►
From YouTube: CNCF Supply Chain Security 2021-04-09
Description
CNCF Supply Chain Security 2021-04-09
A
C
B
A
I
I
know
john,
was
having
internet
issues
earlier
this
morning
and
I
do
think
he's
he's
out
right
now.
I
don't
see
him
online.
C
A
D
Yeah,
so
that's
that
was
due
monday,
so
that
that's
been
done
and
taken
care.
C
D
No,
it's
all
pre-recorded,
so
the
talk
has
just
it's
a
high
level
overview
of
the
outlines
and
the
justification
of
reasoning
behind
the
paper,
so
more
high-level
themes
about
why
we
have
it
the
way
that
we
have
it.
What
it's
addressing,
what
its
goals
and
objectives
are.
All
of
that.
A
E
I
have,
I
have
had
some
really
interesting
internet
connectivity
issues
today,
really
enjoying
it
glad
it's
friday.
E
Happy
days,
apologies
for
that,
so
I.
B
E
F
Yeah,
I
know
it's
great.
It
wasn't
as
wide
as
it
looked
like
on
amazon
when
I
ordered
it.
D
E
How
do
we
want
to
take
this
forward?
I
guess
emily
from
from
the
perspective
of
getting
things
done
and
moving
it
to
the
next
step
with
with
reviewers
and
such.
D
Yeah,
so
typically,
what
happens
at
this
point
is
the
document
is
locked
from
right,
edits
by
the
writers
and
the
contributors,
and
it's
converted
into
a
suggestions
only
mode.
The
reason
why
we
do
suggestions
and
comments
is
as
an
adjudicator
of
the
document.
It
is
far
easier
to
simply
go
through
and
accept,
or
reject,
or
comment
on
a
suggestion
than
it
is
to
take
comments
and
copy
and
paste
them
into
the
document.
D
So
we
like
to
have
suggestion
mode
as
well
as
comments
turned
on.
It
makes
it
a
lot
faster
for
adjudicators
to
go
through
and
just
accept
things.
A
lot
of
the
time
will
get
more
comments
than
actual
suggested
changes.
Some
of
the
suggestions
are
usually
typo
errors
or
grammatical
corrections
or
slate
rephrasings
of
sentences
just
to
make
it
easier
to
read
and
understand
there.
The
group
of
adjudicators
is
usually
small.
D
Some
of
them
do
require
conversations
through
the
comments
about
what's
going
on,
reaching
out
to
the
commenter
directly
for
assistance
there,
the
intent
behind
being
an
adjudicator
is
to
ensure
that
the
comments
and
the
suggestions
that
are
being
made
do
not
alter
the
intent
or
content
of
the
document
beyond
what
it
was
originally
intended
for
when
we
go
to
contribute
it
to
the
repo.
Like
the
final
document,
that's
usually
where
we
write
up
like
this
is
the
intent
of
the
document.
This
is
the
history
behind
it.
D
These
are
some
of
the
decisions
about
how
we
wrote
it
the
way
that
we
did
and
if
somebody
were
to
make
changes
to
it.
This
is
what
we
would
intend
them
to
keep
in
mind
or
align
their
changes
to
be
like,
and
that's
usually
what
the
adjudicator
is
going
through.
This
process
will
refer
to
is
something
like
that
or
they'll
agree
to
those
items
ahead
of
time,
and
then
they
usually
end
up
writing
what
that
read
me
is
for
contributing
to
the
repo.
D
So
once
we
have
our
adjudicators
identified
and
the
documents
placed
in
suggestion
editing
mode,
I
can
send
the
email
out
to
the
lists
and
we
open
it
up
for
community
comments.
D
Typically
chris
or
another
person
on
our
mailing
list,
we'll
open
it
up
to
the
talk
mailing
list
as
well
as
the
community
mailing
list,
so
expect
to
get
a
lot
of
comments.
I
think,
on
the
cloud
native
security
paper,
we
had
over
2
400
comments
and
suggestions
by
the
time
the
document
was
done
and
that
included
the
original
editors
as
well.
So
quite
a
bit.
E
Right
excellent!
So
so
how
do
we
ascertain
and
set
up
adjudicators.
D
So
typically,
they
are
individuals
that
have
core
right
access
to
the
document.
So
when
you
go
to
the
google
docs
permissions
because
right
now
I
last
time
I
checked,
it
was
very
locked
down,
you
go
through
and
you
add
people
as
editors
based
off
of
their
email
and
then
the
link.
The
there's
like
a
share
link.
You
change
the
share
link
permissions
from
read
only
to
suggestion,
and
that
will
enable
suggestions
and
comments
for
everybody
that
accessing
it
from
the
url.
E
Yep
cool
done,
okay,
so,
and
so
it's
now,
everyone
can
comment
and
the
editor
is
going
to
be
the
adjudicators
identifying
who
would
be
an
adjudicator
is
that
we
as
a
group
we
just
pick
ourselves
or
is
there.
E
A
C
It's
the
one
in
our
title:
yeah,
that's
where
I'm
at
richard.
What's
your
email
richard,
it's.
A
A
E
So
that's
set
up,
but
but
in
terms
of
the
actual
adjudicator
do
we
have
a
view
of
who
wants
to
be
adjudicator?
I
mean
I
wouldn't
mind
being
one.
I
would.
E
D
E
E
Fly
to
mallorca
yeah,
so.
A
F
D
D
A
D
Yeah,
I
usually
recommend
replying
to
the
comments
if
it's
one
that
you're
just
anytime
you're
going
to
resolve
a
comment,
go
ahead
and
reply
to
it,
regardless
of
what
the
status
is,
if
you're
incorporating
it
or
rejecting
it,
you
can
also
reply
to
a
comment
and
link
it
to
an
issue
number
in
the
repo.
So
if
it's
something
you
want
to
tackle
later,
that's
also
doable
that
way.
D
They'll
get
the
email
notification
that
hey
this
is
being
taken
care
of
elsewhere
for
suggestions
that
we're
rejecting
if
it's
small,
minor,
typo
grammatical
things
that,
like
ultimately
change
the
intent
behind
that
particular
sentence
feel
free
to
just
reject
them
if
they
are
rejections
because
they
rewrite
the
entire
thing
and
it's
kind
of
controversial
make
sure
you
include
a
comment
on
before
you
reject
it.
That
way,
they
get
the
notification
and
justification
as
to
why
it's
just
a
courtesy
thing
and
you're
probably
going
to
hurt
some
people's
feelings,
but
don't
feel
bad.
A
F
Cole
k
here
I'll
I'll,
send
it
to
you
on
on
slack.
Thank
you.
A
It
won't,
unfortunately,
not
it
won't.
It
won't
filter
notifications
based
upon
the
sections
that
people
comment
on,
so
there's
not
really
an
easy
way
of
doing
that.
I
guess
what
we
could
do
is
we
could,
if
we
needed
to.
If
somebody
is
more
familiar
with
the
subject
matter,
we
could
just
ping
each
other
on
slack
and
be
like
hey
go,
go
can
john?
Can
you
handle
this
section
about
in
toto
blah
blah
blah?
A
B
D
E
E
D
D
E
E
E
D
C
B
E
D
Yeah
next
steps
after
that
is
once
all
the
comments
have
been
adjudicated
so
typically
we'll
stretch
it
for
another
week
after
that,
through
the
30th,
so
we'll
lock
for
editing
on
the
23rd
24th
and
then
we'll.
There
will
be
a
grace
period
of
about
a
week
for
the
for
the
rest
of
this
group
to
go
through
and
review
the
document
and
make
any
changes
and
then,
after
the
30th.
That's
when
we
engage
the
cncf
to
provide
the
pdf
beautification
of
the
document.
D
C
D
Point
once
they
give
us
that
copy
back,
we'll
have
to
be
very
particular
in
going
through
and
verifying
all
the
footnote
numbers
line
up.
All
the
urls
are
correct
and
that
we're
not
re-linking
to
other
parts
of
the
google
document.
The
last
one
we
had.
We
had
some
url
errors
that
just
linked
to
a
google
doc
that
no
longer
existed
right.
C
A
Excellent,
so
since
editing
is
limited
right
now,
so
I
see
there's
a
section
assigned
to
nisha
from
march
26th:
it's
the
sharing
and
exchanging
s-bombs.
It
doesn't
have
any
content.
B
E
Okay,
I
think
anders
gave
me
a
heads
up
that
he's
not
gonna
be
able
to
do
one
part.
So
I'm
gonna
delete
that.
A
There's
also
a
dangling
section
notes
fairly
close
to
there
right
before
the
securing
deployments,
and
it
has
just
bullet
point
notes
that
I
think
are
probably
extraneous,
hopefully
won't
make
it
into
the
final
document.
E
E
All
done
fantastic,
well,
cole,
I'll
leave
you
to
your
beautiful
calm
and
quiet,
serene
view
behind
you
and
it's
just
out
of
jealousy
to
be
fair.