main@lists.openchainproject.org | OpenChain Monthly Meeting (North America / Europe) in half an hour

Home Messages Hashtags Subgroups

Date Date 1 - 2 of 2

OpenChain Monthly Meeting (North America / Europe) in half an hour - 09:00 PST / 17:00 UTC / 18:00 CET

Shane Coughlan

Our meeting starts in 30 minutes and will cover a lot of ground. There will be a special focus on editing the licensing and security specifications. This will also be the first meeting where Chris and Helio take full control of the editing process :)

Join here: 
https://zoom.us/j/4377592799 
Agenda slides attached this this email.

Last meeting...
we addressed the following issues with the Security Assurance Specification 2.0 Draft:
•We prepared and refined definitions of remediation and mitigation:
https://github.com/OpenChain-Project/Security-Assurance-Specification/issues/22 
•We included “remediation” and “mitigation” in Section 3.1.5:
https://github.com/OpenChain-Project/Security-Assurance-Specification/issues/25 
•We included “mitigation” in Section 3.3.2:
https://github.com/OpenChain-Project/Security-Assurance-Specification/issues/26 
•We clarified the “Get Customer” requirement in Section 3.3.2 to make the logic clearer:
https://github.com/OpenChain-Project/Security-Assurance-Specification/issues/27

This meeting…
Security:
•Comments on the Known Vulnerability in the proposed Security Assurance Specification
https://github.com/OpenChain-Project/Security-Assurance-Specification/issues/19 
•Add program objectives
https://github.com/OpenChain-Project/Security-Assurance-Specification/issues/14 
Licensing:
•Consider adding definition of 'bill of materials’
https://github.com/OpenChain-Project/License-Compliance-Specification/issues/35 
•Move "Access" to be part of "Compliance Artifact Delivery”
https://github.com/OpenChain-Project/License-Compliance-Specification/issues/53

Check out the documents we are editing:

Licensing Specification (3rd Generation Draft):
https://github.com/OpenChain-Project/License-Compliance-Specification/blob/master/Official/en/3.0/openchain-license-compliance-3.0.md

Security Specification (2nd Generation Draft):
https://github.com/OpenChain-Project/Security-Assurance-Specification/blob/main/Security-Assurance-Specification/2.0/en/openchain-security-specification-2.0.md

PDF

OpenChain-Monthly-Meeting-2023-03-07.pdf

Calendar

Shane Coughlan

#5220

We start now :)

There will be a special focus on editing the licensing and security specifications. 

Join here: 
https://zoom.us/j/4377592799

Show quoted text

On Mar 8, 2023, at 1:31, Shane Coughlan via lists.openchainproject.org <scoughlan=linuxfoundation.org@...> wrote:

Our meeting starts in 30 minutes and will cover a lot of ground. There will be a special focus on editing the licensing and security specifications. This will also be the first meeting where Chris and Helio take full control of the editing process :)

Join here: 
https://zoom.us/j/4377592799 
Agenda slides attached this this email.

Last meeting...
we addressed the following issues with the Security Assurance Specification 2.0 Draft:
•We prepared and refined definitions of remediation and mitigation:
https://github.com/OpenChain-Project/Security-Assurance-Specification/issues/22 
•We included “remediation” and “mitigation” in Section 3.1.5:
https://github.com/OpenChain-Project/Security-Assurance-Specification/issues/25 
•We included “mitigation” in Section 3.3.2:
https://github.com/OpenChain-Project/Security-Assurance-Specification/issues/26 
•We clarified the “Get Customer” requirement in Section 3.3.2 to make the logic clearer:
https://github.com/OpenChain-Project/Security-Assurance-Specification/issues/27

This meeting…
Security:
•Comments on the Known Vulnerability in the proposed Security Assurance Specification
https://github.com/OpenChain-Project/Security-Assurance-Specification/issues/19 
•Add program objectives
https://github.com/OpenChain-Project/Security-Assurance-Specification/issues/14 
Licensing:
•Consider adding definition of 'bill of materials’
https://github.com/OpenChain-Project/License-Compliance-Specification/issues/35 
•Move "Access" to be part of "Compliance Artifact Delivery”
https://github.com/OpenChain-Project/License-Compliance-Specification/issues/53

Check out the documents we are editing:

Licensing Specification (3rd Generation Draft):
https://github.com/OpenChain-Project/License-Compliance-Specification/blob/master/Official/en/3.0/openchain-license-compliance-3.0.md

Security Specification (2nd Generation Draft):
https://github.com/OpenChain-Project/Security-Assurance-Specification/blob/main/Security-Assurance-Specification/2.0/en/openchain-security-specification-2.0.md 







<OpenChain-Monthly-Meeting-2023-03-07.pdf><OpenChain Monthly Community Call - 09:00 PST (17:00 UTC) on 1st Tuesday.ics>

1 - 2 of 2

Previous Topic Next Topic

Home Hashtags Subgroups Terms