the actual stuff OpenChain develops)

Oh my… must stop typing now… 

Jilayne

On 10/14/15, 6:28 PM, "openchain-bounces@... on behalf of Marr, David" <openchain-bounces@... on behalf of dmarr@...> wrote:

My impression is that this seems to be a very good capture of our purpose.  Dave

 

From: openchain-bounces@... [mailto:openchain-bounces@...] On Behalf Of Sami Atabani
Sent: Wednesday, October 14, 2015 2:07 PM
To: openchain@...; Williams, Kelly
Subject: Re: [OpenChain] OpenChain spec v0.1

 

Hi Kelly,

 

Unfortunately, I won’t be able to join the next session on Monday due to travel commitment but would be happy for this to be discussed during my absence or delayed for next time.

 

My thoughts are captured below and can be used as the basis for defining the purpose:

 

  • A clear OSS approval process
    • Review and approve incoming OSS based on use case and applicable licence
    • Identify obligations based on licence and use case
    • Track and record key OSS details
  • Verify what OSS is used and distributed in products/deliverables prior to release
    • Identify a bill of material for all OSS used within a product/deliverable through automated scans and/or visual inspections
    • Compare against the list of approved OSS and address any discrepancies
  • Compliance with applicable obligations & post-contract management
    • Confirm that obligations have been fulfilled and put auditable process in place to verify compliance
    • Ensure any outwards licence compatibility issues are considered and addressed

 

I hope this will be useful.

 

Best regards,

 

Sami

 

From:openchain-bounces@... [mailto:openchain-bounces@...] On Behalf Of Sami Atabani
Sent: 07 October 2015 15:41
To: Williams, Kelly; openchain@...
Subject: Re: [OpenChain] OpenChain spec v0.1

 

Hi Kelly,

 

One thought occurred to me while looking at the clean document and was planning to raise during our next session is to have a summary of our initiative at the top of the document to capture the purpose. Perhaps this is something that we can add to our agenda for next time?

 

Best regards,

 

Sami

 

From:openchain-bounces@... [mailto:openchain-bounces@...] On Behalf Of Williams, Kelly
Sent: 06 October 2015 23:11
To:
openchain@...
Subject: [OpenChain] OpenChain spec v0.1

 

Hi Everyone,

 

We’ve done the first pass on cleaning up the spec in particular changing the language to imperative language.  Version 0.1 is now posted on the Etherpad (https://etherpad.wikimedia.org/p/openchain) and the original spec is archived on the wiki.

 

Let me know if you have any questions regarding the scope of the clean-up.

 

Best regards,
Kelly


-- IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

ARM Limited, Registered office 110 Fulbourn Road, Cambridge CB1 9NJ, Registered in England & Wales, Company No: 2557590
ARM Holdings plc, Registered office 110 Fulbourn Road, Cambridge CB1 9NJ, Registered in England & Wales, Company No: 2548782


-- IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

ARM Limited, Registered office 110 Fulbourn Road, Cambridge CB1 9NJ, Registered in England & Wales, Company No: 2557590
ARM Holdings plc, Registered office 110 Fulbourn Road, Cambridge CB1 9NJ, Registered in England & Wales, Company No: 2548782


-- IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

ARM Limited, Registered office 110 Fulbourn Road, Cambridge CB1 9NJ, Registered in England & Wales, Company No: 2557590
ARM Holdings plc, Registered office 110 Fulbourn Road, Cambridge CB1 9NJ, Registered in England & Wales, Company No: 2548782


Re: OpenChain spec v0.1

Dave Marr
 

My impression is that this seems to be a very good capture of our purpose.  Dave

 

From: openchain-bounces@... [mailto:openchain-bounces@...] On Behalf Of Sami Atabani
Sent: Wednesday, October 14, 2015 2:07 PM
To: openchain@...; Williams, Kelly
Subject: Re: [OpenChain] OpenChain spec v0.1

 

Hi Kelly,

 

Unfortunately, I won’t be able to join the next session on Monday due to travel commitment but would be happy for this to be discussed during my absence or delayed for next time.

 

My thoughts are captured below and can be used as the basis for defining the purpose:

 

  • A clear OSS approval process
    • Review and approve incoming OSS based on use case and applicable licence
    • Identify obligations based on licence and use case
    • Track and record key OSS details
  • Verify what OSS is used and distributed in products/deliverables prior to release
    • Identify a bill of material for all OSS used within a product/deliverable through automated scans and/or visual inspections
    • Compare against the list of approved OSS and address any discrepancies
  • Compliance with applicable obligations & post-contract management
    • Confirm that obligations have been fulfilled and put auditable process in place to verify compliance
    • Ensure any outwards licence compatibility issues are considered and addressed

 

I hope this will be useful.

 

Best regards,

 

Sami

 

From: openchain-bounces@... [mailto:openchain-bounces@...] On Behalf Of Sami Atabani
Sent: 07 October 2015 15:41
To: Williams, Kelly; openchain@...
Subject: Re: [OpenChain] OpenChain spec v0.1

 

Hi Kelly,

 

One thought occurred to me while looking at the clean document and was planning to raise during our next session is to have a summary of our initiative at the top of the document to capture the purpose. Perhaps this is something that we can add to our agenda for next time?

 

Best regards,

 

Sami

 

From: openchain-bounces@... [mailto:openchain-bounces@...] On Behalf Of Williams, Kelly
Sent: 06 October 2015 23:11
To:
openchain@...
Subject: [OpenChain] OpenChain spec v0.1

 

Hi Everyone,

 

We’ve done the first pass on cleaning up the spec in particular changing the language to imperative language.  Version 0.1 is now posted on the Etherpad (https://etherpad.wikimedia.org/p/openchain) and the original spec is archived on the wiki.

 

Let me know if you have any questions regarding the scope of the clean-up.

 

Best regards,
Kelly


-- IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

ARM Limited, Registered office 110 Fulbourn Road, Cambridge CB1 9NJ, Registered in England & Wales, Company No: 2557590
ARM Holdings plc, Registered office 110 Fulbourn Road, Cambridge CB1 9NJ, Registered in England & Wales, Company No: 2548782


-- IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

ARM Limited, Registered office 110 Fulbourn Road, Cambridge CB1 9NJ, Registered in England & Wales, Company No: 2557590
ARM Holdings plc, Registered office 110 Fulbourn Road, Cambridge CB1 9NJ, Registered in England & Wales, Company No: 2548782


Re: OpenChain spec v0.1

Sami Atabani
 

Hi Kelly,

 

Unfortunately, I won’t be able to join the next session on Monday due to travel commitment but would be happy for this to be discussed during my absence or delayed for next time.

 

My thoughts are captured below and can be used as the basis for defining the purpose:

 

  • A clear OSS approval process
    • Review and approve incoming OSS based on use case and applicable licence
    • Identify obligations based on licence and use case
    • Track and record key OSS details
  • Verify what OSS is used and distributed in products/deliverables prior to release
    • Identify a bill of material for all OSS used within a product/deliverable through automated scans and/or visual inspections
    • Compare against the list of approved OSS and address any discrepancies
  • Compliance with applicable obligations & post-contract management
    • Confirm that obligations have been fulfilled and put auditable process in place to verify compliance
    • Ensure any outwards licence compatibility issues are considered and addressed

 

I hope this will be useful.

 

Best regards,

 

Sami

 

From: openchain-bounces@... [mailto:openchain-bounces@...] On Behalf Of Sami Atabani
Sent: 07 October 2015 15:41
To: Williams, Kelly; openchain@...
Subject: Re: [OpenChain] OpenChain spec v0.1

 

Hi Kelly,

 

One thought occurred to me while looking at the clean document and was planning to raise during our next session is to have a summary of our initiative at the top of the document to capture the purpose. Perhaps this is something that we can add to our agenda for next time?

 

Best regards,

 

Sami

 

From: openchain-bounces@... [mailto:openchain-bounces@...] On Behalf Of Williams, Kelly
Sent: 06 October 2015 23:11
To:
openchain@...
Subject: [OpenChain] OpenChain spec v0.1

 

Hi Everyone,

 

We’ve done the first pass on cleaning up the spec in particular changing the language to imperative language.  Version 0.1 is now posted on the Etherpad (https://etherpad.wikimedia.org/p/openchain) and the original spec is archived on the wiki.

 

Let me know if you have any questions regarding the scope of the clean-up.

 

Best regards,
Kelly


-- IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

ARM Limited, Registered office 110 Fulbourn Road, Cambridge CB1 9NJ, Registered in England & Wales, Company No: 2557590
ARM Holdings plc, Registered office 110 Fulbourn Road, Cambridge CB1 9NJ, Registered in England & Wales, Company No: 2548782


-- IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

ARM Limited, Registered office 110 Fulbourn Road, Cambridge CB1 9NJ, Registered in England & Wales, Company No: 2557590
ARM Holdings plc, Registered office 110 Fulbourn Road, Cambridge CB1 9NJ, Registered in England & Wales, Company No: 2548782


French white paper on FOSS (from Bruno)

Kate Stewart
 

---------- Forwarded message ----------
From: Bruno Cornec <Bruno.Cornec@...>
To: openchain@...
Cc: 
Date: Thu, 8 Oct 2015 13:55:38 +0200
Subject: French white paper on FOSS
As discussed during our meeting, I've been participating to an effort in
France to help companies adopting best practices around projects leading
and control in a FOSS context. This was a one and half year work done as part of the french association gathering lots of digital companies where
I was the HP representative.

An online version is here:
http://fr.slideshare.net/syntec_numerique/guide-open-sourcebdef

I attached the PDF version I had for convenience. It contains a license
diagram also as discussed.

If translation is needed (and I guess it'd need ;-), I can work on this as time permits... But IANAL so some parts would be very difficult to
translate for me and may also be linked to french law.

HTH,
Bruno.
-- 
Open Source Profession, Linux Community Lead WW  http://opensource.hp.com
HP EMEA EG Open Source Technology Strategist         http://hpintelco.net
FLOSS projects:     http://mondorescue.org     http://project-builder.org Musique ancienne? http://www.musique-ancienne.orghttp://www.medieval.org


Re: OpenChain spec v0.1

Jim Hutchison
 

That sounds like a great idea.  It will help set the tone/context for the document.

Regards,

Jim

At 07:41 AM 10/7/2015, Sami Atabani wrote:

Hi Kelly,
 
One thought occurred to me while looking at the clean document and was planning to raise during our next session is to have a summary of our initiative at the top of the document to capture the purpose. Perhaps this is something that we can add to our agenda for next time?
 
Best regards,
 
Sami
 
From: openchain-bounces@... [ mailto:openchain-bounces@...] On Behalf Of Williams, Kelly
Sent: 06 October 2015 23:11
To: openchain@...
Subject: [OpenChain] OpenChain spec v0.1
 
Hi Everyone,
 
Weve done the first pass on cleaning up the spec in particular changing the language to imperative language.  Version 0.1 is now posted on the Etherpad ( https://etherpad.wikimedia.org/p/openchain) and the original spec is archived on the wiki.
 
Let me know if you have any questions regarding the scope of the clean-up.
 
Best regards,
Kelly

-- IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

ARM Limited, Registered office 110 Fulbourn Road, Cambridge CB1 9NJ, Registered in England & Wales, Company No: 2557590
ARM Holdings plc, Registered office 110 Fulbourn Road, Cambridge CB1 9NJ, Registered in England & Wales, Company No: 2548782
_______________________________________________
OpenChain mailing list
OpenChain@...
https://lists.linuxfoundation.org/mailman/listinfo/openchain


Re: OpenChain spec v0.1

Sami Atabani
 

Hi Kelly,

 

One thought occurred to me while looking at the clean document and was planning to raise during our next session is to have a summary of our initiative at the top of the document to capture the purpose. Perhaps this is something that we can add to our agenda for next time?

 

Best regards,

 

Sami

 

From: openchain-bounces@... [mailto:openchain-bounces@...] On Behalf Of Williams, Kelly
Sent: 06 October 2015 23:11
To: openchain@...
Subject: [OpenChain] OpenChain spec v0.1

 

Hi Everyone,

 

We’ve done the first pass on cleaning up the spec in particular changing the language to imperative language.  Version 0.1 is now posted on the Etherpad (https://etherpad.wikimedia.org/p/openchain) and the original spec is archived on the wiki.

 

Let me know if you have any questions regarding the scope of the clean-up.

 

Best regards,
Kelly


-- IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

ARM Limited, Registered office 110 Fulbourn Road, Cambridge CB1 9NJ, Registered in England & Wales, Company No: 2557590
ARM Holdings plc, Registered office 110 Fulbourn Road, Cambridge CB1 9NJ, Registered in England & Wales, Company No: 2548782


OpenChain spec v0.1

Kelly Williams
 

Hi Everyone,

 

We’ve done the first pass on cleaning up the spec in particular changing the language to imperative language.  Version 0.1 is now posted on the Etherpad (https://etherpad.wikimedia.org/p/openchain) and the original spec is archived on the wiki.

 

Let me know if you have any questions regarding the scope of the clean-up.

 

Best regards,
Kelly


OpenChain meeting

Kelly Williams
 

Hi Everyone,

 

We are cancelling Monday’s meeting as some folks may be in Dublin for LinuxCon next week.  There will be a F2F working session following LinuxCon, as part of the Supply Chain mini-summit on Thurs, 10/8.  If you haven’t registered yet, please do so (see attached email). 

 

Regards,

Kelly   


Canceled Event: OpenChain Working Group (First and Third Monday each month) @ Mon Oct 5, 2015 12pm - 1pm (mdolan@linuxfoundation.org)

mdolan@...
 

This event has been canceled and removed from your calendar.

OpenChain Working Group (First and Third Monday each month)

Sending an updated invitation as the group decided to move the calls to the first and third Monday of each month. There are two invites - one for the first Monday and the second for the third Monday.

Audio portion:

Conference Number: +1 (415) 906-5657 Pin: 88326
UberConference URL: http://uberconference.com/mdolan

For international call instructions, please visit the website below. Please note you will have to enter the US Conference number as part of the instructions:
http://www.uberconference.com/international/access

Screen share (if used): go to http://uberconference.com/mdolan

When
Mon Oct 5, 2015 12pm – 1pm Eastern Time
Where
Conference Number: +1 (415) 906-5657 Pin: 88326 UberConference URL: http://uberconference.com/mdolan (map)
Calendar
mdolan@...
Who
Michael Dolan - organizer
mishi@...
mike.nesheiwat@...
lisa_laforge@...
mccoy.smith@...
hutch@...
sami.atabani@...
zoe.rose@...
mark.radcliffe@...
ibrahim.h@...
andrew.wilson@...
openchain@...
berrendo@...
angela_ziegenhorn@...
ziegenhorn@...
vondavid@...
douglas.cardwell@...
hook@...
Scott Nicholas
Kate Stewart
shane@...

Invitation from Google Calendar

You are receiving this courtesy email at the account openchain@... because you are an attendee of this event.

To stop receiving future updates for this event, decline this event. Alternatively you can sign up for a Google account at https://www.google.com/calendar/ and control your notification settings for your entire calendar.

Forwarding this invitation could allow any recipient to modify your RSVP response. Learn More.


OpenChain meeting agenda 9/21

Kelly Williams
 

Hi Everyone,

 

Here’s the agenda for our next meeting on Mon, 9/21 at 9am (Pacific).

 

       Supply Chain Mini-Summit

       Continue on Etherpad - http://etherpad.wikimedia.org/p/openchain

       Discuss G:6 and clean-up using imperative language

 

There are some edits made to Goal 6 and it would be helpful to come prepared with comments/feedback. 

 

Conference Number: +1 (415) 906-5657 Pin: 88326
UberConference URL:
http://uberconference.com/mdolan

 

For international call instructions, please visit the website below. Please note you will have to enter the US Conference number as part of the instructions: http://www.uberconference.com/international/access

 

Screen share (if used): go to http://uberconference.com/mdolan

 

Looking forward to the next call.  Have a great weekend!

 

Regards,
Kelly

 


Re: OpenChain

RUFFIN, MICHEL (MICHEL) <michel.ruffin@...>
 

I think that the openchain work requires a kind of certification

 

It can be done on two different ways

·         The CMMI way, we do internal audit to check our compliance and then external companies can audit us  by auditing a sample of the company products. This is a bit costly but might be requested by our customer in the future.

·         The second way is to do internal audit and publish on a dedicated web page hosted by the Linux foundation our declaration (this is the method we choose for certifying Carrier grade Linux in the past). This is based on confidence.

 

In any way ALU has a strong FOSS governance process, but it is difficult for me to know if it is implemented everywhere so What we have done is to make tutorial mandatory to follow, we also put that in the package for new hired people, the role of our FOSS experts is now described and recognized by our HR department, we are also putting in place a recognition program to be sure that they are empowered and I was thinking that next step would be to do internal audits. But our customers put more and more conditions on FOSS in their contract so perhaps I will not need to go to internal audits because our Business lines are very sensitive to customer requests, but this is perhaps specific to telecom because we have not too many customers, there is around 2000 Network operators in the world while some industries have million of customers, so the customer pressure is very low.

 

Now I also investigate to have a certificate of compliance per ALU product that we can provide to our customers with different levels

1)      the list of FOSS, their license etc. is available for the product

2)      1 + a tool like blacduck, palamida, protecode and their competitors have been run on the product and we can provide the tool report

3)      2 + all the R&D team has followed our FOSS tutorial

 

We have other projects to control the implementation, like tooling as much possible things so we can get automatic reports (ongoing but long, we will have to change some of our processes)

 

Hope this help, I will try to be on the call of the 21

 

Michel

Michel.Ruffin@..., PhD
Software Coordination Manager, COO - Business transformation
Distinguished Member of Technical Staff

Tel +33 6 75 25 21 94
Alcatel-Lucent International, Centre de Villarceau - France

 

De : Jim Hutchison [mailto:hutch@...]
Envoyé : lundi 14 septembre 2015 20:03
À : RUFFIN, MICHEL (MICHEL); Fendt, Oliver
Cc : openchain@...
Objet : Re: [OpenChain] OpenChain

 

Hello Michel,

Do you find that there could be value in attestation/certification by a part of group, which is the only part working on the released software headed up/down the chain?

Regards,

Jim Hutchison

Qualcomm Technologies, Inc.

At 12:51 PM 7/29/2015, Jim Hutchison wrote:

[hutch] To the extent that the application of OpenChain results in a collection of indications of how OpenChain is applied to a participant in a supply chain, these indications (artifacts of certification) could inform the downstream.  They/one might indicate that they determine licenses by controlling their in-take from up-stream.  They/one might indicate that they perform direct inspection, use tools, and/or benefit from third-party audits.  For some, a combination of these would perform best.  As we proceed into discussion of how OpenChain is applied to various sizes of supplier, it looks like we cannot simply conclude "yes" and "no", but there must also be information to share-forward.

I wholly agree with the benefit of these multiple approaches to training, as answers/analysis can have little quality when people do not understand the questions.  Hopefully we can quantify training in a way which builds appropriate downstream trust.

Regards,

Jim Hutchison

Qualcomm Technologies, Inc.

At 05:30 AM 7/24/2015, RUFFIN, MICHEL (MICHEL) wrote:

[Oliver] yes I know to handle 3rd party software (no matter whether OSS of commercial of the shelf) in a correct manner affects the entire company including the Human Resource department because you need also job descriptions and of course the right trainings and a concept for which employees trainings are mandatory or optional, etc.
This brings me to another point these compliance processes is not caused by OSS. Every company which uses 3rd party software has to implement a license compliance process. There are only very view additional things to do in this process which are specific to OSS.
My intention with this statement is that to be fair in regard to OSS. I have often the impression that there is an “opinion” which sounds like “oh we have to do all this high effort license compliance stuff, because we use OSS” and this is simply not the truth. Every company which uses 3rd party software (or better to say software of which it holds not all rights) has to implement a license compliance process.
 
(Michel): the process to handle proprietary COTS is generally handled by procurement and supply chain, it is not so obvious with FOSS
 
 
So I would say step one is to raise awareness to R&D, to high exec, to legal and procurement, and to have the list of FOSS in your products available
In further steps you introduce tools like Blackduck or Palamida
In further steps you introduce tools such as code center Antelink, NextB, Nexus, …
 
[Oliver] I do not agree here. I would not require a supplier to license Blackduck and/or Palamida.
 
(Michel) as you said a lot of people still think it is open source so I can use it without consideration that the license must be respected.  It is true for ALU, for its suppliers, for its outsourcing development. The declarative approach (listing the FOSS used) is not enough, some people intoduce 100 lines of code from an open source) so we need to cross chaeck with tools. We do not impose that to suppliers, but in the future, ???? Note I cite 2 tools for scanning code, but there other competitors, nextB, Protocode, Antelink Openlogix (now owned by IBM)  and perhaps so I am not aware of.
 
 
[Oliver] yes i can imagine because simply the tooling you have mentioned above is not that cheap.
 
(michel) it is not really the tooling which is expensive but the experts trained to evaluate foss licenses, packaging the ALU products, using the tools, , and their training is expensive. The time for most people in the company to follow some basic trainings, … we have also a program with HR, Quality org, lawyers to empower the experts to do their job and to recognize them. All this is expensive.
 
Also a difficult aspect is decentralizing. Our process is decentralized we have 200 actives FOSS experts that can accept or reject FOSS according to license in all our organizations (We have trained around 350 people, this is the turnover aspect) and have the mission ot implement the process in their organization.  But I was the one that was doing the training (which is face to face and one week long), now we have decentralized this by having a trainer for each continent. Now I am thinking to decentralize some of the functions of our FOSS executive committee (because we meet every week but never go to the end of the agenda)
 
[Oliver] this  I do not really understand if you have e.g. one central DB were all the requested and approved components are listed with all their attributes, you can always control what’s going on.
 
(Michel) we have a central DB to gather IP issues with FOSS, but the people that fill this DB are decentralized, their trainers are also decentralized. Also decentralization allows awareness everywhere. I am convinced that only decentralized people and centralized information is a good solution for having a scalable governance process.
 
 
Michel
Michel.Ruffin@..., PhD
Software Coordination Manager, COO - Business transformation
Distinguished Member of Technical Staff
Tel +33 6 75 25 21 94
Alcatel-Lucent International, Centre de Villarceau - France
 
De : Fendt, Oliver [ mailto:oliver.fendt@...]
Envoyé : lundi 20 juillet 2015 11:46
À : RUFFIN, MICHEL (MICHEL); hutch@...
Cc : openchain@...
Objet : AW: OpenChain
 
Hi all,
 
I will not be able to participate in the todays call. So I try the email approach.
 
Regarding the “trademark” discussion my view is in line with Jeremiah as follows:
Our goal shall be to make all our lives easier when it comes to license compliance etc. in the supply chain. We shall provide blue prints, best practices, assessment catalogues etc to others (in such a quality that we can say “…if you use this and that, or if you have successfully passed the assessment from xyz than everything if fine….”). We need a wide use and adoption of all out output. A very good means to maximize the adoption of own work by others it to share it under the conditions of an OSS license. I do not want to enable another business segment of consultants, with the work of OpenChain, squeezing money out of companies. This money should be invested in the compliance activities or in increasing the quality of software but not in paying consultants. Just like Jeremiah said:
“The focus of Open Chain should be in adopting the best practices that exist in the community, not trying to set up some ISO regime that sues people over trademark. Seriously, Open Chain needs to consider policies much more inline with Debian's trademark policy, that will bring the process closer to FOSS practices and out of this maladaptive corporate sphere which really misses the point.”
 
 
@ Michel: it is very nice that you are now with OpenChain.
I have read your comments and I do not agree to your view of …” Mainly what I think is not ok is that the first level criteria are too strong, you need to have a smoother approach for companies which have not or have a weak governance process in place”
We struggle since years with companies which have no or a weak governance process ---and this causes a lot of effort time and cost a lot of money and nerves, because they are either not willing to provide the required information (bill of material, license texts, copyright holders, acknowledgements, source code and others) or they are simply not able to provide it. But they have to do it according to copyright law.  We really have to push to get out of this situation. I do not agree with a view of a smoother approach – shall we be fine with half of the required stuff or with old data?  In normal life nobody will approach you in a smooth way if you do not behave according to laws. Or did I misunderstand your comment?
 
 
Have a nice Day
 
Oliver
 
Von: openchain-bounces@... [ mailto:openchain-bounces@...] Im Auftrag von RUFFIN, MICHEL (MICHEL)
Gesendet: Donnerstag, 16. Juli 2015 23:07
An: hutch@...
Cc: openchain@...
Betreff: [OpenChain] OpenChain
 
FYI, I am now authorized to contribute to OpenChain in the name of Alcatel-Lucent world wide (sorry it took a while to get all the authorizations). I will try to participate to a meeting soon, but can I have 10 minutes to say, what I think is not ok and what should be done forward
 
Mainly what I think is not ok is that the first level criteria are too strong, you need to have a smoother approach for companies which have not or have a weak governance process in place
 
Concerning additional criteria, I have a lot of ideas that we are setting in place in Alcatel-Lucent
 
My dis-confort with the actual criteria is that there is a mix between low level criteria and high level criteria. In term of steps to reach a good governance process.
 
A governance process should start low: identify people enroll the lawyers, making a basic governance process, ..
Then raising attention in the company, refining the model to address suppliers, customers, outsourcing, …
Measuring the implementation of the process, coping with divestiture, contribution to open sources, SaaS…
 
And in all the process the resources to sustain it must be made available so everything  cannot be done at once.
 
ALU has gone to all this stages and we are still evolving
 
Michel
Michel.Ruffin@..., PhD
Software Coordination Manager, COO - Business transformation
Distinguished Member of Technical Staff
Tel +33 6 75 25 21 94
Alcatel-Lucent International, Centre de Villarceau - France
 

_______________________________________________
OpenChain mailing list
OpenChain@...
https://lists.linuxfoundation.org/mailman/listinfo/openchain


Re: OpenChain

Jim Hutchison
 

Hello Michel,

Do you find that there could be value in attestation/certification by a part of group, which is the only part working on the released software headed up/down the chain?

Regards,

Jim Hutchison

Qualcomm Technologies, Inc.

At 12:51 PM 7/29/2015, Jim Hutchison wrote:

[hutch] To the extent that the application of OpenChain results in a collection of indications of how OpenChain is applied to a participant in a supply chain, these indications (artifacts of certification) could inform the downstream.  They/one might indicate that they determine licenses by controlling their in-take from up-stream.  They/one might indicate that they perform direct inspection, use tools, and/or benefit from third-party audits.  For some, a combination of these would perform best.  As we proceed into discussion of how OpenChain is applied to various sizes of supplier, it looks like we cannot simply conclude "yes" and "no", but there must also be information to share-forward.

I wholly agree with the benefit of these multiple approaches to training, as answers/analysis can have little quality when people do not understand the questions.  Hopefully we can quantify training in a way which builds appropriate downstream trust.

Regards,

Jim Hutchison

Qualcomm Technologies, Inc.

At 05:30 AM 7/24/2015, RUFFIN, MICHEL (MICHEL) wrote:
[Oliver] yes I know to handle 3rd party software (no matter whether OSS of commercial of the shelf) in a correct manner affects the entire company including the Human Resource department because you need also job descriptions and of course the right trainings and a concept for which employees trainings are mandatory or optional, etc.
This brings me to another point these compliance processes is not caused by OSS. Every company which uses 3rd party software has to implement a license compliance process. There are only very view additional things to do in this process which are specific to OSS.
My intention with this statement is that to be fair in regard to OSS. I have often the impression that there is an “opinion” which sounds like “oh we have to do all this high effort license compliance stuff, because we use OSS” and this is simply not the truth. Every company which uses 3rd party software (or better to say software of which it holds not all rights) has to implement a license compliance process.
 
(Michel): the process to handle proprietary COTS is generally handled by procurement and supply chain, it is not so obvious with FOSS
 
 
So I would say step one is to raise awareness to R&D, to high exec, to legal and procurement, and to have the list of FOSS in your products available
In further steps you introduce tools like Blackduck or Palamida
In further steps you introduce tools such as code center Antelink, NextB, Nexus, …
 
[Oliver] I do not agree here. I would not require a supplier to license Blackduck and/or Palamida.
 
(Michel) as you said a lot of people still think it is open source so I can use it without consideration that the license must be respected.  It is true for ALU, for its suppliers, for its outsourcing development. The declarative approach (listing the FOSS used) is not enough, some people intoduce 100 lines of code from an open source) so we need to cross chaeck with tools. We do not impose that to suppliers, but in the future, ???? Note I cite 2 tools for scanning code, but there other competitors, nextB, Protocode, Antelink Openlogix (now owned by IBM)  and perhaps so I am not aware of.
 
 
[Oliver] yes i can imagine because simply the tooling you have mentioned above is not that cheap.
 
(michel) it is not really the tooling which is expensive but the experts trained to evaluate foss licenses, packaging the ALU products, using the tools, , and their training is expensive. The time for most people in the company to follow some basic trainings, … we have also a program with HR, Quality org, lawyers to empower the experts to do their job and to recognize them. All this is expensive.
 
Also a difficult aspect is decentralizing. Our process is decentralized we have 200 actives FOSS experts that can accept or reject FOSS according to license in all our organizations (We have trained around 350 people, this is the turnover aspect) and have the mission ot implement the process in their organization.  But I was the one that was doing the training (which is face to face and one week long), now we have decentralized this by having a trainer for each continent. Now I am thinking to decentralize some of the functions of our FOSS executive committee (because we meet every week but never go to the end of the agenda)
 
[Oliver] this  I do not really understand if you have e.g. one central DB were all the requested and approved components are listed with all their attributes, you can always control what’s going on.
 
(Michel) we have a central DB to gather IP issues with FOSS, but the people that fill this DB are decentralized, their trainers are also decentralized. Also decentralization allows awareness everywhere. I am convinced that only decentralized people and centralized information is a good solution for having a scalable governance process.
 
 
Michel
Michel.Ruffin@..., PhD
Software Coordination Manager, COO - Business transformation
Distinguished Member of Technical Staff
Tel +33 6 75 25 21 94
Alcatel-Lucent International, Centre de Villarceau - France
 
De : Fendt, Oliver [ mailto:oliver.fendt@...]
Envoyé : lundi 20 juillet 2015 11:46
À : RUFFIN, MICHEL (MICHEL); hutch@...
Cc : openchain@...
Objet : AW: OpenChain
 
Hi all,
 
I will not be able to participate in the todays call. So I try the email approach.
 
Regarding the “trademark” discussion my view is in line with Jeremiah as follows:
Our goal shall be to make all our lives easier when it comes to license compliance etc. in the supply chain. We shall provide blue prints, best practices, assessment catalogues etc to others (in such a quality that we can say “…if you use this and that, or if you have successfully passed the assessment from xyz than everything if fine….”). We need a wide use and adoption of all out output. A very good means to maximize the adoption of own work by others it to share it under the conditions of an OSS license. I do not want to enable another business segment of consultants, with the work of OpenChain, squeezing money out of companies. This money should be invested in the compliance activities or in increasing the quality of software but not in paying consultants. Just like Jeremiah said:
“The focus of Open Chain should be in adopting the best practices that exist in the community, not trying to set up some ISO regime that sues people over trademark. Seriously, Open Chain needs to consider policies much more inline with Debian's trademark policy, that will bring the process closer to FOSS practices and out of this maladaptive corporate sphere which really misses the point.”
 
 
@ Michel: it is very nice that you are now with OpenChain.
I have read your comments and I do not agree to your view of …” Mainly what I think is not ok is that the first level criteria are too strong, you need to have a smoother approach for companies which have not or have a weak governance process in place”
We struggle since years with companies which have no or a weak governance process ---and this causes a lot of effort time and cost a lot of money and nerves, because they are either not willing to provide the required information (bill of material, license texts, copyright holders, acknowledgements, source code and others) or they are simply not able to provide it. But they have to do it according to copyright law.  We really have to push to get out of this situation. I do not agree with a view of a smoother approach – shall we be fine with half of the required stuff or with old data?  In normal life nobody will approach you in a smooth way if you do not behave according to laws. Or did I misunderstand your comment?
 
 
Have a nice Day
 
Oliver
 
Von: openchain-bounces@... [ mailto:openchain-bounces@...] Im Auftrag von RUFFIN, MICHEL (MICHEL)
Gesendet: Donnerstag, 16. Juli 2015 23:07
An: hutch@...
Cc: openchain@...
Betreff: [OpenChain] OpenChain
 
FYI, I am now authorized to contribute to OpenChain in the name of Alcatel-Lucent world wide (sorry it took a while to get all the authorizations). I will try to participate to a meeting soon, but can I have 10 minutes to say, what I think is not ok and what should be done forward
 
Mainly what I think is not ok is that the first level criteria are too strong, you need to have a smoother approach for companies which have not or have a weak governance process in place
 
Concerning additional criteria, I have a lot of ideas that we are setting in place in Alcatel-Lucent
 
My dis-confort with the actual criteria is that there is a mix between low level criteria and high level criteria. In term of steps to reach a good governance process.
 
A governance process should start low: identify people enroll the lawyers, making a basic governance process, ..
Then raising attention in the company, refining the model to address suppliers, customers, outsourcing, …
Measuring the implementation of the process, coping with divestiture, contribution to open sources, SaaS…
 
And in all the process the resources to sustain it must be made available so everything  cannot be done at once.
 
ALU has gone to all this stages and we are still evolving
 
Michel
Michel.Ruffin@..., PhD
Software Coordination Manager, COO - Business transformation
Distinguished Member of Technical Staff
Tel +33 6 75 25 21 94
Alcatel-Lucent International, Centre de Villarceau - France
 
_______________________________________________
OpenChain mailing list
OpenChain@...
https://lists.linuxfoundation.org/mailman/listinfo/openchain


Announce: OpenChain meeting at Supply Chain mini-summit on Oct 8

Kate Stewart
 

For those interested in improving the automated tracking of copyright, licensing and security information in the supply chain, we've managed to get a Supply Chain mini-summit added on after LinuxCon on October 8th.

As part of this,  we'll be holding an OpenChain face to face working session, similar to our recent meeting at LinuxCon Seattle.    For those able to be there in person, 
please RSVP (see link below).   

If there is sufficient interest, we'll set up a conference call for the OpenChain part of the agenda for those who are not able to attend in person, but are interested in following the discussion.  Please let Kelly and Kate know if you're interested in this option.

Agenda
9:00 - Intro to Supply Chain mini-summit (Kate Stewart)
9:05 - Overview of OpenChain, goals and status. (Dave Marr)
9:20 - Overview of SPDX project, review of 2.0 and plans for 2.1 (Phil Odence)
9:35 - Debsources as a community curated DB of copyright and license information (Stephano Zaccharoli)
10:20 - break
10:30 - DoSOCS - integrating security with license compliance (Sai Uday Shankar Korlimarla)
11:15 - OpenChain working session on the checklist (Dave Marr)
13:15 - lunch break
14:30 - Group brainstorming session on ways to improve automation around open source license compliance and tracking of relevant security information. (Kate to facilitate)
17:00 - wrap up and next steps


Event Details
Date: Thursday, October 8 
Time: 9:00am-5:00pm
Location: Liffey Meeting Room 3
Cost: Free
Register: RSVP Here


Please let me know if you have any questions. 

Hope you see there,
Kate
    


Re: Next OpenChain meeting Mon, 9/7

Kelly Williams
 

We are going to cancel our meeting scheduled on Mon, 9/7.  Looking forward to our next call on 9/21.

 

Have a great weekend!

 

~Kelly

 

From: openchain-bounces@... [mailto:openchain-bounces@...] On Behalf Of Williams, Kelly
Sent: Monday, August 31, 2015 10:54 AM
To: openchain@...
Subject: [OpenChain] Next OpenChain meeting Mon, 9/7

 

Hi Everyone,

 

The next call is scheduled on Labor Day (US holiday) Mon, 9/7.  Do you want to reschedule for Tues, 9/8 @ 9am (Pacific) or go ahead and cancel the meeting.

 

Let me know your preference.

 

Thank you,

Kelly


Canceled Event: OpenChain Working Group (First and Third Monday each month) @ Mon Sep 7, 2015 12pm - 1pm (mdolan@linuxfoundation.org)

mdolan@...
 

This event has been canceled and removed from your calendar.

OpenChain Working Group (First and Third Monday each month)

Sending an updated invitation as the group decided to move the calls to the first and third Monday of each month. There are two invites - one for the first Monday and the second for the third Monday.

Audio portion:

Conference Number: +1 (415) 906-5657 Pin: 88326
UberConference URL: http://uberconference.com/mdolan

For international call instructions, please visit the website below. Please note you will have to enter the US Conference number as part of the instructions:
http://www.uberconference.com/international/access

Screen share (if used): go to http://uberconference.com/mdolan

When
Mon Sep 7, 2015 12pm – 1pm Eastern Time
Where
Conference Number: +1 (415) 906-5657 Pin: 88326 UberConference URL: http://uberconference.com/mdolan (map)
Calendar
mdolan@...
Who
Michael Dolan - organizer
openchain@...
hook@...
mark.radcliffe@...
Kate Stewart
douglas.cardwell@...
lisa_laforge@...
zoe.rose@...
sami.atabani@...
ibrahim.h@...
mccoy.smith@...
mike.nesheiwat@...
shane@...
Scott Nicholas
mishi@...
vondavid@...
hutch@...
ziegenhorn@...
angela_ziegenhorn@...
berrendo@...
andrew.wilson@...

Invitation from Google Calendar

You are receiving this courtesy email at the account openchain@... because you are an attendee of this event.

To stop receiving future updates for this event, decline this event. Alternatively you can sign up for a Google account at https://www.google.com/calendar/ and control your notification settings for your entire calendar.

Forwarding this invitation could allow any recipient to modify your RSVP response. Learn More.


Re: Next OpenChain meeting Mon, 9/7

Dennis Clark
 

 Tues, 9/8 @ 9am (Pacific) 
works for me. 

Thanks,
Dennis Clark
nexB inc.


On Mon, Aug 31, 2015 at 10:54 AM, Williams, Kelly <kellyw@...> wrote:

Hi Everyone,

 

The next call is scheduled on Labor Day (US holiday) Mon, 9/7.  Do you want to reschedule for Tues, 9/8 @ 9am (Pacific) or go ahead and cancel the meeting.

 

Let me know your preference.

 

Thank you,

Kelly


_______________________________________________
OpenChain mailing list
OpenChain@...
https://lists.linuxfoundation.org/mailman/listinfo/openchain



Next OpenChain meeting Mon, 9/7

Kelly Williams
 

Hi Everyone,

 

The next call is scheduled on Labor Day (US holiday) Mon, 9/7.  Do you want to reschedule for Tues, 9/8 @ 9am (Pacific) or go ahead and cancel the meeting.

 

Let me know your preference.

 

Thank you,

Kelly

4821 - 4840 of 5043