OpenChain spec v0.1
Hi Everyone,
We’ve done the first pass on cleaning up the spec in particular changing the language to imperative language. Version 0.1 is now posted on the Etherpad (https://etherpad.wikimedia.org/p/openchain) and the original spec is archived on the wiki.
Let me know if you have any questions regarding the scope of the clean-up.
Best regards,
Kelly
Hi Kelly,
One thought occurred to me while looking at the clean document and was planning to raise during our next session is to have a summary of our initiative at the top of the document to capture the purpose. Perhaps this is something that we can add to our agenda for next time?
Best regards,
Sami
Sent: 06 October 2015 23:11
To: openchain@...
Subject: [OpenChain] OpenChain spec v0.1
Hi Everyone,
We’ve done the first pass on cleaning up the spec in particular changing the language to imperative language. Version 0.1 is now posted on the Etherpad (https://etherpad.wikimedia.org/p/openchain) and the original spec is archived on the wiki.
Let me know if you have any questions regarding the scope of the clean-up.
Best regards,
Kelly
-- IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.
ARM Limited, Registered office 110 Fulbourn Road, Cambridge CB1 9NJ, Registered in England & Wales, Company No: 2557590
ARM Holdings plc, Registered office 110 Fulbourn Road, Cambridge CB1 9NJ, Registered in England & Wales, Company No: 2548782
Regards,
Jim
At 07:41 AM 10/7/2015, Sami Atabani wrote:
Hi Kelly,
One thought occurred to me while looking at the clean document and was planning to raise during our next session is to have a summary of our initiative at the top of the document to capture the purpose. Perhaps this is something that we can add to our agenda for next time?
Best regards,
Sami
From: openchain-bounces@... [ mailto:openchain-bounces@...] On Behalf Of Williams, Kelly
Sent: 06 October 2015 23:11
To: openchain@...
Subject: [OpenChain] OpenChain spec v0.1
Hi Everyone,
Weve done the first pass on cleaning up the spec in particular changing the language to imperative language. Version 0.1 is now posted on the Etherpad ( https://etherpad.wikimedia.org/p/openchain) and the original spec is archived on the wiki.
Let me know if you have any questions regarding the scope of the clean-up.
Best regards,
Kelly
-- IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.
ARM Limited, Registered office 110 Fulbourn Road, Cambridge CB1 9NJ, Registered in England & Wales, Company No: 2557590
ARM Holdings plc, Registered office 110 Fulbourn Road, Cambridge CB1 9NJ, Registered in England & Wales, Company No: 2548782
_______________________________________________
OpenChain mailing list
OpenChain@...
https://lists.linuxfoundation.org/mailman/listinfo/openchain
Hi Kelly,
Unfortunately, I won’t be able to join the next session on Monday due to travel commitment but would be happy for this to be discussed during my absence or delayed for next time.
My thoughts are captured below and can be used as the basis for defining the purpose:
- A clear OSS approval process
- Review and approve incoming OSS based on use case and applicable licence
- Identify obligations based on licence and use case
- Track and record key OSS details
- Verify what OSS is used and distributed in products/deliverables prior to release
- Identify a bill of material for all OSS used within a product/deliverable through automated scans and/or visual inspections
- Compare against the list of approved OSS and address any discrepancies
- Compliance with applicable obligations & post-contract management
- Confirm that obligations have been fulfilled and put auditable process in place to verify compliance
- Ensure any outwards licence compatibility issues are considered and addressed
I hope this will be useful.
Best regards,
Sami
From:
openchain-bounces@... [mailto:openchain-bounces@...]
On Behalf Of Sami Atabani
Sent: 07 October 2015 15:41
To: Williams, Kelly;
openchain@...
Subject: Re: [OpenChain] OpenChain spec v0.1
Hi Kelly,
One thought occurred to me while looking at the clean document and was planning to raise during our next session is to have a summary of our initiative at the top of the document to capture the purpose. Perhaps this is something that we can add to our agenda for next time?
Best regards,
Sami
From:
openchain-bounces@...
[mailto:openchain-bounces@...]
On Behalf Of Williams, Kelly
Sent: 06 October 2015 23:11
To: openchain@...
Subject: [OpenChain] OpenChain spec v0.1
Hi Everyone,
We’ve done the first pass on cleaning up the spec in particular changing the language to imperative language. Version 0.1 is now posted on the Etherpad (https://etherpad.wikimedia.org/p/openchain) and the original spec is archived on the wiki.
Let me know if you have any questions regarding the scope of the clean-up.
Best regards,
Kelly
-- IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender
immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.
ARM Limited, Registered office 110 Fulbourn Road, Cambridge CB1 9NJ, Registered in England & Wales, Company No: 2557590
ARM Holdings plc, Registered office 110 Fulbourn Road, Cambridge CB1 9NJ, Registered in England & Wales, Company No: 2548782
-- IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.
ARM Limited, Registered office 110 Fulbourn Road, Cambridge CB1 9NJ, Registered in England & Wales, Company No: 2557590
ARM Holdings plc, Registered office 110 Fulbourn Road, Cambridge CB1 9NJ, Registered in England & Wales, Company No: 2548782
My impression is that this seems to be a very good capture of our purpose. Dave
Sent: Wednesday, October 14, 2015 2:07 PM
To: openchain@...; Williams, Kelly
Subject: Re: [OpenChain] OpenChain spec v0.1
Hi Kelly,
Unfortunately, I won’t be able to join the next session on Monday due to travel commitment but would be happy for this to be discussed during my absence or delayed for next time.
My thoughts are captured below and can be used as the basis for defining the purpose:
- A clear OSS approval process
- Review and approve incoming OSS based on use case and applicable licence
- Identify obligations based on licence and use case
- Track and record key OSS details
- Verify what OSS is used and distributed in products/deliverables prior to release
- Identify a bill of material for all OSS used within a product/deliverable through automated scans and/or visual inspections
- Compare against the list of approved OSS and address any discrepancies
- Compliance with applicable obligations & post-contract management
- Confirm that obligations have been fulfilled and put auditable process in place to verify compliance
- Ensure any outwards licence compatibility issues are considered and addressed
I hope this will be useful.
Best regards,
Sami
From:
openchain-bounces@... [mailto:openchain-bounces@...]
On Behalf Of Sami Atabani
Sent: 07 October 2015 15:41
To: Williams, Kelly;
openchain@...
Subject: Re: [OpenChain] OpenChain spec v0.1
Hi Kelly,
One thought occurred to me while looking at the clean document and was planning to raise during our next session is to have a summary of our initiative at the top of the document to capture the purpose. Perhaps this is something that we can add to our agenda for next time?
Best regards,
Sami
From:
openchain-bounces@...
[mailto:openchain-bounces@...]
On Behalf Of Williams, Kelly
Sent: 06 October 2015 23:11
To: openchain@...
Subject: [OpenChain] OpenChain spec v0.1
Hi Everyone,
We’ve done the first pass on cleaning up the spec in particular changing the language to imperative language. Version 0.1 is now posted on the Etherpad (https://etherpad.wikimedia.org/p/openchain) and the original spec is archived on the wiki.
Let me know if you have any questions regarding the scope of the clean-up.
Best regards,
Kelly
-- IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify
the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.
ARM Limited, Registered office 110 Fulbourn Road, Cambridge CB1 9NJ, Registered in England & Wales, Company No: 2557590
ARM Holdings plc, Registered office 110 Fulbourn Road, Cambridge CB1 9NJ, Registered in England & Wales, Company No: 2548782
-- IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify
the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.
ARM Limited, Registered office 110 Fulbourn Road, Cambridge CB1 9NJ, Registered in England & Wales, Company No: 2557590
ARM Holdings plc, Registered office 110 Fulbourn Road, Cambridge CB1 9NJ, Registered in England & Wales, Company No: 2548782
- that all (most?) companies in the supply chain follow internal policies and procedures that realize the following goals <Sami’s text>
- Via collaboratively developed and openly provide guidelines (the actual stuff OpenChain develops)
My impression is that this seems to be a very good capture of our purpose. Dave
Sent: Wednesday, October 14, 2015 2:07 PM
To: openchain@...; Williams, Kelly
Subject: Re: [OpenChain] OpenChain spec v0.1
Hi Kelly,
Unfortunately, I won’t be able to join the next session on Monday due to travel commitment but would be happy for this to be discussed during my absence or delayed for next time.
My thoughts are captured below and can be used as the basis for defining the purpose:
- A clear OSS approval process
- Review and approve incoming OSS based on use case and applicable licence
- Identify obligations based on licence and use case
- Track and record key OSS details
- Verify what OSS is used and distributed in products/deliverables prior to release
- Identify a bill of material for all OSS used within a product/deliverable through automated scans and/or visual inspections
- Compare against the list of approved OSS and address any discrepancies
- Compliance with applicable obligations & post-contract management
- Confirm that obligations have been fulfilled and put auditable process in place to verify compliance
- Ensure any outwards licence compatibility issues are considered and addressed
I hope this will be useful.
Best regards,
Sami
From:openchain-bounces@...
[mailto:openchain-bounces@...]
On Behalf Of Sami Atabani
Sent: 07 October 2015 15:41
To: Williams, Kelly;
openchain@...
Subject: Re: [OpenChain] OpenChain spec v0.1
Hi Kelly,
One thought occurred to me while looking at the clean document and was planning to raise during our next session is to have a summary of our initiative at the top of the document to capture the purpose. Perhaps this is something that we can add to our agenda for next time?
Best regards,
Sami
From:openchain-bounces@...
[mailto:openchain-bounces@...]
On Behalf Of Williams, Kelly
Sent: 06 October 2015 23:11
To: openchain@...
Subject: [OpenChain] OpenChain spec v0.1
Hi Everyone,
We’ve done the first pass on cleaning up the spec in particular changing the language to imperative language. Version 0.1 is now posted on the Etherpad (https://etherpad.wikimedia.org/p/openchain) and the original spec is archived on the wiki.
Let me know if you have any questions regarding the scope of the clean-up.
Best regards,
Kelly
-- IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify
the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.
ARM Limited, Registered office 110 Fulbourn Road, Cambridge CB1 9NJ, Registered in England & Wales, Company No: 2557590
ARM Holdings plc, Registered office 110 Fulbourn Road, Cambridge CB1 9NJ, Registered in England & Wales, Company No: 2548782
-- IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify
the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.
ARM Limited, Registered office 110 Fulbourn Road, Cambridge CB1 9NJ, Registered in England & Wales, Company No: 2557590
ARM Holdings plc, Registered office 110 Fulbourn Road, Cambridge CB1 9NJ, Registered in England & Wales, Company No: 2548782
-- IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.
ARM Limited, Registered office 110 Fulbourn Road, Cambridge CB1 9NJ, Registered in England & Wales, Company No: 2557590
ARM Holdings plc, Registered office 110 Fulbourn Road, Cambridge CB1 9NJ, Registered in England & Wales, Company No: 2548782
Yes, and while I’m not sure if this belongs as part of purpose or somewhere else, as a comment on a desired future state – the way different companies will have implemented their OSS management is sufficiently consistent with a normative process standard (OpenChain!) to allow the upstream diligence effort to be potentially more useful to downstream recipients.
IMO this is a key value driver -- being a good community citizen; while also getting cost savings; while also reducing time-to-market; while also achieving risk reduction.
Yes, we need to capture some of these points in a pitch deck to help folks on this list to get buy-in from their internal stakeholders. Think I’m the stuckee for that deck which probably explains why it’s not done yet.
BTW we had terrific traction at the F2F (thanks to Kate), looking forward to the recap at our next call.
Sent: Thursday, October 15, 2015 3:09 PM
To: Marr, David; Sami Atabani; openchain@...; Williams, Kelly
Subject: Re: [OpenChain] OpenChain spec v0.1
Agreed!! :)
I think the “purpose” of OpenChain is to establish best practices / guidelines / roadmap (whatever we call it) that supports achieving the goals for the effective management of OSS. Those goals being, in sum: <insert Sami’s text>
This all reminds me - are we supposed to come with a “mission statement” and “purpose” or “vision” or some other such corporate internal marketing–speak, which I’m never quite good at… and never quite sure of the distinction between…
I suppose, if I were to take a stab and extend the purpose and goals of OpenChain to what our vision would be (vision = the OpenChain vision of the future!!) it might be:
- that all (most?) companies in the supply chain follow internal policies and procedures that realize the following goals <Sami’s text>
- Via collaboratively developed and openly provide guidelines (the actual stuff OpenChain develops)
Oh my… must stop typing now…
Jilayne
On 10/14/15, 6:28 PM, "openchain-bounces@... on behalf of Marr, David" <openchain-bounces@... on behalf of dmarr@...> wrote:
My impression is that this seems to be a very good capture of our purpose. Dave
From:
openchain-bounces@... [mailto:openchain-bounces@...]
On Behalf Of Sami Atabani
Sent: Wednesday, October 14, 2015 2:07 PM
To: openchain@...; Williams, Kelly
Subject: Re: [OpenChain] OpenChain spec v0.1
Hi Kelly,
Unfortunately, I won’t be able to join the next session on Monday due to travel commitment but would be happy for this to be discussed during my absence or delayed for next time.
My thoughts are captured below and can be used as the basis for defining the purpose:
- A clear OSS approval process
- Review and approve incoming OSS based on use case and applicable licence
- Identify obligations based on licence and use case
- Track and record key OSS details
- Verify what OSS is used and distributed in products/deliverables prior to release
- Identify a bill of material for all OSS used within a product/deliverable through automated scans and/or visual inspections
- Compare against the list of approved OSS and address any discrepancies
- Compliance with applicable obligations & post-contract management
- Confirm that obligations have been fulfilled and put auditable process in place to verify compliance
- Ensure any outwards licence compatibility issues are considered and addressed
I hope this will be useful.
Best regards,
Sami
From:openchain-bounces@...
[mailto:openchain-bounces@...]
On Behalf Of Sami Atabani
Sent: 07 October 2015 15:41
To: Williams, Kelly;
openchain@...
Subject: Re: [OpenChain] OpenChain spec v0.1
Hi Kelly,
One thought occurred to me while looking at the clean document and was planning to raise during our next session is to have a summary of our initiative at the top of the document to capture the purpose. Perhaps this is something that we can add to our agenda for next time?
Best regards,
Sami
From:openchain-bounces@...
[mailto:openchain-bounces@...]
On Behalf Of Williams, Kelly
Sent: 06 October 2015 23:11
To: openchain@...
Subject: [OpenChain] OpenChain spec v0.1
Hi Everyone,
We’ve done the first pass on cleaning up the spec in particular changing the language to imperative language. Version 0.1 is now posted on the Etherpad (https://etherpad.wikimedia.org/p/openchain) and the original spec is archived on the wiki.
Let me know if you have any questions regarding the scope of the clean-up.
Best regards,
Kelly
-- IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify
the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.
ARM Limited, Registered office 110 Fulbourn Road, Cambridge CB1 9NJ, Registered in England & Wales, Company No: 2557590
ARM Holdings plc, Registered office 110 Fulbourn Road, Cambridge CB1 9NJ, Registered in England & Wales, Company No: 2548782
-- IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify
the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.
ARM Limited, Registered office 110 Fulbourn Road, Cambridge CB1 9NJ, Registered in England & Wales, Company No: 2557590
ARM Holdings plc, Registered office 110 Fulbourn Road, Cambridge CB1 9NJ, Registered in England & Wales, Company No: 2548782
-- IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender
immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.
ARM Limited, Registered office 110 Fulbourn Road, Cambridge CB1 9NJ, Registered in England & Wales, Company No: 2557590
ARM Holdings plc, Registered office 110 Fulbourn Road, Cambridge CB1 9NJ, Registered in England & Wales, Company No: 2548782
Thanks, Sami and Jilayne. I added the purpose statement to the Etherpad and included it on the agenda for Monday.
Sent: Thursday, October 15, 2015 3:09 PM
To: Marr, David; Sami Atabani; openchain@...; Williams, Kelly
Subject: Re: [OpenChain] OpenChain spec v0.1
Agreed!! :)
I think the “purpose” of OpenChain is to establish best practices / guidelines / roadmap (whatever we call it) that supports achieving the goals for the effective management of OSS. Those goals being, in sum: <insert Sami’s text>
This all reminds me - are we supposed to come with a “mission statement” and “purpose” or “vision” or some other such corporate internal marketing–speak, which I’m never quite good at… and never quite sure of the distinction between…
I suppose, if I were to take a stab and extend the purpose and goals of OpenChain to what our vision would be (vision = the OpenChain vision of the future!!) it might be:
- that all (most?) companies in the supply chain follow internal policies and procedures that realize the following goals <Sami’s text>
- Via collaboratively developed and openly provide guidelines (the actual stuff OpenChain develops)
Oh my… must stop typing now…
Jilayne
On 10/14/15, 6:28 PM, "openchain-bounces@... on behalf of Marr, David" <openchain-bounces@... on behalf of dmarr@...> wrote:
My impression is that this seems to be a very good capture of our purpose. Dave
From:
openchain-bounces@... [mailto:openchain-bounces@...]
On Behalf Of Sami Atabani
Sent: Wednesday, October 14, 2015 2:07 PM
To: openchain@...; Williams, Kelly
Subject: Re: [OpenChain] OpenChain spec v0.1
Hi Kelly,
Unfortunately, I won’t be able to join the next session on Monday due to travel commitment but would be happy for this to be discussed during my absence or delayed for next time.
My thoughts are captured below and can be used as the basis for defining the purpose:
- A clear OSS approval process
- Review and approve incoming OSS based on use case and applicable licence
- Identify obligations based on licence and use case
- Track and record key OSS details
- Verify what OSS is used and distributed in products/deliverables prior to release
- Identify a bill of material for all OSS used within a product/deliverable through automated scans and/or visual inspections
- Compare against the list of approved OSS and address any discrepancies
- Compliance with applicable obligations & post-contract management
- Confirm that obligations have been fulfilled and put auditable process in place to verify compliance
- Ensure any outwards licence compatibility issues are considered and addressed
I hope this will be useful.
Best regards,
Sami
From:openchain-bounces@...
[mailto:openchain-bounces@...]
On Behalf Of Sami Atabani
Sent: 07 October 2015 15:41
To: Williams, Kelly;
openchain@...
Subject: Re: [OpenChain] OpenChain spec v0.1
Hi Kelly,
One thought occurred to me while looking at the clean document and was planning to raise during our next session is to have a summary of our initiative at the top of the document to capture the purpose. Perhaps this is something that we can add to our agenda for next time?
Best regards,
Sami
From:openchain-bounces@...
[mailto:openchain-bounces@...]
On Behalf Of Williams, Kelly
Sent: 06 October 2015 23:11
To: openchain@...
Subject: [OpenChain] OpenChain spec v0.1
Hi Everyone,
We’ve done the first pass on cleaning up the spec in particular changing the language to imperative language. Version 0.1 is now posted on the Etherpad (https://etherpad.wikimedia.org/p/openchain) and the original spec is archived on the wiki.
Let me know if you have any questions regarding the scope of the clean-up.
Best regards,
Kelly
-- IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify
the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.
ARM Limited, Registered office 110 Fulbourn Road, Cambridge CB1 9NJ, Registered in England & Wales, Company No: 2557590
ARM Holdings plc, Registered office 110 Fulbourn Road, Cambridge CB1 9NJ, Registered in England & Wales, Company No: 2548782
-- IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify
the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.
ARM Limited, Registered office 110 Fulbourn Road, Cambridge CB1 9NJ, Registered in England & Wales, Company No: 2557590
ARM Holdings plc, Registered office 110 Fulbourn Road, Cambridge CB1 9NJ, Registered in England & Wales, Company No: 2548782
-- IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender
immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.
ARM Limited, Registered office 110 Fulbourn Road, Cambridge CB1 9NJ, Registered in England & Wales, Company No: 2557590
ARM Holdings plc, Registered office 110 Fulbourn Road, Cambridge CB1 9NJ, Registered in England & Wales, Company No: 2548782