►
From YouTube: TAG Security Supply Chain WG 2022-02-24
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
B
Yeah,
I
might
not
be
able
to
stay
long
today
because
of
the
whole
russia.
Ukraine
thing
a
lot
of
stuff
going
internally.
A
I
I
think
we
we
don't
necessarily
have
much
today
right,
I
think
it's
just
going
to
be.
Rc
is
still
open
until
a
week
tomorrow,
right.
B
Yep
yeah,
I
think
the
the
main
updates
it
looks
like
we're
already
sort
of
four
minutes
and
the
the
main
updates
from
from
a
lot
of
it
is
somebody
knew
from
the
cncf
or
sorry
after
celeste
left.
B
Somebody
else
reviewed
the
doc
had
a
lot
less
sort
of
comments,
mostly
sort
of
structural,
not
structural,
more
like
grammar
and
some
a
few
word
choice
and
some
minor
structural
sorts
of
things
to
clean
some
stuff
up,
and
then
they
also
they
had
some
comments
on,
like
certain
word,
choice
like
why
are
we
using
british
english
and
I'm
like
look
that
yeah?
B
That's
a
whole
other
thing
I
don't
want
to
get
involved
in,
but
yeah
there's
that's
one
of
the
big
ones,
the
other
big
one
was
just
to
try
and
I
think
after
you
know,
some
of
the
conversations
I
know
we
had
is
we
just
want
to
remove
any
reference
like
remove
any
explicit
reference
to
any
tool
from
from
the
doc
just
because
we
there's
a
lot
of
folks
who
are
picking
me
for
lots
of
different
reasons
who
are
just
like
hey?
B
Why
is
why
did
you
say,
tool
x,
but
not
tool,
y
why'd,
you
say
tool
y,
but
not
tool,
z
and-
and
you
know
that
sort
of
thing-
and
I
think,
based
on
some
of
the
conversations
I've
been
saying,
what
probably
makes
sense
is
to
have
something
like
a
living
document
of
just
saying:
hey.
If
you
want
to
know
you
know
what
tools
probably
maybe
make
sense,
and
what
the
sort
of
current
looking
around
this
sort
of
thing
is.
B
You
know
here's
where
that
dock
is
so
we
can
just
kind
of
list
all
the
tools
and
then
have
a
focus
on
you
know
the
other
way
around
of
having
folks
sort
of
you
know,
I
would
much
rather
a
tool
like,
for
example,
the
stuff
that
we're
doing
with
the
secure
software
factory.
I
would
much
rather
that
tool,
references
and
says
hey.
We
are
an
implementation
of
this
thing,
then
saying
then,
having
the
document
say:
hey
here's,
an
implementation
of
the
secure
software
factory,
because
I
don't
want
it
to
come
off
as
hey.
B
This
is
the
officially
sponsored
thing
right
and
I
wanna
and,
and
the
problem
that's
happening,
is
a
lot
of
people
are
starting
to
take
it.
That
way,
and
just
just
rather
not
do
that
and
then
obviously
with
folks
who
are
just
like
hey
look,
I
get
it,
everybody
has
a
startup,
everybody
has
something
they're
trying
to
sell
and
I'd
really
rather
not
get
into
the
the
the
business
of
oh,
hey.
B
You
you,
you
put
your
you
know,
you're
an
open
group
and
you
sort
of
said:
hey
we're
we're
endorsing
this
product
that
could
make
somebody
rich
right.
I
really
rather
not
get
involved
in
that
in
that
situation,.
A
Yeah,
I
think
we
have
the
cloud
native
security
map
for
that.
So
you
know
we
can
channel
all
that
all
the
energy
to
then
just
deal
a
bit
a
little
bit
once
right.
We've
we've
went
through
this
wave
of
like
oh,
you
know.
We
have
this
list
of
things,
we're
like
okay,
how
do
we
get
your
project?
What
are
the
priorities
that
with
this
project
and
not
this
project
so
yeah?
I
agree
on
that.
Let's
keep
this
somewhere
just
so
that
when
we
want
to
put
it
in,
we
have
it
handy.
C
I'm
sorry
I
put
my
hand
up.
Would
it
make
sense
to
have
like
a
radar
or
something
like
like
that
for
supply
chain
security
products
right?
I
think
that
would
be
a
better.
It
might
be
a
better
way,
but
I
think
that
we
have
cncf
has
some
stuff
like
that:
don't
don't
they
were
like
a
like
road
maps
and
radars
and
stuff.
B
Yeah
yeah
yeah.
I
think
I
agree
with
you
on
that
one
and
you
know
having
it
be
something
like
a
radar,
a
living
dock,
that
kind
of
thing
and
and
make
it
clear
like
the
purpose
is
for
sort
of
saying
here
are
products
that
we
have
evaluated,
and
this
is
the
criteria
we've
evaluated
them
under
and
and
then
I
think
we
have
a
lot
more.
B
We
we,
you
know
as
long
as
there's
reasoning
and
a
lot
of
other
stuff
behind
it.
I
think
it's
a
lot
easier
to
sort
of
defend,
hey
here's,
why
these
things
are
listed
and
maybe
other
things
are
not.
But
today
I
don't
think
we
have
that
you
know
reasonably
in
the
reference
architect
in
the
reference
architecture
document,
which
is
why
I
think
we
should
probably
remove
it.
B
B
So
specifications
I
think
we're
leaving
in
there
so,
like
I
think
we're
saying
you
know,
I
think
the
only
specifications
were
really
even
referencing
at
all
is
spiffy
in
one
place
and
I
think,
and
I
think
we
might
be
referencing
salsa
in
one
place.
You
know
stuff.
That
is
just
very
very
much
like
it
is
not
we're
not
talking
about
the
tools,
we're
not
talking
about
anything
like
that
and
then
in
a
few
places.
I
think
we
are
referring
to
stuff.
Like
you
know,
oh,
you
know
look
at
other
best
practices.
B
Documents
like
the
cncf
best
practices
documents
as
well
as
things
like
you
know,
nist
and
other
sorts
of
standards.
So
I
think
we
just
have
a
couple
of
things
where
we
sort
of
generically
refer
to
other
things,
but
we
are
trying
to
kind
of
like
avoid
yeah,
I
mean
even
stuff
like
in
toto.
I
think
we've
mostly
removed
trying
to
say
hey.
C
So
I
disagree
with
removing
it.
First
of
all,
salsa
providence
is
based
on
in
total
right
also,
there
are
several
projects
that
implement
in
toto
right
in
toto
is
a.
If
you
go
to
justin
corman,
you
ask
him
what
it,
what
a
total
is
within
the
cncf.
His
charter
states
that
it
is
a
specification
project
right.
C
It
is
not
a
project,
they
have
some
reference
implementation,
just
like
spiffy
spire,
but
I
think
once
we
start
talking
about
sanctioned
specifications
right,
especially
one
since
we
are
a
cncf
group
we
should
be
talking
about
in
toto
where
salsa
is
a
implementation
of
in
total
right.
So
is
like
the
witness
definitions
that
we
have,
that
you
know,
which
is
the
open
source
project
that
we
hopefully
will
be
donating
at
some
point
right.
C
So
I
I
I
think,
I'd
like
to
roll
back
a
little
bit
on
pulling
and
total
stuff
out,
especially
since
it's
has
such
a
long
lineage.
It's
well
researched,
well,
more
than
salsa
or
any
of
these
other
things
and
we've
had
a
lot
of
members
been
working
on
a
long
time
and
it
solves
this
problem
right.
The
research
is
there
and
a
lot
of
people
working
on
it
for
various
organizations.
A
So
on
that
we
actually
have
some
guidance
on
the
requirements
for
those
kind
of
things.
I
think,
especially
if
you
know
it
isn't
obviously
like
I
think
for
certain
things
like
like
in
this
documents.
I
think
those
are
kind
of
seen
as
understood
to
be
kind
of
industry-wide
resources
and
then
for
standards.
A
If
there
are
things
that
are
easily
innumerable,
but
it's
clearly
defined.
For
example,
like
you
know
an
s-bomb
case,
and
things
like
that,
then
we
should
just
list
all
of
them.
A
If
there
is
contention
around
it,
where
it's
not
obvious,
or
these
are
still
standards
that
are
kind
of
like
evolving,
then
I
think
you
know
describing
them
and
then,
following
kind
of
like
the
guidelines
that
we
have,
let
me
let
me
find
it
and
then
I'll
share
in
the
in
the
psych
channel,
but
basically
go
something
like
we
are
going
to
say
that
this
isn't
the
only
thing,
but
we
have,
although
say:
okay,
we
favor
cncf
mentions
of
projects
followed
by
having
particular
requirements
for
projects
such
as
you
know.
A
You
need
to
have
more
than
one
maintainer.
You
need
to
have
a
certain
lifespan.
It
isn't
driven
just
the
open
source.
Licensing
is
just
driven
by
the
organization,
and
then
you
know,
if
you
don't
have
all
that
then
drops
to
you,
know
commercial
products.
If
you
really
have
to
mention
it,
so
I
I'll
find
that
and
I'll
share
it
in
the
sec
channel.
A
But
I
think,
as
long
as
as
long
as
we
have
something
to
point
to
it
says:
okay,
this
is
how
we
derived
it,
and
people
are
okay
with
the
criteria.
Then
I
think
we
kind
of
reduce
the
contention
die.
C
You
go
man.
If
I
was
going
to
draw
a
line
there,
I
would
say
it's
either
draw
it
on
specification
versus
implementation
or
just
pick
a
tier
on
the
cncf
and
say:
hey
we're
it's
the
cncf
project,
we're
coming
out
with
paper.
So
let's
go
ahead
and
say
anything.
It
makes
up
to
this
tier.
The
cncf
they're
allowed
in.
A
B
I
I
think
I
was
just
using
that
as
an
example.
I
actually
don't
think,
there's
any
really
main
things
around
contention
around
that
I
think
there
was
some
contention
around
it
turned
out
in
one
of
the
appendixes.
It
refers
to
tough
slash.
B
Notary
and
the
sig
store
folks
were
like
hey.
Why
are
you
not
including
notary
as
part
of
that
thing
and
going?
Oh?
Actually,
we
probably
shouldn't
have
included
either
of
those,
maybe
tough,
because
tough
once
again
is
just
a
spec
notary
and
six
store
are
both
sort
of
like
you
know,
mechanisms
that
kind
of
do
the
signing
and
yaya,
and
I
think,
yeah
on
that
front.
B
I
think
there
was
one
thing
there
and
there
might
have
been
one
or
two
other
things
that
I
think
we're
sort
of
either
open,
gatekeeper
versus
kieverno
or
something
like
that,
and
I
think
the
idea
was
you
know
to
actually
just
sort
of
remove
that
and
just
sort
of
say,
admission
controllers,
as
opposed
to
saying
any
specific
admission,
controller,
yeah
and-
and
I
think
yeah
the
same
thing
goes
with,
even
though
there's
no
point
of
contention
at
this
moment.
B
Regarding
that
reference
implementation
that
my
team
had
sort
of
built,
I
given
that
it
is
being
donated
or
not
done.
It
sorry
contributed
very
specifically
contributed
to
the
open
ssf
in
the
next
couple
of
weeks
and
given
that
it
is
apache
licensed
and
everything
else,
there
is
worry
that
hey
somebody
goes
and
looks
at
it
and
goes
great.
I
would
like
to
make
a
business
out
of
this
right
and
they
start
to.
You
know,
support
that.
B
As
you
know,
and
in
fact
a
bunch
of
folks
have
sort
of
come
out
and
said,
hey,
we
would
love
to
you
know
a
lot
of
companies
that
you
know.
Github
actually
opened
up
a
couple
of
issues
with
our
us
to
say:
hey,
we
would
love
to
integrate
with
whatever
this
thing
is
going
to
become,
and
we
really
rather
not
get
into.
The
thing
of
like
hey
here
is
the
open
ssf.
C
C
It
and
if
you're
a
vendor-
and
you
meet
these
licensing
requirements
to
put
your
tool
on
here,
go
ahead
and
make
a
pr
and
get
it
in
there.
I
think
that's
a
much
more
efficient
way
to
do
it
than
us
trying
to
bike
shed
over
what
tools
should
go
in
a
document,
because
we're
never
going
to
make
anybody
happy
right.
You
deal
with
this
stuff,
yeah
like
like
in
the
business
world
enough
right,
let's
keep
it
out
of
the
open
source
and
try
to
make
it
as
efficient
as
possible.
C
C
Okay,
so
I
think
I
mean
I-
I
have
a
little
bit
of
a
proposal,
then
that
hey,
let's,
let's
once
this
project
gets
wrapped
up,
can
we
roll
into
doing
some
sort
of
a
cloud
native
or
doing
some
sort
of
a
landscape
for
security,
tooling.
A
Yeah
yeah,
so
I
I
think
that
would
be
a
good
idea,
and,
and
since
we
are
on
this
topic,
you
know,
I
think
that
post
rsc
after
we
get
through
like
cleaning
up
the
paper
getting
approvals
we
we
may
want
to
start
discussing.
You
know,
what's
what's
next
up
for
this
group,
what
kind
of
what
we
wanna?
What
do
we
wanna
work
on
next.
A
Oh
no,
I
was
just
saying
that
you
know
I
think
that,
as
we're
wrapping
up
the
reference
architecture,
this
would
be
a
good
time
for
us
to
kind
of
like
brainstorm
again
to
see
where
we
are.
What
do
we
feel
like?
We
got
all
the
reference
architecture
and
see
what
are
like
some
of
the
next
steps,
and
it
could
be
talking
about
doing
the
landscape,
but
for
the
tooling
it
could
be
focusing
on
a
different
part
of
the
input
software
factory,
the
outputs
of
software
factory
distribution.
A
I
think
I
think
this
is
probably
a
good
time.
You
know
we
spent
like
almost
six
months.
Writing
a
reference
architecture.
A
B
Yeah
yeah
that
that
makes
sense
to
me-
and
I
I
think
I
very
much
agree
with
sort
of
cole
there
saying
hey.
It
would
be
great
to
because
I
know
one
of
the
big
things
that's
sort
of
come
out
of
a
lot
of
this
is
what
is
the
state
of
things
today
and
like
what
tools
do?
B
What
today
is
is
kind
of
unclear,
because
it's
changing
so
quickly,
so
I
almost
feel
like
it's
it's
whatever
I
mean
we
could
create
a
radar,
it's
probably
going
to
be
out
of
date
by
the
time
we
build
it.
Even
if
it
takes
us
a
week.
It's
like
hey,
you
know
witness
added.
These
12
features
the
secure
software
factory
stuff.
You
know
the
and
we're
changing
the
name
of
it
to
be
clear,
but
that
sort
of
thing
is
is
gonna,
probably
add
a
bunch
of
new
features.
B
You
know
I
know,
there's
been
some
discussions
on.
We
would
love
to
integrate
witness
into
what
we're
doing
with
the
the
that
sort
of
reference
implementation,
we'd
love
to
sort
of
pull
that
in
to
show
like
hey,
here's,
how
you
kind
of
integrate
tecton
chains,
plus
witness,
plus
all
these
other
things,
but
I
think
there's
there's
some
interesting
stuff
on
that
front.
B
In
addition
to
that,
I
think
yeah,
the
it
I
know,
there's
been
and
you've
probably
seen
this
as
well
brendan
that
there's
been
some
folks
in
the
open
ssf
that
are
starting
to
do
stuff
to,
for
example,
salsify
the
open
source
world,
but
hey
great,
can
we
start
to
do
the
same
sort
of
thing
with
what
we're
doing
you
know
with
with
what
we're
doing
with
the
cncf?
Is
there
areas
where
we
can
contribute
to
that?
Is
there
areas
that
we
can
collaborate?
I
think
that's
another
big
one.
B
One
of
the
other
things
that's
sort
of
coming
up
is
like.
Does
it
make
sense
for
us
to,
let's
say,
take
certain
projects
and
try
and
solicify
them
or
somehow
like
integrate
with
the
sort
of
greater
supply
chain
security
work
right,
because
I
know
one
of
the
things
that
we're
doing
with
the
ssf,
which
is
temporary
name
is,
is
actually
looking
at
how
we
map
ssd,
ssf,
ssdf
and
other
nist
and
other
sorts
of
standard.
B
How
do
we
sort
of
map
what
we're
doing
to
that,
and
how
do
we
map,
like
the
thing
that
I'm
trying
to
do
as
well,
is
how
do
we
map
what
we're
doing
there
as
hey?
This
is
a
reference
implementation
of
this
reference
arc.
Sorry,
not
a
reference
implementation.
It's
an
implementation
of
this
reference
architecture,
here's
where
we
totally
hit
it!
Here's
where
we
think
that
maybe
that
doesn't
make
sense,
yeah
yeah,
and
how
do
we
map
to
that?
B
How
do
we
map
to
these
other
standards,
because
I
think
the
thing
that
is
coming
up
quite
quickly
is
people
are,
are
are
asking
how
all
of
these
things
fit
together
and
in
addition
to
that,
especially
with
a
few
companies
have
reached
out-
and
I
can't
talk
about
some
of
them,
but
a
few
companies
have
reached
out
who
are
very
large
enterprises,
highly
regulated
and
they've
all
said,
we
need
to
abide
by
various
rules.
A
lot
of
them
are
security.
You
know
supply
chain
security
rules.
B
Some
of
them
are
literally
the
the
the
executive
order.
Some
of
them
are
other
sorts
of
standards
right
and
how
does
all
of
this
sort
of
stuff
fit
together,
and
I
I
think
we
need
to
also
start
to
discuss.
How
do
we
map
like
what?
What
does
that
sort
of
thing
look
like,
and
I
know
that
there's
some
discussions
in
the
controls
working
group
on
similar
things.
A
Yeah,
so
I
think
maybe
a
good
idea
is
it's
february
24th,
maybe
about
two
weeks
from
now,
because
next
week,
we'll
kind
of
be
looking
at
the
rrc
comments
and
responding
to
them.
Two
weeks
from
now,
I
think
I'll,
try
and
grab
a
few
folks
from
the
controls
group
bring
them
here.
A
We
can
kind
of
have
that
brainstorming
discussion
on
all
the
some
things
that
we
can
work
on
and
then
maybe
we
we
will
have
a
discussion
from
that
to
to
see
what
the
interest
is
and
and
see
where
we
can
move
forward
from
that.
A
On
that
part
of
cell
suffocation,
there
is
some
stuff
that
the
ghost
team
is
working
on
with
github
actions,
and
I
think
the
idea
is
that
you
know
we
want
to
streamline
the
way
that
we
can
use
github
actions
for
for
repos
to
to
get
salsa
too,
for
example,
right
salsa.
She
is
a
little
bit
difficult
because
we
don't
control
the
build
and
hopefully
to
to
find
some
work
to
to
see
whether
we
can
just
like
help
certain
projects
get
that
cncf
project
to
get
there.
B
Yeah
on
that
front,
with
some
of
the
stuff,
with
the
the
ssf
that's
being
contributed
to
the
open,
ssf
and
hopefully
in
the
next
week,
we'll
have
an
actual
better
name
for
it,
probably
something
salsa
or
guacamole
related
or
spicy-
something
like
that.
But
that
is
all
the
the
one
of
the
things
that
we
want
to
also
do
as
part
of
the
open
source
pieces
is.
B
We
would
love
to
like,
according
to
some
various
things,
github
actions
cannot
do
salsa
3,
based
on
the
way
some
stuff
is
set
up
today
and
there's
probably
some
work
that
github
can
probably
do,
but
there
is
some
stuff
around
hey.
We
might
have
actual
infrastructure
that
we
could
run
builds
of
open.
You
know
open
source
projects,
linux
foundation,
projects
that
sort
of
thing,
and
we
can
probably
say,
hey,
look.
We
can
pull
in
linux
foundation,
projects
that
want
to
become.
You
know.
B
You
know
salsa
level,
3
and
salsa
level
4
into
this
sort
of
thing,
and
to
be
clear,
I'm
just
kind
of
this.
These
no
nothing's
been
set
in
stone,
but
there
have
been
some
discussions
around
hey.
Could
we
deploy
this
thing?
That
is
use
that
hopefully
soon
once
the
spiffy
spire
stuff
is
all
integrated
and
everything
else
that
hey
it's
a
thing
that
sort
of
dog
foods.
B
You
know
the
reference
architecture,
dog
foods,
the
salsa
stuff
itself,
so
that,
like
it
itself,
is
built
with
that
level
of
security
and
then
hey
can
we
then
go
in
and
then
start
to
pull
in
these
other
open
source
projects
and
start
to
build
them
that
way
as
well
and-
and
then
we
can
say,
hey
look
here
is
I
don't
know
like
here
here.
B
Is
I
don't
know
kivo
or
kiverno,
and
here
is
gatekeeper
built
with
you
know,
all
of
the
the
you
know
all
of
these
tools
in
in
following
all
the
best
practices,
all
the
standards
and
and
so
on.
So
that's
something
that
that
we've
we've
discussed
a
little
bit
but
nothing's
there
yet
and-
and
I
know
also
there's
the
project
alpha
and
omega
or
whatever,
which
is
trying
to
sort
of
just
generally
secure
open
source
coming
out
of
the
open
ssf
as
well.
B
Yeah,
I
think
I
think
on
that
end,
I
would
want
to
talk
with
the
the
larger
group
the
I
I
want
to
talk
with
a
larger
group
on
stuff
like
what
do
people
think
we
should
be
working
on
and
like
also
talking
with
like
hey
look,
the
open
ssf
is
working
on
stuff,
there's.
Inevitably
other
groups
who
are
working
on
similar
things
and
there's
going
to
be
areas
where
we
overlap,
but
I
want
to
make
sure
that
where
we
can,
I
would
much
rather
collaborate
and
focus
our
stuff
on.
A
Yeah
we
could
definitely.
I
think
it
would
be
helpful
as
well.
I
know
we
didn't
do
this
for
the
initial
supply
chain
or
paper,
but
maybe
we
should
once
the
reference
architecture
papers
out.
Maybe
we
should
do
a
survey
because
linux
foundation
to
do
the
survey
on
those
two
documents
and
get
public
feedback
on
you
know
what
are
people
looking
for?
What
other
things
that
we
can
provide,
but
some
of
the
areas
that
people
want
to
focus
on.
A
Yeah
I
mean
I
I
I
don't
want
to
kind
of
like
discuss
this
too
much,
because
we,
I
think
we
we
all
agree
that
we
have
to
have
this
this
sorry,
this
discussion
with
the
logic
group.
So
I
guess
is
that
anything
else
that
we
have
to
chat
about,
or
we
want
to
chat
about.
C
C
I
I
might
have
a
demo
for
next
week,
I'll
throw
it
on
the
schedule
if
we
haven't
ready,
but
witness
integration
with
some
gitlab
stuff.
B
Sometime
in
the
next
week,
or
so,
if
you
have
some
time,
I'd
love
to
kind
of
chat
with
you
about
some
of
the
open
source
witness
stuff
and
how
we
can
maybe
include
some
of
that
in
an
example.
Build
that
we're
doing
showing
like
hey
here
is
witness
wrapping
this
and
then
here
is
chains
coming
in
showing
these
other
pieces
and
so
on.
C
Yeah
I
mean
we
should
be
able
to
verify
salsa
at
the
stations
we
haven't
tried
yet,
but
it
should
just
work.
So
I
think
if,
if
we
can
do
a
little
bit
work
there
over
the
next
couple
weeks
and
kind
of
prove
that
out
it
may
be,
you
know
seamless.
That
would
be
really
awesome
right.
I
think
that'd
be
best
case
scenario,
but
definitely
probably
a
little
bit
of
work
and
some
testing
to
get
to
that
point
to
understand
what
we
need
to
do.
A
A
I
had
a
question
for
cool.
Actually,
so
so
we've
been
working
on
the
spy
stuff
in
in
tech
compartments
and
I
think
what
we're
doing
now
is
kind
of
just
like
verification
by
controller,
so
not
like
just
infrastructure
protection.
I
saw
on
the
witness
repo
that
you're
using
ite
7.
Are
you
using
that
for
the
svids
as
well
or
I'm
just
kind
of
curious.
C
Because
yeah,
actually,
we
just
mikhail
just
finished
up
the
the
pr
I
think
last
night,
that
adds
full
certificate
constraint,
support
to
the
policy
documents,
so
we're
working
on
merging
that
in
and
figuring
out
what
we
need
to.
I
think
it
might
be
breaking
so
we're
gonna.
We've
got
to
figure
out
the
release
on
it,
but
that
should
be
in
there
by
the
end
of
the
week
or
monday
in
the
release.
We
should
have
a
release
with
that
in
there.
A
Awesome
yeah
I'll
take
a
look
at
the
pr.
I
wasn't
sure
whether
we
wanted
change
included
at
the
station
as
well.
Although
I
think,
based
on
the
current
tep,
there
isn't
a
requirement
to
do
that.