Date   

Re: What is an SBOM?

Gilles Gravier
 

Thanks Shane!

Nice writing! And very good read! A perfect intro.

Best regards,

Gilles Gravier
Director, Senior Strategy Advisor - Global Open Source Practice
Wipro Limited
M: +41 79 472 8437
in/gillesgravier  @gravax


From: main@... <main@...> on behalf of Shane Coughlan via lists.openchainproject.org <scoughlan=linuxfoundation.org@...>
Sent: Wednesday 16 June 2021 05:25
To: OpenChain Main <main@...>
Subject: [openchain] What is an SBOM?
 

CAUTION:This email is received from an external domain. Open the hyperlink(s) & attachment(s) with caution.
.
 

What is an SBOM? 
A little blog I wrote on the topic of software bill of materials.
https://www.linuxfoundation.org/blog/what-is-an-sbom/

Shane Coughlan
OpenChain General Manager
+818040358083
Book a meeting:
https://meetings.hubspot.com/scoughlan
'The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments. WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. www.wipro.com'


What is an SBOM?

 

What is an SBOM? 
A little blog I wrote on the topic of software bill of materials.
https://www.linuxfoundation.org/blog/what-is-an-sbom/

Shane Coughlan
OpenChain General Manager
+818040358083
Book a meeting:
https://meetings.hubspot.com/scoughlan


Re: Education editing at the mini-summit

Kurzmann Marcel (IOC/PDL3) <Marcel.Kurzmann@...>
 

Hi Mark,
Sorry, maybe I missed this in the yesterdays meeting:
Is there already a workspace (Github, Google, ...) with the material that was shown and discussed yesterday for the "security usage reference document" that can be accessed?

Mit freundlichen Grüßen / Best regards

Marcel Kurzmann

Project Delivery Immenstaad (IOC/PDL3)
Bosch.IO GmbH | Ziegelei 7 | 88090 Immenstaad | GERMANY | www.bosch.io
Tel. +49 7545 202-279 | Mobil +49 172 1499942 | Telefax +49 7545 202-301 | Marcel.Kurzmann@bosch.io

Sitz: Berlin, Registergericht: Amtsgericht Charlottenburg; HRB 148411 B
Aufsichtsratsvorsitzender: Dr.-Ing. Thorsten Lücke; Geschäftsführung: Dr. Stefan Ferber, Dr. Aleksandar Mitrovic, Yvonne Reckling


-----Ursprüngliche Nachricht-----
Von: main@lists.openchainproject.org <main@lists.openchainproject.org> Im Auftrag von Shane Coughlan via lists.openchainproject.org
Gesendet: Dienstag, 15. Juni 2021 01:13
An: main@lists.openchainproject.org
Cc: OpenChain Education <education@lists.openchainproject.org>; OpenChain Project Operations <operations@openchainproject.org>
Betreff: Re: [openchain] Education editing at the mini-summit

Dave, Mark, everyone

Please accept my apologies for our unexpected and unwanted disruption via Zoom. A passcode-using and authenticated account adding white noise to the event as it entered the third hour was obviously not a desired outcome. I will be working with LF Technical to discuss strategies for ensuring we still have open access but have a more effective method for removing troublemakers.

Mark, thanks for hosting the second section of the security discussion on your Zoom! Super kudos. And, naturally, thanks to Jenni for helping to transition everyone over.

Regards

Shane

Shane Coughlan
OpenChain General Manager
+818040358083
Book a meeting:
https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fmeetings.hubspot.com%2Fscoughlan&;data=04%7C01%7CMarcel.Kurzmann%40bosch.io%7C8b340e7ee5be47686ac308d92f89f6bf%7C0ae51e1907c84e4bbb6d648ee58410f4%7C0%7C0%7C637593091861541976%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&amp;sdata=SwlBOKZrhDC83IT7G2Jtx%2BEDvbt19Cqkm9YoFvZIf5o%3D&amp;reserved=0

On Jun 15, 2021, at 1:20, Dave Marr <dmarr@qti.qualcomm.com> wrote:

Mark was able to disable the passcode, and if the summit gets Zoom bombed again he will be able to remove them.

Dave

-----Original Message-----
From: main@lists.openchainproject.org <main@lists.openchainproject.org> On Behalf Of Sami Atabani
Sent: Monday, June 14, 2021 9:17 AM
To: main@lists.openchainproject.org
Cc: OpenChain Education <education@lists.openchainproject.org>
Subject: Re: [openchain] Education editing at the mini-summit

-------------------------------------------------------------------------
CAUTION: This email originated from outside of the organization.
-------------------------------------------------------------------------

Can someone please post the new zoom link and passcode?
Sami

-----Original Message-----
From: main@lists.openchainproject.org <main@lists.openchainproject.org> On Behalf Of Shane Coughlan via lists.openchainproject.org
Sent: 14 June 2021 12:06
To: OpenChain Main <main@lists.openchainproject.org>
Cc: OpenChain Education <education@lists.openchainproject.org>
Subject: [openchain] Education editing at the mini-summit

Reminder: we are just doing the first three chapters for the first release. Document here. What do we need to change before going live?
https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1FA6GvYG7G-cQgSdAM610CjYQExwJW3xY%2Fedit%23&;data=04%7C01%7CMarcel.Kurzmann%40bosch.io%7C8b340e7ee5be47686ac308d92f89f6bf%7C0ae51e1907c84e4bbb6d648ee58410f4%7C0%7C0%7C637593091861541976%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&amp;sdata=KHiuWCFLDQl%2BWMkMp91QePgplBCzG2pO0JKETqcNDvg%3D&amp;reserved=0




IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.











Re: Education editing at the mini-summit

 

Dave, Mark, everyone

Please accept my apologies for our unexpected and unwanted disruption via Zoom. A passcode-using and authenticated account adding white noise to the event as it entered the third hour was obviously not a desired outcome. I will be working with LF Technical to discuss strategies for ensuring we still have open access but have a more effective method for removing troublemakers.

Mark, thanks for hosting the second section of the security discussion on your Zoom! Super kudos. And, naturally, thanks to Jenni for helping to transition everyone over.

Regards

Shane

Shane Coughlan
OpenChain General Manager
+818040358083
Book a meeting:
https://meetings.hubspot.com/scoughlan

On Jun 15, 2021, at 1:20, Dave Marr <dmarr@qti.qualcomm.com> wrote:

Mark was able to disable the passcode, and if the summit gets Zoom bombed again he will be able to remove them.

Dave

-----Original Message-----
From: main@lists.openchainproject.org <main@lists.openchainproject.org> On Behalf Of Sami Atabani
Sent: Monday, June 14, 2021 9:17 AM
To: main@lists.openchainproject.org
Cc: OpenChain Education <education@lists.openchainproject.org>
Subject: Re: [openchain] Education editing at the mini-summit

-------------------------------------------------------------------------
CAUTION: This email originated from outside of the organization.
-------------------------------------------------------------------------

Can someone please post the new zoom link and passcode?
Sami

-----Original Message-----
From: main@lists.openchainproject.org <main@lists.openchainproject.org> On Behalf Of Shane Coughlan via lists.openchainproject.org
Sent: 14 June 2021 12:06
To: OpenChain Main <main@lists.openchainproject.org>
Cc: OpenChain Education <education@lists.openchainproject.org>
Subject: [openchain] Education editing at the mini-summit

Reminder: we are just doing the first three chapters for the first release. Document here. What do we need to change before going live?
https://docs.google.com/document/d/1FA6GvYG7G-cQgSdAM610CjYQExwJW3xY/edit#




IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.











Re: Education editing at the mini-summit

Dave Marr
 

Mark was able to disable the passcode, and if the summit gets Zoom bombed again he will be able to remove them.

Dave

-----Original Message-----
From: main@lists.openchainproject.org <main@lists.openchainproject.org> On Behalf Of Sami Atabani
Sent: Monday, June 14, 2021 9:17 AM
To: main@lists.openchainproject.org
Cc: OpenChain Education <education@lists.openchainproject.org>
Subject: Re: [openchain] Education editing at the mini-summit

-------------------------------------------------------------------------
CAUTION: This email originated from outside of the organization.
-------------------------------------------------------------------------

Can someone please post the new zoom link and passcode?
Sami

-----Original Message-----
From: main@lists.openchainproject.org <main@lists.openchainproject.org> On Behalf Of Shane Coughlan via lists.openchainproject.org
Sent: 14 June 2021 12:06
To: OpenChain Main <main@lists.openchainproject.org>
Cc: OpenChain Education <education@lists.openchainproject.org>
Subject: [openchain] Education editing at the mini-summit

Reminder: we are just doing the first three chapters for the first release. Document here. What do we need to change before going live?
https://docs.google.com/document/d/1FA6GvYG7G-cQgSdAM610CjYQExwJW3xY/edit#




IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.


Re: Education editing at the mini-summit

Sami Atabani
 

Can someone please post the new zoom link and passcode?
Sami

-----Original Message-----
From: main@lists.openchainproject.org <main@lists.openchainproject.org> On Behalf Of Shane Coughlan via lists.openchainproject.org
Sent: 14 June 2021 12:06
To: OpenChain Main <main@lists.openchainproject.org>
Cc: OpenChain Education <education@lists.openchainproject.org>
Subject: [openchain] Education editing at the mini-summit

Reminder: we are just doing the first three chapters for the first release. Document here. What do we need to change before going live?
https://docs.google.com/document/d/1FA6GvYG7G-cQgSdAM610CjYQExwJW3xY/edit#




IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.


Re: [education] REMINDER: OpenChain Q2 Mini-Summit 2021-06-14 at 14:00 UTC / 07:00 PST / 15:00 BST / 16:00 CEST / 19:30 IST / 22:00 CST / 23:00 KST / 23:00 JST

Jari Koivisto
 

Try this URL: https://windriver.zoom.us/j/92761776704?pwd=YU5mUTVXWHV5NnRIZEhyTGk2RXA4QT09


---
Jari Koivisto
E-mail: jari.p.koivisto@...
Mobile: +41 78 7479791
Skype: jari.p.koivisto
LinkedIn: http://www.linkedin.com/in/jarikoivisto



On Mon, 14 Jun 2021 at 13:06, Shane Coughlan <scoughlan@...> wrote:
This three-hour event will have two live collaboration sessions.

We will open with one hour for the OpenChain education work team. The focus will be on final review of the online course and a discussion of what education work we should do next. This will be lead by Balakrisha, chair of the education work team.

We will continue with a two hour live-editing session for the OpenChain ISO 5230 security usage reference document. The goal will be to have an output that can be immediately used by our community regarding application of OpenChain ISO 5230 in security contexts. This discussion will be lead by Mark, chair of the specification work team.

Everyone is welcome to the event and encouraged to attend. There is no registration or fee to access. Your thoughts and requests for additional activities during the event are also welcome.

Dial in:
https://us02web.zoom.us/j/9990120120?pwd=NzVCaFE2L1RRRFZaSkk0dm8xdlplUT09





REMINDER: OpenChain Q2 Mini-Summit 2021-06-14 at 14:00 UTC / 07:00 PST / 15:00 BST / 16:00 CEST / 19:30 IST / 22:00 CST / 23:00 KST / 23:00 JST

 

This three-hour event will have two live collaboration sessions.

We will open with one hour for the OpenChain education work team. The focus will be on final review of the online course and a discussion of what education work we should do next. This will be lead by Balakrisha, chair of the education work team.

We will continue with a two hour live-editing session for the OpenChain ISO 5230 security usage reference document. The goal will be to have an output that can be immediately used by our community regarding application of OpenChain ISO 5230 in security contexts. This discussion will be lead by Mark, chair of the specification work team.

Everyone is welcome to the event and encouraged to attend. There is no registration or fee to access. Your thoughts and requests for additional activities during the event are also welcome.

Dial in:
https://us02web.zoom.us/j/9990120120?pwd=NzVCaFE2L1RRRFZaSkk0dm8xdlplUT09


Education editing at the mini-summit

 

Reminder: we are just doing the first three chapters for the first release. Document here. What do we need to change before going live?
https://docs.google.com/document/d/1FA6GvYG7G-cQgSdAM610CjYQExwJW3xY/edit#


REMINDER: OpenChain Partner Mini-Summit in 30 minutes (0700 UTC)

 

The OpenChain PARTNER Mini-Summit will be held on the 14th of June at 07:00 UTC / 00:00 PST / 08:00 BST / 09:00 CEST / 12:30 IST / 15:00 CST / 16:00 KST / 16:00 JST.
The two-hour Mini-Summit will start with a discussion about the customer journey, followed by presentations from partners, and end with an open discussion about setting client expectations.
Andrew Katz of Orcro will facilitate the customer journey discussion.
Our partner presentations will be:
  • Gilles Gravier and Reza Alvavi from WIPRO
  • Nicole Pappler from AlektoMetis
  • Martin Callinan from Source Code Control
We will end with the roundtable on client expectations moderated by Shane Coughlan of the OpenChain Project.


May be of interest: Synopsys Open Source Security and Risk Analysis (OSSRA) report

 

"Now in its sixth year, the 2021 Open Source Security and Risk Analysis (OSSRA) report exposes vulnerabilities and license conflicts found in more than 1,500 codebases across 17 industries. The report includes recommendations to help developers and consumers understand the software ecosystem they are a part of, as well as the risks accompanying open source development and use.”
https://www.synopsys.com/software-integrity/resources/analyst-reports/open-source-security-risk-analysis.html


OpenChain Partner Summit Today @ 07:00 UTC / 00:00 PST / 08:00 BST / 09:00 CEST / 12:30 IST / 15:00 CST / 16:00 KST / 16:00 JST

 

Quarterly OpenChain Partner Summit Today (Monday) @ 07:00 UTC / 00:00 PST / 08:00 BST / 09:00 CEST / 12:30 IST / 15:00 CST / 16:00 KST / 16:00 JST. Two hours of talks, panels and roundtables covering key items in the OpenChain ISO 5230 vendor ecosystem. No registration or fee to attend.
https://us02web.zoom.us/j/9990120120?pwd=NzVCaFE2L1RRRFZaSkk0dm8xdlplUT09

Shane Coughlan
OpenChain General Manager
+818040358083
Book a meeting:
https://meetings.hubspot.com/scoughlan


OpenChain Partner Mini-Summit - 2020 -06-14 @ 0700 UTC

Jennifer McGinnis <jmcginnis@...>
 

The OpenChain PARTNER Mini-Summit will be held on the 14th of June at 07:00 UTC / 00:00 PST / 08:00 BST / 09:00 CEST / 12:30 IST / 15:00 CST / 16:00 KST / 16:00 JST.

The two-hour Mini-Summit will start with a discussion about the customer journey, followed by presentations from partners, and end with an open discussion about setting client expectations.

Everyone is welcome to the event and encouraged to attend. There is no registration or fee to access. Your thoughts and requests for additional activities during the event are also welcome.

Dial in:



OpenChain Q2 Mini-Summit – 2021-06-14 @ 14:00 UTC

 

The OpenChain Q2 Mini-Summit will be held on the 14th of June at 14:00 UTC / 07:00 PST / 15:00 BST / 16:00 CEST / 19:30 IST / 22:00 CST / 23:00 KST / 23:00 JST.

This three-hour event will have two live collaboration sessions.

We will open with one hour for the OpenChain education work team. The focus will be on final review of the online course and a discussion of what education work we should do next. This will be lead by Balakrisha, chair of the education work team.

We will continue with a two hour live-editing session for the OpenChain ISO 5230 security usage reference document. The goal will be to have an output that can be immediately used by our community regarding application of OpenChain ISO 5230 in security contexts. This discussion will be lead by Mark, chair of the specification work team.

Everyone is welcome to the event and encouraged to attend. There is no registration or fee to access. Your thoughts and requests for additional activities during the event are also welcome.

Dial in:
https://us02web.zoom.us/j/9990120120?pwd=NzVCaFE2L1RRRFZaSkk0dm8xdlplUT09


OpenChain Korea Work Group Meeting #10 – 2021-06-22

 

The OpenChain Korea Work Group will hold its 10th meeting on the 22nd of June between 15:00 and 17:00 KST. The agenda will be published on the dedicated event page shortly. All welcome. No registration necessary. The meeting will be conducted in Korean.
https://www.openchainproject.org/news/2021/06/11/korea-wg-10


External Blog: ISO 5230 OpenChain: How Will the Standard be Used?

 

Check out a recent article from Source Code Control talking about how OpenChain ISO 5230 can and will be used in security, M&A and other fields in addition to open source license compliance:

https://www.openchainproject.org/news/2021/06/05/external-blog-iso-5230-openchain-how-will-the-standard-be-used


OpenChain Global Work Team Meeting 2021-06-08 – Full Recording

 

Greetings all!

The full recording of our latest global work team call is now available. The primary focus was in completing the online education course. We made great progress!
https://www.openchainproject.org/featured/2021/06/10/global-work-team-2021-06-08

Regards

Shane


Synopsys Is The Third OpenChain Global Certifier

 

Synopsys Is The Third OpenChain Global Certifier

"Synopsys has been announced as a global third-party certifier for OpenChain ISO 5230, the International Standard for open source license compliance. They join PwC and TUV SUD in providing such services."
https://www.openchainproject.org/news/2021/06/04/synopsys-global-certifier

A news item from Synopsys:
https://securityboulevard.com/2021/06/announcing-synopsys-as-an-openchain-project-third-party-certifier/


Global work team meeting today @ 06:00 UTC / 14:00 CST / 15:00 KST/JST

 

Reminder: Global work team meeting today @ 06:00 UTC / 14:00 CST / 15:00 KST/JST

This will be our final review of the first version of the OpenChain online education course. Your eyes and assistance most welcome!

https://us02web.zoom.us/j/9990120120?pwd=NzVCaFE2L1RRRFZaSkk0dm8xdlplUT09


We start in around 3 hours 🙂

Shane Coughlan
OpenChain General Manager
+818040358083
Book a meeting:
https://meetings.hubspot.com/scoughlan


Latest OpenChain Newsletter now available

Jennifer McGinnis <jmcginnis@...>
 

221 - 240 of 4241