Zoom Logo

OpenSSF November Town Hall - Shared screen with speaker view
Amir Montazery
06:54
Hello!
Chris Lamb
06:58
hey hey, just caffeinating!
Chris Lamb
07:14
I only caught the last bit about Wagner... :-)
Chris Lamb
08:00
haha
Chris Lamb
08:08
Howard Shore, right?
Brian Behlendorf
08:19
Yep, IIRC
David A. Wheeler
09:27
Recommended book, if you like the music from the Lord of the Rings movies: “The Music of The Lord of the Rings Films: A Comprehensive Account of Howard Shore's Scores”
Jory Burson
14:27
i’m here David!
Abhishek Arya
14:35
Can you hear me david, this is abhishek
Michael Scovetta
15:01
I can see your words, but no audio.
David A. Wheeler
16:02
Welcome everyone! We’ll be starting in a moment.
Kay Williams
17:32
Hi everyone from the rainy and gusty Pacific Northwest. Hopefully our power stays on for the duration of the meeting. :-)
David A. Wheeler
17:35
Whose computer should share the screen? Jory’s?
Brian Behlendorf
17:56
I'll share - sharing now
David A. Wheeler
18:01
Looks like that has been answered :-)
David A. Wheeler
18:09
I see the slides!
Abhishek Arya
18:20
Is this till 11am or 11.30am ?
Kay Williams
18:39
Good morning everyone from Seattle!
Amir Montazery
19:14
Good evening from Reims, France! Nice to see everyone
Steve Taylor
19:24
Hi everyone from DeployHub in Santa Fe
Kay Williams
19:27
Hi Abhishek, this is expected to last 60 minutes.
David A. Wheeler
19:51
All: There is a big storm in the Seattle area, they’ve been warned there may be a power outage. We hope that everyone is well there!
Kay Williams
21:03
Power is ON so far. Crossing fingers!
Jory Burson
22:30
I like “OpenSSF: The Next Generation” (shout out to the trekkies"
Jacques Chester
24:40
Are all these premier members?
Michael Scovetta
24:45
Yes
Jory Burson
24:46
yes!
David A. Wheeler
24:47
JC: Yes
Jacques Chester
24:50
wow
David A. Wheeler
26:36
The phrase “2 quadrillion dollars” is not a phrase I hear often :-)
David A. Wheeler
30:45
Abhishek:just to confirm, which sections will you be presenting?
Brian Behlendorf
34:38
Abhishek if you can help with SLSA and Scorecard/Allstar that would be great
Kay Williams
36:49
Hey David, can you adjust your mic? Your volume is very low.
Jennifer Fernick
37:08
Yes, can hear you well
Arnaud Le Hors
37:14
The rename isn’t quite final though, is it?
David A. Wheeler
40:17
Michael: You should be able to enable video now
Kay Williams
40:47
Congratulations on approval of Alpha-Omega!
Jennifer Fernick
41:20
I’m really excited about the impact we can have with Alpha-Omega
David A. Wheeler
45:35
All: This is a PUBLIC RECORDED presentation, don’t share anything that should be private.
Kay Williams
50:51
Great work from the Vulnerability Disclosures WG. Thanks to all!
Arnaud Le Hors
52:33
I agree, I’ve been promoting the guide in Hyperledger
Arnaud Le Hors
52:55
By the way, there are a few PRs against the guide that are awaiting attention
Jennifer Fernick
53:44
We actually have a Vuln Disclosure WG meeting today at 4pm ET (all welcome!) - I’ll be sure to ask the group to take a look at the open PRs, thank you Arnaud
David A. Wheeler
54:38
If you’re interested in the vulnerability disclosures WG, see: https://github.com/ossf/wg-vulnerability-disclosures
Jory Burson
54:45
good time to plug the community calendar and slack channels for those who want to get involved! links here: https://openssf.org/getinvolved/
David A. Wheeler
54:52
If you’re interested in the vulnerability disclosures WG, see: https://github.com/ossf/wg-vulnerability-disclosures
Michael Scovetta
56:43
@Amir this is great work, congratulations!
Jennifer Fernick
56:54
@Amir can you link us to the report here in the chat?
Jennifer Fernick
57:29
Thanks!
Amir Montazery
57:30
Sure thing!
Amir Montazery
57:32
https://ostif.org/our-audit-of-flux2-is-complete/
David A. Wheeler
57:59
Michael: You’re up!
Jory Burson
01:00:00
squeee
David A. Wheeler
01:00:06
This is PUBLIC
Eric Heitzman
01:01:25
Brian - will you share your preferred contact information? (Email address I assume…)
David A. Wheeler
01:01:40
Kay Williams has hand up
Jory Burson
01:02:04
Brian can be reached at bbehlendorf@linuxfoundation.org or operations@openssf.org
Brian Behlendorf
01:02:31
Aeva, did you want to mention Gitbom?
David A. Wheeler
01:02:32
Kay said “Executive Order” - She means the US White House’s Executive Order on Cybersecurity.
aeva black
01:03:01
Happy to discuss it in the broader context, did not want to assert that it was part of the openssf yet :)
Brian Behlendorf
01:03:37
feel free to raise your hand, makes sense to me to mention it
aeva black
01:03:49
will do. thanks for the nudge :)
David A. Wheeler
01:04:04
I suggest raising hand & mentioning it
Muthu Balaraman
01:04:05
Even though the security risks is much talked about for OSS, how about the license associated with those OSS? what are the key risk the org should be concerned about? Any projects focusses on OSS license?
Brian Behlendorf
01:05:28
THanks for your question, I'll answer it after Aeva's mention
Kay Williams
01:08:00
I have seen some questions about whether the meeting is being recorded and how the recording will be made available.
aeva black
01:08:22
replying to the license question, this may also be of some help to folks: https://docs.clearlydefined.io/
Jory Burson (OpenSSF PD)
01:08:27
https://www.openchainproject.org/
Jory Burson (OpenSSF PD)
01:08:42
https://spdx.dev/
Muthu Balaraman
01:08:59
Thank you
Chris Lamb
01:09:02
thanks all. :)
Michael Scovetta
01:09:17
Thank you everyone!!
Kay Williams
01:09:23
Lets also share a link to the recording to the announcements mailing list. :-)
Jeffrey Altman
01:09:25
Thank you everyone
Jacques Chester
01:09:34
thanks
Jory Burson (OpenSSF PD)
01:09:38
thank you all!
Kay Williams
01:09:39
Thanks everyone,, honk!