* CTI TAC Meeting Notes 2024-02-28
@ 2024-02-28 16:42 Carlos O'Donell
0 siblings, 0 replies; only message in thread
From: Carlos O'Donell @ 2024-02-28 16:42 UTC (permalink / raw)
To: cti-tac
CTI TAC Meeting Notes 2024-02-28
Present:
* Carlos O'Donell
* Adrianne Marcum (OpenSSF)
* Bennett Pursell (OpenSSF)
* David Edelsohn
* Ian Kelling (FSF)
* Joseph Myers
* Nick Clifton
* Siddhesh Poyarekar
Regrets:
Agenda:
* Schedule going forward.
* Feb 12-16 writing.
* End of February setup the website.
* 2024-02-28 - Emailed Konstantin about process to turn on the webiste.
* By 2024-03-08 can we have the website up for Paul Egger to review?
* Add item for yearly audit including FOSS audit.
* Add item for security and service separation.
* March - Review with LF IT and prepare a migration plan.
* Schedule TAC and LF IT meeting.
* March - Review migration plan with community.
* March 19th - Next CTI presentation to OpensSSF TAC.
* March 27th - Next CTI TAC meeting.
* April - Schedule for migration.
* May - OpenSSF GB meeting.
* August 1st - glibc 2.40 release (possible migration blocker or the point at which we switch infrastructure)
* CTI Website Review
* make html to get Sphinx html output.
* FAQ items to still add.
* Service enumeration still to add.
* Process to follow for commits to the website?
* Carlos will merge patches to the list.
* Carlos: Is thte TAC able to review content by March 8th?
* Joseph: What we have on the website is good, but we need more FAQ items.
* Carlos: I will add the more complex FAQ items around service separation.
* Nick: No worries (can review content).
* Requests from glibc steward Paul Eggert (UCLA Prof)
* Paul is asking for a checking mechanism to ensure we are using FOSS for the services.
* One solution is for service provider to show their code that they are using.
* Carlos: Ian how do you comply with such a request?
* Ian: I'll have to think about it. We mostly handle our own services.
* Publishing the code and documentation is something to be thinking about.
* Carlos: Sid any thoughts on how you handle a FOSS audit?
* Siddhesh: Yeah, an annual enumeration of the services and the FOSS software providing them.
* Nick: Do we have a policy for what we do if the services is provided by non-FOSS?
* Sid: As the TAC we've committed to not providing any services with non-FOSS?
* Nick: The FOSS audit should be public.
* Carlos: As Sid noted we should have a page updated yearly for the audit.
* David: What requirements do we have? Is that sufficient for Paul or not?
* Sid: Alex's wish is to meet A regarding SaaS, but I don't think we need to meet.
* Making the CTI website live.
* Next steps need to hear back from LF IT.
* Ian: RO repository available for the website.
* Sid: Yes, because people might want to participate in the editorial process and send patches.
* Carlos: I'll ask LF IT for that, but before I send the email I'll verify you can't do an anonysmous clone.
--
Cheers,
Carlos.
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2024-02-28 16:42 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2024-02-28 16:42 CTI TAC Meeting Notes 2024-02-28 Carlos O'Donell
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).