From: Carlos O'Donell <carlos@redhat.com>
To: cti-tac@lists.linuxfoundation.org
Subject: CTI TAC Meeting Notes 2024-02-28
Date: Wed, 28 Feb 2024 11:42:01 -0500 [thread overview]
Message-ID: <ea82c272-9bdf-4685-bc72-9fa6da83e6be@redhat.com> (raw)
CTI TAC Meeting Notes 2024-02-28
Present:
* Carlos O'Donell
* Adrianne Marcum (OpenSSF)
* Bennett Pursell (OpenSSF)
* David Edelsohn
* Ian Kelling (FSF)
* Joseph Myers
* Nick Clifton
* Siddhesh Poyarekar
Regrets:
Agenda:
* Schedule going forward.
* Feb 12-16 writing.
* End of February setup the website.
* 2024-02-28 - Emailed Konstantin about process to turn on the webiste.
* By 2024-03-08 can we have the website up for Paul Egger to review?
* Add item for yearly audit including FOSS audit.
* Add item for security and service separation.
* March - Review with LF IT and prepare a migration plan.
* Schedule TAC and LF IT meeting.
* March - Review migration plan with community.
* March 19th - Next CTI presentation to OpensSSF TAC.
* March 27th - Next CTI TAC meeting.
* April - Schedule for migration.
* May - OpenSSF GB meeting.
* August 1st - glibc 2.40 release (possible migration blocker or the point at which we switch infrastructure)
* CTI Website Review
* make html to get Sphinx html output.
* FAQ items to still add.
* Service enumeration still to add.
* Process to follow for commits to the website?
* Carlos will merge patches to the list.
* Carlos: Is thte TAC able to review content by March 8th?
* Joseph: What we have on the website is good, but we need more FAQ items.
* Carlos: I will add the more complex FAQ items around service separation.
* Nick: No worries (can review content).
* Requests from glibc steward Paul Eggert (UCLA Prof)
* Paul is asking for a checking mechanism to ensure we are using FOSS for the services.
* One solution is for service provider to show their code that they are using.
* Carlos: Ian how do you comply with such a request?
* Ian: I'll have to think about it. We mostly handle our own services.
* Publishing the code and documentation is something to be thinking about.
* Carlos: Sid any thoughts on how you handle a FOSS audit?
* Siddhesh: Yeah, an annual enumeration of the services and the FOSS software providing them.
* Nick: Do we have a policy for what we do if the services is provided by non-FOSS?
* Sid: As the TAC we've committed to not providing any services with non-FOSS?
* Nick: The FOSS audit should be public.
* Carlos: As Sid noted we should have a page updated yearly for the audit.
* David: What requirements do we have? Is that sufficient for Paul or not?
* Sid: Alex's wish is to meet A regarding SaaS, but I don't think we need to meet.
* Making the CTI website live.
* Next steps need to hear back from LF IT.
* Ian: RO repository available for the website.
* Sid: Yes, because people might want to participate in the editorial process and send patches.
* Carlos: I'll ask LF IT for that, but before I send the email I'll verify you can't do an anonysmous clone.
--
Cheers,
Carlos.
reply other threads:[~2024-02-28 16:42 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ea82c272-9bdf-4685-bc72-9fa6da83e6be@redhat.com \
--to=carlos@redhat.com \
--cc=cti-tac@lists.linuxfoundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).