►
From YouTube: OpenSSF TAC (October 18, 2022)
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
C
A
A
A
E
A
Right
all
right
cool
looks
like
we've
got
six
of
sevens.
We
have
enough
for
Quorum
we'll
go
ahead
and
get
going
or
three
after
first
up
on
the
agenda,
I
believe
Michael,
that's
you
with
the
security
threats
working
group.
If
I'm
memory
serves
me
correct,
that's
me:
yep
cool
Josh
is
on
Deck
with
the
security,
tooling
stuff,
just
making
sure
cool
all
right.
Well,
then,
we'll
kick
it
off.
You
know
the
drill
Michael
just
take
it
away.
Ten.
E
Minutes
yep,
you
got
it
so
just
gonna
give
a
quick
update
on
what
we're,
what
we're
doing,
not
gonna
Deep
dive
into
any
of
these,
so
I
have
like
45
seconds
per
slide,
because
I've
got
a
lot
of
slides,
so
we
continue
to
meet
every
other
week,
we're
still
averaging
10
to
15
participants.
Some
weeks
more,
some
weeks,
less
I'm
gonna,
we
have
let's
say
seven
projects
that
we
could
think
about
as
being
associated
with
the
with
the
working
group.
I've
disconnected
Alpha
Omega,
we'll
be
back
in
I.
E
Think
two
weeks
to
chat
about
that.
So
three
that
have
major
updates
that
I'm
gonna
spend
most
of
the
time
talking
about
two
that
are
no
major
updates,
so
we'll
just
go
through
those
quickly
and
then
two
more
kind
of
new
ideas.
E
Just
to
give
a
inkling
of
of
some
of
the
things
we're
thinking
about.
So
first
one
is
office
hours.
This
was
this
is
an
attempt
to
provide
a
kind
of
a
stop
gap
for
any
open
source
maintainer
to
come
and
ask
security
questions
of
Security
Experts
get
whatever
advice
they
need.
If
they
need
help
setting
something
up,
we
can
help
them.
It's
meant
to
be
a
you
know,
similar
to
like
a
real
office
hour.
E
So
you
go
there,
you
get
you
get
help
with
whatever
it
is,
so
the
first
session
is
going
to
be
October.
28Th
Marta
is
leading
this
this
project.
There
is
pre-registration
required
for
the
maintainer
there's
a
slack
Channel.
Basically,
next
up
is
like
getting
getting
a
blog
post
out
I
think
we
have
text
written
we're
just
trying
to
get
it
out
this
week
and
then
amplify.
E
You
know
at
least
we
would
love
to
get
at
least
a
couple
projects
to
to
come
and
we'll
learn
from
it
and
kind
of
go
from
there.
Jennifer.
F
Oh
yeah
I
just
wanted
to
mention
on
the
blog
post,
I
actually
recommend
going
through
the
first
session
and
then
doing
a
blog
post
afterwards,
maybe
as
a
recap,
but
definitely
sharing
on
social
media
ahead
of
time
to
get
people
to
attend.
Okay,.
E
That's
fine
I'll,
I'll
relay
that
back
and
and
we'll
we'll
do
it
that
way:
cool
cool
second
thing,
metrics
dashboard.
So
this
is
essentially
stream.
Two
of
the
mobilization
plan
we've
been
Christine,
vanad
and
Jay
have
been
meeting
for
six
months
or
so
I'm
trying
to
flesh
out
a
plan
here.
E
We
recently
got
some
some
more
folks,
azim
and
Brian
from
from
Google
and
around
from
LF
have
kind
of
joined
the
party
it's
a
formerly
adopted
as
a
Sig,
although
I'm
honestly
not
sure
what
formerly
adopted
as
a
Sig
actually
means,
but
we
all
high-fived
each
other
and
said
yes,
this
should
be
a
thing
essentially
we're
a
single
source
of
Truth
for
metric
information,
relevant
security,
metric
information
for
a
broad
set
of
Open
Source
projects,
starting
at
10
000..
E
The
what
they're
working
on
right
now
is
an
nvsr
key
scenarios.
User
experience
all
of
that
stuff,
we're
not
all
talking
about
the
technology.
Implementation
I
want
to
figure
out
what
we
actually
want
to
build
before
we
decide
on
how
we're
going
to
build
it.
E
There
I
believe,
there's
a
request
into
operations
to
set
up
regular
calls
for
this.
So
it'll
be
on
the
community
calendar
and
kind
of
going
forward.
E
Everybody's
welcome
to
participate
and
I
believe
the
state
will
be
reaching
out
to
you
guys
to
schedule
some
time
to
to
talk.
Details
about
this
funding
will
be
necessary
at
some
point
in
time.
So
why
not
maintain
our
Summit?
So
this
is
to
run
a
virtual
Summit
for
maintainers
of
critical,
open
source
projects
so
as
opposed
to
office
hours,
where
it's
kind
of
like
one
to
one
and
anybody's
anybody
can
sign
up.
This
is
just
for
critical
maintenance
or
critical
projects.
E
Invite
only
and
the
intent
is
to
have
more
open
dialogue
between
the
maintainers
and
openssf
and
also
critically,
between
maintainers
and
themselves.
Not
you
know
like
one
maintainer
and
another
maintainer
around
security,
so
this
will
this
works.
For
me,
this
doesn't
work.
For
me,
this
is
great
on
paper,
but
terrible
in
practice,
whatever
they
whatever
kind
of
comes
out
of
it.
E
Obviously
you
know
we
want
to.
Let
them
know
what
openness
is.
The
resources
that
openssf
has
one,
so
they
can
come
back
to
us
but
number
two
if
they
can
just
pick
it
up
and
use
it,
that's
great
too,
but
that's
not
really
the
main
purpose.
The
real
purpose
is
to
is
to
have
this,
to
have
this
dialogue
and
to
have
us
like
hear
directly
from
them
as
opposed
to
trying
to
infer
what
they
might
need
based
off
of
you
know.
E
All
of
our
experiences,
so
Alex,
Emily,
Umar
and
Michelle
are
are
leading
us
I
believe
the
target
is
January,
although
I
couldn't
find
that
in
the
notes,
so
I
might
just
made
that
up,
but
it'll
be
a
small
number
of
projects,
maybe
30
to
40
maintainers
for
a
three
or
four
hour,
Zoom
Workshop.
E
Do
it
learn,
rinse,
repeat
and
okay
go
from
there
so
from
Attack.
If
you
guys
have
recommendations
on
critical
projects,
you
know,
otherwise
we
can
just
use
the
critical
projects
working
group
list.
But
if
you
have
thoughts,
the
team
would
love
to
hear
that
you
can
just
ping
them
on
the
on
the
slack
Channel
directly.
It
doesn't
need
to
go
through
me
or
anything,
and
this
can
be
a
panel
during
it.
E
So
if
you
have
recommendations
on
a
panelist
I'm
sure
that
they
would
be
very
happy
to
hear
that
too
foreign,
oh
and
by
the
way,
if
you
have
questions
or
anything,
if
you
want
to
throw
them
in
chat,
while
the
next
session's
going
I'll
try
to
respond
for
security
insights,
this
is
one
it's
this.
This
has
been
stable.
This
is
a
spec
to
provide
additional
metadata
about
a
project
such
as
you
know,
I
run
static
analysis
out
of
band.
My
project
is
no
longer
being
maintained.
E
I
only
do
bug
fixes,
I,
distribute
this
on
npm
and
also
on
you
know,
Debian
things
like
that
that
wouldn't
be
apparent
to
scorecards
I,
would
Luigi's
running
this
and
trying
to
figure
out
what
you
know
how
to
take
this
Beyond
spec
into
into
like
actual
real
world
usage.
We
think
that
getting
it
integrated
getting
scorecard
be
aware
of
it
of
this
metadata
file
is,
is
one
way
to
do
that,
but
we're
continuing
to
to
iterate
on
that
secure
reviews
is
the
ossf
security
reviews
repo.
E
It's
a
collection
of
security
used
done
by
us
other
people.
You
know
wherever
we
can
find
Security
reviews
of
Open
Source.
The
intent
is
to
give
consumers
one
place
to
go
to
say:
hey
has
anybody
ever
looked
at
7-Zip
new
reports
are
being
added
pretty
regularly?
It's
not
it's
not
ramping
up,
it's
just
kind
of
stable
and
it's
growing
slowly.
E
The
last
two
are
two
new
ideas.
First,
one
is
Security
review
a
Security
review
video.
We
need
to
have
a
better
name,
because
that
name
is
terrible,
but
essentially
when,
when
different
analysts
do
a
secure
review
of
a
piece
of
Open
Source
or
just
software
in
general,
everybody
has
their
own
methodology
and
their
thought
process
and
everything
I
thought
it
would
be
interesting
to
actually
catalog
that
in
a
in
a
video
kind
of
you
know,
I
as
as
you're
doing
it
you're
talking
about
what
you're
thinking
and
it's
all
being
done.
E
Live,
oh,
not
live,
it's
all
being
done
transparently,
and
then
we
publish
it
after
the
fact.
Assuming
we
don't
find
anything
egregious
that's
why
we
can't
do
a
live
stream
so
take
away
a
little
bit
of
the
magic
of
how
these
things
actually
get
done.
E
Next
up,
I
need
to
connect
with
Emir
to
you
know
flush
this
out
a
little
bit
more.
We
might
just
do
a
test
run
in
in
maybe
December,
maybe
a
zoom
call,
and
and
do
that
but
again
iterate
on
it.
There's
like
zero
cost
to
doing
this
so
figure.
Why
not
try
it
and
final
one
is
assimilation
which
I
love
the
name,
but
this
would
be
a
SIM
for
the
open
source
Community
to
Monitor
and
respond
to
interesting
events,
so
backdoor
is
published.
E
Malware
was
found
whatever
things
like
that
we
could
take
the
the
package
analysis
rules
because
I
know
a
lot
of
them
are
are
good.
We
have
additional
rules
that
we're
we're
able
to
contribute
me
being
Microsoft
app
can
contribute,
but
then
operationalize
it
and
do
something.
The
problem
that
it's
great
to
have
a
tool
that
spits
out
this
stuff.
But
if
you
don't
have
anybody
to
catch
it,
then
it's
you
know.
What
do
you
do
so
we're
thinking
about
what
that
might
look
like?
E
There
is
a
deck
attached
to
this
deck
that
goes
into
this
with
more
detail.
This
is
not
ready.
This
has
been
in
the
oven
for
five
minutes
out
of
an
hour,
so
you
know,
but
feedback
is
always
is
always
welcome
and
hey
Michael.
C
E
Yeah
awesome
yeah,
that's
it
so
I
I
would
like
to
come
and
talk
to
in
more
details
about
this,
maybe
in
December
or
January
or
something
that's
it
questions
happy
to
take
them,
although
no
I'm
out
of
time
so
throw
them
in
chat
and
I'll
thanks.
Everybody.
A
Got
it
thank
you,
Michael
Josh,
over.
H
C
C
Excuse
me:
we've
got
kind
of
three
active
projects
at
the
moment
that
fall
under
the
tooling
working
group,
The
s-bomb
everywhere
effort,
which
is
stream,
nine
I,
think
nine
there's
a
false
positive
suppression,
specification,
which
I
I
guess
I
don't
know
is,
is
David
on.
It
hasn't
really
gone
anywhere
in
a
while,
then
there's
the
OSS
fuzzing
working
group.
This
group
is
pretty
self-hosting
they
don't
they
don't
really
report
to
the
working
group
in
any
meaningful
way,
which
is
fine.
C
They
do
their
thing,
they're
doing
a
great
job
and
so
I'm
happy
to
let
them
be
I'll
kind
of
talk
about
s-bomb
everywhere,
because
that's
the
big
thing
I
think
in
this
group
we've
usurped
our
weekly
bi-weekly
meeting
with
an
s-bomb
everywhere
meeting
just
because
planning
another
meeting
is
is
difficult
and
we
all
need
more
meetings
like
we
need
holes
in
our
heads,
so
the
things
we've
been
up
to
lately
in
s-bomb
everywhere
is
just
a
lot
of
defining
how
the
group
is
going
to
work.
C
It's
one
of
those
things,
that's
always
amusing
to
me
when
you
start
kind
of
a
new
effort,
it's
hard
to
put
the
right
pieces
in
place.
It
feels
like
it
shouldn't
be,
but
it
always
is,
and
so
there's
just
a
lot
of
like
defining
the
mission.
What
do
we
want
to
work
on?
What
do
we
want
to
work
on
and
I
know?
Some
of
this
was
defined
in
the
work
stream
plan
and
obviously
we're
refining
it
to
make
it
make
more
sense
for
the
people
involved
in
what
we
want
to
do.
C
There's
an
s-bomb
landscape
proposal
that
we're
working
on
so
one
of
the
things
the
group
has
identified
is
that
actually
getting
things
done
is
very
hard,
and
so
one
of
our
goals
for
the
work
stream
is
to
spend
our
time
working
more
on
like
funding
proposals
and
then
trying
to
farm
that
out
as
much
as
possible
versus
trying
to
get
us
to
do
the
work,
because
it
just
it's
not
practical
right.
We
have
enough
trouble
getting
this
stuff,
we're
working
on
done,
much
less
trying
to
take
on
something
new.
C
C
It's
quite
nice,
it's
huge,
the
s-bomb
one
wouldn't
be
quite
as
large,
but
basically
the
idea
is
to
to
take
this.
And
now
this
is
we're
working
on
this
proposal.
This
isn't
set
in
stone
in
any
way.
So
please
don't
read
anything
into
it,
but
we
would
like
to
see
literally
this
sort
of
tool,
but
with
s-bomb,
tooling
and
formats
and
standards
and
kind
of
everything
going
on
in
the
landscape
universe.
C
And
hopefully
this
can
kind
of
help
create
a
center
of
gravity
for
s-bomb
and
so
that
that
proposal,
Kate
and
I
have
been
working
on
and
hopefully
we'll
have
something
Worth
showing
in
a
couple
of
weeks
for
that
it's
and
obviously
all
this
is
documented
in
a
GitHub
for
for
s-pong
everywhere.
So
if
anyone
has
any
questions,
you
can
go
there,
you
can,
you
know,
ask
questions,
fill
things
in
I,
see
a
handout.
Jewelry
your
hand
is
up.
I
Yeah
I
just
wondered
if
you
could
clarify
whether
the
proposal
is
to
do
like
effectively
an
additional
landscape
so
because
the
current
landscape
is
what
actually
drives
the
member
logos
and
things
like
that
on
the
website.
So
there's
like
some
functionality,
that
kind
of
is
a
dependency
of
other
things
that
we'll
want
to
either
factor
in
or
whatever.
I
So
that's
just
a
maybe
a
heads
up
that
you
may
already
know
about,
but
then
this
I
guess
this.
The
second
question
is-
or
the
second
thought
is:
is
this
going
to
be
a
landscape
of
just
open,
ssf
projects,
specs
and
efforts
or
like
all,
in
the
security
space.
C
So
those
are
my
questions,
so
the
the
documents
we
currently
have
from
the
ntia
is
all
not
just
openssf
related,
but
I
mean
this
is
all
like.
It's
all
up
for
discussion,
none
of
it's
written
in
stone
and
and
like
the
the
logos
driving
the
website,
I
I,
didn't
know
that
and
so
there's
obviously
plenty
of
gaps
and
so
I
figure.
The
the
plan
is
like:
let's
just
get
a
coherent
proposal,
and
then
we
can
go
to
people
that
know
these
things
and
figure
out
some
of
the
details.
Avon.
B
Yeah
this
sounds
similar
and
a
little
bit
different,
also
than
some
work
happening
in
the
nascent
architecture.
Working
group
trying
to
look
at
the
whole
supply
chain
space
and
build
sort
of
an
architecture,
block
diagram
and
then
put
projects
inside
each
of
those,
so
perhaps
work
with
them,
because
s-bomb
is
one
of
those
blocks
yeah
totally
right.
So
maybe
there's
a
high
level
here
at
the
blocks.
B
Click
on
one
drill
in
here
are
the
tools
in
that
block,
but
listing
other
projects
aren't
part
of
openssf
and
maybe
even
aren't
part
of
the
LF
as
a
whole
might
run
into
some
challenges.
So
heads
up
there
start
working
with
Jory
or
myself
or
others
I'd
say
fairly
early
in
your
proposal,
just
to
make
sure
that
all
the
right
sort
of
guard
rails
are
in
place.
B
C
Thank
you,
Luke.
K
Yes,
just
checking
on
I'm,
not
muted,
I'm,
I'm.
Okay,
you
can
hear
me
yeah
great,
so
I'll
leave
it
up
to
you
if
it's
relevant
to
s-pom
everywhere,
but
I'd
love
to
see
a
user
study
on
S
bonds.
F
K
In
do
you
plan
to
use
an
s-bomb,
when
do
you
plan
to
use
it
by?
What's
stopping
you
from
using
it?
That's.
C
And
then
I
mean
we
talk
about
that
all
the
time
in
the
meetings
just
because
there
is
there's
what
we
think
people
do
and
then
there's
what
people
really
do
and
and
obviously
there's
definitely
disconnect
and
and
kind
of
just
to
I
know
I'm
running
out
of
time
here,
but
to
wrap
that
up
and
that's
one
of
the
other
big
rocks
is
some
of
the
use
cases
and
starting
to
document.
Some
of
that
and
again
we
come
back
to.
C
It-
is
very
difficult
for
us
as
a
group
to
Define
this
because,
obviously
we're
all
in
the
middle
of
it,
and
so
we
would
love
to
see
working
with
maybe
like
I
know,
the
Linux
Foundation
has
a
data
Empire
that
can
do
surveys
and
things
like
that
and
just
try
finding
ways
to
acquire
good,
honest
data
around
all
this
versus.
You
know
the
crap
we
make,
which
obviously
has
sponsor
the
most
important
thing
ever.
If
you
ask
us,
so
that's
that's,
definitely
and
again,
I
I
don't
want
us
to
do
the
work.
C
We
want
to
write
a
proposal
and
try
to
fund
that
in
some
meaningful
way,
because
I
think
working
with
some
sort
of
third
party
will
get
significantly
better
data
than
anything
we
could
put
together
ourselves
and
then
all
right
and
then
I'll
jump
to
my
last
slide,
and
this
is
the
spdx
library.
This
is
the
thing
the
tech
approved
to
fund
it
feels
like
it
was
in
year
ago.
I
think
it
was
two
or
three
months
and
I
mean
it's.
C
It's
chugging
along
there's,
three
people
working
on
the
project
from
the
contractor,
they're
they're
syncing
up
with
the
spdx,
leads
it
in
the
next
week
or
two.
We
should
have
like
some
some
more
public-facing
things
start
to
happen
with
you
know,
meetings
and
and
the
repo
being
updated
and
kind
of
all
that.
So
it's
I,
don't
have
anything
super
exciting
to
say
yet,
but
it's
it's
moving
along
just
just
as
we
expect.
So
that's
good
news,
I.
C
A
Thanks
Josh
appreciate
the
update,
just
one
quick
thing:
I
threw
in
the
agenda
as
I
was
listening
to
both
Michael
and
Josh.
We've
now
been
around
the
entirety
of
the
foundation,
with
two
exceptions.
A
One
is
the
working
group
that
was
added
in
the
middle
of
the
cycle,
so
we
need
to
add
the
end
users
working
group
into
the
rotation,
and
we
have
one
GTI
that
wasn't
able
to
make
and
give
their
presentation
we'll
get
those
two
scheduled
I
guess
the
question
I
wanted
to
quickly
poll
Tech
members
on
is
we've
been
around
I.
Think
to
you
know
gauging
folks
interests
to
understand
like
is
this
a
useful
exercise
both
for
informing
the
attacker
on?
What's
going
on?
A
You
know
to
the
maintainers
that
are
at
least
here.
The
work
group
leads
that
are
here.
Do
you
feel
like
this
is
an
effective
Forum
to
get
the
tax
attention
on
issues
so
I
wanted
to
quickly
just
kind
of
pause
and
say:
is
this
as
we
instituted
this
process
to
kind
of
get
that
awareness
and
get
that
dialogue
going?
A
Is
it
working?
Are
there
any
thoughts
on
turn
in
terms
of
like
frequency
or
usefulness,
we're
spending
roughly
a
third
of
our
time
together
in
these
meetings
on
these
sorts
of
updates?
So
it
does.
It
is
a
significant
part
of
the
dialogue.
I
want
to
make
sure
that
we
intentional
about
our
time
and
if
folks
are
positive
about
that,
that's
great.
If,
if
folks
want
to
see
modifications,
I
think
we
should
spend
a
few
minutes
and
chat
about
that.
So.
A
Going
up
so
not
sure
who
was
first
Crow
you're
you're
first
on
my
list,
so.
J
It
orders
it
based
off
of
who
clicked
first
I,
find
these
little
Recaps
essential
both
for
my
personal
knowledge,
I
understand
what
else
is
going
on,
but
also
for
my
obligations
to
my
Mothership
to
report
back
broadly,
what's
going
on
within
the
foundation
since
I
can't.
F
J
Can't
go
to
Every
call,
so
I
would
in
strongly
endure
some
requests.
We
continue
doing
this.
This
is
super
super
helpful
to
me.
A
I
mean
they
were
there
when
I
opened
the
minutes
to
start
the
meeting,
whether
they
were
there,
you
know
days
or.
K
Weeks,
all
right,
so
my
thinking
is,
we
could
streamline
things
if
folks
preemptively
read
the
deck
and
then
you
know
have
their
questions
queued
up,
possibly
I,
don't
know,
I'm,
just
thinking
of
things
to
help
slim
down
the
time
sort
of
I
I'm
guilting
myself
from
just
reading
things
on
the
Flyers
they
were
presented,
but.
A
It'd
be
nice,
but
I
don't
know
that
we
necessarily
need
to
require
at
least
that's
my
opinion
going
back
to,
like
my
macro
question,
I
think
they're
super
useful
I
think
it's
especially
in
where
we
are
in
the
overall
life
of
the
foundation.
I
think
having
this
dedicated
time
and
dialogue
and
like
the
the
format
that
I
think
many
of
them
have
used
around
hey.
This
is
what's
going
on.
This
is
where
the
attack
you
know
we
could
use
your
attention.
These
are
the
things
that
we
want
to
call
up.
A
I
think
it's
super
useful,
so
at
the
moment,
I
would
vote
to
continue
this
going
forward
as
it
exists.
But,
like
you
said,
the
pre
having
the
pre-read,
there
would
be
a
nice
to
have
for
sure
but
I.
Think
as
we
continue
on
the
dialogue
you
know
going
into
next
year.
F
K
A
And
you
know
desirable
by
by
all
involved
here,
cool
next
topic
I
had
on
the
agenda,
goes
back
to
a
discussion
around
updating
the
technical
Vision.
So
quick
recap:
since
the
last
time
we
got
together.
Two
weeks
ago,
we
had
a
governing
board
meeting
that
many
of
the
tech
members
were
able
to
attend
it.
We
had
some
dedicated
time
in
the
governing
board.
A
Meeting
to
discuss,
highlights
low
lights
opportunities
for
kind
of
things
that
we'd
like
to
see
greater
focus
on
between
the
governing
board
and
the
pack
and
the
staff
I
thought
that
communication
was
well
received.
I
didn't
you
know
there
was
not
a
lot
of
contention,
not
a
lot
of
argument.
I
think
it
was
a.
It
was
a
decent
dialogue.
One
of
the
points
that
I
know
we've
discussed
as
a
group
in
the
past
is
you
know
now
that
we
have
PR
112,
we're
kind
of
the
Project
Life
Cycle
in
place.
A
Now
that
we
have
the
mobilization
plan,
you
know
documents
in
place.
Part
of
what
we
need
to
ratify
is
in
conjunction
with
the
governing
board,
and
the
staff
is
a
Mission.
A
mission.
A
I
can't
talk
this
morning,
a
mission,
a
technical
vision
and
then
essentially
an
operating
model
for
the
projects,
the
working
groups
and
the
foundation
as
a
whole
to
make
sure
that
we're
implementing
the
vision
that
that
we
set
out
as
the
tech
and
that
we
have
the
right
support
for
Brian
and
staff
to
come
back
with
budget
requests,
hiring
proposals
and
what
you
know
figuring
out
the
operational
Logistics
that
are
needed
to
to
support
all
the
good
work
going
on
within
the
foundation.
A
So
it
kind
of
as
a
lead
up
to
the
the
in-person
meeting
at
the
LF
member
Summit
I.
Believe
it's
on
November
11th.
If
my
memory
doesn't
fail
me,
one
of
the
things
that
I'd
like
to
go
into
that
meeting
with
is
a
reasonably
well-formed
draft
of
an
updated
document
that
incorporates
the
current
tax
view
as
to
what
the
vision
of
the
foundation
should
fundamentally
be,
and
so
I
know.
We've
talked
around
this
there's
been
several
dialogues
going
on
between
the
reference
architecture.
You
know
Poet
Society
or
the
diagram
or
Society.
A
Rather,
you
know
trying
to
figure
out
exactly.
How
do
we
position
all
the
activities?
But
the
vision
in
my
mind
is
really
that
you
know
answering
the
question:
what
do
we
want
the
foundation
to
look
like
two
to
five
years
from
now?
A
What
impact
do
we
want
to
fundamentally
have
and,
as
we
think
about
you
know,
setting
that
that
goal
for
ourselves
and
for
all
the
projects
and
working
groups
affiliated
with
us
I
think
it's
super
useful
to
have
it
written
down,
have
a
dialogue
around
progressing
that
to
a
reasonably
well-formed
draft
to
take
into
that
meeting
in
November
to
get
governing
board
feedback
and
ultimately,
hopefully
walk
out
of
that
meeting
with
a
good
feeling
that
we,
you
know,
we
all
have
a
shared
Vision
that
we're
executing
to
and
that
it
informs
the
the
need
to
get
a
budget
ratified
by
the
end
of
the
year.
A
It
informs
folks
that
are
potentially
running
for
tax
election
next
year
that
they
understand.
This
is
where
the
foundation
needs
to
go.
This
is
where
I
fit
in
this
is
the
skill
set
and
the
you
know
the
the
subject
matter:
expertise
that
I
bring
to
the
table
and
that
that's
ultimately
of
use
to
the
broader
community
and
the
broader
efforts,
so
I
think
the
vision
document
is
a
critical
piece
that
helps
provide
that
that
framing
that
helps
the
entire
Foundation
run
as
we
go
forward
so
part
of
what
I
know.
A
I
pushed
the
pr
yesterday
and
that
hasn't
given
tons
of
time
for
for
people
to
have
a
reaction.
So
what
I
would
propose?
Looking
that
we
have
30
minutes
left
in
this
discussion
is
that
we
time
box,
you
know
to
maybe
20
minutes
of
dialogue,
again
just
brainstorming
exploratory
conversation
around
what
are
folks
initial
reactions.
A
What
are
the
major
omissions
that
people
see
we'll
just
take
the
notes,
and
then
we
can
incorporate
some
of
that
into
the
actual
PR,
but
ultimately
try
to
work
on
this
asynchronously
over
the
next
several
weeks
again
with
the
goal
of
getting
together
in
two
weeks,
which
would
give
us
a
little
bit
of
time
between
the
meeting
in
person
and-
and
you
know,
the
next
attack
meeting
so
again,
hopefully
come
to
some
level
of
consensus
around
what
our.
What
our
proposed
draft
of
a
vision
document
looks.
A
If
we
use
20
minutes
for
this
of
this
meeting
to
go
through
that,
we
time
box
that
then
quickly
go
to
the
last
two
items
and
adjourn
for
today.
So
any
quick
logistical
questions-
hopefully
my
my
rambling
made
sense
to
folks,
and
that
was
at
least
sufficiently
cleared
it
to
make
some
progress
today.
A
Seeing
some
head
nodding
so
we'll
go
ahead
and
roll
with
that,
then
all
right,
let
me
let
me
pull
up
the
pr
and
share
it
here
for
all
involved.
A
J
A
Hear
you
cool,
apparently
there's
a
little
button
there
that
says:
share
audio
from
Tab
and
I'm
I
just
need
to
unclick
that
all
right,
so
in
this
PR
I
left
the
existing
vision
statement
in
there
just
for
reference,
I
think
in
the
eventual.
We
would
replace
any
text
that
were
needed
to
get
swapped
out,
but
just
for
folks
having
the
kind
of
the
before
and
after
comparison,
I
left
them
in
there,
as
is
so.
A
What
I
would
say
is
I'll
go
to
the
this
version
here
that
we
can
hopefully
see
the
mark
down
in
I
would
just
call
attention
here
to
the
the
top
level
items
in
bold
I
added
a
couple
bullets
to
maybe
try
to
add
a
little
bit
of
color
and
then
I
added
some
block
quotes
that
hopefully
gave
folks
a
flavor
of
maybe
even
jumping
to
almost
a
strategy
conversation
around
if
you
agreed
with
the
This,
is
the
End
state
that
we
would
want
to
portray
for
the
foundation?
A
What
activity
do
we
already
have
have
going
on
within
the
foundation
that
would
kind
of
naturally
fit
underneath
that
sort
of
descriptor?
It's
not
meant
to
be
a
holistic
capture
of
everything
that
we
bless
or
approve
of.
It's
not
meant
to
be
that
at
anything,
it's
literally
just
a
quick
brain
dumped
from
Bob
around
things
that
jump
to
mind
that
seem
to
fit
between
various
conversations,
various
email,
threads
and
the
like.
So
the
top
four
here
I'll
just
read
them
out,
and
then
we
can
hopefully
Drive
some
dialogue
around
them.
A
The
first
is
around
the
open,
ssf
being
a
well-respected
strategic
partner
to
other
foundations,
other
open
source
foundations,
as
well
as
individual
projects,
so
part
of
what
I'm
trying
to
tease
apart
here
is
our
position
within
the
broader
community
and
understanding.
What
role
do
we
play?
What
are
the
things
that
we
do
and
what
are
the
things
that
we
don't
do?
A
How
do
we
eliminate
duplication
of
effort
where
it's
not
appropriate
or
frankly,
if
duplication
is
appropriate
because
we're
trying
to
seed
some
innovation
in
a
particular
segment
that
may
be
totally
intentional
and
totally
fine,
but
the
these?
What
we're
seeking
to
have
here
is
is
a
foundation.
That's
its
position
is
well
understood.
A
Our
relationships
are
formalized
and
that
we
understand
and
that
we're
speaking
with
a
consistent
voice
across
all
of
our
Communications
I,
think
even
some
of
the
updates
that
Michael
scavetta,
you
know,
indicated
here,
I
think
kind
of
going
through
the
the
virtual
maintainer
Summit
right
thinking
that
that
is
another
point
of
Engagement
I.
Think
right
now,
there's
a
lot
of
great
stuff
going
on.
But
if
you
were
to
go,
ask
other
foundations:
where
does
the
open
ssf
fit?
What
are
they
doing?
What
are
they
not
doing?
How
do
we
reconcile
that?
A
We've
had
some
dialogue
around
world?
Can
we
have
projects
with
multiple,
multiple
homes?
Can
we
have
you
know?
Should
we
be
allowing
or
about
allowing
isn't
the
word
I'm
really
going
for,
but
should
we
be
encouraging
best
practices
guides
to
spring
up
from
within
multiple
foundations,
because
from
an
end,
consumer
like
where
do
I
go
for
advice
and
guidance
around
the
changes
that
I
need
to
fundamentally
make
I
would
love
to
have
you
know
when
I
think
about
a
vision?
A
I
would
love
to
think
of
a
world
where,
where
to
go,
to
get
that
guidance
is
reasonably
clear.
That
I
know
when
to
go
to
my
individual
Foundation
versus
when
to
go
to
the
open
ssf
and
what
segments
and
spaces
you
know.
I
could
ultimately
take
a
journey
through
to
to
get
that
information
and
get
the
tools
and
things
that
I
need.
So
when
I
talk
about
kind
of
being
a
well-restricted
partner,
it's
that
notion
of
are
we
well
positioned.
A
Do
we
have
a
relationship,
that's
formalized
and
are
we
are
those
are
relationships
kind
of
being
cared
for
and
fed
in
a
way
that
would
be
effective
for
all
parties
involved?
A
The
second
one
is
around
being
an
influential
Advocate
for
the
efforts
that
are
aligned
with
our
mission.
So
looking
at
you
know,
other
standards,
activities
thinking
about
things
like
s-bomb
formats
or
multi-factor
authentication
efforts.
Where
can
the
open
ssf
use
its
position?
It
stands
and
its
voice
to
ultimately
advocate
for
positive
change,
as
it
relates
to
open
source
security.
A
So
you
know
I
think
Dan
I
think
was
one
comment
that
Dan
Lauren,
that
raised
in
the
threat
around
kind
of
our
advocacy
in
public
policy
spaces
and
talking
about
the
relationships
with
various
government
entities.
I
think
there's
been
a
lot
of
good
work
and
good
dialogue
going
on
there.
But
thinking
of
kind
of
this
end
state
that
we're
seeking
to
create
that
we
are,
you
know
we
are
actively
out
there
speaking
about.
What
do
we
think
is
good?
What
do
we
think
is
counterproductive?
A
How
can
we
be
amplifying
you
know
various
Community
working
group
efforts
in
the
spaces
that
fundamentally
matter
that
help
to
raise
the
tide
for
for
all
involved?
A
The
last
two
I
would
say
are
somewhat
of
a
if
I'm
being
honest
with
myself,
there's
somewhat
of
a
rewording
of
the
existing
mission
statements,
but
perhaps
put
in
a
different
context.
A
One
is
very
consumer
focused
in
the
sense
of
could
people
that
are
using
and
consuming
open
source
software
have
a
baseline
of
trusted
signals
that
are
clear
and
consistent
that
give
them
information
about
the
Providence
of
force,
the
health
of
an
underlying
Community,
the
security
postures
that
relates
to
vulnerabilities
and
best
practices,
thinking
about
criticality
scores
and
and
also
maintainer
intent
like
we
have
some
efforts,
obviously
underway
within
the
foundation
today
to
kind
of
declare.
A
A
Donated
it
out
there
and
it's
under
a
given
license,
you
should
be
implying,
or
you
should
be
understanding
that
to
be
X,
but
maybe
being
more
explicit
around
the
things
that
you're
willing
to
engage
in
and
not
engage
in,
I
think
is
a
is
certainly
kind
of
to
this
point
around
sending
clear,
consistent
and
trusted
signals
around
what
our
projects,
what
are
the
assets
that
are
out
there,
that
people
can
take
advantage
of
flipping
that
on
its
head
thinking
about
it
from
a
production
standpoint,
the
folks
that
are
producing
open
source
or
the
maintainers
of
projects
have
access
to
the
things
that
they
need
to
ultimately
be
more
secure.
A
So
this
kind
of
encompasses
many
of
the
activities
that
we
already
have
going
on
underway.
Around
publishing
best
practices
guides
developing
new
tools
to
make
make
just
making
things
more
secure,
less
onerous,
more
accurate,
removing
the
maintenance.
You
know
burden
off
of
those
maintainers
wherever
we
can
and
ultimately
also
raising
the
the
kind
of
the
secure
by
default
kind
of
Mantra
around
when
I
go
to
create
a
new
project.
How
do
I
start
that
in
a
way
that
just
has
a
fundamentally
better
Baseline
than
projects
that
started
10
years
ago?
A
We
learn
a
lot
there's.
Obviously,
new
threats
emerging
every
day
if
we're
totally
focused
and
looking
in
the
rear
view,
mirror
I
think
we're
under
we're
having
a
minimal
impact
relative
to
all
of
the
projects
that
are
yet
to
come.
So
thinking
of
this
from
the
consumption
versus
production,
Dynamic
was
a
way
that
I
tried
to
tease
that
out
so
I'm
going
to
be
quiet.
I've
talked
for
eight
minutes
curious
as
to
see
if
there
are
any
initial
reactions
again
clearing
omissions.
A
It's
very
much
a
a
a
trap
document
here,
so
I'm
not
articulating
that
this
is
the
final
Thing
by
any
stretch
the
imagination
but
open
it
for
comments.
Crow.
J
First,
off
plus
one
I
appreciate
the
first
draft
and
the
work
towards
it.
This
was
something
I
was
thinking
about
when
we
were
talking
through
diagrams
a
way
to
view
the
foundation
is
thinking
about
it
through
the
lens
of
these
pillars,
or
these
objectives
and
I
think
this
is
a
great
start.
J
Some
of
the
wording
on
the
last
two
were
a
little
clumsy
but
I
think
with
some
contributions
now
that
we
actually
have
walked
through
it,
I
think
we
can
easily
refine
it
and
I
definitely
can
get
behind
these
kind
of
four
objectives
and
I
think
I
can
compartmentalize
things
to
align
with
those
pretty
easily.
A
E
Recommend
it
might
be
also
be
useful
to
just
be
explicit
about
the
things
that
we
don't
think
are
in
scope.
So
just
call
out
a
couple
examples
of
like
we.
We
don't
think
our
place
is
here:
we're
mandating
standards
or
influencing
governments
or
whatever.
B
These
are
pretty
good,
pretty
clear
I,
like
the
comments
that
there's
just
made.
My
one
thought
is
when
I
think
of
a
vision,
statement
for
a
foundation
I
think
of
it
differently
than
okr
is
for
a
team,
and
so,
if
it's
okay
with
you
I
might
try
to
take
these
combine
them
into
a
present
tense.
Future
hypothetical
like
the
year
is
2027,
and
here
are
the
things
we've
accomplished.
B
How
does
that
sound
to
focus
as
a
vision
statement
like
here's?
What
we've
done
that
way?
We
can.
We
can
all
if
we
can
all
agree
on
that
end
goal.
We've
had
these
impacts.
We've
gained
this
recognition.
Things
are
better
in
these
ways,
then
we
know
what
we're
driving
towards
and
items
like.
These
is
five
bullet
points,
sort
of
fall
from
that
or
fit
in
that.
A
Yeah
I'm
certainly
open
to
that.
My
my
only
hesitation
on
that
is
I've
seen
that
done
in
the
past,
and
it
causes
people
to
too
quickly
jump
to
strategy
and
the
how
and
the
tactics
and
so
I
think
you
can
use
that
I
think
effectively,
but
I've.
All
like
I
said
I
would
just
be
concerned
that
if
people
take
it
as
a
here's,
a
prescriptive
list
of
things
that
we
think
we
should
go,
do
you
miss
out
on
a
little
bit
of
the
Nuance
there,
so
I
think
done
well,
yeah
yeah!
That
would
be
supportive.
A
G
Yeah
I
also
think
this
is
a
great
start.
I
was
just
going
to
add.
It
might
be
handy
to
include
up
front
some
sort
of
framework,
because
I've
seen
some
folks
struggle
in
groups
where
you
know
people
have
different
interpretations
of.
What's
meant
by.
You
know
the
difference
between
a
vision,
statement
and
a
mission
statement.
G
So
a
mission
statement
should
be
why
the
tech
exists,
and
you
can
then
kind
of
go
down
a
structured
ladder
where
you
know
the
the
next
thing
you
might
address
would
be
some
of
the
you
know:
the
values
that
you
want,
the
organization
to
exude
and
how
you
know
things
will
how
folks
will
behave
and
then
that
kind
of
leads
you
down
to
a
vision
of
what
we
want
to
be
and
then
from
that
Vision.
You
can
then
Define
more
accurately
your
strategy
to
get
there.
G
You
know
which
is
typically
comprised
of
your
objectives,
the
the
scope.
Speaking
to
the
point
that
someone
just
made
a
bit
ago
about
you
know
scope,
it's
just
an
important
to
articulate
what
you're
going
to
do
as
well
as
what
you're
not
going
to
do.
G
And
then
you
know:
what
advantage
does
our
you
know,
strategy
have
vis-a-vis,
you
know
what
makes
us
unique,
why?
Why
do
we
have
franchise
to
have
a
role
in
this
ecosystem
so.
A
Thoughts,
no
I,
really
like
the
the
notion
that
you
suggested
there
around
maybe
having
a
list
of
values.
I
think
that
also
helps
to
to
give
a
flavor
in
terms
of
not
just
what
is
the
foundation
doing
and
why.
But
how
is
just
as
important
here
given
given
the
kind
of
the
complexities
that
exist
so
I
really
like
that
I
think
that's
a
nice
complimentary
addition
to
this
right.
D
Yeah
I
I
a
couple
thoughts.
One
is
I,
do
actually
read
this.
The
way
that
I
think
intended
to
position
it
a
bit
in
terms
of
I
think,
even
just
in
the
very
first
sentence
at
the
top
here.
This
is
where
we'd
like
to
be
in
two
to
five.
D
Be
able
to
say
these
are
attributes
of
the
open
ssf.
These
are
maybe
not
specific
accomplishments,
but
these
are
in
general
accomplishments
and
and
that's
a
good
thing.
Secondly,
I
I
like
this
feels
like
a
very
durable
vision
statement,
not
something
that's
likely
to
need
to
be
revised
frequently,
and
that's
that's
really
important.
That's
really
good
I
think
this
is
a
process
you
wouldn't
want
to
have
to
repeat
too
often
and
I.
D
Think,
partly
that's
because
it's
a
different
document
slightly
different
than
I
thought
we
might
be
developing
here,
which
is
fine
and
just
there's
just
a
need
for
this
other
document,
which
is
something
perhaps
more
of
a
an
architectural,
maybe
I
shouldn't
use
that
word
since
that's
been
used
for
Curves
purposes,
a
like
a
road
map
or
something
that
is
where
we
get
opinionated
enough
to
be
to
fulfill
that
part,
at
least
of
what's
I
think
been
implicit
a
lot
of
what
and
what
we
do,
which
is
to
be
a
bit
choosy
about
the
projects
we
take
on
and
to
not
be
a
you
know,
a
thousand
flowers,
bloom
kind
of
setting,
so
I
think
somewhere
in
this
probably
follows
a
lot
of
this
other
kind
of
work
that
we're
doing
today.
D
Somewhere,
though,
we
might
need
to
develop
a
document.
That
is
what
codifies
or
tries
to
describe
how
what
we're
being
choosy
about
and
how
the
pieces
fit
together,
but
I'm
actually
glad
that
doesn't
fit
in
the
technical
Vision.
The
final
thought
is:
this
is
all
great.
This
is
stuff
that
aligns
very
much
with
thinking
about
how
we'd
resource
this
next
year
and
really
you
know,
the
question
for
Budget
will
be
dialing
the
volume
up
or
down
on
this.
A
Yeah
I
mean
a
quick
reaction,
I'd
love
to
get
other
thoughts
on
this
as
well.
I
do
think
it's
largely
overlapped
with
what
we're
doing
today,
which
is
a
good
thing.
A
A
I
will
say,
though,
the
the
the
first
bullet
is
perhaps
the
one
that
I
feel
that
maybe
I
you
know
it's
an
awareness
gap
on
my
side
so
certainly
curious
on
on
others,
thoughts
here
as
well,
but
the
first
bullet
around
kind
of
the
relationship
with
other
foundations,
I
think
there's
a
lot
of
activity
and
dialogue
going
on
now
between
Alpha
Omega,
the
securing
software
repositories
working
group,
many
other
working
groups,
around
point-to-point,
conversations
between
us
and
the
eclipse,
foundations
us
and
the
Oakland
JS
Foundation
Us
in
the
rest
Foundation,
but
are
we
I
guess
maybe
the
question
I've
been
asking
myself
is?
A
Is
there
an
opportunity
for
us
to
us
the
attack
and
us
the
governing
board
to
up
level
that
dialogue
and
to
say
here's?
What
our
mission
is?
Where
are
you
trying
to
go
in
the
next
three
years,
and
how
can
we
be
of
most
help
to
you
as
a
as
a
pure
Foundation
out
there
having
on
this
dialogue
and
get
feedback
ahead
of
planning
Cycles,
as
the
years
go
on
to
say,
is
the
is
the
money
in
the
approach
and
the
tools
and
all
of
the
good
work
that
we're
doing?
Is
it?
A
A
So
what
I
would
love
to
see
in
kind
of,
in
my
mind
when
I
think
about
on
that
first
notion
of
the
our
role
as
a
strategic
partner
is
saying
like:
are
we
being
as
programmatic
about
Outreach
and
intent
and
Alignment,
as
perhaps
we
should
be?
Maybe
we're
doing
the
tactics
and
we
just
need
to
up
level
a
little
bit
more,
but
it
feels
like
there's
maybe
an
opportunity
to
be
better
aligned
at
an
executive
or
a
strategic
level.
A
E
Yeah
I
I
love
the
idea
of
at
a
strategic
level.
How
do
you
measure
what
the
impact
was
and
was
any
of
this?
You
know
worth
it
I
think
the
individual
projects,
some
of
them,
do
that
some
of
them
probably
don't
but
going
up
the
level
and
saying
that
is
this
General
Target,
so
for
Alpha
Omega,
one
of
the
things
we're
going
to
be
asking.
You
know
you
know
Tac
for
is
thoughts
on
like
are
we
focused
on
like
like?
E
If,
if
you
could
decide
where
Alpha
Omega
were
to
focus,
you
know,
would
you
choose
a
different
set
than
we've
chosen
like?
Do
you
see
emerging
trends
that
were
not
cognizant
of
things
like
that
to
be
able
to
kind
of
steer
the
ship
at
the
at
that
top
level?
E
A
Again,
don't
take
any
of
that
commentary
as
I
I,
think
anybody's
doing
bad
work
or
counterproductive
work,
that's
more
of
the
worry
of
if
we
engage
and
people
have
this
experience
of
death
by
a
thousand
paper
cuts.
Probably
that
means
we
should
perhaps
think
a
different
approach.
So
that's
a
projection.
I'm
not
saying
it's
happening
today,
but
it's
a
you
know
if
I
think
about
where
do
I
want
to
be
in
the
next
five
years.
Having
that
be
smooth
and
streamlined
would
is
kind
of
an
ideal
state
that
I
think
we
should
be
striving.
A
Got
it
all
right,
an
interest
in
time
boxing
myself
I
know
we
have
10
minutes
left
so
I.
J
H
A
Adding
comments
on
the
pr
while
we've
been
going
through
just
as
a
reminder
like
I,
would
love
to
be
able
to
go
into
the
meeting
on
November
the
11th,
with
a
here's,
a
reasonably
well-formed
draft
that
the
attack
is
supportive
of
of
a
vision
of
the
foundation,
look
to
drive
dialogue
during
that
meeting
and
get
a
sense
as
to
yes,
this
seems
directionally
accurate.
Yes,
it
seems
like
the
governing
work
and
rally
to
it
and
give
Clarity
to
Brian
and
the
staff
around
cool.
A
We
have
both
organizations
lined
up
on
where
we
want
to
go.
Hopefully
that
feeds
into
a
dialogue
around
budget,
Staffing
and
execution
models
and
business
processes
that
need
to
get
put
in
place
to
support.
All
of
this,
so
I
would
appreciate
everybody's
attention
and
support
on
trying
to
get
the
pr
not.
A
But
at
least
to
a
point
to
where
we
see
General
consensus
across
Tech
members
ahead
of
them
dialogue
all
right
with
that
we'll
go
on
to
the
last
two
items:
holiday
calendar
management,
not
sure
who
listed
this
for
this
Brian
or
Jory
or
others.
K
I
Foundation
calendar
Jackie,
so
you
know
what
it's
gonna
be
like
the
holiday
time
just
blink,
and
it's
going
to
be
here
and
so
in
about
a
month
we
will
have
the
US
Thanksgiving
holiday
on
the
24th
and
25th
that
usually
equals
nobody's
working.
So
we're
going
to
go
ahead
and
preemptively
cancel
those
Community
working
group
meetings
and
Sig
meetings
that
are
on
the
calendar
for
the
those
two
days.
I
Also
the
week
before
the
the
week
kind
of
between
the
the
the
the
Christmas
winter
holiday
and
New
Year's,
so
the
26th
through
the
30th.
We
suspect
a
lot
of
people
myself
included,
will
not
be
working
that
week
and
so
we're
going
to
go
ahead
and
and
remove
meetings
off
of
those
calendars.
I
But
if
your
working
group
has
kind
of
already
indicated
that,
like
they're,
probably
going
to
be
slower,
you
know
that
Thanksgiving
week
and
you
want
to
you-
know,
cancel
other
days
that
week,
for
example,
or
the
the
week
after
New
Year's
or
the
week
right
before,
that
December
25
holiday.
Just
let
us
know
so
we
can
get
that
removed
from
the
calendar
and
also
just
as
good
good
practice.
I
Try
not
to
make
any
life
shattering
decisions
for
your
working
group
during
those
those
holiday
times,
so
that's
just
a
FYI,
Numero
Uno
and
then
numero
dos
is
slack
apps
we
seem
to
like
they
seem
to
just
sort
of
multiply.
Somehow
I,
don't
know
what
half
of
the
apps
in
like
Coda
I
didn't
I
had
to
look
that
up
what
is
Coda,
they
don't
seem
to
be
in
use,
but
they're
getting
installed.
I
We're
gonna,
probably
roll
some
of
those
back,
uninstalled
sort
of
seems,
like
a
nice
hygienic
thing
for
the
security
Foundation
to
do
so.
Please
try
not
to
install
apps
on
slack
unless
there's
like
a
real
reason
to
do
that,
I
figure.
We
can
keep
the
GitHub
app.
That
seems
useful
to
us.
If
there's
any
that,
there's
that
your
working
group
is
using-
and
you
want
to
say-
oh
don't
do
this
one!
We
need
this
just
let
me
know,
but
otherwise.
I
Next
week
I'm
gonna
go
on
some
slack
apps
any
questions
or
comments,
or
concerns
on
that
cool
I'd
like
to
see
thumbs
up
on
the
on
this
death
of
some
slack
ABS
here
so.
I
Also
kind
of
spam
people
when
they
join
and
that's
not
pleasant.
You
know
like
you,
you
join
the
open,
ssf,
Slack
and
then
code
is
like
hey.
Do
you
want
to
install
me
on
your
other
things
and
you're
like
what
the
are
you
sorry
and.
B
F
A
Cool
deal
all
right:
we've
got
five
minutes
left
any
other
topics
folks
want
to
raise
for
today.
D
H
Quickly,
foreshadowing
again
that'll
be
bringing
the
proposal
for
help
desk
before
you.
Oh,
it
might
not
be
me
actually,
because
I'm
gonna
be
away,
but
we're
going
to
be
talking
about
this
week
to
bring
it
before
you
and
then
hoping
for
vote
from
you
to
bring
it
before
governing
board.
A
Cool
deal
I
only
ask
there,
if
at
all
possible,
give
us
at
least
seven
days
pre-read
time
so
that
we
can
have
a
an
effective
conversation,
so
cool
all
right.
Well
with
that,
we
can
go
ahead,
and
today's
call
thanks
for
everybody's
engagement
and
we'll
see
you
out.
There
sorry
take
care
everybody.