|
|
|
|
Shane I had a few thoughts for consideration so I added them to the OpenChain Security Assurance Guide V1 attached. I made the additions or suggested changes with the MS Word Tracking mode on so you should be able to see the bars in the left side margin.
Regards Chris
On Thursday, September 30, 2021, 03:23:52 PM CDT, Shane Coughlan <scoughlan@...> wrote:
All welcome as Mark Gisi leads us through next steps in the security assurance guide for ISO 5230.
Learn more about the current guide here:
|
|
|
Thank you Chris!
Flagging for Mark (CC) for review.
toggle quoted message
Show quoted text
On Oct 8, 2021, at 23:50, Christopher Wood <cvw01@...> wrote:
Shane
I had a few thoughts for consideration so I added them to the OpenChain Security Assurance Guide V1 attached. I made the additions or suggested changes with the MS Word Tracking mode on so you should be able to see the bars in the left side margin.
Regards
Chris
On Thursday, September 30, 2021, 03:23:52 PM CDT, Shane Coughlan <scoughlan@...> wrote:
All welcome as Mark Gisi leads us through next steps in the security assurance guide for ISO 5230.
https://zoom.us/j/4377592799
Learn more about the current guide here:
https://www.openchainproject.org/featured/2021/08/12/openchain-iso-5230-security-assurance-reference-guide-now-available
<OpenChainSecurityAssuranceGuide.1.0-2021a_rcw.docx>
|
|
|
Good morning i am sorry that I missed your review this morning. I dialed into the zoom meeting but there was no connection, then I realzed that it was 1:45 AM when I received the email. Let me know what you thought.
Best Regards
Chris
toggle quoted message
Show quoted text
On Oct 15, 2021, at 1:45 AM, Shane Coughlan <scoughlan@...> wrote:
Thank you Chris!
Flagging for Mark (CC) for review.
On Oct 8, 2021, at 23:50, Christopher Wood <cvw01@...> wrote:
Shane
I had a few thoughts for consideration so I added them to the OpenChain Security Assurance Guide V1 attached. I made the additions or suggested changes with the MS Word Tracking mode on so you should be able to see the bars in the left side margin.
Regards
Chris
On Thursday, September 30, 2021, 03:23:52 PM CDT, Shane Coughlan <scoughlan@...> wrote:
All welcome as Mark Gisi leads us through next steps in the security assurance guide for ISO 5230.
https://zoom.us/j/4377592799
Learn more about the current guide here:
https://www.openchainproject.org/featured/2021/08/12/openchain-iso-5230-security-assurance-reference-guide-now-available
<OpenChainSecurityAssuranceGuide.1.0-2021a_rcw.docx>
<OpenChainSecurityAssuranceGuide.1.0-2021a_rcw.docx>
|
|
|
Marcel (PwC DE)
Hello Chris,
Thanks for your efforts with this document! Please find attached some comments, suggestions and thoughts. Happy to discuss.
Kind regards Marcel
Marcel Scholze (DE)
PwC | Director | Open Source Software Services & IT-Sourcing
Phone: +49 69 95851746 | Mobile: +49 151 161 57 049
Email: marcel.scholze@...
PricewaterhouseCoopers GmbH Wirtschaftsprüfungsgesellschaft
Friedrich-Ebert-Anlage 35-37 | 60327 | Frankfurt a. M. | Germany
Find out about Open Source Software Management: https://www.pwc.de/opensource
At PwC we work flexibly - so while it suits me to email now, I do not expect a response or action outside of your own working hours.
Vorsitzender des Aufsichtsrates: WP StB Dr. Norbert Vogelpoth
Geschäftsführer: WP StB Dr. Ulrich Störk, WP StB Dr. Peter Bartels, Dr. Joachim Englert, WP StB Petra Justenhoven, WP Clemens Koch, StB Marius Möller, WP StB Uwe Rittmann, StB RA Klaus Schmidt, StB CPA Mark Smith
Sitz der Gesellschaft: Frankfurt am Main, Amtsgericht Frankfurt am Main HRB 107858
PricewaterhouseCoopers GmbH Wirtschaftsprüfungsgesellschaft ist Mitglied von PricewaterhouseCoopers International, einer Company limited by guarantee registriert in England und Wales
Datenschutz: Hinweise zur Datenverarbeitung bei PricewaterhouseCoopers GmbH WPG finden Sie unter Datenschutzhinweise PricewaterhouseCoopers GmbH WPG
On Fri, 15 Oct 2021 at 08:46, Shane Coughlan < scoughlan@...> wrote: Thank you Chris!
Flagging for Mark (CC) for review.
> On Oct 8, 2021, at 23:50, Christopher Wood <cvw01@...> wrote:
>
> Shane
> I had a few thoughts for consideration so I added them to the OpenChain Security Assurance Guide V1 attached. I made the additions or suggested changes with the MS Word Tracking mode on so you should be able to see the bars in the left side margin.
>
> Regards
> Chris
>
> On Thursday, September 30, 2021, 03:23:52 PM CDT, Shane Coughlan <scoughlan@...> wrote:
>
>
> All welcome as Mark Gisi leads us through next steps in the security assurance guide for ISO 5230.
> https://zoom.us/j/4377592799
>
> Learn more about the current guide here:
> https://www.openchainproject.org/featured/2021/08/12/openchain-iso-5230-security-assurance-reference-guide-now-available
>
>
>
>
>
> <OpenChainSecurityAssuranceGuide.1.0-2021a_rcw.docx>
Diese Information ist ausschliesslich fuer den Adressaten bestimmt und kann vertrauliche oder gesetzlich
geschuetzte Informationen enthalten. Wenn Sie nicht der bestimmungsgemaesse Adressat sind, unterrichten Sie
bitte den Absender und vernichten Sie diese Mail. Anderen als dem bestimmungsgemaessen Adressaten ist es
untersagt, diese E-Mail zu lesen, zu speichern, weiterzuleiten oder ihren Inhalt auf welche Weise auch immer zu
verwenden. Wir verwenden aktuelle Virenschutzprogramme. Fuer Schaeden, die dem Empfaenger gleichwohl
durch von uns zugesandte mit Viren befallene E-Mails entstehen, schliessen wir jede Haftung aus. * * * * * The information contained in this email is intended only for its addressee and may contain confidential and/or
privileged information. If the reader of this email is not the intended recipient, you are hereby notified that reading,
saving, distribution or use of the content of this email in any way is prohibited. If you have received this email in
error, please notify the sender and delete the email. We use updated antivirus protection software. We do not
accept any responsibility for damages caused anyhow by viruses transmitted via email.
|
|
|
Thanks Marcel and Chris!
Mark, over to you 😊
On Oct 16, 2021, at 15:01, Marcel (PwC DE) via lists.openchainproject.org <marcel.scholze=pwc.com@...> wrote:
Hello Chris,
Thanks for your efforts with this document! Please find attached some comments, suggestions and thoughts. Happy to discuss.
Kind regards Marcel
Marcel Scholze (DE)
PwC | Director | Open Source Software Services & IT-Sourcing
Phone: +49 69 95851746 | Mobile: +49 151 161 57 049
Email: marcel.scholze@...
PricewaterhouseCoopers GmbH Wirtschaftsprüfungsgesellschaft
Friedrich-Ebert-Anlage 35-37 | 60327 | Frankfurt a. M. | Germany
Find out about Open Source Software Management: https://www.pwc.de/opensource
At PwC we work flexibly - so while it suits me to email now, I do not expect a response or action outside of your own working hours.
Vorsitzender des Aufsichtsrates: WP StB Dr. Norbert Vogelpoth
Geschäftsführer: WP StB Dr. Ulrich Störk, WP StB Dr. Peter Bartels, Dr. Joachim Englert, WP StB Petra Justenhoven, WP Clemens Koch, StB Marius Möller, WP StB Uwe Rittmann, StB RA Klaus Schmidt, StB CPA Mark Smith
Sitz der Gesellschaft: Frankfurt am Main, Amtsgericht Frankfurt am Main HRB 107858
PricewaterhouseCoopers GmbH Wirtschaftsprüfungsgesellschaft ist Mitglied von PricewaterhouseCoopers International, einer Company limited by guarantee registriert in England und Wales
Datenschutz: Hinweise zur Datenverarbeitung bei PricewaterhouseCoopers GmbH WPG finden Sie unter Datenschutzhinweise PricewaterhouseCoopers GmbH WPG
On Fri, 15 Oct 2021 at 08:46, Shane Coughlan < scoughlan@...> wrote: Thank you Chris!
Flagging for Mark (CC) for review.
> On Oct 8, 2021, at 23:50, Christopher Wood <cvw01@...> wrote:
>
> Shane
> I had a few thoughts for consideration so I added them to the OpenChain Security Assurance Guide V1 attached. I made the additions or suggested changes with the MS Word Tracking mode on so you should be able to see the bars in the left side margin.
>
> Regards
> Chris
>
> On Thursday, September 30, 2021, 03:23:52 PM CDT, Shane Coughlan <scoughlan@...> wrote:
>
>
> All welcome as Mark Gisi leads us through next steps in the security assurance guide for ISO 5230.
> https://zoom.us/j/4377592799
>
> Learn more about the current guide here:
> https://www.openchainproject.org/featured/2021/08/12/openchain-iso-5230-security-assurance-reference-guide-now-available
>
>
>
>
>
> <OpenChainSecurityAssuranceGuide.1.0-2021a_rcw.docx>
Diese Information ist ausschliesslich fuer den Adressaten bestimmt und kann vertrauliche oder gesetzlich
geschuetzte Informationen enthalten. Wenn Sie nicht der bestimmungsgemaesse Adressat sind, unterrichten Sie
bitte den Absender und vernichten Sie diese Mail. Anderen als dem bestimmungsgemaessen Adressaten ist es
untersagt, diese E-Mail zu lesen, zu speichern, weiterzuleiten oder ihren Inhalt auf welche Weise auch immer zu
verwenden. Wir verwenden aktuelle Virenschutzprogramme. Fuer Schaeden, die dem Empfaenger gleichwohl
durch von uns zugesandte mit Viren befallene E-Mails entstehen, schliessen wir jede Haftung aus. * * * * * The information contained in this email is intended only for its addressee and may contain confidential and/or
privileged information. If the reader of this email is not the intended recipient, you are hereby notified that reading,
saving, distribution or use of the content of this email in any way is prohibited. If you have received this email in
error, please notify the sender and delete the email. We use updated antivirus protection software. We do not
accept any responsibility for damages caused anyhow by viruses transmitted via email.
|
|
|
Hi Shane,
I wanted to confirm how we plan to proceed concerning the security assurance guide? If I am correct, we agreed during the last meeting to follow up by mail since there were several interesting
aspects on the call. Not sure whether I missed the follow up or I am just too impatient. But I do think this to be an important piece of work and I am keen to proceed.
😉
Thank you for a hint & br
Jan
Von:
main@... <main@...> im Auftrag von Shane Coughlan via lists.openchainproject.org <scoughlan=linuxfoundation.org@...>
Datum: Freitag, 15. Oktober 2021 um 08:46
An: OpenChain Main <main@...>
Cc: Mark Gisi <mark.gisi@...>
Betreff: Re: [openchain] OpenChain Mini-Summit - Reviewing Our Security Assurance Guide - Starts in ~30 minutes via Zoom
Thank you Chris!
Flagging for Mark (CC) for review.
> On Oct 8, 2021, at 23:50, Christopher Wood <cvw01@...> wrote:
>
> Shane
> I had a few thoughts for consideration so I added them to the OpenChain Security Assurance Guide V1 attached. I made the additions or suggested changes with the MS Word Tracking mode on so you should be able to see the bars in the left side margin.
>
> Regards
> Chris
>
> On Thursday, September 30, 2021, 03:23:52 PM CDT, Shane Coughlan <scoughlan@...> wrote:
>
>
> All welcome as Mark Gisi leads us through next steps in the security assurance guide for ISO 5230.
> https://zoom.us/j/4377592799
>
> Learn more about the current guide here:
>
https://www.openchainproject.org/featured/2021/08/12/openchain-iso-5230-security-assurance-reference-guide-now-available
>
>
>
>
>
> <OpenChainSecurityAssuranceGuide.1.0-2021a_rcw.docx>
|
|
|
Yup, we definitely need to proceed ;) OK, let’s get the ball rolling. Here is the document right now: https://1drv.ms/w/s!AsXJVqby5kpnkTt03Samssy2NYbf We need to collect additional comments on whether we are covering the right things. Guiding principle as always: what, not how. Let’s collect notes over the weekend and do a guided review on Monday. In other words, everyone, this is your chance to do a quick free-form overview and note placement before we move into asking specific questions for feedback. Would be super useful to have your thoughts.
On Mar 4, 2022, at 16:05, Jan Thielscher <jan.thielscher@...> wrote:
Hi Shane,
I wanted to confirm how we plan to proceed concerning the security assurance guide? If I am correct, we agreed during the last meeting to follow up by mail since there were several interesting aspects on the call. Not sure whether I missed the follow up or I am just too impatient. But I do think this to be an important piece of work and I am keen to proceed. 😉
Thank you for a hint & br
Jan
Von: main@... <main@...> im Auftrag von Shane Coughlan via lists.openchainproject.org<scoughlan=linuxfoundation.org@...>
Datum: Freitag, 15. Oktober 2021 um 08:46
An: OpenChain Main <main@...>
Cc: Mark Gisi <mark.gisi@...>
Betreff: Re: [openchain] OpenChain Mini-Summit - Reviewing Our Security Assurance Guide - Starts in ~30 minutes via Zoom
Thank you Chris!
Flagging for Mark (CC) for review.
On Oct 8, 2021, at 23:50, Christopher Wood <cvw01@...> wrote:
Shane
I had a few thoughts for consideration so I added them to the OpenChain Security Assurance Guide V1 attached. I made the additions or suggested changes with the MS Word Tracking mode on so you should be able to see the bars in the left side margin.
Regards
Chris
On Thursday, September 30, 2021, 03:23:52 PM CDT, Shane Coughlan <scoughlan@...> wrote:
All welcome as Mark Gisi leads us through next steps in the security assurance guide for ISO 5230.
https://zoom.us/j/4377592799
Learn more about the current guide here:
https://www.openchainproject.org/featured/2021/08/12/openchain-iso-5230-security-assurance-reference-guide-now-available
<OpenChainSecurityAssuranceGuide.1.0-2021a_rcw.docx>
|
|
|
