OpenChain Security Assurance Reference Specification (Release Candidate 1 2022-03-28)


The OpenChain Project released a Security Assurance Reference Guide in August 2021. Feedback from the community expanded this into its current form: a Security Assurance Reference Specification (Release Candidate 1 2022-03-28). At the end of June 2022 the OpenChain Steering Committee will decide if this Release Candidate:
  1. Becomes a sister standard to OpenChain ISO/IEC 5230
  2. Becomes an optional component of OpenChain ISO/IEC 5230
  3. Remains a reference specification
This is an important moment for the OpenChain Project, explicitly highlighting our work beyond open source license compliance. Your input is most welcome to help inform our steering committee.
Please open Issues on our GitHub here to provide feedback:
Alternatively, or in addition, please join our specification mailing list here:
Learn more on our website here: