►
From YouTube: OpenSSF TAC Meeting (January 28, 2021)
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
B
C
C
All
right
we
got
11
people,
I
think
that's
good
enough
and
I'm
impatient.
So
we
have
a
few
things
to
cover
today
on
the
agenda,
so
one
main
topic,
but
we
have
a
couple
updates
from
kay
so
to
talk
about
the
town
hall
meeting,
updates
to
the
technical
roadmap
and
then
dan.
C
If
you
have
time
to
talk
about
the
abilities
document
which
most
of
the
stuff,
I
don't
think
we
need
to
spend
a
ton
of
time
discussing
and
then
we'll
kind
of
finish
up
with
lindsey's,
going
to
talk
about
the
finalization
and
sort
of
what
the
process
is
going
to
look
like
for
electing
the
final
attack
and
what
that's
going
to
look
like
going
forward.
So
with
that?
Okay,
do
you
want
to
kick
it
off
with
town
hall
mini.
A
Yeah
sure
so
we
will
be
holding
a
town
hall
meeting
again
in
february
and
our
last
quarter
we
had
it
sort
of
we've
been
we're
on
a
cadence
where
we
well
a
couple
things.
So
we
we
were
on
a
cadence
started
a
cadence
in
the
last
quarter,
where
we
had
a
press
release
at
the
end
of
the
quarter,
and
that
was
in
october,
and
then
we
had
a
town
hall
meeting
shortly
following
in
the
beginning
of
the
next
month.
A
This
year,
this
quarter,
things
have
changed
just
a
little
bit.
Instead
of
doing
a
press
release
we're
doing
a
blog
post
and
that's
because
we
don't
we
want
to
kind
of
save
our
our
press
releases.
For
when
we
have.
A
You
know
big
splash
news,
so
we
want
to,
you,
know,
have
a
couple
of
new
members
or
you
know
you
know
a
few
important
things
that
are
happening
in
you
know
the
technical
committee
and
this
month
we
just
didn't-
or
this
quarter
we
just
didn't,
have
quite
as
much
so
we're
going
to
do
a
blog
post
and
then
we'll
retweet
that
and
the
members
of
the
tac
and
the
working
group
leads.
A
Have
all
seen
this
and
are
familiar
with
it,
the
town
hall
meeting
will
be,
and
the
town
hall
meeting
we're
going
to
delay
just
a
couple
of
weeks
rather
than
having
it
early
in
the
month,
and
that's
just
because
there
are
some
other
things
going
on
at
governing,
that
the
governing
board
has
a
an
off
site
coming
up,
and
we
just
didn't
want
to
be
too
have
too
many
things
going
on
that
in
early
in
february.
So,
but
we
did
pick
a
date
and
lindsay.
A
I
think
I
I
didn't
write
down
what
that
date
was.
Do
you
have
it
off
top
of
your
head.
E
Yes,
so
the
date
that
we
had
the
most,
I
think
folks
for
was
monday
february,
the
22nd.
My
question
was,
I
think
we
had
like
held
two
hour
blocks.
E
A
That's
right,
so
we
have.
This
is
another
thing.
It's
last
time
we
scheduled
for
two
hours
and
we
took
just
right
around
an
hour
and
a
half
this
time.
I
think
we'll
be
fine
in
just
one
hour.
So
so
that's
why
lindsay's
asking
so
I
guess
it's
do.
We
want
it
to
be
one
to
two
or
two
to
three.
A
That
would
be
eastern,
I'm
fine
with
the
earlier
time.
I'm
you
know
I'm
guessing
if
well,
let's
see,
if
maybe
people
want
to
take
a
second
to
check
their
calendars
and.
F
E
A
All
right,
the
other
item
I
had
is
the
technical
roadmap,
so
I
have
done
a
little
bit
of
pre-thinking
on
how
we
want
to
pull
that
together,
and
I
wanted
to
share
that
with
this
group
and
then
from
this
I
will
reach
out
to
all
of
the
working
group
leads
and
the
other
folks
who
said
that
they
were
interested
in
in
working
on
it
and
start
to
fill
in
data
for
it.
So
let
me
share
my
screen.
B
A
Okay,
okay,
so
what
I
thought
we'd
do
is,
I
think,
eventually,
what
we'll
want
to
be
able?
What
we'll
want
to
roll
up
to
is
to
have
kind
of
a
matrix
where
we
share
by
quarter
the
activities
that
we're
planning
to
complete
organized
by
the
the
vision
pillar
that
it
falls
under.
A
And
so
I
I
popped
some
information
in
here
and
these
might
not
be
right,
but
it
was
just
to
give
an
idea
of
some
some
things
that
might
that
might
fit
in
so
so
we
had
this
discussion
yesterday
in
the
governing
board
planning
committee
about
it,
because
it'll
be
working
groups,
largely
working
groups
and
projects
that
are
doing
the
work,
but
we'll
roll
up
by
vision.
A
And
so
I
thought
we
might
have
the
final
roll
up
be
what
I'm
showing
on
this
first
page.
And
then,
if
you
can
scroll
down
ryan.
A
We
might
do
a
process
to
work
through
it
by
starting
first
with
each
of
the
working
groups
and
have
them
identify
by
quarter
what
what
their
plan
projects
are.
And
then
we
can
take
this
once
we've
got
the
working
groups
filling
out
the
bottom
part
and
then
roll
it
up
so
that
we're
showing
it
by
by
by
vision,
pillar.
D
A
G
A
And
then
down
here
it
could
be
whatever
so.
D
H
A
You
know
it's
it,
it's
it's
to
to
get
a
sense
so
that
we
can,
you
know,
share
across
working
groups
and
and
with
others.
You
know
this
doesn't
nobody's.
This
is
not
like.
You
know,
we're
we're
an
open
source
foundation.
You
know
we
can't.
We
can't
enforce
that
that
people
do
these
things,
but
it's
just
to
you
know
essentially
just
roll
up
a
summary
for
everyone
to
see
of
what
it
is
that
that
we're
planning
to
do
and
we'll
change
this.
I
think
you
know
quarter
by
quarter.
A
We
can
you
know,
plan
on
changing
it
out
and
getting
more,
you
know
putting
in
what
we
really
did
and
be
more
accurate
about.
What
we
think
is
is
coming
up
in
the
in
the
future.
So
it's
it's!
Not
it's!
It's!
Okay!
If
it's
in
in
my
mind,
if
it's
slightly
aspirational,
this
is
what
we
what
we
think
we'll
be
doing
and
and
then
we
update
it
as
we
go
along.
A
I
think
there's
a
lot
of
value
in
us
having
so
and
but
let
me
check,
I
think,
there's
a
lot
of
value
in
us.
You
know
having
this
summary
that
we
can
show
to
people
that
says:
here's
here's
where
we
think
we're
going.
Here's
what
we
think
we're
working
on
over
the
coming
the
coming
year
and
we
have
some
of
that
done
in
the
working
group
level.
But
it's
you
know.
People
want
to
see
that
summary
vision
they
have
to
there.
They
they
can't.
A
You
know
they
have
to
go
look
around
at
each
of
the
working
groups
and
it
might
be
in
meeting
minutes
and
this
way
we've
just
got
it
up
front
and.
I
C
Yeah-
and
I
think
it
kind
of
serves
two
purposes
like
one
for
us-
that's
already
here,
working
on
it
sort
of
motivates
to
see
where
we're
going
and
it
helps
us
coordinate.
You
know
work
that
each
working
group
is
doing,
and
you
know
keeping
things
kind
of
on
track
and
in
that
regard,
and
then
also
it's
just
inspiration
for
people
that
might
want
to
join
up.
C
They
can
see
in
one
place
kind
of
the
work,
that's
happening
and
who's
doing
it
and
if
they
want
to
get
involved,
they
can
they
know
where
to
go
and
and
which
projects
to
be
involved
in
without
having
to
go
to
every
single
one
of
the
repos
and
like
came
in,
you
know,
read
through
meeting
notes,
and
you
know
things
like
that.
So
I
think
it's
very
very
helpful.
H
H
It
seems
like
there's
kind
of
a
disconnect
between
where
the
working
groups,
at
least
the
ones
I've
attended,
are
at
in
terms
of
planning
and
what
they
plan
on
doing
and
this
kind
of
granularity,
like.
I
don't
think
I
could
guess
off
the
top
of
my
head.
What
a
single
working
group
is
planning
to
do
in
quarter
three
here
and
I've
been
to
most
meetings
of
most
working
groups.
I
That
presents
a
good
question:
is
this
going
to
be
optional,
like
if
groups
are
not
projecting
out
that
many
quarters?
Can
they
leave
those
spots
blank,
and,
and
is
that
something
that
we're
comfortable
with?
I
would
personally
be
open
to
that
and
like
that
yeah,
I'm,
okay
with
that.
C
Yeah,
I
think
it's
reasonable.
We
shouldn't
force
people
to
fill
in
details
that
they
don't
have.
It
could
be
like
to
dan's
point.
You
know
once
we
get
all
the
working
groups
together,
maybe
the
breakdown
isn't
by
quarter,
maybe
it's
more
sequential
for
the
year.
We
plan
on
doing
these
broad
things
and
here's
kind
of
the
order.
I
think
we
just
need
to
talk
to
the
working
groups
to
find
out.
C
I
know
in
some
sense
like
the
identifying
security
threats
group,
that's
doing
the
metrics
dashboard
and
things
like
we
have
a
general
idea
of
what
the
the
timeline
looks
like,
but
it's
not
currently
broken
down
by
quarter,
but
I
think
that's
just
because
we
haven't
had
a
need
to
think
about
it.
That
way-
and
that's
probably
the
case
for
a
lot
of
the
other
working
groups,
but
if
it
doesn't
match
you
know,
we
shouldn't
try
to
fit
a
square
peg.
A
Too
granular
yeah,
I
think
we
wanted
to
be
sort
of
one.
Maybe
two
bullet
points
per
working
group
per
quarter,
some
something
like
that.
F
J
F
A
I
had
well
so
that's
a
question
I
had
wanted.
I
had
thought
that
this
would
be
our
2021
technical
rope
map,
but
I
mean
we
could.
If
we
went
short
medium
long,
then
you
know
how
long
is
this
long?
Is
that
three
to
five
years
that
I
I
you
know
I
had
you
know
as
we
were
thinking
about
the
vision
that
was
kind
of
the
three
to
five
year,
which
covers
the
long
term,
and
then
I
thought
kind
of
that
the
thing
in
the
middle
would
be.
A
F
C
I
J
Yeah,
like
I
like
that
one
one
of
the
comment
down
is
also
like.
If
we
intend
to
share
this
to
to
the
world,
I
think
they're
actually
more
interested
about
what
they
impact
or
outcome
of
the
item
right
versus
a
technically
building
api
versus
a
specific
technical.
What
does
it
mean
for
the
community?
J
C
At
the
very
least,
imagine
each
one
of
these
things
should
link
to
the
working
group
repos
that
have
more
details,
but
if
it,
if
we
can
fit
it
in
here-
and
it
doesn't
make
this
chart
too
busy-
I
think
that
works
too.
F
A
E
A
A
Okay,
all
right
good
thoughts,
so
so
I'll,
I
think,
dan's
suggestion
is
good.
Also,
maybe
we
start
with
one
or
two
working
groups
and
you
know
and
work
through
it
and
then
we
can
roll
out
out
to
others.
You
know
just
to
keep
things
a
little
more
organized
and
efficient.
A
You
know
the
identifying
security
threats
might
be
a
good
one
to
start
with,
and
then
dan
are
you
well.
Does
anyone
want
to
volunteer
at
another
working
group
to
be
one
of
the
first
couple?
We
try.
C
I
think
best
practices
might
be
the
closest
like
with
the
scorecards
and
some
of
the
the
trainings
that
they're
doing
they
might
be
the
closest
to
actually
having
sort
of
a
concrete
plan.
D
And
best
practice
is
badge
too,
and
we
have
very
specific
things
we're
doing
within
quarters,
but.
D
Think
the
bigger
challenge
will
be
groups
like
security
tooling,
which
right
now
is
basically
a
discussion
group.
So
I
don't
think
I
I
think
they
would
right
now
be
a
blank
row.
All
the
way
across
this
may
be
a
forcing
function
to
suggest
you
know.
Do
you
have
anything
specific?
You
want
to
work
on.
C
Thank
you
kay,
all
right,
so
the
next
thing
that
we
have
dan
do
you
want
to
talk
about
the
abilities,
talk,
real,
quick
or
you
want
to
review
it.
We
just
have
a
few
minutes.
I
want
to
make
sure
we
have
enough
time
for
the
election
process
for
for
lindsay,
but
I
don't
want
to
yeah.
H
This
is
just
a
quick
fyi,
the
doc
is
there
it's
in
the
pull
request.
I
think
a
lot
of
people
have
looked
at
it.
Phil
just
left
a
comment.
I
think
five
minutes
ago
that
I
addressed
like
a
typo.
This
was
a
follow-up
dan
middleton
started
it.
I
think
he
missed
today's
meeting,
so
we
don't
even
spend
too
much
on
it,
but
he
started
it
in
an
issue.
I
turned
it
into
a
document
here
that
we
can
eventually
get
merged.
H
C
All
right
sounds
good
yeah,
so
folks
can
take
a
look
at
that
and
then
review
it.
That
would
be
awesome
all
right.
So
the
next
thing
lindsay,
if
you're
still
here
talk
about
the
election
process
that
you've
been
working
on.
E
I
am
here,
I'm
gonna
pop
the
doc
into
the
chat.
E
I
also
added
it
to
the
github
issue
as
well,
where
we
were
discussing
the
overall
formation
after
bootstrapping
of
the
attack
and
there's
already
been
discussion
around
how
many
members
and
those
pieces
so
last
week
I
met
with
david
ryan
and
dan,
so
please
feel
free
to
also
hop
in
here
and
clarify
things,
but
what
we
wanted
to
come
to
consensus
on
get
folks
input
on
all
of
those
pieces.
E
Is
the
proposed
makeup
make
sure
that
everyone
did
have
time
to
look
at
that,
and
also
looking
at
the
proposed
makeup
was
four
members
elected
by
the
governing
board
three
from
the
technical
initiatives?
Does
that
still
feel
right
and
sound
right
to
folks?
Would
we
rather
flip
that
so
that
we
have
four
folks
from
technical
initiatives
versus
the
governing
board
voting,
so
please
feel
free
to
put
feedback
in
there.
E
Thoughts
in
there,
as
you
kind
of
scroll
through
you'll,
see
some
suggested
guidelines
which
will
adhere
to
what's
already
in
our
charter,
but
also
just
elevating
that
it's
similar
makeup
to
the
governing
board
that
there
won't
be
more
than
two
folks
from
any
company
residing
on
the
top
or
the
governing
board,
as
it's
related
to
voting
in
all
of
those
pieces
and
then
also
guidelines
around
voting
for
the
nomination
process,
for
who
will
be
on
the
attack
during
the
steady
state
process
that
only
one
person
excuse
me.
E
Each
person
that's
identified
in
this
process
only
gets
one
vote,
regardless
of
how
many
working
groups
they're
involved
in
or
anything
like
that,
we
want
to
make
sure
that
that
is
equitable
and
fair
during
the
voting
process
itself
and
then
scrolling
down.
There's
just
some
decision
points
and
things
that
we
want
to
clarify
around
who
is
eligible
to
be
nominated.
E
How
are
we
getting
those
lists?
Is
it
just
coming
from
working
group
leads
so
just
more
clarity
around
and
consensus
around,
who
is
being
nominated,
who
can
be
nominated
and
how
are
we
tracking
all
that
just
so?
That
is
very
like
out
in
the
open
and
clear
throughout
the
process,
and
then
there's
just
some
additional
notes
there
about
carrying
forward
with.
Do
we
keep
the
tac
chair
in
place
ryan
for
continuity,
tack,
rep
in
place
dan
for
continuity,
sake
and
like
what?
E
How
do
we
think
about
that
as
we
approach
it?
So
this
is
really
to
get
us
started
and
launched
into
this
process
and
also
to
allow
for
our
community
to
also
share
their
thoughts
and
input
here,
so
that
it
is
very
clear
when
we
get
to
the
voting
exactly
what's
happening,
how
it's
happening
and
that
it's
inclusive
of
our
community's
thoughts.
E
So
I'm
sure
there
are
questions
you're,
welcome
to
kind
of
voice
those
questions
now
and
or
pop
them
in
the
dock,
as
we
go
and
we'll
continue
to
kind
of
talk
through
how
this
is
done,.
I
Apologies
if
I've
missed
this,
my
question
would
be
in
terms
of
going
from
the
existing
tac
to
a
new
tack.
Is
this
something
that
we're
totally
refreshing
on
a
recurrent
basis.
E
So
that
is
so
within
the
charter,
the
charter
language-
we
can
do
this
annually,
however,
that
vote
annually
can
be
just
for
part
of
the
tack.
It
doesn't
need
to
be
the
full
tack
refreshed
entirely
because
we
do
want
to
continue
to
have
that
continuity
sake
on
representation.
E
Yes,
we
can
run
these
elections
concurrently
with
our
other
elections
as
well.
So
it's
one
process
per
year
versus
multiple
election
processes
throughout
the
year
yeah.
That
seems.
I
E
E
C
Yeah
in
general,
I
know
I've
mentioned
this
before
I
was
going
to
say,
like
the
for
me
that
I
like
the
idea
of
flipping
the
the
makeup
from
four
members
by
the
elected
by
the
governing
board
and
three
from
technical
initiatives
to
b4
from
technical
initiatives.
Just
because
the
you
know,
the
whole
purpose
of
the
attack
is
that
this
is
the
technical
advisory
council
right,
so
the
more
from
the
actual
contributors
of
technical
initiatives,
I
think,
would
be
beneficial.
C
D
D
Am
I
you
know
we're
basically
reporting
up
to
attack.
Is
that
am
I
missing
something
I
that
was
my
understanding
when
I
read
this.
C
Yeah,
my
understanding
as
well
is
that
there's
no
formal
relationship
between
leads
and
the
attack,
but
like
personally,
I
think
we
should
try
to
get
them
more
involved
in
wanting
them
to
be
more
involved
with
the
attack
in
general.
But,
like
you
said
they
may
end
up
being
attack
rep.
But
it's
not
directly
linked
is
sort
of
my
understanding
right.
D
C
Absolutely
yeah
I'd
like
to
see
better,
you
know
more
involvement
from
that
side
and
maybe
a
more
regular
cadence
around
at
least
reporting.
You
know
how
things
change,
and
I
know,
since
we're
kind
of
bootstrapping,
to
figure
out
a
lot
of
what
this
process
is
right
now,
but
once
we
get
this
a
little
bit
more
solid,
I
think
we
we
should
try
to
encourage
folks
to
have
more
regular
attendance
and
things
like
that.
J
Yeah,
what
thought
is
if,
if
we're
not
really
picky
about
the
upper
limit,
as
long
as
it's
not
really
wild
right
like
is
there
any
reason?
Why
can't
we
make
just
like
the
leads,
be
the
tech,
rep
reps
and
then
have
additional
few
people
outside
there.
H
So
this
is
kind
of
discussed
on
the
issue
there,
the
linked
issue,
the
tax
cut,
the
size
should
be
predictable
and
coupling
the
leads
to
the
tax
seats
and
introduces
weird
incentives
and
behavior
around
adding
working
groups
and
removing
working
groups,
and
that
kind
of
thing
we
couldn't
go
that
way.
That
was
kind
of
the
main
alternative
way
to
having
this
purely
election
based
system.
H
C
C
J
I
I,
like
I,
like
the
question
that
row
is
raising
here.
I
agree
with
with
dan
and
ryan's
point
around
the
perverse
incentives
and
that
we
have
to
think
carefully
about
how
that
plays
out.
But
I
would
love
to
see
us
formalize.
A
way
for
the
working
group
leads,
regardless
of
how
many
working
groups
we
have
to
have
more
active
participation
with
the
tac,
like
maybe
once
a
quarter
or
something
on
a
recurrent
basis.
They
join
the
tac
for
a
meeting,
and
that
meeting
focuses
on
like
the
technical
plans
for
that
quarter.
I
C
Yeah,
I
completely
agree
with
that
as
well.
I
know
I
think
I
mentioned
this
before
a
few
months
ago.
You
know
we're
bootstrapping
now,
so
we
got
a
lot
of
other
things
to
figure
out,
but
you
know
previously
in
ossc
we
had
this
where
the
there
was
a
separate
meeting
just
for
working
group
leads
that
would
get
together
like
I
think
it
was
like
every
two
or
three
months.
C
I
can't
remember,
but
that
was
very,
very
helpful
and
I'd
like
to
do
kind
of
the
same
thing
like
what
you're
saying
jennifer,
where
the
tac
meetings
we
should
dedicate
on
a
regular
cadence,
a
meeting
that
is
when
working
group
leads
come
in.
We
get
updates,
we
talk
about
where
things
are
headed
and
you
know
just
kind
of
keep
everybody
in
sync.
So
if
we
could
do
that
from
attack
level
where
we
just
know
when
it's
coming,
it's
far
out
that
people
can
plan
for
it.
C
I
think,
hopefully
that
would
help
in
getting
a
little
bit
better
attendance
for
that.
H
I
think
we've
talked
about
scheduling
reviews
and
I
made
a
comment
on
the
agenda
about
that
too.
If
we
should
get
started
about
scheduling,
reviews
for
the
working
groups,
we're
supposed
to
do
them
initially,
and
you
know
ongoing
on
like
every
six
months
or
something
basis
have
the
working
group
leads
come
and
present
to
the
tech.
C
Yeah
that
could
be
a
great
way
to
you
know
just
to
kick
this
off,
because
I
agree.
We
need
to
do
that
as
well.
So
if
we
start
with
that,
that
could
turn
into
the
cadence
of
okay,
let's
get
those
guys
ready
with
with
their
with
their
charters
and
then
start
reviewing
them
and
then
set
whatever
the
cadence
should
be.
There.
A
A
Excuse
me:
if
we
do
it
on
a
kind
of
a
quarterly
cadence,
we
can
have
it
all
wrapped
into
our
town
hall
meetings.
So
maybe
you
know
maybe
there's
a
review
and
then
the
town
hall
meeting
is
you
know
a
couple
weeks
after
that,
so
they
can
reuse
the
same
content
for
the
review.
As
for
the
town
hall,.
H
Okay,
so
there's
six
working
groups
now,
if
each
one
does
a
review
in
one
tac
meeting,
that's
basically
the
entire
quarter's
worth
of
tech
meetings.
Maybe
that's.
A
I
But
one
thing
I'd
put
forward
is
the
question
as
to
whether
it's
more
useful
to
the
attack
for
it
to
be
a
retrospective
or
looking
forward.
I
We
could
do
a
review
and
I
think,
like
in
the
town
hall,
it's
been
great
to
see
the
progress
made,
but
personally,
from
the
tech
perspective,
I'd
love
to
see
these
groups
talking
about
what
they're
trying
to
accomplish
next
in
part,
because
there
might
be
some
cross
group
collaboration
opportunities.
There
may
be
places
where
we
want
to
offer
feedback,
so
I'd
be
really
interested
in
seeing
it
actually
slightly
different
content
from
the
town
hall,
just
because
I'd
like
to
know
kind
of
what's
on
the
roadmap
for
them.
K
Exactly
sorry,
I
was
just
going
to
say
from
a
collaboration
standpoint.
I
think
it's
important
for
the
folks
coming
in
from
the
working
groups
to
understand
this
is
this
is
an
advisory
forum.
It's
not
going
to
be
something
like
a
steering
committee
where
you
know
you
must
do
this
or
do
that
so
somewhere
somewhere
in
this
has
to
be
here's
an
advice,
some
advice,
recommendations,
but
it's
up
to
the
community
to
ultimately
decide
the
rna
or
which
direction
they
want
to
take
this
into.
I
Yeah,
that's
that's
a
great
point,
and
maybe
we
need
to
be
mindful
of
that
in
how
we
communicate
this
too.
It's
like
we
talked
a
bit
about
doing
reviews
and
that
to
me
sounds
a
little
bit
like
performance
evaluations,
which
is
which
is
obviously
not
at
all
the
spirit
of
what
we're
looking
for
here.
D
But
I
think
it
is
definitely
valuable
to
tell
people
we're
playing
to
do
x
and
another
working
group
says:
oh
wait,
we're
doing
y
and
maybe
they're
overlapped,
maybe
they
collect.
Maybe
they
can
work
well
together,
but
I
think
at
least
something
so
that
the
working
groups
know
about
what
the
other
working
groups
are.
Planning
is
exactly
what's
needed.
K
Do
you
think
this
is
the
forum
for
that
david?
Because
would
we
not
require
all
the
working
groups
to
be
there.
D
I
would
well
I
mean
it's
up
to
this
this
group
to
decide
that,
but
I
think
that
the
attack
would
be
a
good
place
for
that
unless
there's
a
dimension,
a
separate
meaning
of
all
the
working
group
leads.
C
C
D
B
I
Maybe
we
set
up
a
check
meeting
and
let's
call
it
on
a
quarterly
basis,
but
it
could
be
other
than
quarterly.
It
could
be
more
if
we
wanted,
but
maybe
we
set
up
a
slightly
longer
meeting
and
have
all
of
the
working
group
leads
attend
that
and
we
in
the
way
that
we
publish
the
videos
for
all
tech
meetings.
We
perhaps
label
that
one
and
make
it
easy
to
find
if
people
want
to
see
kind
of
where
this
stuff
is
going
as
well.
C
Yeah,
I
think
that's
a
great
idea
when
we
did
the
leads
meeting
in
the
past.
That's
exactly
kind
of
how
it
worked.
It
was
like
a
quarterly-ish
and
then
I
think
we
scheduled
90
minutes.
We
rarely
needed
the
90
minutes.
I
think
maybe
the
first
one
we
used,
but
after
that
it
was
kind
of
like
yeah.
Everyone
was
pretty
much
done
in
an
hour
or
so
because
it
was
just
updates
rather
than
painting
that
full
picture
for
the
for
the
initial
kickoff
but
yeah.
C
If
we
timed
it,
I
think
if
we,
you
know
like
mentioned
earlier
sort
of
syncing
it
with
you
know
either
town
halls
or
press
releases
right.
So
what
maybe?
It
was
a
few
weeks
before
one
of
those
major
other
milestones
that
people
could
kind
of
use
that
to
talk
and
plan
and
just
and
and
sync
up
to
some
of
these
other
dates.
You
know
we
could
get
on
a
good
cadence.
That
way.
J
Open
yeah,
maybe
we
can
even
divide
by
the
pillar
right
like
because
pillars
we're
not
going
to
change
that.
Often
like
we
have
four
pillars.
Maybe
that
way,
some
working
groups
are
more
relevant
for
one
pillar.
They
could
come
in
that
way,
having
more
working
groups
and
future
not
going
to
add
more
meetings.
C
Yeah,
I
think
initially
it
might
be
good
just
to
try
to
get
everybody
together,
but
if
it
does,
if
time
becomes
a
issue,
I
think
you're
right.
Some
working
groups
are
definitely
more
related
than
others,
and
so
getting
them
in
at
the
same
time
is
important.
So
if
we
need
to
split
them,
I
think
that's
a
good
way
to
do
it.
But
I'd
love
to.
H
H
Want
to
call
it
a
quick
check,
we're
kind
of
getting
away
from
the
election
process
part
here,
and
we
do
have
a
deadline
to
figure
that
stuff
out.
I
think
in
the
next
two
or
three
weeks
do
we
have
any
other
open
questions
on
the
election
stuff
before
we
get
into
the
working
group
reviews.
I
That's
a
good
question:
do
we
have
a
like
well-defined
end-to-end
workflow
for
nomination
and
voting
yet,
or
should
we
work
through
some
of
the
fine
points
of
that.
E
That's
some
of
the
like
decision
points
of
like
clarifying
how
are
folks
nominated,
who
can
be
nominated
and
those
pieces
so
that
we
can
define
that
workflow.
E
So
I'm
not
sure
if
anyone
has
direct
opinions
on
that
we
were
thinking.
Initially,
I
talked
about
working
group
leads
submitting
kind
of
a
list
of
folks
who
are
engaged
in
meetings
and
doing
things.
You
know
whether
it
be
on
github
mailing
list
live
on.
Working
group
calls
those
kinds
of
things
to
qualify
folks,
and
then
we
would.
We
would
create
an
eligible,
what's
called
an
eligible
list
for
voting
from
the
technical
initiatives.
A
I
Yeah,
okay,
somewhere
I'd,
be
I'd,
be
strongly
in
support
of
self
nomination
as
well.
Just
because
I
worry
about
doing
too
much
gatekeeping
in
the
nomination
process,.
C
Yeah,
I
was
actually
in
along
those
lines
kind
of
mentioned
something
around
I'm
not
completely
convinced
that
we
even
need
the
criteria
of
like
you've
participated
in
other
working
groups.
I
I
wonder
if
that
might
come
off
as
too
rigid,
because
I
think
if
you're
not
participating,
people
aren't
aware
of
you
and
you're,
probably
not
going
to
get
the
votes
anyway,
so
it
might
just
sort
of
be
an
overly
pedantic
statement
to
try
to
filter
people
out,
but
it
definitely
second
the
the
desire
to
have
self-denomination.
C
But
I
do
believe
they
should
be
general
members
of
openssf.
I
don't
think
we
should
have
because
anyone
can
participate
in
the
meetings,
but
I
think,
as
far
as
voting
and
things
like
that,
they
should
be
open.
Ssf
numbers.
K
And
then
I
think,
clarity
on
just
what
percentage
is
required
for
carry
forward
what
happens
in
the
case
of
a
tie,
those
kinds
of
things
as
well.
C
E
Am
I
mute?
Yes,
there
are
multiple
processes
that
are
out
there
for
us
to
use
that
I
can
definitely
draw
from,
but
I
also
wanted
to
get
our
input
too
on
it
before
saying
like
here
is
the
thing,
so
I
appreciate
the
conversation
that's
being
had
here.
K
I
think
something
else
as
well
that
I've
experienced
in
other
working
groups
what
happens
as
this
starts
to
become
more
and
more
operationalized
can
folks
that
have
been
on
continue
to
be
on.
Is
there
you
know
just
for
the
sake
of
diversity?
Can
others
like?
Is
it
like?
You
can
only
be
there
for
say
two
terms
max
or
one
term
max
or
something
and
then
get
others
to
kind
of,
encourage
inclusivity,
participation,
those
kinds
of
things
as
well.
C
C
I
I
So,
just
as
a
clarification,
if
we
were
to
move
forward
with
some
form
of
nomination
process
like
let's
call
it
self-nomination,
but
we
might
decide
something
different.
We
have
folks
put
themselves
forward
into
one
general
pool
of
tax
candidates
and
then
is
it
the
case
that
the
governing
board?
How
are
we
going
to
allocate
votes?
I
Would
it
be
that
there's
you
know
we
each
have
four
votes
and
whoever
the
four
people
are
that
get
the
most
votes
from
the
governing
board,
get
those
four
or
if
we
switch
it
up
three
seats
like
we
should
figure
out
how
we
want
to
distribute
the
actual
voting
and
then
for
the
tac
representatives.
Similarly
or
sorry,
the
working
group
representatives,
we
should
probably
use
an
analogous
form
of
voting.
I
don't
know
if
there's
one
that
we
want
to
make
use
of
by
default,
that
we've
used
elsewhere.
E
E
So
there
are
a
couple
so
part
of
the
thoughts
there
about
like
voting
and
when
our
technical
initiative
is
voting.
One
is
the
governing
board
of
voting.
So
there's
a
piece
there
around.
Do
we
want
to
have
governing
board
and
the
tactical
initiatives
vote
at
the
same
process?
E
Are
we
staggering
the
processes,
so
they
make
kind
of
better
sense
and
it's
cleaner
to
see
like
who's
voting
for
what
and
when
so,
there's
like
that
question
and
then
for
the
actual,
like
voting
process
as
far
as
like
who
can
vote
eligible
voters?
All
of
that
I
will
manage
that,
along
with
input
from
you
all
on
working
groups,.
E
Yeah
we've
we've
used
it
before
openvote.
E
C
So
are
we
going
to
take
all
of
this
and
the
feedback?
I
think,
and
then
eventually
this
will
get
incorporated
into
likes
part
of
the
charter.
Where
are
we
actually
putting
this
specific
thing,
and
the
reason
I
ask
is
that
then
moving
into
the
next
part,
given
our
timeline,
how
do
we
want
to
start
doing
this
official
review
process
because
eventually
we
go
from
ideas
to
you
know,
word
smithing,
and
you
know
that
kind
of
thing.
So.
E
So
there
are
components
of
this
that
just
need
to
be
voted
on
officially
by
tac
representatives
that
have
that
are
able
to
vote.
So
that
would
be
things
like
when
we're
starting
the
nomination
process.
That
kind
of
thing,
however,
back
to
like
the
idea
of
like
the
terms
and
term
limits,
those
are
things
that
would
need
to
be
put
into
the
charter.
So
there's
a
level
of
decision
making.
That
is,
will
happen
right
here
in
the
attack
via
voting
and
then
there's
other
things.
E
That
would
long
term
affects
the
makeup
of
the
tac,
so
voting
limits.
Those
kind
excuse
me
term
limits,
et
cetera.
That
would
need
to
go
into
the
charter,
so
we'd
have
to
kind
of
suss
out
those
two
pieces,
and
then
we
would
work
kind
of
separately
to
one
get
it
written
down.
What
folks
vote
on
and
what's
approved
in
the
process
itself,
and
then
things
that
would
affect
long-term
term
limits,
et
cetera,
we
would
add
those
into
the
charter,
I'm
kind
of
going
through
that
legal
process.
C
Okay,
so
with
having
multiple
issues
open,
do
we
want
to
you
know
open
questions
and
say:
do
we
want
to
open,
separate
github
issues
for
each
one
of
those?
So
we
can
have
individual
discussions
on
these
things,
and
then
people
can
vote
kind
of
like
how
we've
been
doing
it,
where
we
sort
of
approve
a
pull
request
or
something
of
that
nature
for
each
one,
and
then
those
get
incorporated
in
the
final
document
or
how?
How
would
folks
like
to
sort
of
handle
making
these
these
last
few
decisions.
E
So
I
think
I
could
get
it
to
a
point.
I
think
I
will
need
just
some
support
from
ryan
and
dan
just
to
like
get
these
up
there.
Just
on
the
timeline
that
we're
working
on
not.
E
I
think
github
issues
is
fine
to
use,
but
we'll
also
need
to
bring
them
into
like
a
live
tac
meeting
and
like
record
them
in,
like
the
tech
notes
like
what
the
votes
are
and
if
there
were
any
objections
and
that
so
that
needs
to
be
like
a
little
bit
more
formal
like
coupled
with
the
github
issue
feedback
just
that
it
is
voiced
during
a
meeting.
C
Okay,
that
sounds
good,
so
I
think
what
we
could
do
is,
after
this
meeting
in
the
next
today,
tomorrow
soonish
we
can
start
creating
those
github
issues,
link
them
to
this
doc,
we'll
send
them
out,
distribute
out.
You
know
via
the
mailing
list
and
and
slack,
and
then
that
way
people
can
start
the
discussion
and
then,
at
the
next
tac
meeting
we
can
kind
of
bring
everybody
back
together
and
we
can
go
through
the
the
official
voting.
C
If
that's
that's
all
we
have
to
go
to,
but
just
see
where,
where
we
landed
and
then
get
it
incorporated
into
the
into
the
charter,
does
that
work
for
everybody.
A
I
have
coming
back
to
one
of
the
items,
so
it
was
just
striking
me
that
having
a
separate
vote
by
the
governing
board
and
then
by
contributors
to
technical
initiatives
complicates
the
voting
process,
and
so
I
thought
I'd
step
back
and
and
and
try
to
understand
it.
I
don't
see
it
written
in
this
document.
A
You
know
why.
Why
do
we
want
to
have
a
separate
vote
by
the
governing
board?
Why
not
let
this
be
completely
by
the
technical
community.
A
Or
maybe
or
maybe
it's
the
governing
board
and
the
technical
community
anyway,
I'm
just
wondering
if
we
could
make
it
more
efficient,
somehow
go
ahead.
Dan.
H
So
the
charter
itself-
I
guess
it's
kind
of
up
to
interpretation-
lindsay.
I
think
you
copy
pasted
it
somewhere
in
this
document.
Could
you
scroll
around
ryan
looking
for
the
charter
language,
I
think.
H
Yeah,
probably
the
charter
language
basically
says
that
the
attack
representatives
need
to
come
from.
H
E
That
there
has
to
be
a
mix
so
that
the
members,
so
basically
you
can't
be
on
the
governing
board
unless
you're
a
member
of
openssf.
E
So
there
has
to
be
a
component
of
the
tax
that
is
voted
on
basically
by
the
members
and
that's
the
governing
board
in
this
case,
and
then
there's
another
group
of
folks.
That
is
from
the
technical
initiatives
that
don't
necessarily
have
to
be
members.
E
But
I'm
pulling
the
exact
language
I'm
just
trying
to
quickly
yeah,
particularly.
H
The
tech
representatives
need
to
come
from
the
open,
ssf
members
and
from
the
community,
so
an
easy
way
to
do
that
is
to
have
the
open
ssf
members
elect
some
in
the
community
elect
some.
C
E
C
That
any
other
questions
about
this
one
we
have
about
five
minutes
left
before
we
start
wrapping
up.
I
think
we
have
a
good
path
forward
as
far
as
having
discussion
in
the
next
two
weeks
before
the
next
meeting.
Is
there
anything
else
that
folks
want
to
talk
about
before
we
close
out
for
the
day.
I
C
Right,
we
have
a
date
an
earlier
date
for
deciding
the
process
and
then,
when
we
actually
run
this
election
is
is
open,
I
believe
for
discussion.
So
I
think
we
have
the
six
month
is
the
finalizing
that
the
process
is
to
finalize
the
elections.
So
that's
this
and
then
that's
in
the
next
few
weeks.
I
believe,
sometime
in
february.
I
So,
are
we
on
track
with
the
current
plan
of
opening
the
github
issue
and
revising
like
revisiting
to
a
vote
next
tac
meeting?
Will
that
satisfy
those
criteria.
C
C
Okay,
so
if
there's
other
things,
we
want
to
talk
about,
there's
a
great
discussion
today,
so
I'll
go
ahead
and
lindsey.
Let
me
know
I
can
work
with
you
and
we
can
get
these
things
put
up
on
as
github
issues
and
then
we
can
continue
the
conversation
there
and
then
we'll
come
back
in
two
weeks
and
and
hopefully
have
this
thing
wrapped
up.
C
All
right
well,
thank
you,
everyone,
I'll,
we'll
see
you
later
and
online.