►
From YouTube: Education SIG (January 25, 2023)
Description
Agenda – https://docs.google.com/document/d/18GBwvQJNcPnwxKrnp43DhBZC7K1JM0xzGkDoKh5mu8U/edit#
Slack – https://openssf.slack.com/archives/C03FW3YGXH9
Mailing List – https://lists.openssf.org/g/openssf-sig-education
Git Repo - https://github.com/ossf/education
D
D
D
B
D
B
D
B
All
right,
all
right
all
right
welcome
to
the
January
25th
edition
of
our
education
Sig.
Do
we
have
any
new
friends
today
that
wanted
to
say
hello
and
introduce
themselves.
B
B
I
am
snowed
in
my
house
right
now.
Okay
dislike
all
right,
please
add
your
opens
down
below
we'll
get
down
to
them
in
a
second.
The
major
update
for
today
is
that
there
is
no
update
from
the
tack
on
reviewing
the
plan.
Yet,
although
my
friend
Bob
sent
a
harshly
worded
note
to
the
TAC
members
to
please
review
the
outstanding
PRS
I
have
so
hopefully
this
week
we
will
start
to
get
some
feedback
on
what
they
like.
B
E
Right,
okay,
so,
as
written
in
the
notes,
we
had
our
first
official
kickoff
meeting
last,
was
it
last
week,
yeah
and
yeah.
So
basically,
what
we
did
mostly
is
just
think
about
2023
and
see
where
we
wanted
to
go,
and
so
it
was
a
combination
of
level
setting
where
we
had
just
kind
of
briefly
been
and
looking
ahead
to
2023.
E
We
went
ahead
and
started
talking
about
what
we
can
do
to
see
what
was
going
on
within
the
existing
LF
community
and
see
where
we
wanted
to
go.
Most
of
the
conversation
was
centered
around
that
some
of
the
highlights
there
was
looking
to
see
if
we
could
see
what
else
was
going
on
within
the
open
ssf,
getting
support
from
the
open
ssf
leaders
in
the
community
in
terms
of
supporting
some
of
the
education
work
that
was
going
on
especially
around.
E
How
do
we
make
sure
that
we
are
actually
able
to
support
these
communities?
We
also
looked
into
what
are
some
of
the
Partnerships
and
communities
and
organizations
that
we
can
partner
with
such
as
back
look
black
girls,
hack,
Latinas
and
cyber,
and
then
we
also
looked
at
what
we
can
do
to
make
the
open
ssf
materials
accessible
to
some
of
the
groups
that
are
underrepresented.
E
What
else
do
we
discuss?
Oh
yeah?
E
We
also
wanted
to
look
into
starting
to
talk
to
specific
kind
of
like
focus
on
one
or
two
or
three
or
four
universities,
that
we
would
want
to
consider
in
the
short
list
to
start
communicating
with
on
some
of
the
opportunities
that
were
available,
and
there
was
a
couple
of
action
items
related
to
just
making
sure
that
we
have
like
a
short
list
of
organizations
that
we
want
to
partner
with,
in
various
capacities,
whether
they're,
like
focusing
on
mentorship
or
some
of
the
gaps
that
we
see
along
the
way
and
and
also
a
couple
of
other
action
items
related
to
identifying
the
university
and
the
partners
that
we
want
to
work
with.
E
E
What
are
some
of
the
activities
that
we
want
to
plan
and
some
of
the
short-term
activities
meant
identifying
the
groups
that
we
want
to
work
with
some
of
the
that
or
it
was
about
around
the
activities,
and
we
also
wanted
to
focus
on
open
source,
Summit,
North
America.
And
what
can
we
do
to
potentially
highlight
some
of
the
work
that
we
had
been
doing
and
then
have
some
some
activities
that
we
wanted
to
do
at
that
point.
E
For
example,
we
want
to
go
ahead
and
have
a
talk
on
some
of
the
work
that
we've
been
doing,
have
a
talk
on
where
we
want
to
go
and
potentially
do
a
birds
of
a
feather
where
we
get
some
some
feedback
from
some
of
the
folks
that
are
in
those
in
the
conferences
and
not
just
in
that
particular
conferences.
But
what
are
the
other
conferences
that
we
can
attend,
where
we
guess,
with
the
feedback,
to
help
shape
the
direction
that
we
want
to
go?
A
I
just
wanted
to
give
a
reference,
because
we
gotta
submit
those
cfps
like
early
in
February,
but
I
strongly
recommend
for
OSS
do
not
submit
this
in
the
de
and
I
it'll
be
lost,
wasted,
submit
Deni
stuff
to
the
Leadership
Summit.
That's
where
we
should
be
communicating.
This
I'd
really
recommend
that
if
you
want
help
with
the
abstract,
let
me
know.
B
I
second,
both
of
Sal's
statements,
but
first
off
the
deadline
is
February
5th.
If
anyone's
interested
I
have
a
sheet
where
I'm
working
with
collaborating
with
assorted
people
on
call
for
papers
for
the
North
America
Summit,
which
could
be
reused
for
the
European
or
the
Asia
Summit
later
and
I
talked
with
Yesenia
on
Monday
and
she
is
super
excited
about
a
birds
of
a
feather.
B
So
I
think
that
would
be
pretty
amazing
to
at
least
get
that
but
I,
like
all
the
ideas
that
the
group
talked
about,
and
we
definitely
need
to
see
see
if
we
can
get
two
or
three
sessions
submitted
out
to
that
conference
and
there's
the
leadership
conference.
I
agree,
but
there's
a
ton
of
other
micro
conferences
as
well.
So
you
can
think
about
other
potential
opportunities.
But
let's,
if
anyone
wants
help
I'm
glad
to
help
facilitate
massaging
any
abstract
and
helping
Shepherd
getting
things
through
the
submission
process.
E
Yeah,
thank
you
so
I
yeah
we're
gonna
Jay
and
I
kind
of
synced
up
yesterday,
and
we
were
gonna
at
least
submit
to
that
document
that
you
have
Crow
at
least
the
birds
of
the
feather
and
so
good
good
stuff
Sal.
So
we'll
put
it
in
the
Leadership,
Summit
and
I
know
that
I
think
probe
also
suggested
doing,
like
kind
of
like
a
Dei
update
in
the
open,
ssf
micro
micro
Summit
as
well.
B
They're
still
doing,
there's
unsurprisingly
they're
still
getting
organized
around
open
ssf
day,
but,
as
that
happens,
I
think
we
should.
If
we
had
the
abstract
Randy,
we
can
just
pass
it
over
very
quickly.
E
B
And
I'll
put
a
link
to
the
notes
for
the
cfp.
A
B
Well,
the
plan
is
fully
open
if
anyone
was
interested
in
weaving
in
our
specific
goals
around
the
eni
or
anything,
the
plane
is
still
open
for
PRS
and
even
if,
after
the
tax
starts
reviewing
it,
we
still
have
that
opportunity
before
the
GB
I
would
expect
we
have
about
a
month
on
the
plan
and
irregardless
of
the
plan.
I
still
think
we
can
continue
activities
like
creating
new
content.
B
The
Dei
committee
like
working
and
trying
to
establish
a
mentorship
program
of
our
own
or
of
aligning
with
other
things,
so
there's
a
lot
of
good
work.
We
can
continue
until
the
plan
happens.
A
B
A
Okay,
so
I
am
giving
the
Aquino
at
open
UK.
It's
got
about
like
I,
mean
I'm
sure,
where
Brian's
gotten
all
super
involved
in
it,
but
I
am
just
putting
pictures
out.
I
went
and
talked
to
Michael
from
Alpha
Omega
I
was
talking
to
Rebecca
from
Russ
I
just
want
to
sit
there
because
I'm
doing
a
talk
set.
How
do
we
fix
OS
security
by
2030.?
A
I
know
we
don't,
but
if
we
were
trying
I
want
to
know
what
we
want
to
surface
and
sort
of
highlight
as
things
that
were
like
interesting,
good
best
practices
that
we
surfaced
over
the
last
year
and
like
genuinely
just
this
literally
the
mobilization
budget,
because
I'm
speaking
to
other
governments
about
how
to
behave
this
way.
So
I
just
really
want
any
and
I
think
that's
CFT
page
might
help
a
lot.
But
what
do
we
want
to
surface
there
that
we're
genuinely
one
proud
of
and
want
to
highlight?
A
D
B
I
would
I
you
know,
tactically,
we
can
look
at
the
2022
report
that
Jennifer
and
the
marketing
folks
put
out
about
the
summary,
the
foundation
activities
like
best
practices.
We
had
some
really
good,
very
useful
guides
that
could
immediately
be
picked
up
and
used
and
those
aren't
necessarily
funding
related.
But
if
governments
were
looking
for,
you
know
good
things
to
start
to
encourage
people
to
do
those
guides.
B
Are
nice,
Alpha
and
Omega
did
a
lot
of
work,
especially
around
a
large
Foundation
platform,
type
things
like
eclipse
and
node.js
and
other
large
kind
of
project
ecosystem
things
we
were.
We
wrote
the
plan,
we
have
some
great
ideas,
but
nothing
is
actually
happened
yet,
but
I
I
will
commit
to
spend
a
little
bit
of
time
and
I
can
shoot
you
an
email
with
my
thoughts.
South
I
can
think
of
anything
that
would
be
useful
from
a
public
policy
government
perspective.
Yeah.
A
Yeah
generally,
anyone
on
the
call,
as
your
thoughts
come
through
just
send
me
like
bullet
points
on
slack
or
email.
If
you
want
to
but
yeah
genuinely
it's
just
narratively
in
that
space.
It's
a
really
good
opportunity
and
I
do
want
to
use
the
template
and
intention
behind
that
mobilization
plan
to
recommend
we
do
similar
in
other
countries.
So,
let's.
A
F
Hi
I'm
also
I
have
been
somewhat
involved
with
that
event
as
well,
and
just
Echo
just
wanted
to
Echo
those
thoughts.
I
think
the
other
thing
that
is
interesting
about
that
event
is
that
it's
going
to
be
bringing
together
a
lot
of
different
constituent
groups
like
there
will
be
people
from
government
UK
government
in
particular,
because
open
UK
has
deep
links
and
to
kind
of
like
UK,
government
and
I
think
there's
an
opportunity
to
maybe
listen
to
not
just
lead
with
a
message
of
hey.
F
This
is
what
U.S
government
is
doing.
You
know
why
don't
you
do
the
same
thing
but
kind
of
like
listen
to
what
UK,
UK,
government
or
UK
people
are
saying
about
some
of
these
things,
but
I
think
also.
There
will
be
a
strong
representation
from
the
developer,
Community,
their
open
source
developer
community.
So
there's
a
unconference
track
as
well,
which
could
be
an
opportunity
to
get
the
word
out.
F
There's
a
lot
of
good
stuff
happening
there.
Basically
so
yeah
I'm
gonna,
be
there.
I
may
be
sitting
at
the
sneak
desk
for
some
period
of
time,
telling
people
everything
I
know
about
snake.
So.
D
F
Out
sneak
stocks,
yeah
I
can
get
or
stickers,
or
what
have
you?
Yes,
hats,
but
yeah
I'm
happy
to
help
in
whatever
way.
I
can
that's
awesome.
B
Yeah,
so
if
anyone
has
thoughts,
please
post
them
into
our
slack,
so
that
Sal
and
you
know
Dan-
can
have
those
at
hand
and
we'll
think
about
the
larger
narrative
and
I
agree,
at
least
for
those
of
us
here
in
the
states.
I
had
the
opportunity
to
be
at
the
formation
of
the
LF
EU
meeting
and
open
source
is
handled.
B
Is
they
partner
very
differently
in
Europe,
where
there's
as
much
more
government,
involvement
and
I
think
it
would
be
an
excellent
opportunity
to
listen
and
kind
of
hear
that
perspective
and
to
see
how
we
might
be
able
to
provide
value
for
Citizens
everywhere.
B
Cool
all
right,
let
us
move
on
to
a
potential
piece
of
work.
For
us,
one
of
the
items
in
the
mobilization
plan
was
to
go
bother
the
member
organizations
to
donate
education,
security,
education,
content,
I
have
been
in
contact
with
those
people
with
inside
of
Intel
and
I
have
an
initial
list.
They
gave
me
a
list
of
about
60
internal
classes.
B
It's
a
mixture
of
classes
like
Ted,
talky,
Style
videos
and
outsourced
content
like
LinkedIn
education,
but
I
went
through
and
called
out
what
I
think
are
some
of
the
most
relevant
pieces
for
this
group
and
then
in
the
queue
they
are
nearly
finalizing.
B
A
C
and
C
plus
plus
secure
development
guide
and
compiler
guidelines,
they're
also
working
on
Java
and
a
couple
other
languages
So
within
the
next
quarter,
or
so
we
should
also
be
have
access
to
those
contents,
as
donations
and
I've
also
encouraged
the
Intel
Engineers
for
the
compiler
option
piece.
We
have
a
project
over
in
best
practices,
compiler
guide,
so
I'm,
going
to
see
if
I
can
get
those
folks
to
show
up
and
start
contributing
directly
to
that
guide,
but
I've
posted
a
one.
B
Two
three:
four:
five:
six,
seven,
eight
nine
I
posted
nine
candidates,
then
I'm
going
to
try
to
get
copies
of
this
content,
especially
the
instructor-led
ones.
They
will
act.
I
should
be
able
to
get
the
course
material
and
the
instructor
script
to
be
able
to
review
it.
But
if
anything
is
of
Interest
here
to
this
group,
we
think
could
be
woven
into
our
plan
efforts
and
integrated
into
our.
B
A
A
B
G
Also
probe,
when
you
look
into
adding
your
Intel
people
I'll,
send
you
a
list
because
I
sent
a
list
to
David
wheeler
to
add
some
Gentoo
people,
and
he
never
got
back
to
me
and
they
asked
me
about
that.
The
other
day,
sad.
B
I
also
pointed
my
Intel
training
people
to
SKF
and
their
eyes
got
as
big
as
plates
because
they
were
looking
at
trying
to
develop
our
own
labs
for
around.
We
use
a
a
martial
arts,
Dojo
metaphor
for
our
classes
internally,
and
so
for
the
green
and
the
black
belts.
You
have
to
go
through
and
do
a
practical
exam.
You
have
to
do
coding
examples
and
they
were
very
excited
about
potentially
looking
at
SKF
and
maybe
either
leveraging
it
or
even
potentially,
maybe
donating
some
content,
or
at
least
putting
some
issues.
B
I
just
had
the
Derpy
old
crusty
old
one.
That's.
G
You
know
if,
if
you're
running,
Linux
and
you're
using
pipe
wire,
there's
a
there's
like
a
patch
tool
they
have
to
like
redirect
audio
inputs,
hey.
B
Linux
is
not
on
the
corporate
approved
list
of
operating
systems.
I'm
allowed
to
run
really.
G
B
Right
so
I
would
the
homework
for
you,
folks
is
I,
would
look
through
the
the
list
and,
if
there's
anything
that
looks
interesting,
I
will
work
to
get
that
material
kind
of
as
a
pre-read.
So
we
can
scoot
through
it
and
see
if
there's
something
we
would
like
to
potentially
absorb
into
our
body
of
knowledge.
B
G
Question
you
being
the
Intel
guy,
could
we
get
clear,
Linux
involved,
because
I
know
that
clear
Linux
is
like
a
lot
of
people.
Think
that
clear
Linux
is
like.
You
know
the
bee's
knees
when
it
comes
to
like
making
software
like
the
authority
of
making
like
the
most
optimized
software
in
the
tool
chain
who
thinks
that
you'd
be
surprised.
B
I
can
reach
out
to
Thomas
and
the
clear
Linux
folks
what
much
like
anything
in
open
source
I'll
be
much
more
successful.
If
I
had
a
well
researched
and
educated
question
with
a
purpose
and
desired
outcome
as
opposed
to
hey,
you
all
want
to
collab.
G
B
B
No
problem
at
all
foreign
have
any
questions
or
comments
about
the
donated
content
for
all
you
other
member
organizations.
I
would
strongly
encourage
you
to
go
out
and
talk
to
your
appsec
Dev
folks
and
see
if
they're
willing
to
donate
some
stuff
too.
B
All
right
with
that,
if
you're
very
bored
and
you
like
to
have
meetings
with
me
in
a
half
hour,
we
are
having
a
source
code
management,
best
practices
guide,
call
which
will
be
amazing
and
then
at
11,
A.M
Eastern.
If
you
are
into
the
vulnerabilities,
we
are
talking
with
chain
guard
about
Vex
and
the
possible
openssf
adoption
of
some
Vex
tools
and
start
to
promoting
that
whole
awesomeness
isn't.
B
Meeting
it's
part
of
the
vulnerability
disclosures
working
group
at
the.