►
From YouTube: Education SIG (August 2, 2022)
Description
Meeting minutes: https://docs.google.com/document/d/1Lt8uGpiMFfgws8VF36xtTMaJAeHufha-7Dqz1tjrPGY/edit
A
B
B
B
B
D
Sure
start
that
off
so
last
time
we
talked
mostly
about
the
plan
and
we
reviewed
the
information.
It's
in
the
second
bullet
down
under
meeting
notes.
It
was
the
document
we
were
using
and
basically
we
were
start
at
the
top
worked
our
way
down
through
all
the
proposed
changes
based
on
feedback
and
things
we've
talked
about
in
various
meetings.
D
D
B
C
I
I
don't
actually
have
any
statistics,
but
I
think
we
have
like
14
different
programming.
Languages
represented
something
along
that
line.
Oh
yeah,
because
the
goal
is
to
not
say
there's
only
one.
Only
part
of
the
goal
is
to
show
that
you
know
you
know
it's
not
just
one
programming
language
that
you
can
write
vulnerabilities
in,
so
the
the
buffer,
overflow
and
and
such
is
primarily
c.
D
A
A
B
C
E
A
B
F
B
F
And
the
one,
the
one
thing
that
I
am
would
want
really
to
be
in
this
content
is
like
security.
Researchers
would
be
great
for
this,
but
you
need
someone
that
can
also
speak
to
the
variable.
Cyber
security
concerns
from
the
different
contribution
models
in
these
spaces.
Right,
there's,
a
reason
why
there's
a
lot
more
malicious
injections
in
python
than
java
and
people
need
to
understand
the
context.
B
A
C
B
E
B
E
You
are
essentially
we're
asking
them
to
write
a
book
about
secure
development
practices
in
c
sharp
in
python
in
whatever
and
then
present
it.
So
that's
just
an
fyi.
I
don't
think
it
necessarily
requires
any
changes
to
the
documents
right
now,
but
is
something
to
keep
in
mind.
I'm
sorry
dave!
Please
go
ahead.
D
Thank
you.
No
no
worries.
I
just
wanted
to
point
out.
I
think
this
is
good
to
get
this
stuff
specified
that
if
you
look
up
at
4.1,
we
use
very
similar
language,
expand,
improve
training,
content
and
training
materials,
including
train
the
trainer
stuff,
and
then
we
have
it
again
here.
4.2
402
is
in
person
specific
that
4.3
is
expanding
education,
materials,
language
specific.
D
E
B
Yeah
so,
for
example,
if
vicky
feels
very
excited
about
managing
the
4.0
section,
I
would
ask
whomever
you
know
vikki
and
whoever
else
she
works
with
to
look
at
items
like
that
and
try
to
find
efficiencies
or
duplications.
And
as
we
have
the
final
draft
prepared,
we
would
have.
We
would
work
out
those
nuances
and
overlaps.
C
A
B
They
might
create
the
lab,
and
then
we
would
have
other
folks
potentially
sit
with
them
or
collaborate
with
them
to
create
a
classroom
based
session
or
a
webinar,
or
we
could
suck
out
some
of
that
information
to
make
it
a
blog
or
a
podcast
or
something.
But
we
would
have
to.
We
need
to
figure
out
where
we're
going
to
start
where
the
kernel
of
the
content
is
going
to
originate
from
and
then
see
what
avenues
we
want
to,
what
channels
have
been
delivered
in.
B
B
A
Yeah
christine,
I
think,
to
david's
point,
if
you
think
about
the
material
or
if
it's
like
something
like
video
content,
the
cost
could
go
up.
If
it's
something
like
you
need
some
presentations
with
a
lot
of
graphics,
then
you
need,
like
maybe
a
graphic
person,
a
ui
ux
person
across
the
board.
So
it's
it's
thoughts
like
that.
That
can
come
into
the
cost.
C
If,
if
I
may,
you
know
I
actually
work
with
the
linux
training
folks,
they
actually
discourage
videos
as
soon
as
you
get
to
any
serious
length
and
the
reason
is,
it's
basically
impossible
to
keep
them
up
to
date
for
short
pieces
of
information,
it's
great,
but
there's
no
opportunity
to
collaborate,
there's
no
opportunity
to
edit
easily,
and
basically
this
is
the
problem
that
safe
code
encountered.
They've
got
some
really
nice
videos
that
you
know
they're
most
of
them
are
absolutely
wrong.
D
D
B
Yeah
and-
and
we
may
decide
like,
for
example,
secure
coding
principles
is
a
near
timeless
topic,
and
that
might
be
something
that
lends
itself
to
a
video
but
potentially
dealing
with
memory
safety
issues,
especially
based
on
languages.
That
might
be
something
that
doesn't
lend
itself.
So
we
will
need
to
spend
a
lot
of
time
figuring
out
like
what
content
we
want
and
how
we
want
that.
What
channel
we
want
that
delivered
in.
B
B
D
D
The
changes
and
conversations
we've
had
make
sure
we're
all
at
least
generally
on
the
same
page,
and
then
the
next
step
is
going
to
be
to
dive
into
these
sections
in
in
greater
detail,
probably
smaller
groups,
and
that's
when
a
lot
of
the
these
conversations,
I
think,
should
happen
as
far
as
the
specific
who's
and,
what's
and
hows
that
they
come
into
play
and
understanding
that
you
know.
After
those
conversations,
some
of
the
the
numbers
may
need
to
change,
or
things
may
need
to
be
massaged
and
altered.
Okay,.
B
A
G
G
B
Like,
for
example,
it's
we've
talked
several
times,
we
want
to
talk
to
ieee
or
the
us
department
of
education.
I'm
not
going
to
do
that
because
I
have
other
stuff
to
do
so.
We
will
hire
someone
to
go
out
and
kind
of
help,
establish
these
relationships
to
go
out
and
make
those
connections
and
to
try
to
get
our
content
adopted.
F
Yeah,
so
for
this
for
these
two
people
I
would
really
want
them
to
be
really
specified.
Someone
has
previous
experience
in
this
kind
of
partnership,
so
it
sounds
like
this
would
break
down
by
government
and
federal
partnerships
and
then
educational
partnerships
and
find
someone
with
that
specific
domain.
B
F
Now
there
are
definitely
people
that
specialize
in
this
in
educational
partnerships
for
new
curriculums,
so
they're
they're
going
to
be
sitting
more
in
like
the
entrepreneurship
offices
spaces.
But
if
you
have
the
right
language
in
that
job,
description,
you'll
catch
them.
If
you
don't
do
that,
we're
just
going
to
get
a
bunch
of
education
content
creators
which
can't
do
these
partnerships
effectively.
B
And
we've
also
talked
about
targeting
like
a
trade
schooly
boot
camp
style.
People
like
I
mentioned
girls
who
code
a
couple
times,
and
we
we
call
out
a
few
of
those
programs
and
projects.
So
again,
I
think
it's
in
order
to
get
that
penetration
of
the
content.
We
need
to
have
someone
focused
on
building
those
relationships
and
kind
of
forging
those
partnerships.
B
This
is
linked
to
six,
not
necessarily
judy
the
certificate.
For
example,
we
have
the
best
practices
badge
today
and
that
it
does
great
and
it
shows
up
a
limited
amount
of
places.
So
we
want
to
focus
some
effort
to
maybe
get
linkedin
to
call
an
api
and
show
that
david
wheeler
earned
a
best
practices
badge
for
the
best
practices,
badge
project
and
we'd
like
to
show
that
up
in
his
linkedin
profile
or
his
linux
foundation
profile
or
whatever
targets
we
want.
B
G
C
B
C
A
C
C
B
B
D
C
Yeah
about
2.6
and
2.7
are
about
connecting
to
traditional
educational
systems,
and
if
I
took
a
computer-based
training
course,
I
would
still
want
4.6
to
execute.
In
fact,
that's
probably
even
more
point
more
important.
In
that
case,
I
I
think
the
problem
here
is
that
4.6
needs
some
clarification
and,
and
that's
okay,
you
know
expand
certificate
and
badge
systems,
so
that
can
can
I
just
kind
of
verbally
go
so
so
that
completion
of
training
education
in
in
these
areas.
G
B
C
B
G
Does
this
seem
to
be
a
higher
level,
so
2.6
2.7
is
a
low?
Is
you
know,
I
don't
know
what
works
in
other
countries
in
ireland
you
have
the
higher
education
authority,
who
would
delegate
out
to
universities
and
schools,
so
is
there
is?
Are
those
people
going
to
actually
go
in
a
very
high
level?
I
still
think
you
need
people
to
to
create
partnerships
at
a
lower
level,
but
is
this
particularly
government
bodies,
higher
level
targets.
D
The
way
that
this
is
organized
is
section
two
is
about
expanding
education.
So
that's
what
we
want
to
do
to
expand
education.
Section
four
is
the
first
six
to
eighteen
months
of
execution,
okay
of
how
we
wanna
do
certain
things,
so
I
don't
necessarily
think
it
needs
to
be
in
one
spot
or
the
other.
I
think
what
we're
doing
is
in
here,
maybe
inadvertently,
is
we're
calling
out
the
first
six
to
eighteen
months.
This
is
how
we
want
to
execute
to
work
toward
the
goal
that's
listed
in
2.6
2.7.
A
B
B
A
B
G
Yeah,
I
was
just
wondering
I
I
think
I
came
across
this
if
david
would
know
more
about
this
would
be
a
fantastic
scholarship
program
in
the
linux
foundation.
Is
there
are
we
considering
creating
our
own
one
or
plugging
in
and
developing
existing
ones
are
adding
on
to?
Is
that
feasible
or
what
is?
Is
this
our
scholarship.
B
G
B
B
C
E
Yeah,
so
I
I
know
that
david
has
has
tilted
out
this
windmill
in
the
past
and
has
some
experience
with
with
this,
but
I
still
think
it's
worth
trying
again,
because
it's
certainly
important
enough-
and
I
think
perhaps
they'll
have
gained
a
bit
of
perspective
in
since
it
was
last
attempted
and
having
the
having
the
kind
of
cred
of
open
ssf
behind
the
endeavor
may
help
make
it
happen.
So
yay,
big
plus
one.
B
C
I
I
don't
know
how
else
to
say
it:
they
they've.
They
have
added
security
requirements
to
the
cyber
security
curricula.
Just
don't
let
anybody
else
learn
about
this
stuff,
so
so
primari
not
just
in
you
know,
I
don't
know
how
else
to
say
that
not
just
in
cyber
security
ghetto
and
if
somebody
is
a
better
phrase.
Sport,
that's
great.
I
I'm
saying
that
informally,
because
I'm
not
sure
how
to
say
it
more
formally,
but
it's.
C
A
F
C
C
B
B
Container
developers
and
we
talked
about
identifying
potentially
maintainers
from
top
projects
and
have
them
find
some
way
to
upskill
them
for
taking
the
class,
encourage
employers
to
hire
people
that
take
these
classes,
scholarships
grants
grants
for
developers
and
requirements,
add
the
class
taking
and
certification
as
requirements
for
some
projects,
but
you
must
have
this
to
work
on
that
or
attain
a
certain
level
of
contribution
we
want
to
develop.
Why
is
this
important
to
me?
One
pager.
B
That
sounds
fun.
We
wanted
to
support
and
mentor
developers
as
they
take
the
training.
Have.
I
could
ask
us
anything:
webinar
office
hours,
actual
one-on-one,
mentoring,
I'll
encourage
des
to
identify
successors
and
then
potentially
offer
things
like
tickets
to
conferences
or
training
as
incentive
for
taking
the
training.
So
how
do
we
feel
about
this
edition.
D
B
D
I
I
think
we
should
just
leave
incentivize
maintainers
developers,
take
courses
or
some
general
statement
that
covers
what
the
goal
is.
Maybe
move
that
stuff
into
the
second
column.
So
we
don't
lose
it
and
say
this
needs
to
be
refined
by
that
group.
That's
looking
at
it
there's
a
lot
of
good
suggestions.
I
don't
want
to
lose
any
of
that.
B
C
C
B
I
think
we're
going
to
need
to
have
a
list
of
what
we're
going
to
commit
to
in
the
first
year,
so
the
first
12
to
18
months.
We
will
do
these
things
and
then,
if
we
had
extra
things
in
the
backlog,
we
can
show
exemplars
that
if
we
have
more
resources
or
we
get
done
more
quickly
or
in
year,
two
we
would
move
on
to
something.
But
we
definitely
want
to
have
a
list
of
things
we
will
commit
to
do
x,
y
and
z,.
A
B
E
A
Yeah,
so
let
me
try
again,
so
if
you
look
at
in
incentivize,
I
would
say
it
will
also
also
be
very
closely
coupled
with
your
the
reputation
that
you
have
right.
If
you
have
like
really
on
point
material
and
everybody
says
like
okay,
this
course
is
kick-ass,
then
well,
there
you
get
your
incentivization.
A
G
A
Try
harder
and
they
really
have
like
the
reputation
if,
like
hey,
if
you
follow
that
stuff,
you
know
you,
you
learn
something
there
right
and
I
think,
and
ultimately
that
boils
down
to
that.
The
community
decides
the
value
of
the
certification
or
the
courses
that
we're
providing.
So
I
think,
yeah
reputation,
building
like
make
sure
that
we
have
awesome
stuff,
yeah
and
then
from
there.
I
think
you
you
get
that
snowball
effect
right.
C
C
C
I'm
sure
there's
a
right
click
and
select
the
magic
button
restart
numbering
at
a
there.
We
go
all
right,
so
I
would
suggest
why
don't
we
keep
it
but
remove
at
least
b,
because,
although
I
think
we
want
to
encourage
employers
out
of
these
people,
that
it
that's
much
harder
to
figure
out,
but
if
we
deleted
that
now,
maybe
the
scholarships
has
not
already
been
covered
elsewhere.
C
C
F
Yeah,
because
I
mean
the
this
bullet
point
really
speaks
to.
What
fundamentally
do
we
need
to
do
to
upskill,
the
maintainer
class
already
in
the
ecosystem,
but
a
lot
of
these
bullet
points
are
general
education
and
evangelism.
So
I
think
we
really
a
lot
of
these
bullet
points
need
to
go
other
places
when
we're
focusing
on
maintainer
education,
engagement
and
compensation.
F
A
C
Historically,
sos.dev
has
been
more,
someone
proposes
something
and
then
responds,
which
is
sensible.
I
mean
nobody
can
know
everything,
but
I
would
like
to
think
that
this
would
have
a
proactive
part
now,
if
the
proactive
part
is
reach
out,
contact
them
recommend
it
and
then
the
and
then
the
next
step
is
go
talk
to
sos.dev
sure
that
would
make
sense,
but
yeah.
F
Yeah,
I'm
doing
exactly
this
right
now,
so
I'm
trying
to
get
all
the
cncf
maintainers
to
get
to
100
security
on
their
cll,
monitor
and
providing
them
basic
training
around
those
for
the
scorecard
and
then
right.
We
enabled
them
to
highlight
that
to
sos
dev,
it's
just
a
matter
of
connecting
the
dots
in
the
user
experience,
but
we
have
all
the
elements
we
need
to
cover.
A
lot
of
these
points
already.