main@lists.openchainproject.org | OpenChain Monthly Meeting (North America / Europe) in half an hour - 09:00 PST / 17:00 UTC / 18:00 CET

Home Messages Hashtags Subgroups

Date Date 1 - 2 of 2

OpenChain Monthly Meeting (North America / Europe) in half an hour - 09:00 PST / 17:00 UTC / 18:00 CET

Shane Coughlan #5219 Our meeting starts in 30 minutes and will cover a lot of ground. There will be a special focus on editing the licensing and security specifications. This will also be the first meeting where Chris and Helio take full control of the editing process :) Join here: https://zoom.us/j/4377592799 Agenda slides attached this this email. Last meeting... we addressed the following issues with the Security Assurance Specification 2.0 Draft: •We prepared and refined definitions of remediation and mitigation: https://github.com/OpenChain-Project/Security-Assurance-Specification/issues/22 •We included “remediation” and “mitigation” in Section 3.1.5: https://github.com/OpenChain-Project/Security-Assurance-Specification/issues/25 •We included “mitigation” in Section 3.3.2: https://github.com/OpenChain-Project/Security-Assurance-Specification/issues/26 •We clarified the “Get Customer” requirement in Section 3.3.2 to make the logic clearer: https://github.com/OpenChain-Project/Security-Assurance-Specification/issues/27 This meeting… Security: •Comments on the Known Vulnerability in the proposed Security Assurance Specification https://github.com/OpenChain-Project/Security-Assurance-Specification/issues/19 •Add program objectives https://github.com/OpenChain-Project/Security-Assurance-Specification/issues/14 Licensing: •Consider adding definition of 'bill of materials’ https://github.com/OpenChain-Project/License-Compliance-Specification/issues/35 •Move "Access" to be part of "Compliance Artifact Delivery” https://github.com/OpenChain-Project/License-Compliance-Specification/issues/53 Check out the documents we are editing: Licensing Specification (3rd Generation Draft): https://github.com/OpenChain-Project/License-Compliance-Specification/blob/master/Official/en/3.0/openchain-license-compliance-3.0.md Security Specification (2nd Generation Draft): https://github.com/OpenChain-Project/Security-Assurance-Specification/blob/main/Security-Assurance-Specification/2.0/en/openchain-security-specification-2.0.md OpenChain-Monthly-Meeting-2023-03-07.pdf OpenChain-Monthly-Meeting-2023-03-07.pdf OpenChain Monthly Community Call - 09:00 PST (17:00 UTC) on 1st Tuesday.ics OpenChain Monthly Community Call - 09:00 PST (17:00 UTC) on 1st Tuesday.ics
More All Messages By This Member
Shane Coughlan #5220 We start now :) There will be a special focus on editing the licensing and security specifications. Join here: https://zoom.us/j/4377592799 toggle quoted message Show quoted text On Mar 8, 2023, at 1:31, Shane Coughlan via lists.openchainproject.org <scoughlan=linuxfoundation.org@...> wrote: Our meeting starts in 30 minutes and will cover a lot of ground. There will be a special focus on editing the licensing and security specifications. This will also be the first meeting where Chris and Helio take full control of the editing process :) Join here: https://zoom.us/j/4377592799 Agenda slides attached this this email. Last meeting... we addressed the following issues with the Security Assurance Specification 2.0 Draft: •We prepared and refined definitions of remediation and mitigation: https://github.com/OpenChain-Project/Security-Assurance-Specification/issues/22 •We included “remediation” and “mitigation” in Section 3.1.5: https://github.com/OpenChain-Project/Security-Assurance-Specification/issues/25 •We included “mitigation” in Section 3.3.2: https://github.com/OpenChain-Project/Security-Assurance-Specification/issues/26 •We clarified the “Get Customer” requirement in Section 3.3.2 to make the logic clearer: https://github.com/OpenChain-Project/Security-Assurance-Specification/issues/27 This meeting… Security: •Comments on the Known Vulnerability in the proposed Security Assurance Specification https://github.com/OpenChain-Project/Security-Assurance-Specification/issues/19 •Add program objectives https://github.com/OpenChain-Project/Security-Assurance-Specification/issues/14 Licensing: •Consider adding definition of 'bill of materials’ https://github.com/OpenChain-Project/License-Compliance-Specification/issues/35 •Move "Access" to be part of "Compliance Artifact Delivery” https://github.com/OpenChain-Project/License-Compliance-Specification/issues/53 Check out the documents we are editing: Licensing Specification (3rd Generation Draft): https://github.com/OpenChain-Project/License-Compliance-Specification/blob/master/Official/en/3.0/openchain-license-compliance-3.0.md Security Specification (2nd Generation Draft): https://github.com/OpenChain-Project/Security-Assurance-Specification/blob/main/Security-Assurance-Specification/2.0/en/openchain-security-specification-2.0.md <OpenChain-Monthly-Meeting-2023-03-07.pdf><OpenChain Monthly Community Call - 09:00 PST (17:00 UTC) on 1st Tuesday.ics>
More All Messages By This Member

1 - 2 of 2

1

Previous Topic Next Topic

Home Hashtags Subgroups Terms