►
From YouTube: OpenSSF TAC Meeting (November 16, 2021)
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
B
A
B
A
C
A
I
I
led
a
group
within
opened
the
open
document
standard
and
we
had
a
bunch
of
people
from
the
us,
a
bunch
of
people
from
europe,
no
problems,
not
big
problems,
and
then
folks
from
japan
and
china
were
interested,
and
we
very
much
want
you
to
come
boys.
The
time
zones
are
getting
harder
now.
D
A
Okay,
I
am
trying
to
admit
people
as
I
see
them,
but
of
all
other
help
appreciated.
C
A
I
was
thinking
of
the
great
mfa
distribution
project,
but
yes,
all
right.
I
posted
the
link
to
the
meeting
notes.
I
would
if
you're,
if
you
would,
please
add
your
names
just
so.
We
know
who's
here.
A
C
All
right,
I
think,
we've
got
all
the
pertinent
people
here
to
start
this
discussion
at
least
so
dan.
Thank
you
for
bringing
this
up.
This
has
been
intended
to
be
the
topic
this
week
as
well.
So
the
elections,
you
know,
as
we
all
know,
we
kind
of
put
them
off
from
what
was
supposed
to
be
august
actually
and
then,
with
the
formation
of
the
new
governing
board.
We
kind
of
decided
today,
let's
go
ahead
and
wait
a
little
bit
and
see
what
happens
there
before
we
move
on
well.
C
That
time
is
now
we're
here.
We've
got
the
new
governing
board
in
place,
so
I
think
we
need
to
start
wrapping
this
up
and
we
for
those
that
remember-
and
I
think
danny
shared
this
over
email-
some
of
the
decisions
that
we've
made
in
the
past
already
around
structure
and
timing,
but
we
also
need
to
go
ahead
and
decide
this
more
specific
details
such
as
what
is
the
nomination
process?
Do
people
self-nominate?
Can
we
nominate
others?
What
does
the
tooling
look
like
to
do
that?
C
What
do
we
want
to
use,
and
georg
and
brian
we're
kind
of
looking
to
you
guys
for
some
support
on
this?
I
I
believe
you've
done
some
of
this
before,
and
so,
if
you
have,
you
know
existing
tools
that
you're
aware
of
you
know,
we'd
love
to
lean
on
that,
and
so,
in
addition
to
the
nomination
process,
once
we
have
that
we
kind
of
also
need
to
decide
which
seats
are
up
for
election
right
now
in
this
first
initial
election.
C
Do
we
want
just
the
community
seats
or
just
the
governing
board
seats
to
be
up
for
election
governing
board
seats
right
now
could
be
tricky
in
my
mind,
given
that
the
governing
board
is
brand
new
and
kind
of
just
getting
used
to
all
this.
So
that's
something
to
think
about
and
then
in
terms
of
the
community
seats
who
exactly
is
defined
as
community
and
can
therefore
have
a
boat,
a
vote
in
this
and
then
again
the
election,
tooling
and
site.
C
So
with
that
do
folks,
I
just
want
to
open
it
up
for
a
discussion
as
far
as
those
topics,
if
there's
other
things,
you
think
that
we
also
need
to
decide
and
let's
try
to
drill
down
into
this.
In
terms
of
all
these
little
details,
let's
say
joris,
you
have
your
hand
raised.
F
Yeah,
I
just
want
to
say
I
really
think
that
the
election
tools
piece
and
those
questions
are
perhaps
like
the
easiest
and
most
quickly
addressable.
So
we
use
a
wonderful
tool
at
the
lf
called
overvote.
It
provides
everyone
with
a
a
private
ballot.
We
can't
see
how
you
vote
or
anything
like
that.
We
can
just
see
that
the
qualified
electors
have
have
received
a
ballot
that
they've
that
they've
opened
it
that
they've,
you
know,
begun
the
process
and
that
they
did
or
did
not
submit
a
ballot.
F
So
it
helps
us
very
much
kind
of
keep
track
of
whether
people
are
in
fact
engaging
with
the
election
process,
but
it
does
that
in
a
way,
that's
nice
and
secure
and
private
to
that
person
from
the
standpoint
of
which
ranking
system
to
use
that's
another
common
question:
we
highly
recommend
the
meek
stv
when
you
have
a
poor
like
a
a
large
group
of
potential
candidates,
and
you
can,
of
course,
with
the
tool
use
a
wide
variety
of
other
types
of
voting
methods.
F
I
do
strongly
recommend
that
we
don't
go
down
that
that
rabbit
hole,
because
it
does
tend
to
derail
conversations.
The
meek,
stb
does.
Let
us
choose
a
number
of
winners,
say
you
know.
If
you
have
five
seats
open
and
you
have
10,
you
know
10
candidates,
you
can
easily
run
that
sort
of
an
election
and
it
produces
an
auditable
report
and
that
kind
of
thing
these
are
just
a
couple
of
the
best
practices.
F
A
Jerry,
I
didn't
hear
the
name
of
the
system
you
were
recommending.
Can
you
repeat
that,
so
we
can
get
that
in
the
notes.
C
That
sounds
great.
Is
there
any
opposition
to
using
that
system?
I
definitely
like
the
idea
of
using
something
that's
already
in
use
and
continuing
on
with
that
and
not
not
complicating
things.
A
Thumbs
up
are
not
complicating
and
you
know,
obviously
we
can
use
it
and
if
there's
a
problem,
if
we
don't
like
it
in
the
future,
we
can
use
a
different
system
later.
But
let's
get
started
absolutely.
A
F
So
in
terms
of
the
the
there's,
multiple
types
of
single
transferable
vote
or
pl
quality
voting
lots
of
voting
methodologies
out
there
and
the
civics
nerds
definitely
love
to
go
down
those
rabbit.
Holes,
meek
stv,
is
probably
the
most
common,
the
most
popular
and
it
definitely
solves
the
problems
of
the
types
of
elections.
We're
going
to
run
so.
B
E
I
just
wanted
to
add
from
hyperledger's
experience.
We
had
used
a
tool
previously
from
cornell
called
civs
and
had
a
lot
of
issues
with
it
that
had
very
little
to
do
with
tool
and
everything
to
do
with
email
deliverability.
E
Although
the
nice
thing
about
openvote
is
you
can
see
who's
voted,
you
can
reissue
their
ballot
to
them.
So
if
a
ballot
got
lost
in
in
the
spam
filters,
etc,
you
can
also
give
them
a
link
to
be
able
to
vote.
I'm
pretty
sure,
and
that's
still
done
in
a
blinded.
G
E
That
still
protects
the
the
privacy
of
people's
votes.
C
Yeah
and
ava
mentioned
as
well
that
she's
they've
worked
with
rate
choice,
voting
and
I've
done
that
a
bit
in
the
past
as
well.
I
don't
know
other
folks
have
experience
with
that.
I
do
have
a
preference
about
that.
That's.
C
All
right,
so
it
sounds
like
plan,
is:
let's
go
with
oppo
vote,
we'll
try
rank
choice,
voting
as
well,
if
that's
possible
in
that
tool,
and
then,
like
david
mentioned,
if
there's
any
issues,
we
can
adapt
and
overcome.
C
F
So
it
just
works
once
we
have
candidates.
That's
you
know
would
be
nice.
If
there
was
some
kind
of
candidate,
you
know
form
that
we
could
send
through
that
and
then
pre
and
populate
it.
But
it's
just
for
the
election
itself.
C
I'm
just
trying
to
remember,
I
think,
when
we
initially
bootstrapped
the
tag,
I
think
we
just
used.
Google
forms
that
people
could
kind
of
fill
out
their
name
in
like
a
little
bio
sort
of
thing.
I'm
not
sure.
If
I'm
remembering
that
correctly,
I
don't
know
if
we
just
want
to
do
something
simple
like
that
again
kind
of
people
put
their
name
into
a
hat
type
thing,
and
then
we
can
go
ahead
and
use
the
opal
vote
obviously
open
to
suggestions.
If
folks
have
other
ideas.
H
Yeah,
what
I
was
going
to
say
was
on
a
similar
line
to
that.
So
I
know
when
we
had
discussed
the
tech
collection,
I
think
in
the
summer
we
had
talked
about
the
idea
of
the
governing
board
or
the
existing
tax
nominating
folks
versus
self
nomination.
H
My
my
huge
vote
would
be
for
self
nomination,
so
we
can
really
democratize
the
process
and
hopefully
get
new
folks.
That
may
not
be
as
visible
that
we
don't
know
yet
running
for
the
attack
elections
as
well.
I
I'm
fine
with
all
that
just
to
go
back
to
the
actual
voting
tool.
Something
that's
come
to
mind.
Does
it
support
weighted
votes
or
is
it
just
a
single
vote
so
can.
A
Yes,
by
the
way
you
mean
meek,
stv,
correct
jory,.
F
But
you
know,
as
I
think
our
note
also
pointed
out,
I
think
that
the
big
challenge
is
not
necessarily
like
how
do
we
collect
the
the
people
who
want
to
come
and
participate,
but
how
like?
How
do
we
identify
the
electors
like
who
is
eligible
to
receive
a
ballot
and
cast
a
ballot?
That's
the
that's.
Probably
the
bigger
question.
A
Well,
if
I
mean
one
approach
is
basically
everybody
who
has
either
submitted
submitted
a
contribution,
hector
even
allowed
an
issue
or
a
change
on
a
on
a
google
doc.
C
H
One
one
thing
we
could
do
is
have
kind
of
an
opt-in
where
maybe
we
have
like
a
google
form
or
something.
If
you
are
interested
in
voting
and
when
you
submit
you
give
like.
I
don't
know
your
name,
your
org,
your
email
and
then
you
specify
in
a
free
text
form
what
your
contributions
have
been,
or
at
least
some
to
identify
eligibility.
And
I
imagine
that
that's
probably
enough
of
a
filter
function
that
we
will
probably
get
like
reasonable
candidates
putting
themselves
forward
as
having
contributed.
C
C
H
Yeah,
this
is
I'm
thinking
like.
Sometimes
the
contributions
will
show
up
on
github,
but
sometimes
they'll,
be
in
google
docs
or
sometimes
they're,
more
bureaucratic
in
nature.
Shall
we
say
so
keeping
it
as
open
as
possible
to
let
people
you
know
self-nominate
and
opt-in
as
to
what
counts,
as
a
contribution
feels
feels
right
at
this
stage
of
how
we
organize
it.
C
Agreed
yeah-
and
I
know
we
talked
about
especially
with
openssf,
where
all
contributions
like
you
mentioned
are
not
necessarily
code
or
even
documents,
so
it
could
be
someone
from
the
community
that
just
has
a
really
valuable
opinion
that
we
want
to
have
around
right
and
that's
a
contribution
in
a
lot
of
ways,
especially
at
this
stage.
So
we
certainly
wouldn't
want
to
exclude
anybody
in
that
regard.
So.
I
Agree,
it
also
saves
the
case
where
somebody
makes
a
single
capitalization
change
just
to
get
a
pull
request
in
or.
G
H
A
H
A
A
George,
we
have,
I
think
we
have
something
like
that:
jory
or
brian.
You
may
know
offhand
something
that
already
has
that
mechanism
or
maybe
oppo
vote,
has
such
a
mechanism
already
available
in
it.
So.
F
There's
two
ways:
you
can
do
two
primary
ways
you
can
do
voting.
F
You
know
one
plus
side
of
that
is
that
you
don't
necessarily
have
to
have
the
eligible
voters.
Email
address,
but
you
know
downside
is
you
can't
say
that
they
didn't
just
turn
it
over
and
hand
it
to
somebody
else,
who's
not
eligible.
A
A
But
how
do
we
to
vote?
Okay,
that's
fine!
For
that
part,
the
question
is:
how
do
we
handle
the
people
who
want
say
hey,
I
want
to
vote.
I
want
to
vote
on
tac
membership.
F
Yeah,
so
for
that
I
would
say
you
know,
a
google
form
seems
perfectly
sufficient,
especially
if
you
want
to
mirror
that
process
in
terms
of
gathering
nominations.
Let's
keep
it
you
know
like
with
like
here.
Is
the
google
form
to
nominate
yourself
here?
Is
the
google
form
to
nominate
yourself
as
a
voter?
It
seems
quite
quite
easy.
Okay,.
J
And
give
a
precedent,
which
is
I
to
the
k-native
steering
committee
elections
process
in
which
people
who
are
not
listed
through
other
data,
so
they
didn't
show
up
in
github
or
they
didn't
show
up
in
a
document.
J
So,
for
example,
well
I
can
give
an
example.
There
was
an
election
in
the
last
year,
during
which
time
I
had
not,
you
know
so
to
speak,
contributed
to
k
native,
but
I
had
written
a
book
about
it.
J
So
I
was
felt
that
I
was
a
knowledgeable
voter
on
that
occasion,
not
saying
you
have
to
write
a
book
to
be
eligible,
I'm
just
just
trying
to
say
that
there
were.
There
are
other
kinds
of
contributions
that
don't
show
up
in
the
statistics
that
sort
of
needs
to
be
a
trapdoor,
and
I
think
that
was
a
reasonable
process
for
it.
B
So
I'm
going
to
suggest
that
the
the
self-nomination
process
for
feats
be
a
mailing
list
so
that
it
is
publicly
visible
with
a
declared
time
window
where
the
election
officials
should
announce
when
the
nomination
process
opens
how
to
nominate
with
a
very
you
know,
clearly
described
here's
the
subject
line
you're
in
your
email.
You
must
include
this
information
if
you're
nominating
yourself
for
a
seat
and
here's
when
that
nomination
period
closes.
That
is
all
public.
The
identification
process
for
who
the
electorate
is
right.
Who
gets
a
vote
in
that?
B
I
think
that
should
be
semi-private.
I
think
a
google
form
is
great
again.
The
election
official
names
need
to
be
public
information
so
that
it's
not
just
a
form
to
a
black
hole,
and
then
I
completely
agree
with
I'm
sorry.
Whoever
was
just
speaking
before
me
that
there
are
a
lot
of
types
of
contributions
that
may
not
be
traceable
back
to
github
or
google
docs.
That
still
ought
to
qualify
someone
for
having
a
vote
because
they've
been
participating.
A
D
A
Mean
that
makes
sense.
I
I
think
we
could
have
a
google
form
to
intake,
but
I-
but
I
do
agree
with
you-
that
that
the
the
self
nomination
for
becoming
a
member
of
the
tack
should
be
public.
A
B
B
For
the
self-denomination
to
be
elected
right
to
run
for
a
seat,
I
don't
think
a
google
form
is
useful
for
that.
I
think
mailing
list
with
a
standard
template.
The
election
officials
announced
the
template
in
the
timeline
and
for
what
it's
worth
the
process
I'm
describing
has
been
used
by
both
openstack
and
kubernetes
for
well
over
a
decade
now,
so
I
know
we
can
reinvent
things
and
tweak
them
as
we
need
to.
But
this
is
it
works
pretty
well.
B
C
To
so
yeah,
I'm
all
in
favor
of
kind
of
leaning
on
these
other
things
that
already
exist.
This
sounds
this
sounds
great.
I
think
the
the
thing
that
we
kind
of
need
to
decide
right
now
is
the
election
officials,
who
are
they
and
kind
of
go
from
there.
Yeah.
H
I'm
sorry
election
officials
timeline
and
maybe
what
we're
looking
to
have
candidates
submit.
I
would
love
if
we
could
have
a
candidate
statement.
I
think
sometimes
a
biography
can
just
lead
to
a
snowballing
of
power
and
prestige.
I
would
love
to
hear
from
candidates.
You
know
their
views
on
open,
ssf
or
on
open
source
security
or
some
ideas
of
what
they
might
like
to
contribute
or
what
they've
contributed
thus
far
or
what
they're
excited
about.
H
C
B
It
is
very
common
because
the
election
officials
are
often
required
to
validate
the
candidates
eligibility
for
candidacy.
C
A
Yeah,
I
think
a
lot
of
the
conflict
of
interest
issues
are
more
easily
handled
and
this
kind
of
riffs
on
what
ava
just
said
earlier
about
trying
to
make
a
lot
of
things
public.
As
long
as
things
are
done
publicly
a
lot
of
those
issues
I
think
are
less
like,
particularly
if
there's
some
questions.
B
I'll
second
david's
point
that
was
really
second
in
mind
to
say
this
is
part
of
why
who
the
officials
are
should
be
public.
The
timeline
should
be
public,
the
requirements
for
eligibility
for
running
for
a
seat
should
be
public.
The
self
nominations
should
be
public,
but
any
sort
of
endorsements
or
naysaying,
like
don't
criticize
in
public,
like
discourage
commentary
on
people's
candidacy,
there
are
a
couple
foundations.
I've
worked
with
where
discussion
around
like
what
is
someone's
platform.
C
I
could
see
that
so
how
about
this
we
we
go
with
the
google
form
people
self-nominate
with
that,
once
we
have,
you
know,
defined
the
timeline
once
self-nomination
is
done.
We
then
publish
the
list
in
our
repo
either
as
a
doc
or
as
an
issue
or
something.
However,
we
want
to
do
that.
So
that's.
B
C
J
To
give
an
alternative
model
again,
going
back
to
k
native,
which
I
keep
returning
to
because
one
unfamiliar
with
it
and
two
I'm
familiar
with
the
extreme,
extremely
painful
process
of
the
birth
of
that
particular
mechanism.
J
There
was
a
great
deal
of
stem
and
throng
the
the
thing
that
they
do
instead
is
that
the
list
of
candidates
is
submitted
through
pull
requests
against
the
community
repo
so
for
each
election,
there's
a
directory
and
that
directory
includes
a
series
of
files
for
each
of
the
candidates
which
are
created
by
pull
request.
And
that's
how
you
submit
your
nomination.
C
A
I
I
do
my
best
to
do
email
because
trying
to
log
on
to
3
000
systems
is
completely
complete
insanity,
that's
fair
as
well.
Oh
look!
I
have
8
million
slack
channels
on
multiple
different
worksheets
and
and
then
we
have
discord
and
discourse
and
this
and
that-
and
I
I
don't-
I
don't-
have-
that
many
tabs.
H
My
fan
is
always
going
very
loud
because
of
all
the
different
chat
programs.
One
thing
I
would
request
so
whether
we
choose
to
use
pull
requests
or
an
email
list
or
whatever
to
collect
the
candidate
statements
or
candidate
profiles
or
whatever
we
want
to
call
it.
It
would
be
great
if,
when
we
send
out
the
actual
voting
link,
we
have
one
compiled
place
where
you
can
look
at
all
of
the
statements.
H
So
there's
no
like
recency
kind
of
priming
effects
for
those
of
us
who
would
quickly
forget
what
they
read
if
they
didn't
have
it
all
in
front
of
them.
We
did
in
the
governing
board
general
election
vote.
This
was
done
really
well.
There
was
a
list
of
candidate
statements
linked
from
oppo
vote,
where
we
could
view
them
all
at
once.
Right
before
voting,
I
would
suggest
that
we
do
something
like
that
again,
so
that
we
have
them
all
at
our
fingertips.
B
Are
we
yeah
and
I've
just
if
you
scroll
up
a
bit,
I've
captured
that
in
the
dock
yep
right
there,
okay.
A
So
so
how
many
seats
are
we
talking
about?
I
think
originally,
there
were
seats
for
each
working
group,
but
it
sounds
like
we're
talking
about
more
of
a
a
general
election,
so.
C
At
last
time
that
we
discussed
this
we'd
all
kind
of
agree
that
it
was
seven
seats
total
that
would
be
the
tack
four
would
be
community
three
would
be
governing
board.
E
C
H
Would
we
determine
who
is,
if
we're
keeping
four
on
and
three
voted
out,
or
vice
versa?
How
would
we
determine
who
of
the
present
tax
stays.
C
B
Yep,
I
would
not
recommend
that
right.
Is
there
any?
Is
there
any
drawback
to
doing
a
complete
reset
right
now,
other
than
the
risk
of
not
having
continuity.
C
I
think
that's
the
only
risk-
and
I
think-
and
I
think
we
could
also
you
know,
kind
of
de-risk-
that
a
little
bit
by
saying,
okay,
we
flip
everybody.
If
everybody
goes
or
more
than
you
know,
90
or
something
would
some
folks
be
willing
to
kind
of
linger
on
at
least
to
help
with
the
transition
you
know
for
a
month
or
two,
and
that
kind
of
thing
just
to
make
sure
that
it
all.
B
Pick
pick
one
or
two
of
the
governing
board
seats
have
those
stay
on
since
those
are
appointed
anyway.
Let
the
governing
board,
you
know,
go
pick
those
two
and
then
elect
the
other
five
or
six
seats.
Now
that
guarantees
at
least
one
or
two
seats
of
continuity.
G
Yeah
I
wanted
to
share.
I
mean
a
little
bit
of
experiences
on
the
hyperledger
side,
because
in
hyperledger
the
tsc
we
go
through
a
full
re-election
every
year,
and
you
know
it
was
one
of
my
concerns
that
we
may
not
have
enough
overlap
and
continuity,
but
in
practice
this
has
never
been
the
case.
We
have
a
few
seats
that
get
changed
every
year,
which
is
great.
So
honestly,
I
wouldn't
be
too
concerned
by
that.
E
Or
no,
can
you
also
share?
The
tick
is
one
thing
I
think
hyperledger
does
different.
Is
it
has
a
rather
large
tsc
and
and
could
you
speak
to
the
advantages
or
disadvantages
of
that
yeah.
G
In
fact,
we
have
even
made
it
larger,
I
think,
for
the
last
two
years
we
have
now
15
seats
and
the
advantage
I
mean
in
practice.
You
know
we
had
just
like
you
have
now
very
you
know
open.
G
You
know
tsc
where
everybody
was
welcome
to
join
and
participate,
and-
and
so
I
think,
having
more
people
officially
has
allowed
us
to
have
broader
scope
and
point
of
views
and
we
have
more
diversity
in
the
representation
I
mean
both
like
socially
genders.
You
know
geography,
but
also
people
from
the
different
projects
across
the
across
the
organization.
G
A
I
I
realize
this
is
reopening,
but
I
I
do
like
this
idea
of
having
more
seats.
I
Openness
has
got
a
lot
bigger
yeah.
You
could
rotate
seven
every
year,
then
so
seven
come
on
to
join
the
existing
attack
next
year.
The
existing
attack
members
would
rotate
out.
The
seven
that
have
come
on
for
this
period
will
continue
and
you've
got
kind
of
a
a
way
of
you
can
kill
two
birds
with
one
stone.
Then
you
don't
have
to
have
people
self-elect
to
leave
okay
and
you
can
do
a
refresh,
but
then
there's
still
some
folks
around
for
context
for
the
new
folks
that
join
so
not
a
bad
idea.
B
There
are
potential
drawbacks
to
having
a
very
large
tack,
openstack
at
one
point,
had
11
and
then
13
and
then
15,
and
it
was
only
very
briefly
that
large,
it
became
much
more
difficult
to
get
consensus
and
get
decisions
made
at
a
large
size
when
there
were
contentious
decisions
which,
at
that
point
in
the
product's
history,
was
every
meeting.
B
This
this
is
a
this
is
the
thing
that
I
wish
more
more
foundations.
More
projects
were
comfortable,
flexing
adapting
as
needs
the
time
of
a
given
groups,
decision
making
process.
So
I
would,
I
would
leave
that
to
open
to
discussion
if
adding
more
seats.
Right
now
is
the
right
choice
or
are
we
just
you
know,
slapping
a
band-aid
and
avoiding
a
hard
decision
of
who
stays
and
who
goes
yeah?
I.
H
Suppose
that
might
depend
on
that
is
also
the
mechanism
by
which
we
make
decisions.
H
So,
whether
or
not
we
require
full
consensus,
if
there's
a
majority
vote,
we
might
also
want
to
think
of
what
we
set
quorum
to
be,
and
I
imagine
that
some
of
those
procedural
things
would
determine
whether
this
would
become
a
lot
of
overhead
and
not
worth
it
or
if
we
could
manage
it
in
a
way
that
we
ensured
that
if
we
did
have
this
larger
attack
that
there
was
full
participation,
you
know
people
were
showing
up
taking
it
seriously,
casting
votes
and
and
moving
at
a
good
clip.
H
C
Yeah,
I
think
there
are
advantages,
and,
as
mentioned,
the
diversity
of
having
more
people
in
different
viewpoints
and
perspectives
is
definitely
useful,
and
I
know
that's
something:
we
valued
an
open
ssf
from
the
beginning,
but
we
have
to
balance
it
right
and
I
think
the
other
concern
too
is
saying:
do
we
add
more
and
then
we
decide
that
it's
a
problem?
It's
a
lot
more
difficult.
I
think
to
shrink
it
back
than
it
is
to
to
add
folks,
but
we
did
talk
about
the
adding
more
in
the
future.
C
I
just
don't
know
if
that
time
is
now,
if
that's
the
right
thing
or
just
to
keep
it
stable
as
it
were,
but
then
you
know
raul
made
a
very
good
point.
These
meetings
are
open
right,
like
most
of
the
people
involved.
Right
now
in
this
discussion
are
not
quote
official
tax
representatives
and
clearly
it's
working
so
this
it
really
just
comes
down
to
the
formality
of
voting
and
I
suppose
the
questions
of
what
comes
with
that.
E
And
I
think
of
it
again
from
the
hyperledger
experience.
If,
if
you
are
coming
down
to
a
vote,
you
know
of
a
four
to
three
vote
you're
doing
it
wrong
right,
consensus
is,
you
know,
doesn't
mean
there
weren't
a
lot
of
votes
in
hyperledger
that
were
contentious,
that
there
were
always
votes
or
quite
frequently
votes
where
people
abstained
or
voted
against,
and
yet
they
still
passed
and
that's
actually
good
to
show.
E
I
think
you
know
that
you're
actually
taking
some
risks
here
and
there,
but,
but
I
think
in
practice
it's
it's
it's
it's
worth
it
to
have
one
that
that
can
represent
all
sides
of
a
community
or
as
many
sides
of
those
as
as
can
be
the
one
other
thing
I
also
wanted
to
add
again
not
to.
I
know
we're
talking
about
a
bunch
of
variables
at
once,
but
I
I
think,
having
the
governing
board
appoint
a
set
of
representatives
is
is
interesting.
E
C
Yeah,
I
think
that's
an
excellent
point
so
now
I
think
what
we
kind
of
need
to
decide
are
we
wanting
to
increase
the
tax
size
right
now
or
keep
it
at
the
risk
of
you
know,
unwinding
previous
decisions,
and
or
do
we
want
to
continue
making
progress,
leave
it
at
seven.
We
always
have
the
option
to
add
more
in
the
future.
If
we
decide
that's
necessary
sort
of
folks
thoughts
on
that.
H
Maybe
we
could
run
very
quickly
right
now
through
some
of
the
points
for
and
against.
I
guess
some
of
the
points
for
having
a
larger
attack
would
be,
as
our
node
has
suggested.
A
greater
diversity
of
geographies
and
of
people
and
of
companies
and
of
backgrounds
is
very
powerful.
H
Another
argument
in
favor,
I
would
say
kind
of
build
off
rao's
point
of
you
know
a
lot
of
people
attend
anyway.
I
guess
my
my
question
would
be
well.
Why
not
have
them
if
they're
you
know
committed
and
present
and
active
members?
Why
not
have
more
voting
members
of
the
attack?
H
Another
argument,
I
suppose
in
favor
of
a
larger
attack,
is
given
that
we
are
in
a
time
of
huge
growth
for
openssf,
like
incredible
investment,
incredible
range
of
organizations
joining
us
there's,
probably
a
lot
of
decisions
to
be
made,
but
also
there's,
probably
a
decent
need
for
continuity,
given
that
the
most
of
the
governing
board
has
been
entirely
refreshed.
H
The
model
that
we're
proposing
does
allow
us
to
have
some
continuity
from
the
existing
pack
into
the
future
and
as
open
ssf
goes,
that's
really
the
only
elected
members
or
or
bootstrap
members
at
all
that
can
carry
on
so
there
is
that
benefit
of
having
some
of
the
older
perspectives
come
through
into
this
newer,
larger,
more
powerful
group.
A
J
Okay,
I'm
going
to
jump
in
to
note
that
it's
about
40
past
and
we
have
two
other
items
on
the
agenda.
I'm
not
sure
whether
we
want
to
get
any
of
those
today
or
not
agree.
C
I
was
I
was
going
to
mention
this
because,
while
I
do
definitely
want
to
discuss
those
other
two
topics,
I
feel
this
conversation
is
important
to
get
resolved.
So
I'd
like
to
hear
if
other
people
agree
if
they
want
to
take
this
conversation
offline
and
try
to
try
to
solve
it
there
or
do
we
want
to
just
dedicate
this
meeting
to
solving.
I
A
A
Hoping
will
are
are
very
important,
but
I'm
hoping
won't
take
too
long
in
part,
because
I
think
most
people
have
already
been
made
aware
of
them
that
seek
store
and
the
and
the
working
group
renamed.
C
I
agree
yeah
so
just
to
kind
of
summarize
and
actually
just
about
to
say
what
phil
just
commented,
let's
take
kind
of
where
we're
at
right
now,
which
sounds
like
we're
saying
self-nomination
over
email
with
statements.
Let's
document
this
and
then
some
of
the
open
questions
are
around
growing
attack
into
what
size
and
then
whether
we're
going
to
it
kind
of
sounds
like
the
general
agreement.
Right
now
is
to
hold
the
election
for
everybody
and
not
do
a
split.
C
C
Okay,
in
that
case,
let's
move
on
to
these
other
two
topics
and
if
we
have
extra
time
we
can
come
back
and
keep
discussing
the
election
process
as
well.
I
Yeah,
so
I
mean
most
of
the
information:
is
there
I'm
figuring
folks
had
a
chance
to
read
the
the
issue
on
the
open,
ssf
github
attack
repo,
but
what
we
would
like
to
request
is
that
six
or
join
the
open
ssf
as
a
project,
okay,
and
so
this
would
be
a
standalone
project.
I
What
are
some
of
the
other
key
points?
There's
some
reasons
why
we
think
a
standalone
project
is
more
suitable,
okay,
so
we're
kind
of
pretty
much
modeling
this
off
of
what
alpha
amiga
has
done,
because
we
come
with
our
own
existing
community,
our
own
repositories,
slack
channels
and
so
forth.
Okay,
and
we
also
have
our
own
level
of
funding,
that's
already
in
place,
so
a
a
project
is
definitely
a
better
fit
for
us
really.
So
this
is
really
to
sort
of
for
the
tax
to
vote
if
they
think
technically.
I
So
somebody
correct
me
technically
that
sig
store's
a
good
fit
for
the
open
ssf.
If
that
is
the
case,
then
this
will
then
go
to
the
to
the
gb
for
them
to
look
at.
A
Yeah
and
just
to
clarify
this
would
be
the
proposals
to
make
is
a
project
as
a
sibling
with
the
working
groups
and
with
alpha
omega,
with
the
rationale
listed
below
that
you
know
it,
because
it's
it's
big,
it
makes
sense
to
have
as
its
own
thing,
which
I'm
supportive
of
by
the
way.
C
I
Other
key
aspect,
as
well
as
we're
running
up
public,
so
we
will
yeah,
we
are
and
we
will
be
sort
of
launching
into
a
full
productionized
public
service
as
well.
So
I
mean,
I
believe,
a
wg
is
more
around
solving
problems,
whereas
you
know
we're
actually
sort
of
we've
defined
our
problem
and
we've
got
a
public
service
to
run
so
with
six
store.
I
You
get
the
community
okay,
there's
an
existing
community,
there's
something
like
just
getting
close
to
400
contributors,
20
different
organizations,
and
then
there
is
the
public
service
which
will
be
the
funded
part
of
the
of
six
store
where
we
effectively
pay
for
the
staffing
and
resourcing
to
run
the
service.
C
A
Is
there
any
reason
we
can't
just
do
that
now,
because
this
has
been
discussed
for
for
some
time
I
mean
if
we
want
to
do
it
on
the
github
on
github
issue:
asynchronously,
that's
fine!
But
if
we're
all
here
and
it's
all
and
we're
all
okay,
then
should
we
just
do
it
yeah
absolutely.
I
K
K
C
Tac
does
have
oversight
right,
improving
technical
strategy
and
alignment
and
that
kind
of
thing,
but
we
still
inform
the
gb,
and
then
I
think
there
are
also
potential
budgetary
concern
or
issues
that
may
come
up
that
they
need
to
be
aware
of.
But
it's
not
really.
It's
not
taking
them
to
approve.
E
Yeah,
the
governing
board
approves
basically
us
as
staff
kind
of
overseeing
the
operational
side
of
of
this
kind
of
acting
as
the
the
folks
to
collect
the
money
disperse
the
money
as
well
and
and
all
the
kinds
of
things
that
the
governing
board
oversees
when
it
comes
to
us
as
staff
right.
But
that
is
that
that
alone
isn't
enough.
It
has
to
also
be
a
worthy
project
from
a
technical
point
of
view
and
that's
the
the
tax
roll.
I
E
This
vote
happens.
If
it's
positive,
then
it
would
go
to
the
governing
board
at
their
next
meeting,
which
will
be
in
december
if
they
approve
it
and
then,
from
that
point
forward,
we
can
consider
it
an
open
ssf
project.
E
And
that
could
be
an
acceptable
status
for
for
something
that
comes
through
the
tech.
The
not
everything
that
comes
to
the
attack
has
to
be
governing
board
approved,
of
course,
only
those
things
that
have
budget
and
operational
implications.
A
D
A
Right
right,
so
I
I
think,
because
we
know
that
there's
going
to
be
a
funding
request,
we
let's
raise
that
up
now.
I
think
it
will
be
viewed
quite
positively.
Actually
in
fact,
I'm
pretty
sure
it
will.
But
so,
since
we
know
that's
going
to
be
coming
on,
let's,
let's
make
sure
the
governing
board
knows
right
away,
and
you
know
I,
if
nothing
else
sound
them
out,
because
I
think
we
we
will
be
asking
for
funding
in
that
area
and
that's
okay.
K
E
Well,
let's
see
the
governing
board
wouldn't
want
to
approve
a
project
unless
the
tech
had
discussed
it
first.
That
was
made
clear
at
the
last
governing
board
meeting
actually,
and
so
that's
that's
why
this
precedes
the
governing
board
conversation,
not
because
the
charter
logs
in
a
specific
process
for
this
right
so
just
to
be.
C
E
And
and
voting
on
the
funding,
it
also
is
about
that
funding,
getting
the
the
oversight
and
and
the
involvement
of
us
as
open
ssf
staff
and
the
linux
foundation
and
its
collection
and
dispersion,
and
because
that
creates
obligations
and
risk.
That's
why
it's
a
governing
board
level
votes.
K
D
K
E
Well,
certainly,
if
we
bring
something
to
them
as
a
proposal
in
good
faith,
we
have
to
be
expect
have
some
plan
b.
If
they
said
no,
I
mean
the
the
plan
b.
It
would
be
that
this
would
continue,
as
could
continue
as
a
technical
project
at
openssf,
but
the
funding
for
it
in
the
operations
would
be
handled
or
managed
elsewhere.
You
know
some
other
type
of
organization,
whether
another
lf
org
or
even
that
completely
outside.
B
Just
a
point
of
comparison:
since
we've
been
sharing
comparables
a
bunch
in
this
meeting,
the
cncf
does
not
have
any
such
process
the
governing
board.
There
does
not
get
a
vote.
It
is
the
tax
purview
to
approve
and
promote
or
graduate
projects.
Only
so
yeah.
E
E
The
the
you
know
we,
whatever
policies
we
have
around
clas
and
dcos,
and
that
kind
of
thing
we
apply
all
that
could
exist
without
the
involvement
of
a
fund
without
collecting
funds.
Disbursing
funds
all
that
kind
of
stuff.
It's
if
we
want
that
second
piece
to
come
under
the
open,
ssf
organization
that
the
governing
board
would
need
to
approve
that.
H
Just
to
share
for
what
it's
worth-
and
I
know
a
lot
has
changed,
so
I
don't
know
exactly
how
relevant
what
I'm
about
to
say
is,
but
we
did
do
an
exercise
last
year,
a
series
of
off
sites
where
we
were
looking
at
open,
ssf
decision
making
and
we
were
pretty
specific
about
where
different
decisions
were
made
and
when
we
went
through
that
exercise,
we
did
decide
that
whether
a
specific
project
or
working
group
were
to
join
open
ssf
would
be
under
the
authority
of
the
attack
and
then
the
governing
board
would
be
informed.
H
So
it
did
seem
that
the
intention,
at
least
originally
for
us,
was
that
the
attack
would
make
these
decisions.
But
of
course,
things
may
have
changed,
and
we
can
maybe
talk
about
this
separately
if
interested,
but
where
we
were
standing
at
least
as
of
last
year
was.
The
intention
would
be
that
the
tac
would
be
the
ones
to
to
decide
whether
or
not
a
project
is
joining
open.
Ssf,
yep.
E
B
I
ask
for
clarification
on
something
you
said
a
minute
ago.
You
said
if,
if
it's
purely
a
technical
project,
you
felt
that
that's
in
the
tax
preview,
but
the
second
part-
and
I
wasn't
sure
what
you
meant
by
the
second
part
or
second
piece.
Could
you
clarify
that.
E
The
funding
piece
where
you
know
something
like
six
store:
it
has
an
operational
component
where
you
have
to
keep
live,
servers
running
where
there's
potentially
staff
to
handle
support.
You
know
something
that
looks
a
little
bit
more
like,
let's
encrypt,
where
isrg
you
know,
has
a
devops
kind
of
role
in
keeping
things
running.
That's
where
that's
where
it
involves
something
that
you
need
to
have
under
a
budget
kind
of
authority
now
there'll
be
places
where
I
think
there's
budget
funds,
as
those
who
are
at
the
governing
board
meeting
saw
me
put.
E
You
know,
line
items
against
things
that
the
working
groups
are
working
against,
though
it
won't
require
additional
governing
board
approval
once
we
get
the
budget
approved
next
month.
So
that's
that's!
That's
all.
In
addition,
this
is
just
this.
E
Just
like
alpha
omega,
you
know
if,
if
you
want
the
the
linux
foundation,
open
ssf
to
take
on
kind
of
the
operational
responsibility
for
collecting
and
dispersing
funds
managing
to
the
to
the
to
a
budget
plan
and
an
operations
plan
and
having
staff
you
know
and
having
people
that
we
pay.
That's
that's
something
that
governing
board
needs
to
approve.
B
Interesting
clarification.
I
think
I
just
missed
that
what
you
were
referring
to,
I
understand
all
of
those
points
and
for
comparison
from
other
foundations.
That,
I
would
say,
is
what
I've
seen
foundations
do
is
when
the
technical
advisory
council
feels
a
project
is
well
within
in
their
scope.
Well,
aligned,
there's
a
lot
of
interest
there,
the
tac
approves
it
and
then
the
financial
aspects
of
that
those
do
still
need
to
get
worked
out
and
that
becomes
the
a
process
worked
out
between
the
tax
liaison
to
the
governing
board,
say:
hey.
B
C
J
J
They've
already
taken
funds
from
donors
for
a
purpose
that
there
needs
to
be
some
assurance
that
that
purpose
is
not
upset
because
not
not
to
go
back
to
my
law
student
days.
You've
got
something
that
looks
and
smells
very
much
like
a
trust
to
me,
and
there
might
be
terms
that
that
modify
that
and
I'm
full
of.
But
to
me
it
it
has
the
vibe,
which
means
that
if
the
funds
were
taken
to
be
spent
on
sig
store,
they
can
only
be
spent
on
sex
store.
They
can't
be
repurposed
by
the
governing
board.
K
And
this
is
not
legal
advice
yeah,
so
my
kind
of
naive
take
maybe
on
what
would
happen
here.
Is
the
tac
would
vote
and
we
would
approve
string
as
a
project
and
then
at
some
point
later
we
would
come
up
with
some
kind
of
budget
request.
Stick
store,
decide
how
much
funding
they
need
for
what
and
then
that
would
be
a
separate
vote
for
the
governing
board,
that's
great
and
actually
on
an
actual
funny
request,
not
on
like
an
abstract
joining.
C
Yeah,
I
think,
in
absence
of
deferment
and
absence
of
any
negative
votes,
I
think
that
is
approved.
I.
K
C
C
Yeah
and
so
to
clarify
next
steps
to
present
this
to
the
governing
board,
which
I
believe
falls
on
me.
So
I
think
questions
that
will
be
asked
are
about
budget,
so
luke
and
dan.
I
don't
know
if
you
guys
have
things
like
that
already
going,
but
let's
sync
up
and
get
something
formal
put
together,
that
we
can
actually
present
to
them
and.
A
Yeah
and
if
I
can
make
a
heads
up
here,
the
governing
board
wants
to
have
a
starting
budget
within
the
next
three
weeks.
They've
already
got
a
early
draft
of
that,
but
I
would
not
be
surprised
if
six
store
would
like
additional
funding.
A
Then,
in
addition
to
the
funding
they've
already
raised,
I
know
you've
already
raised
some,
but
if
you,
if
there's
additional
funding
that
would
help
you
accelerate
things,
I
guess
luke
I'm
kind
of
looking
to
you,
especially,
but
you
know
dan,
whoever
make
a
make
a
pitch
and
and
what
it'll
be
used
for.
I
think
it
would
be
received
extremely
favorably
and
really
now
the
iron
is
hot.
Now
is
the
time
to
hit
it.
C
Let's
do
it
all
right
so
with
that
we
have
four
minutes
left.
Okay.
I
know
you
have
one
more
thing.
I
think
this
will
be
fairly
quick
to
discuss
around
the
recently
renamed
rechartered
digital
identity.
At
the
station
working
group,
which
I'm
happy,
the
name
has
changed,
because
now
I
can
pronounce
it
better.
M
Okay,
great
thanks.
Everyone,
I've
been
sitting
here
quietly
all
meeting.
This
is
kind
of
a
change
for
me.
B
M
So
I
just
you
know,
wanted
to
mention
to
this
group
that
the
digital
identity
attestation
working
group
did
approve
rename
rescope
to
supply
chain
integrity,
working
group
in
the
last
meeting.
So
I
think
the
na
the
next
steps
are
just
help
from
jory,
probably
to
rename
the
working
group
update
the
calendar,
invite
some
of
those
administrative
things.
I
I
think
that
we
also
do
need
to
change
the
existing
readme
page
and
probably
rescue
the
charter.
M
I
don't
know,
do
we
want
the
attack
to
approve
you
know.
I
know
we
want
the
working
group
to
approve
a
new
charter
and
a
new
readme
page.
Do
we
want
the
tech
to
approve
that
as
well.
C
I
think
what
we've
done
in
the
past
with
attack
it's
not
so
much
like
we,
we
approved
the
working
group
and
kind
of
the
direction
and
then
the
other
working
groups.
What
they
did
was
provide
their
charter
just
sort
of
as
an
update
to
the
tac.
But
it
wasn't.
You
know
we
could
provide
commentary
on
it,
but
it
wasn't
necessarily
like.
Oh
yes,
that
that's
okay,
you
can
do
work
now
approval.
M
Okay,
well
we'll
try
to
in
the
next
supply
chain,
integrity,
working
group,
review,
review
and
updated
charter
and
then
share
that
back
with
the
tech
in
the
following
tech
meeting.
M
M
D
A
C
Yeah
I'll
take
the
notes
ava.
Thank
you
for
putting
the
notes
in
there
that
you
did
with
the
summary.
That's
very
helpful,
yeah
I'll
split
those
into
multiple
github
issues,
so
each
one
can
be
a
discussion
and
approved
I'll
work
on
that.
Probably
today,
actually
yeah.