Dear all There is a printable version of the DIS 18974 self-certification checklist

Yes securitytext.org is for web sites/services, for example https://github.com/.well-known/security.txt SECURITY.* in a code repository typically alongside LICENSE -- though GitHub also looks in a

My 2c's Honestly think that we are starting to overpopulate root project dirs. Not only LICENSE anymore, it goes for a number of files and this needs to have more control that what is today. Just

Is this JUST for web services? The location section focuses on a fixed URL rather than, say, a location within a source repo. But then, I've barely skimmed the document. From:specification@...

Jeff flagged this on our monthly call (2023-03-21) https://securitytxt.org/ It is like LICENSE files but for security. What do you think? Have you heard about this? Useful in your workflow?

OpenChain Webinar #50 - An Overview of SPDX 3.0 Our 50th webinar will feature Alexios Zavras, Chief Open Source Compliance Officer at Intel Corporation and a long-term friend and collaborator around

Our regular monthly meeting continued our work to edit the next generation of our license compliance and security assurance specifications. Our focus this time was on some open issues around the next

Awesome! I think we have a lot of potential new users and - most important - community collaborators in China. I am really looking forward to what we will do together in the coming

Thank you for sharing this event, Shane. I will be there as speaker like you. Of course , I will introduce OpenChain Project in my presentationJ 发件人: main@... [mailto:main@...]代表

The OpenChain Project is delighted to be part of the OSPO Summit held in Beijing during March 2023. You can check out our speech from the event

A reminder that our monthly North America / Asia call is taking place in a five minutes: 2023-03-21 at 09:00 CST / 10:00 KST+JST (01:00 UTC). That will be 18:00 Pacific on the 20th of March for our

Dear All A reminder that our monthly North America / Asia call is taking place tomorrow, 2023-03-21, at 09:00 CST / 10:00 KST+JST (01:00 UTC). That will be 18:00 Pacific on the 20th of March for our

Shane Congratulations to the entire team who contributed to the development of the DIS 18974 Open Source Security Assurance specification. Best Chris

The OpenChain Security Assurance Specification 1.1 is now DIS 18974, OpenChain Security Assurance Specification. This de facto industry standard describes the key requirements of a quality open source

China Electronics Standardization Institute (CESI) is the latest official partner of the OpenChain Project. From today, CESI is offering third-party certification around the standards produced by the

(Sorry for redundancy through crossposting.) Hello everyone, I'm running out of good articles for IEEE Computer (for the open source expanded column). More information in this old call, now current

You are super welcome! Everyone, should we produce PDF versions in future as well? (And thank you Gerald ☺️)

Perfect, thank you,Shane!

TÜV Nord Taiwan is the latest official OpenChain Partner. TÜV NORD Taiwan was founded in 1988 and is one of the leading providers of quality, safety, information technology, and renewable energy

Of course! You will find it here: https://www.openchainproject.org/monthly-newsletter/2023/02/28/openchain-newsletter-51 Shane Coughlan OpenChain General Manager +818040358083 Book a