Date   

Happy New Year!

 

As we enter the year of the Tiger I want to wish everyone fortune and happiness. 
新年好, 恭喜发财 and 새해 복 많이 받으세요!


Our biweekly meeting takes place in around one hour

 

Reminder:
Our biweekly meeting takes place in around one hour.

Agenda:
Forthcoming summits
Security + the specification
What you (as users) want to see from the partner ecosystem

Dial in:
https://zoom.us/j/4377592799

On Jan 31, 2022, at 17:30, Shane Coughlan <scoughlan@...> wrote:

Our regular bi-weekly meeting takes place today. We will be talking about:
Forthcoming summits
Security + the specification
What you (as users) want to see from the partner ecosystem

Dial in:
https://zoom.us/j/4377592799

Check your time
14:00 UTC 2022-01-31 (today) - 06:00 PST / 14:00 BST / 15:00 CET / 19:00 IST / 22:00 CST / 23:00 KST+JST


OpenChain Bi-Weekly Meeting - 14:00 UTC 2022-01-31 (today) - 06:00 PST / 14:00 BST / 15:00 CET / 19:00 IST / 22:00 CST / 23:00 KST+JST

 

Our regular bi-weekly meeting takes place today. We will be talking about:
Forthcoming summits
Security + the specification
What you (as users) want to see from the partner ecosystem

Dial in:
https://zoom.us/j/4377592799

Check your time
14:00 UTC 2022-01-31 (today) - 06:00 PST / 14:00 BST / 15:00 CET / 19:00 IST / 22:00 CST / 23:00 KST+JST


Re: “A Bug in Early Creative Commons Licenses Has Enabled a New Breed of Superpredator”

McCoy Smith
 

The “immediate termination on breach” clause of GPLv2 was, in part, being used in the McHardy litigations (just settled for good) in Germany. Some more detailed analysis here: https://jolts.world/index.php/jolts/article/view/128/246 It’s also why the cooperation commitment for GPLv2 was done: https://opensource.com/article/18/11/gpl-cooperation-commitment

 

There’s another debate to be had about the notice requirements of various licenses (which is the peg on which this particular CC litigant hangs their hat), and how compliance for that is done, and to what extent that’s all that valuable. I tend to think at some point License Zero type licenses (not the current ones, but different flavors of future ones, which could include copyleft) will look more attractive

 

From: main@... <main@...> On Behalf Of Steve Kilbane
Sent: Friday, January 28, 2022 1:56 AM
To: main@...
Subject: Re: [openchain] “A Bug in Early Creative Commons Licenses Has Enabled a New Breed of Superpredator”

 

If I'm understanding this correctly, the key aspect here is that a breach leads to termination of rights without opportunity of remedy. Isn't that relatively common in open source licenses, not just the Creative Commons ones?

 

I acknowledge that, as Cory describes, it's easy to create large quantities of media (e.g. stock photos) that is directly owned by a copyleft troll, as bait. But doesn't the problem also apply to open source software? While it's harder to software packages that will be so easily picked up by sufficient users to make the effort worthwhile, I can think of a couple of attacks here:

 

The attacker could fork a popular package under a permissive license, make minor changes, and re-release with a subtle renaming under a compatible license w/o remedy period.

 

More perniciously, the attacker could contribute changes to the original package which made use of media under the CC licenses or other licenses with a similar problem.

 

steve

 

From: main@... <main@...> On Behalf Of Shane Coughlan
Sent: 25 January 2022 06:41
To: OpenChain Main <main@...>
Subject: [openchain] “A Bug in Early Creative Commons Licenses Has Enabled a New Breed of Superpredator”

 

[External]

 

Very little open source *code* is under Creative Commons licenses. However, a lot of open source *documentation* is under Creative Commons licenses. Therefore, we should keep an eye on this matter.

Copyleft trolls, robosigning, and Pixsy”


Re: “A Bug in Early Creative Commons Licenses Has Enabled a New Breed of Superpredator”

Steve Kilbane
 

If I'm understanding this correctly, the key aspect here is that a breach leads to termination of rights without opportunity of remedy. Isn't that relatively common in open source licenses, not just the Creative Commons ones?

 

I acknowledge that, as Cory describes, it's easy to create large quantities of media (e.g. stock photos) that is directly owned by a copyleft troll, as bait. But doesn't the problem also apply to open source software? While it's harder to software packages that will be so easily picked up by sufficient users to make the effort worthwhile, I can think of a couple of attacks here:

 

The attacker could fork a popular package under a permissive license, make minor changes, and re-release with a subtle renaming under a compatible license w/o remedy period.

 

More perniciously, the attacker could contribute changes to the original package which made use of media under the CC licenses or other licenses with a similar problem.

 

steve

 

From: main@... <main@...> On Behalf Of Shane Coughlan
Sent: 25 January 2022 06:41
To: OpenChain Main <main@...>
Subject: [openchain] “A Bug in Early Creative Commons Licenses Has Enabled a New Breed of Superpredator”

 

[External]

 

Very little open source *code* is under Creative Commons licenses. However, a lot of open source *documentation* is under Creative Commons licenses. Therefore, we should keep an eye on this matter.

Copyleft trolls, robosigning, and Pixsy”


External: The EU Open Source Policy Summit

 

An OFE production on the 4th of February:
https://summit.openforumeurope.org/

Shane Coughlan
OpenChain General Manager
+818040358083
Book a meeting:
https://meetings.hubspot.com/scoughlan


Diversion: our virtual Christmas party

 

For those who missed it, we were hanging out on a virtual island (thank you Korea Community) and sharing stories about trains.


Re: [germany-wg] [openchain] FAQ: Common Misunderstandings about OSS Licensing (English and Japanese

 

This is incredible! Thank you all and I am really looking forward to next steps here. Naturally we will want to share the results far and wide.

On Jan 26, 2022, at 21:31, Astrid Spura <office@...> wrote:

Thank you very much for offering help! Reviewing translation would be great. I will get in touch in time.

Best regards,
Astrid


Am 25.01.22 um 19:53 schrieb Jan Thielscher:
😊 ... so count me in as well...
Von: main@... <main@...> im Auftrag von Stefanie Pors via lists.openchainproject.org <stefanie.pors=intel.com@...>
Datum: Dienstag, 25. Januar 2022 um 18:51
An: germany-wg@... <germany-wg@...>, main@... <main@...>
Betreff: Re: [germany-wg] [openchain] FAQ: Common Misunderstandings about OSS Licensing (English and Japanese
Hi Stefan, Astrid,
Happy to provide a pair of German reviewing eyes as well. (Stefan, the "ping" on the *old* group worked 😉)
Greetings
Steffi
Stefanie Pors
GAT EMEA – Intel Legal Department
-----Original Message-----
From: germany-wg@... <germany-wg@...> On Behalf Of Stefan Thanheiser
Sent: Dienstag, 25. Januar 2022 18:38
To: main@...; germany-wg@...
Subject: Re: [germany-wg] [openchain] FAQ: Common Misunderstandings about OSS Licensing (English and Japanese
Hi Astrid,
please count me in for the translation into German (if you need more helping hands/brains).
I also could offer https://github.com/OCSpecGermanTranslation as collaboration space.
Are there more volunteers (maybe from the 'old' specification translation group 😉 )?
Regards,
Stefan
Stefan Thanheiser
Atruvia AG
---
Servicefeld Qualität IT-Sicherheit Einkauf, Tribe Einkauf, Chapter Software Asset & Lizenzmanagement
---
Telefon +49 721 4004-1860
Mobil +49 170 3304133
E-Mail stefan.thanheiser@...
Atruvia AG | www.atruvia.de<http://www.atruvia.de>
AG Frankfurt a. M. HRB 102381 | Sitz der Gesellschaft: Frankfurt a. M. | USt-IdNr. DE 143582320
Vorstand: Martin Beyer (Vorstandssprecher), Ulrich Coenen (Vorstandssprecher), Daniela Bücker, Birgit Frohnhoff, Jörg Staff, Ralf Teufel Vorsitzender des Aufsichtsrats: Jürgen Brinkmann
-----Ursprüngliche Nachricht-----
Von: main@... <main@...> Im Auftrag von Astrid Spura
Gesendet: Dienstag, 25. Januar 2022 16:38
An: main@...
Cc: OpenChain Japan <japan-wg@...>
Betreff: Re: [openchain] FAQ: Common Misunderstandings about OSS Licensing (English and Japanese
Dear Shane,
dear all,
The OpenChain Japan work group has released a new revision of its FAQ regarding frequent misunderstandings around open source licenses. This FAQ is available in English and Japanese, and assistance in translating it into other languages is very welcome.
We would be happy to help with translation into German language. If there is already work in progress, please get in touch, so that we can share the workload.
It is important to note that this document is based on real world experiences distilled into very practical knowledge. We are fortunate to have had many companies contribute to it, and it holds great potential to assist the supply chain.
Yes, well done. We appreciate the work. The issues mentioned are comparable with our experiences.
You can get over on GitHub

https://github.com/OpenChain-Project/OpenChain-JWG/tree/master/Educati
on_Material/FAQ
Thanks. We will let you know as soon as the German version will be ready.
Best regards,
Astrid
--
Astrid Spura, Compliance & Communication Astrid.Spura@...
Open Source Automation Development Lab (OSADL) eG Im Neuenheimer Feld 583, D-69120 Heidelberg, Germany
Phone: +49(6221)98504-0, Fax: +49(6221)98504-80 office@... http://www.osadl.org
https://youtu.be/z0MiLwP_n40
Location of the company: Heidelberg, Germany Cooperative register #700048 at the district court of Mannheim Chairman of the Supervisory Board: Axel Berghoff
Directors: Andreas Orzelski, Rainer Thieringer Tax number 32080/02883, VAT Id-No DE249975743
Intel Germany GmbH & Co. KG
Registered Address: Lilienthalstraße 15 D-85579 Neubiberg Germany Tel +49 89 89 89 97-0 www.intel.com<http://www.intel.com>
Registered Office: Neubiberg Commercial Register: Amtsgericht München HRA 94167
Limited Partner (Kommanditist): Lantiq Intermediate Holdco S.à r.l
General Partner (Komplementär): Intel Germany Holding GmbH Registered Office: Neubiberg
Commercial Register: Amtsgericht München HRB 180523
Managing Directors (Geschäftsführung): Christin Eisenschmid, Sharon Heck, Tiffany Doon Silva
--
Astrid Spura, Compliance & Kommunikation
Astrid.Spura@...

Open Source Automation Development Lab (OSADL) eG
Im Neuenheimer Feld 583, 69120 Heidelberg
Telefon: 06221 98504-0, Telefax: 06221 98504-80
office@...
http://www.osadl.org
https://youtu.be/18RgBp9X6ss

Sitz des Unternehmens: Heidelberg
Genossenschaftsregister Nr. 700048 beim Amtsgericht Mannheim
Aufsichtsratsvorsitzender: Axel Berghoff
Vorstände: Andreas Orzelski, Rainer Thieringer
Steuer-Nr. 32080/02883, USt-Id DE249975743





Re: [germany-wg] [openchain] FAQ: Common Misunderstandings about OSS Licensing (English and Japanese

Astrid Spura <office@...>
 

Thank you very much for offering help! Reviewing translation would be great. I will get in touch in time.

Best regards,
Astrid


Am 25.01.22 um 19:53 schrieb Jan Thielscher:

😊 ... so count me in as well...
Von: main@... <main@...> im Auftrag von Stefanie Pors via lists.openchainproject.org <stefanie.pors=intel.com@...>
Datum: Dienstag, 25. Januar 2022 um 18:51
An: germany-wg@... <germany-wg@...>, main@... <main@...>
Betreff: Re: [germany-wg] [openchain] FAQ: Common Misunderstandings about OSS Licensing (English and Japanese
Hi Stefan, Astrid,
Happy to provide a pair of German reviewing eyes as well. (Stefan, the "ping" on the *old* group worked 😉)
Greetings
Steffi
Stefanie Pors
GAT EMEA – Intel Legal Department
-----Original Message-----
From: germany-wg@... <germany-wg@...> On Behalf Of Stefan Thanheiser
Sent: Dienstag, 25. Januar 2022 18:38
To: main@...; germany-wg@...
Subject: Re: [germany-wg] [openchain] FAQ: Common Misunderstandings about OSS Licensing (English and Japanese
Hi Astrid,
please count me in for the translation into German (if you need more helping hands/brains).
I also could offer https://github.com/OCSpecGermanTranslation as collaboration space.
Are there more volunteers (maybe from the 'old' specification translation group 😉 )?
Regards,
Stefan
Stefan Thanheiser
Atruvia AG
---
Servicefeld Qualität IT-Sicherheit Einkauf, Tribe Einkauf, Chapter Software Asset & Lizenzmanagement
---
Telefon +49 721 4004-1860
Mobil +49 170 3304133
E-Mail stefan.thanheiser@...
Atruvia AG | www.atruvia.de<http://www.atruvia.de>
AG Frankfurt a. M. HRB 102381 | Sitz der Gesellschaft: Frankfurt a. M. | USt-IdNr. DE 143582320
Vorstand: Martin Beyer (Vorstandssprecher), Ulrich Coenen (Vorstandssprecher), Daniela Bücker, Birgit Frohnhoff, Jörg Staff, Ralf Teufel Vorsitzender des Aufsichtsrats: Jürgen Brinkmann
-----Ursprüngliche Nachricht-----
Von: main@... <main@...> Im Auftrag von Astrid Spura
Gesendet: Dienstag, 25. Januar 2022 16:38
An: main@...
Cc: OpenChain Japan <japan-wg@...>
Betreff: Re: [openchain] FAQ: Common Misunderstandings about OSS Licensing (English and Japanese
Dear Shane,
dear all,

The OpenChain Japan work group has released a new revision of its FAQ regarding frequent misunderstandings around open source licenses. This FAQ is available in English and Japanese, and assistance in translating it into other languages is very welcome.
We would be happy to help with translation into German language. If there is already work in progress, please get in touch, so that we can share the workload.

It is important to note that this document is based on real world experiences distilled into very practical knowledge. We are fortunate to have had many companies contribute to it, and it holds great potential to assist the supply chain.
Yes, well done. We appreciate the work. The issues mentioned are comparable with our experiences.

You can get over on GitHub

https://github.com/OpenChain-Project/OpenChain-JWG/tree/master/Educati
on_Material/FAQ
Thanks. We will let you know as soon as the German version will be ready.
Best regards,
Astrid
--
Astrid Spura, Compliance & Communication Astrid.Spura@...
Open Source Automation Development Lab (OSADL) eG Im Neuenheimer Feld 583, D-69120 Heidelberg, Germany
Phone: +49(6221)98504-0, Fax: +49(6221)98504-80 office@... http://www.osadl.org
https://youtu.be/z0MiLwP_n40
Location of the company: Heidelberg, Germany Cooperative register #700048 at the district court of Mannheim Chairman of the Supervisory Board: Axel Berghoff
Directors: Andreas Orzelski, Rainer Thieringer Tax number 32080/02883, VAT Id-No DE249975743
Intel Germany GmbH & Co. KG
Registered Address: Lilienthalstraße 15 D-85579 Neubiberg Germany Tel +49 89 89 89 97-0 www.intel.com<http://www.intel.com>
Registered Office: Neubiberg Commercial Register: Amtsgericht München HRA 94167
Limited Partner (Kommanditist): Lantiq Intermediate Holdco S.à r.l
General Partner (Komplementär): Intel Germany Holding GmbH Registered Office: Neubiberg
Commercial Register: Amtsgericht München HRB 180523
Managing Directors (Geschäftsführung): Christin Eisenschmid, Sharon Heck, Tiffany Doon Silva
--
Astrid Spura, Compliance & Kommunikation
Astrid.Spura@...

Open Source Automation Development Lab (OSADL) eG
Im Neuenheimer Feld 583, 69120 Heidelberg
Telefon: 06221 98504-0, Telefax: 06221 98504-80
office@...
http://www.osadl.org
https://youtu.be/18RgBp9X6ss

Sitz des Unternehmens: Heidelberg
Genossenschaftsregister Nr. 700048 beim Amtsgericht Mannheim
Aufsichtsratsvorsitzender: Axel Berghoff
Vorstände: Andreas Orzelski, Rainer Thieringer
Steuer-Nr. 32080/02883, USt-Id DE249975743


Re: [germany-wg] [openchain] FAQ: Common Misunderstandings about OSS Licensing (English and Japanese

Jan Thielscher
 

😊 ... so count me in as well...

 

Von: main@... <main@...> im Auftrag von Stefanie Pors via lists.openchainproject.org <stefanie.pors=intel.com@...>
Datum: Dienstag, 25. Januar 2022 um 18:51
An: germany-wg@... <germany-wg@...>, main@... <main@...>
Betreff: Re: [germany-wg] [openchain] FAQ: Common Misunderstandings about OSS Licensing (English and Japanese

Hi Stefan, Astrid,

Happy to provide a pair of German reviewing eyes as well.  (Stefan, the "ping" on the *old* group worked 😉)

Greetings
Steffi

Stefanie Pors

GAT EMEA – Intel Legal Department

-----Original Message-----
From: germany-wg@... <germany-wg@...> On Behalf Of Stefan Thanheiser
Sent: Dienstag, 25. Januar 2022 18:38
To: main@...; germany-wg@...
Subject: Re: [germany-wg] [openchain] FAQ: Common Misunderstandings about OSS Licensing (English and Japanese

Hi Astrid,

please count me in for the translation into German (if you need more helping hands/brains).
I also could offer https://github.com/OCSpecGermanTranslation as collaboration space.

Are there more volunteers (maybe from the 'old' specification translation group 😉 )?

Regards,
Stefan

Stefan Thanheiser

Atruvia AG
---
Servicefeld Qualität IT-Sicherheit Einkauf, Tribe Einkauf, Chapter Software Asset & Lizenzmanagement
---
Telefon +49 721 4004-1860
Mobil +49 170 3304133
E-Mail stefan.thanheiser@...




Atruvia AG | www.atruvia.de
AG Frankfurt a. M. HRB 102381 | Sitz der Gesellschaft: Frankfurt a. M. | USt-IdNr. DE 143582320
Vorstand: Martin Beyer (Vorstandssprecher), Ulrich Coenen (Vorstandssprecher), Daniela Bücker, Birgit Frohnhoff, Jörg Staff, Ralf Teufel Vorsitzender des Aufsichtsrats: Jürgen Brinkmann


-----Ursprüngliche Nachricht-----
Von: main@... <main@...> Im Auftrag von Astrid Spura
Gesendet: Dienstag, 25. Januar 2022 16:38
An: main@...
Cc: OpenChain Japan <japan-wg@...>
Betreff: Re: [openchain] FAQ: Common Misunderstandings about OSS Licensing (English and Japanese

Dear Shane,
dear all,

> The OpenChain Japan work group has released a new revision of its FAQ regarding frequent misunderstandings around open source licenses. This FAQ is available in English and Japanese, and assistance in translating it into other languages is very welcome.
We would be happy to help with translation into German language. If there is already work in progress, please get in touch, so that we can share the workload.

> It is important to note that this document is based on real world experiences distilled into very practical knowledge. We are fortunate to have had many companies contribute to it, and it holds great potential to assist the supply chain.
Yes, well done. We appreciate the work. The issues mentioned are comparable with our experiences.

> You can get over on GitHub
>
> https://github.com/OpenChain-Project/OpenChain-JWG/tree/master/Educati
> on_Material/FAQ
Thanks. We will let you know as soon as the German version will be ready.

Best regards,
Astrid

--
Astrid Spura, Compliance & Communication Astrid.Spura@...

Open Source Automation Development Lab (OSADL) eG Im Neuenheimer Feld 583, D-69120 Heidelberg, Germany
Phone: +49(6221)98504-0, Fax: +49(6221)98504-80 office@... http://www.osadl.org
https://youtu.be/z0MiLwP_n40

Location of the company: Heidelberg, Germany Cooperative register #700048 at the district court of Mannheim Chairman of the Supervisory Board: Axel Berghoff
Directors: Andreas Orzelski, Rainer Thieringer Tax number 32080/02883, VAT Id-No DE249975743










Intel Germany GmbH & Co. KG
Registered Address: Lilienthalstraße 15   D-85579 Neubiberg   Germany   Tel +49 89 89 89 97-0   www.intel.com
Registered Office: Neubiberg   Commercial Register: Amtsgericht München HRA 94167
Limited Partner (Kommanditist): Lantiq Intermediate Holdco S.à r.l
General Partner (Komplementär): Intel Germany Holding GmbH   Registered Office: Neubiberg
Commercial Register: Amtsgericht München HRB 180523
Managing Directors (Geschäftsführung): Christin Eisenschmid, Sharon Heck, Tiffany Doon Silva





Re: [germany-wg] [openchain] FAQ: Common Misunderstandings about OSS Licensing (English and Japanese

Stefanie Pors
 

Hi Stefan, Astrid,

Happy to provide a pair of German reviewing eyes as well. (Stefan, the "ping" on the *old* group worked 😉)

Greetings
Steffi

Stefanie Pors

GAT EMEA – Intel Legal Department

-----Original Message-----
From: germany-wg@... <germany-wg@...> On Behalf Of Stefan Thanheiser
Sent: Dienstag, 25. Januar 2022 18:38
To: main@...; germany-wg@...
Subject: Re: [germany-wg] [openchain] FAQ: Common Misunderstandings about OSS Licensing (English and Japanese

Hi Astrid,

please count me in for the translation into German (if you need more helping hands/brains).
I also could offer https://github.com/OCSpecGermanTranslation as collaboration space.

Are there more volunteers (maybe from the 'old' specification translation group 😉 )?

Regards,
Stefan

Stefan Thanheiser

Atruvia AG
---
Servicefeld Qualität IT-Sicherheit Einkauf, Tribe Einkauf, Chapter Software Asset & Lizenzmanagement
---
Telefon +49 721 4004-1860
Mobil +49 170 3304133
E-Mail stefan.thanheiser@...




Atruvia AG | www.atruvia.de
AG Frankfurt a. M. HRB 102381 | Sitz der Gesellschaft: Frankfurt a. M. | USt-IdNr. DE 143582320
Vorstand: Martin Beyer (Vorstandssprecher), Ulrich Coenen (Vorstandssprecher), Daniela Bücker, Birgit Frohnhoff, Jörg Staff, Ralf Teufel Vorsitzender des Aufsichtsrats: Jürgen Brinkmann


-----Ursprüngliche Nachricht-----
Von: main@... <main@...> Im Auftrag von Astrid Spura
Gesendet: Dienstag, 25. Januar 2022 16:38
An: main@...
Cc: OpenChain Japan <japan-wg@...>
Betreff: Re: [openchain] FAQ: Common Misunderstandings about OSS Licensing (English and Japanese

Dear Shane,
dear all,

The OpenChain Japan work group has released a new revision of its FAQ regarding frequent misunderstandings around open source licenses. This FAQ is available in English and Japanese, and assistance in translating it into other languages is very welcome.
We would be happy to help with translation into German language. If there is already work in progress, please get in touch, so that we can share the workload.

It is important to note that this document is based on real world experiences distilled into very practical knowledge. We are fortunate to have had many companies contribute to it, and it holds great potential to assist the supply chain.
Yes, well done. We appreciate the work. The issues mentioned are comparable with our experiences.

You can get over on GitHub

https://github.com/OpenChain-Project/OpenChain-JWG/tree/master/Educati
on_Material/FAQ
Thanks. We will let you know as soon as the German version will be ready.

Best regards,
Astrid

--
Astrid Spura, Compliance & Communication Astrid.Spura@...

Open Source Automation Development Lab (OSADL) eG Im Neuenheimer Feld 583, D-69120 Heidelberg, Germany
Phone: +49(6221)98504-0, Fax: +49(6221)98504-80 office@... http://www.osadl.org
https://youtu.be/z0MiLwP_n40

Location of the company: Heidelberg, Germany Cooperative register #700048 at the district court of Mannheim Chairman of the Supervisory Board: Axel Berghoff
Directors: Andreas Orzelski, Rainer Thieringer Tax number 32080/02883, VAT Id-No DE249975743










Intel Germany GmbH & Co. KG
Registered Address: Lilienthalstraße 15 D-85579 Neubiberg Germany Tel +49 89 89 89 97-0 www.intel.com
Registered Office: Neubiberg Commercial Register: Amtsgericht München HRA 94167
Limited Partner (Kommanditist): Lantiq Intermediate Holdco S.à r.l
General Partner (Komplementär): Intel Germany Holding GmbH Registered Office: Neubiberg
Commercial Register: Amtsgericht München HRB 180523
Managing Directors (Geschäftsführung): Christin Eisenschmid, Sharon Heck, Tiffany Doon Silva


Re: FAQ: Common Misunderstandings about OSS Licensing (English and Japanese

Stefan Thanheiser
 

Hi Astrid,

please count me in for the translation into German (if you need more helping hands/brains).
I also could offer https://github.com/OCSpecGermanTranslation as collaboration space.

Are there more volunteers (maybe from the 'old' specification translation group 😉 )?

Regards,
Stefan

Stefan Thanheiser

Atruvia AG
---
Servicefeld Qualität IT-Sicherheit Einkauf,
Tribe Einkauf,
Chapter Software Asset & Lizenzmanagement
---
Telefon +49 721 4004-1860
Mobil +49 170 3304133
E-Mail stefan.thanheiser@...




Atruvia AG | www.atruvia.de
AG Frankfurt a. M. HRB 102381 | Sitz der Gesellschaft: Frankfurt a. M. | USt-IdNr. DE 143582320
Vorstand: Martin Beyer (Vorstandssprecher), Ulrich Coenen (Vorstandssprecher),
Daniela Bücker, Birgit Frohnhoff, Jörg Staff, Ralf Teufel
Vorsitzender des Aufsichtsrats: Jürgen Brinkmann


-----Ursprüngliche Nachricht-----
Von: main@... <main@...> Im Auftrag von Astrid Spura
Gesendet: Dienstag, 25. Januar 2022 16:38
An: main@...
Cc: OpenChain Japan <japan-wg@...>
Betreff: Re: [openchain] FAQ: Common Misunderstandings about OSS Licensing (English and Japanese

Dear Shane,
dear all,

The OpenChain Japan work group has released a new revision of its FAQ regarding frequent misunderstandings around open source licenses. This FAQ is available in English and Japanese, and assistance in translating it into other languages is very welcome.
We would be happy to help with translation into German language. If there is already work in progress, please get in touch, so that we can share the workload.

It is important to note that this document is based on real world experiences distilled into very practical knowledge. We are fortunate to have had many companies contribute to it, and it holds great potential to assist the supply chain.
Yes, well done. We appreciate the work. The issues mentioned are comparable with our experiences.

You can get over on GitHub

https://github.com/OpenChain-Project/OpenChain-JWG/tree/master/Educati
on_Material/FAQ
Thanks. We will let you know as soon as the German version will be ready.

Best regards,
Astrid

--
Astrid Spura, Compliance & Communication Astrid.Spura@...

Open Source Automation Development Lab (OSADL) eG Im Neuenheimer Feld 583, D-69120 Heidelberg, Germany
Phone: +49(6221)98504-0, Fax: +49(6221)98504-80 office@... http://www.osadl.org
https://youtu.be/z0MiLwP_n40

Location of the company: Heidelberg, Germany Cooperative register #700048 at the district court of Mannheim Chairman of the Supervisory Board: Axel Berghoff
Directors: Andreas Orzelski, Rainer Thieringer Tax number 32080/02883, VAT Id-No DE249975743


Re: FAQ: Common Misunderstandings about OSS Licensing (English and Japanese

Astrid Spura <office@...>
 

Dear Shane,
dear all,

The OpenChain Japan work group has released a new revision of its FAQ regarding frequent misunderstandings around open source licenses. This FAQ is available in English and Japanese, and assistance in translating it into other languages is very welcome.
We would be happy to help with translation into German language. If there is already work in progress, please get in touch, so that we can share the workload.

It is important to note that this document is based on real world experiences distilled into very practical knowledge. We are fortunate to have had many companies contribute to it, and it holds great potential to assist the supply chain.
Yes, well done. We appreciate the work. The issues mentioned are comparable with our experiences.

You can get over on GitHub
https://github.com/OpenChain-Project/OpenChain-JWG/tree/master/Education_Material/FAQ
Thanks. We will let you know as soon as the German version will be ready.

Best regards,
Astrid

--
Astrid Spura, Compliance & Communication
Astrid.Spura@...

Open Source Automation Development Lab (OSADL) eG
Im Neuenheimer Feld 583, D-69120 Heidelberg, Germany
Phone: +49(6221)98504-0, Fax: +49(6221)98504-80
office@...
http://www.osadl.org
https://youtu.be/z0MiLwP_n40

Location of the company: Heidelberg, Germany
Cooperative register #700048 at the district court of Mannheim
Chairman of the Supervisory Board: Axel Berghoff
Directors: Andreas Orzelski, Rainer Thieringer
Tax number 32080/02883, VAT Id-No DE249975743


Re: McHardy’s Trolling Is Over

JerryTan
 

It is a good news.

 

 

发件人: "main@..." <main@...> 代表 Shane Coughlan <scoughlan@...>
答复: "main@..." <main@...>
日期: 2022125 星期二 下午1:14
收件人: OpenChain Main <main@...>
主题: [openchain] McHardy’s Trolling Is Over

 

We previewed this at the end of last year with a talk by Armijn Hemel on a decade of McHardy and the likelihood this individual was less of a threat going into 2022. Now it is official that he has been dealt with in a court of law. He can no longer use Netfilter in speculative, trolling law suits. Learn more:

https://lore.kernel.org/netdev/Ye6jCQm7z0Yr3bqA@salvia/T/

Shane Coughlan

OpenChain General Manager

+818040358083

Book a meeting:

https://meetings.hubspot.com/scoughlan


“A Bug in Early Creative Commons Licenses Has Enabled a New Breed of Superpredator”

 

Very little open source *code* is under Creative Commons licenses. However, a lot of open source *documentation* is under Creative Commons licenses. Therefore, we should keep an eye on this matter.
Copyleft trolls, robosigning, and Pixsy”
https://doctorow.medium.com/a-bug-in-early-creative-commons-licenses-has-enabled-a-new-breed-of-superpredator-5f6360713299

Shane Coughlan
OpenChain General Manager
+818040358083
Book a meeting:
https://meetings.hubspot.com/scoughlan


Successful GPLv3 Enforcement In Italy - Webinar Starts Now

 

Successful GPLv3 Enforcement In Italy - Webinar Starts Now

Carlo and Alberto join us live to explain how Array Law managed the case. 

Join free and without registration:

Check your time:
06:00 UTC / 07:00 CET / 08:00 BST / 14:00 CST / 15:00 KST+JST 2022-01-25 (22:00 PST previous day 2022-01-24)


McHardy’s Trolling Is Over

 

We previewed this at the end of last year with a talk by Armijn Hemel on a decade of McHardy and the likelihood this individual was less of a threat going into 2022. Now it is official that he has been dealt with in a court of law. He can no longer use Netfilter in speculative, trolling law suits. Learn more:
https://lore.kernel.org/netdev/Ye6jCQm7z0Yr3bqA@salvia/T/

Shane Coughlan
OpenChain General Manager
+818040358083
Book a meeting:
https://meetings.hubspot.com/scoughlan


Re: [partners] Supplier Education Leaflet – Help Wanted

 

Thank you Malcolm! I am going to run this past the designer.

On Jan 20, 2022, at 18:45, Malcolm Bain <malcolm.bain@...> wrote:

Thanks Shane

We've OCR'd to MSWord, and will then move to ODT or TXT format or some markup if you want.

Attached is the OCR'd MSWord version of the English (if it gets through the list)

Malcolm



-----Mensaje original-----
De: partners@...
<partners@...> En nombre de Shane Coughlan via
lists.openchainproject.org
Enviado el: jueves, 20 de enero de 2022 4:55
Para: OpenChain Partners <partners@...>
CC: OpenChain Main <main@...>
Asunto: Re: [partners] Supplier Education Leaflet – Help Wanted

Update: the source documents are in InDesign format for professional
printing. This raises some complications for community translation. I am
checking with a designer if there is a way we can work around this.

On Jan 17, 2022, at 16:40, Malcolm Bain <malcolm.bain@id-
lawpartners.com> wrote:

No problem with Spanish – coming up on Wednesday!

Malcolm


De: partners@...
<partners@...> En nombre de Shane Coughlan via
lists.openchainproject.org Enviado el: lunes, 17 de enero de 2022 6:36
Para: OpenChain Main <main@...>
CC: OpenChain Partners <partners@...>
Asunto: [partners] Supplier Education Leaflet – Help Wanted

The OpenChain Project has a lot of reference material to support the
adoption of OpenChain ISO/IEC 5230 and with open source compliance,
security and export control more broadly. One of the foundation documents
we have is a supplier education leaflet. It was created by the OpenChain
Japan Work Group and – with the recent addition of Dutch – is now available
in eight languages.

We would like your help to expand the reach of this document. We
especially want help with translations into French and Spanish.

Check Out The Source Code On GitHub:
https://github.com/OpenChain-Project/Reference-Material/tree/master/Su
ppliers/Leaflet/Official/2.1

<image001.png>








<supplier-leaflet-en_reconocido.docx>


Re: [partners] Supplier Education Leaflet – Help Wanted

 

Stefan, this is tremendous! Thank you so much.

Shane

On Jan 25, 2022, at 3:50, Stefan Thanheiser <stefan.thanheiser@...> wrote:

Hello again everyone,

Please find a first version of my current OpenChain Supplier Leaflet ODT at
https://github.com/OCSpecGermanTranslation/OpenChain-SupplierLeaflet-GermanTranslation/blob/master/supplier-leaflet/en/20220124_OpenChain_SupplierLeaflet_en_ODT.odt

Please also find enclosed a PDF export of that version.

I know that there still might still be some typos in the document - as ff, fl, etc. weren’t transferred via copy&paste.
=> Corrected version upcoming…

Regards,
Stefan



Am 24.01.2022 um 16:39 schrieb Stefan Thanheiser <Stefan.Thanheiser@...>:

Hi everyone,

what a coincidence - I just started to familiarize myself with LibeOffice Write by creating an ODT Template for the Supplier Leaflet 😉
(...as a substitute for my historic Scribus version).

I'll post a first (still incomplete) version in my GitHub repo this evening. Any help is welcome.

Regards,
Stefan

Stefan Thanheiser

Atruvia AG
---
Servicefeld Qualität IT-Sicherheit Einkauf,
Tribe Einkauf,
Chapter Software Asset & Lizenzmanagement
---
Telefon +49 721 4004-1860
Mobil +49 170 3304133
E-Mail stefan.thanheiser@...




Atruvia AG | www.atruvia.de
AG Frankfurt a. M. HRB 102381 | Sitz der Gesellschaft: Frankfurt a. M. | USt-IdNr. DE 143582320
Vorstand: Martin Beyer (Vorstandssprecher), Ulrich Coenen (Vorstandssprecher),
Daniela Bücker, Birgit Frohnhoff, Jörg Staff, Ralf Teufel
Vorsitzender des Aufsichtsrats: Jürgen Brinkmann


-----Ursprüngliche Nachricht-----
Von: main@... <main@...> Im Auftrag von Malcolm Bain
Gesendet: Donnerstag, 20. Januar 2022 10:46
An: partners@...
Cc: OpenChain Main <main@...>
Betreff: Re: [openchain] [partners] Supplier Education Leaflet – Help Wanted

Thanks Shane

We've OCR'd to MSWord, and will then move to ODT or TXT format or some markup if you want.

Attached is the OCR'd MSWord version of the English (if it gets through the list)

Malcolm



-----Mensaje original-----
De: partners@...
<partners@...> En nombre de Shane Coughlan via
lists.openchainproject.org Enviado el: jueves, 20 de enero de 2022
4:55
Para: OpenChain Partners <partners@...>
CC: OpenChain Main <main@...>
Asunto: Re: [partners] Supplier Education Leaflet – Help Wanted

Update: the source documents are in InDesign format for professional
printing. This raises some complications for community translation. I
am checking with a designer if there is a way we can work around this.

On Jan 17, 2022, at 16:40, Malcolm Bain <malcolm.bain@id-
lawpartners.com> wrote:

No problem with Spanish – coming up on Wednesday!

Malcolm


De: partners@...
<partners@...> En nombre de Shane Coughlan
via lists.openchainproject.org Enviado el: lunes, 17 de enero de
2022 6:36
Para: OpenChain Main <main@...>
CC: OpenChain Partners <partners@...>
Asunto: [partners] Supplier Education Leaflet – Help Wanted

The OpenChain Project has a lot of reference material to support the
adoption of OpenChain ISO/IEC 5230 and with open source compliance,
security and export control more broadly. One of the foundation
documents we have is a supplier education leaflet. It was created by
the OpenChain Japan Work Group and – with the recent addition of Dutch
– is now available in eight languages.

We would like your help to expand the reach of this document. We
especially want help with translations into French and Spanish.

Check Out The Source Code On GitHub:
https://github.com/OpenChain-Project/Reference-Material/tree/master/
Su
ppliers/Leaflet/Official/2.1

<image001.png>










<20220124_OpenChain_SupplierLeaflet_en_ODT.pdf>


Re: [openchain-automotive-work-group] OpenChain On Security

 

Looking forward to having you there Chris :) Your input will be valuable as we flesh out the best way to support the security domain moving forward.

On Jan 20, 2022, at 22:53, Christopher Wood <cvw01@...> wrote:

Shane
Sounds like good opportunities to participate. Looking forward to the formal announcement for the security conference.
Best Regards
Chris

On Jan 20, 2022, at 12:07 AM, Shane Coughlan <scoughlan@...> wrote:


Over the last 12 months there have been several noteworthy concerns around open source and security. The exposure of vulnerability in software has exposed underlying issues with process management and ultimately with sustainability. The OpenChain Project, steward of ISO/IEC 5230:2020, the International Standard for open source compliance, has been at the forefront of addressing these matters.

In August 2021 we responded to market demand by releasing a Security Assurance Reference Guide. The first version of this document explained how ISO/IEC 5230 could be used through the optics of security. Like all our documentation, it was developed and released in the public arena, and subject to review and contributions from a wide array of stakeholders.

We are now working on the second iteration of this document. It does for security what ISO/IEC 5230 did for compliance: it provides a minimal, broadly applicable list of key requirements to institute a quality assurance program to address the domain space.

We do not intend to replace existing security standards. We do not intend to bloat ISO/IEC 5230. Instead, we are pursuing our proven approach of developing a real-world solution for a real-world problem that can be immediately deployed, and over time fits together with adjacent activities as neatly as a jigsaw puzzle.

For those new to this topic and wondering what OpenChain’s engagement means in practice, a summary of our Specification Work Group discussions throughout 2020-2021 is in order.

We are considering three paths for the security domain. One sees the Security Assurance Reference Guide maintaining its stance solely as a guide. Another sees the Security Assurance Reference Guide evolve into a Reference Specification that may become a de facto industry standard over time. Lastly, there is the option to have the Security Assurance Reference Guide evolve into an optional component for a future iteration of ISO/IEC 5230.

You can contribute to this activity by joining our bi-weekly global work team calls [1], our specification mailing list [2], and opening issues on the relevant repository in GitHub [3].

1. https://www.openchainproject.org/community
2. https://lists.openchainproject.org/g/specification
3. https://github.com/OpenChain-Project/SecurityAssuranceGuide/tree/main/Guide/2.0
The OpenChain Project is far from alone in helping to address concerns around open source and security. The Open Source Security Foundation (OpenSSF) is a sister project at the Linux Foundation dedicated to securing the open source ecosystem. The Software Package Data Exchange Project (SPDX) maintains ISO/IEC 5962:2021, an International Standard for Software Bill of Materials. The Linux Foundation also hosts tools to help with automation in the space. We are collaborating to ensure the future of open source is secure.

You can expect a continuation of these activities throughout 2022. There will be an excellent opportunity for you to get involved during this quarter, as the OpenChain Project hosts a security summit to enable our extensive global community to share notes. To learn more about this, as well as our other activities, join one of our calls or one of our mailing lists. Everyone is welcome.

Get Started With Our Community

https://www.openchainproject.org/community
Attend The OpenChain Security Summit On February 17th and 18th

https://www.openchainproject.org/featured/2022/01/19/openchain-2022-our-mini-summits-evolve-into-full-summits
The Security Summit will take place on February 17th 2022 at 17:00 PST / February 18th 2022 02:00 UTC / 09:00 CST / 10:00 JST. It will be hosted on Zoom and it will be free to attend. It will also be recorded. You can expect to come away with a clear understanding of market conditions, how the Linux Foundation is addressing them, and where OpenChain fits into the picture.




621 - 640 of 5036