One of the core guiding principles for the OpenChain Specification is to focus on the what and why of compliance (and avoid the how and when). This is highlighted in the introduction of the spec. That

Hi Nicole, Thanks for the feedback. We briefly discussed your concern during the Specification working group meeting yesterday. The Specification working group's mission is: Establishing trust in the

The current draft of the Security Assurance Reference Guide can be found here: https://github.com/OpenChain-Project/SecurityAssuranceGuide/tree/main/Guide best, Mark Gisi Director, Open Source Program

Attached are the slides for the OpenChain Q1 2021 Mini-Summit Specification Discussion: Security Guide Exploration. best, Mark Gisi Director, Open Source Program Office (510) 749-2016

As Shane announced last week - we will be meeting today (9am PST) to discuss the next version of the OpenChain specification (3.0) Note – there is a password (123456) Join Zoom Meeting https://windriv

Dear OpenChain Community, We are now seeking broader public comments for ISO submission version 2.1 of the Specification which will conclude on December 10th. This is the last major step in the spec d

Shane - Ok. Sounds good.

We will continue to accept feedback on version 2.1 of specification up through Thursday October 31st. We will be holding a F2F meeting/workshop at the Open Source Summit conference in Lyon tomorrow (O

OpenChain specification conformance extends trust to security vulnerability assurance. That is, OpenChain conforming suppliers are better positioned to manage security vulnerabilities because of the b

Reminder: the next version of the specification (spec) will largely involve converting the current 2.0 version into an ISO format for submission for ISO adoption. Therefore we are only considering sma

The latest draft of the next version of OpenChain Specification can be found here: https://wiki.linuxfoundation.org/_media/openchain/OpenChainSpec-2.1.draft.MarkUp.pdf Our objective is to make only mi

Reminder: If you would like to actively contribute to the development of the next version of the spec (or just follow along) you should subscribe to the spec mailing list: https://lists.linuxfoundatio

This is a reasonable objective. We need to formally commit to that. If we are going to keep the "2" in the version I would be reluctant to change anything other than formatting. That is, the semantics

I will queue the items up in the github wiki so that we can begin to review each in turn. I attached the latest format. I accepts Rex’s comments (seem reasonable -e.g., might vs may, ...). I did adjus

Hi Masao, Sorry for the delayed follow up. We have had success employing Open Development principles to solve a similar problem. I would not categorize it so much as Inner Source, but more as Open Inn

Hi Shoken, Shane is in the process of reorganizing the translation repositories on github. Once that is settled we could give directions how to upload your draft. If you want to temporarily place a dr

Alexios - good point. The repo use grew during the version 2.0 drafting and see that trend continuing with the next version (which will mean more pull requests). Another consideration could be a hybri

The OpenChain Specification version 2.0 is nearly ready as we enter the last 5 days of the 14 day freeze period. This period provides everyone the chance to review the final draft - where we can accep

Thank you Haksung. I added the markdown template to the spec’s github repo: https://github.com/OpenChain-Project/Specification/tree/master/version/2.0 - Mark

The spec translation templates can be found on github: https://github.com/OpenChain-Project/Specification The 2.0 template specifically can be found here: https://github.com/OpenChain-Project/Specific