►
From YouTube: OpenSSF TAC (February 21, 2023)
Description
Meeting minutes: https://docs.google.com/document/d/18BJlokTeG5e5ARD1VFDl5bIP75OFPCtzf77lfadQ4f0/edit#heading=h.9m0zi4b0wnne
A
B
A
B
A
D
E
B
B
G
B
Elections,
update
I,
guess,
starting
from
the
stack
side
what's
going
on
there,
what
what
news
can
you
share
and
same
for
the
open
ssf
a
day?
Any
updates
there
I
know
the
open
question
who
is
on
the
program
committee?
What's
the
timeline
for
that
and
we'd
all
love
to
know
the
sort
of
what
to
expect.
G
G
You
know
and
like
the
other
openness
of
days,
you
know
we'd
really
like
this
to
just
you
know
to
be
both
an
overview
of
you
know
the
the
range
of
different
projects
going
on.
Obviously,
we
won't
be
able
to
cover
everything,
although
I
think
you
know
skewing
towards
shorter
updates.
Shorter,
shorter
presentations
with
explicit,
like
calls
to
action
and
ways
for
people
to
be
involved
is,
is
kind
of
the
ideal
just
in
terms
of
tone
and
kind
of
flow
Also.
G
If
anyone
has
thoughts
about
an
outside
speaker
that
they'd
like
us
to
bring
in
to
start
the
day,
I
I
think
I
think
we're
open
to
that
as
well.
Sometimes
it's
fun
to
have
kind
of
a
voice
from
Beyond
kind
of
telling
us
about
things
that
are
going
on
or
things
to
be
watching
watching
for
so
so
that
would
be.
That
would
be
of
interesting.
E
I
G
Other
thoughts
there
I
I,
don't
think
that's
a
problem
and
I
don't
know
that
the
program
committee
will
be
looking
at.
You
know
whose
talks
have
been
accepted
elsewhere
and
other
other
tracks
or
other.
You
know,
side
events
or
anything
like
that.
So
a
little
repetition
wouldn't
wouldn't
be
bad.
Okay,.
G
Okay,
one
other
thing
I
wanted
to
mention
is
this
is
happening
on
the
same.
On
the
first
day
of
the
the
main
ossna
track,
we
chose
to
overlap
with
it,
partly
because
we
didn't
want
people
to
have
to
come
in
on
a
Friday,
which
was
the
only
other
open
day
at
the
very
end
of
what
would
otherwise
be
a
pretty
busy
week
and
I
think
we'd
get
people
kind
of
exhausted.
G
Nor
did
we
want
to
overlap
with
the
cdcon
event,
which
we
think
will
have
quite
a
bit
of
overlap
from
a
Content
point
of
view.
So
we
are
avoiding
overlap
with
the
opening
Keynotes
of
ossna,
but
then
we'll
get
started
about
what
is
it
11,
A.M,
I,
think
Jennifer
and
then
go
till
5
30-ish.
So
oh
and
we
will
have
lunch
served
so
that'll
keep
people
there.
G
B
Yeah
and
it's
a
little
a
little
response
to
your
question
about
the
different
tracks:
I've
been
on
the
papers
committee
for
other
events
and
I'm
on
a
different
track
at
the
OSS
Summit
as
well.
The
committee
members,
the
program
committee
members,
do
have
the
ability
to
say
this
should
be
in
a
different
track.
It's
a
better
fit
but
they're,
not
looking
across
tracks
to
sort
of
de-duplicate
they're,
only
looking
at
their
own
track.
B
H
Thank
you
quick
question.
The
open
ssf
tracks
running
in
parallel
will
they
align
with
the
other
tracks
of
the
main
conference,
so
that
individuals
that
you
know
want
to
go
back
and
forth
are
able
to,
or
do
you
view
this
as
a
block,
because
there
are
trade-offs
to
going
in
either
direction
and
I'm.
Just
curious,
I
think
that
my
observation
recently
was
that
when
you
make
it
kind
of
an
All
or
Nothing
thing,
you
don't
get
people
dropping
in
to
check
it
out
for
the
first
time
so
thoughts.
B
G
Maybe
I
I,
don't
know
that
we're
holding
the
program
committee
to
align
the
breaks
and
other
changes
in
sessions
with
what's
going
on
in
the
rest
of
the
event,
it's
up
to
them.
I.
Think
to
figure
that
out.
My
personal
take
is
I'd,
love
to
see
more
speakers,
more
content
and
shorter
talks
on
average.
So,
however,
they
want
to
accomplish
that
that
we'll
leave
that
to
the
program
committee.
I
J
G
We
just
really
combined
with
the
next
section
on
attack
elections
there
and
I'm
wondering
if
I
could
put
George
okay
work.
Sorry
on
the
on
the
on
the
day
is
here
and
ask
if
he
could
talk
about
the
work
that
that
he
and
the
other
election
observers
have
been
doing
to
that's
captured
in
this
pull
request.
F
Sure
no
problem
so
yeah
well
I've
I've
volunteered,
among
others,
to
be
on
the
the
election
committee
and
as
part
of
our
discussions
earlier
last
week.
We
realized
that
the
there
has
been
a
discussion
among
Tech
members
to
prepare
the
procedure
for
last
year's
election,
and
that
was
also
what
we
used,
but
it
has
not
been
documented
in
a
in
a
good,
concise
manner
in
one
of
our
community
reposts.
F
The
the
text
in
there
is
based
primarily
on
an
email
that
Jen
I
think
used
last
year
to
announce
and
and
basically
describe
the
process.
So
from
that
perspective
it
is
nothing
new
in
there,
but
still
to
kind
of
create
the
most
transparency
and
get
everybody
on
board.
We
wanted
to
bring
this
to
the
attack
for
review
and
and
kind
approval,
so
to
say
not
not
trigger
weeks
of
discussions
really,
because
I
think
the
timeline
is
a
little
is
a
little
tight
a
little
late
anyway.
F
So
if
there
are
no
fundamental
issues
but
please
review,
then
we
The
Proposal.
The
idea
was
to
get
you
guys
to
approve
it
and
then
ideally
open
the
first
phase
of
the
election
right
after
this
call
kind
of
so
still
today
we
would
open
up
for
two
weeks
of
self-nomination
phase
for
the
the
tech
candidates,
the
seir
candidates
and
the
voters
themselves.
Obviously
so,
and
that's
a
summary,
I
didn't
really
walk
you
through
the
the
document
or
the
pr
itself.
I
I
hope,
that's
fine!
F
B
I
very
much
want
to
thank
all
the
election
official
members
who
worked
on
getting
this
put
together
and
digging
through
our
old
meeting
minutes
chatting
with
tack,
members
and
other
folks
to
put
this
together
big
Kudos.
Thank
you.
So
much
I
have
not
read
this
proposal
in
its
current
form,
so
I
should
go.
Do
that
I
also
notice?
We
are
not
quarrett
as
attack
right
now,
so
we'll
have
to
take
the
vote.
Asynchronously
I'm,
not
sure
what
Bob's
availability
is
I.
B
C
I
might
ask
that
Tech
members
in
particular
think
about
how
much
time
they
want
these
periods
to
be
open
for
call
for
nominations.
In
particular,
you
know,
there's
always
a
balance
to
strike
between
making
sure
that
we're
giving
folks
enough
time
to
really
think
about
what
it
would
take
and
what
the
roles
and
responsibilities
of
being
a
tech
member
are.
Can
they
work
that
into
their
schedule?
C
Can
they
really
commit
to
it,
but
also
not
keeping
this
open
so
long
that
it
becomes
sort
of
a
onerous
process
that
we
that's
hard
because
it
takes
some
time
so
think
about
that
in
particular
and
and
how
much
time
you
think
is
fair
and
and
reasonable
for
each
stage
and
I
think
that
would
be.
That
would
be
great.
B
B
In
other
foundations,
when
someone
is
running
for
a
position
like
this,
I
have
generally
seen
a
process.
You
know
after
the
elections,
officials
validate
the
candidates
and
then
their
their
candidate
statements
might
be
posted
somewhere.
Here's
what
why
I'm
running
what
I
think
I'm
going
to
do
why
this
is
important,
all
those
sorts
of
things,
and
then
the
community
can
can
ask
questions
of
the
candidate
in
a
public
forum
so
that
the
the
questions
Republic
the
responses
are
public.
B
K
J
K
Depends
a
little
bit
about
on
the
size
of
the
response
for
the
LF
silver
membership.
Recently
they
had
so
many
people
applying
it
don't
think
they
did
that
whereas
I
just
went
through
this
process
myself
with
Finos,
because
there
were
seven
of
us,
I,
think
or
eight
of
us,
so
they
went
through
that
interview
process.
So
I've
seen
both
sides.
B
A
I
A
B
J
C
We
didn't
direct
participants,
you
know
to
to
do
anything
other
than
that,
which
you
know
I
think
it
that's.
That's
probably
fine
and
less
noisy
for
for
GitHub,
but
we
shouldn't
discourage
people
from
saying
hey.
My
name
is
Jory
and
I'm
running
for
president
of
the
United
States.
Please
vote
for
me.
I,
wouldn't
not.
A
F
Yeah
I
think
we
can
still
make
this
part
of
let's
say
the
the
announcement
emails
one
once
all
of
the
candidates
are
in
saying
hey.
This
is
like
all
of
the
the
candidates,
including
the
the
statements
and
there's
like
a
two-week
voting
period.
You
can
reach
out
to
them
and
ask
questions
if
you're
interested
right,
I
think
this
is
not,
but
we
didn't
consider
to
put
it
into
the
formal
framework
that
we
described
here
to
make
it
a
mandatory
requirement
to
have
an
interview
Forum
in
place.
B
So
I
just
clicked
into
the
link
of
the
the
nomination
form.
The
selfie
nomination,
form
and
I
do
see
a
candidate
statement,
but
it
is
250
words
or
less,
which
is
pretty
short
for
you
know:
hey
here's!
What
I
want
to
accomplish
in
the
next
year
in
the
pack,
so
I
might
ask
for
a
little
bit
more
flexibility
there.
But
joy.
If
that's
the
process
we
did
last
year
and
you
want
to
keep
that
on
totally
fine
I
think
that's
fine.
C
J
L
L
I
was
doing
and
she's
like,
oh
man,
I
I
wish
somebody
had
told
me
that
before
it
wasn't
so
bad,
but
you
know
we
felt
like
hey.
It
would
be
a
good
idea
to
write
that
down
somewhere.
So
I
think
this
is
something
doesn't
have
to
be
done
for
this
time
around,
but
something
that
I
should
take
into
account.
Moving
forward.
Yeah.
B
B
B
G
B
G
K
G
G
Think,
though,
if
we,
if
we
scheduled
the
first
one
for
well
for
two
weeks
out
that
shouldn't
be
too
too
honorous
the
first
two
I
guessed,
we
were
doing
two
updates
for
a
group
each
meeting.
So
maybe,
if
we
just
ask
for
volunteers
for
the
one
in
two
weeks,
that
way
we
avoid
surprises,
and
then
we
can
just
kind
of
do
a
random
walk
to
assign
sign
the
rest
out.
Does
that
make
sense
works.
B
B
B
G
G
J
B
K
E
E
G
F
B
J
G
B
Then
the
last
item
on
today's
agenda
is
just
review:
open,
PR's,
there's
a
lot
of
them,
so
there's
probably
a
couple
specific
ones
that
we
should
look
at
I
know
we
have
the
funding
requests
that
was
brought
up
last
time
for
cert,
which
I
promised
to
review,
and
then
stuff
happened
and
I
just
apologize.
I'm.
Sorry
I
didn't
finish
my
review
of
it
yet
I
also
don't
see
votes
on
it
at
the
moment.
E
E
Ish,
let
me
find
my
window
issue.
131
is
a
proposal
from
the
open
source
security
incident,
Response
Team
Sig
to
refine
the
immobilization
plan
stream.
Five.
They
have
taken
the
original
plan,
reworked
it
with
a
proposal.
They
feel
could
be
achieved
with
current
volunteers,
additional
volunteers
and
hiring
of
some
staff
and
acquiring
some
tooling.
E
So
if
the
attack
feels
that
is
still
in
line
with
our
missions
and
goals,
I
would
love
not
only
specific
feedback
on
we
like
this
or
we
don't
like
that.
Or
did
you
think
about
this
other
thing,
but
you'd
also
like
to
talk
to
recommend
to
the
plan
to
get
moved
to
the
governing
board
for
review
for
funding
and
then
issue.
134
is
the
same
deal
with
the
education
Sig,
where
we
have
taken
stream.
E
One
of
the
mobilization
plan
refined
it
and
built
it
out
with
the
proposal
to
have
a
core
of
volunteers,
create
a
new
a
series
of
new
educational
content
for
the
foundation
around
application,
security
and
secure
best
practices
that
developers
and
developer
adjacent
personas
would
benefit
from
and
then
there's
some
other
goals
where
we
wanted
to
get
better
engaged
with
underserved
communities.
We
have
Rewards
Pro
silver
Rewards
program
proposals
to
help
encourage
open
source
developers
to
adopt
some
of
these
tools
and
practices.
E
J
E
G
G
That
includes
the
money
that
we
know
we
have
and
can
spend,
does
not
include
extra
call
outs
for
these
kinds
of
things.
So
once
the
tech
has
approved
these,
as
you
know,
suitable
uses
of
funds,
you
know
whether
from
course
is
a
budget
or
elsewhere,
but
that
these
technically
are
good
ideas
and
and
really
ought
to
be
pursued
and
are
well
researched
and
and
represent
the
best
set
of
balance
of
interest
and
compromises.
All
that
kind
of
stuff.
G
Our
job
is
then,
to
go
out
and
find
the
money
to
go
and
support
this.
Now
that
could
come
from
the
governing
board
deciding
to
make
a
change
to
its
approved
budget,
which
we
tend
to
try
to
limit
to
only
doing
once
a
year
kind
of
at
mid-year,
to
course
correct,
but
there
may
be
other
opportunities
now.
Just
to
be
honest,
though,
like
right
now,
the
current
funding
climate
and
others
has
folks
being
pretty
conservative
about
that,
which
it
also
would
affect.
G
The
second
approach,
which
is
going
around
someone
had
in
hand
to
the
members
not
just
of
the
governing
board,
but
also
to
our
broader
General
membership
and
saying,
hey,
here's
something
we
think
is
really
worthy.
Does
anyone
want
to
go
and
jointly
fund
it?
There
are
some
other
sources
potentially
of
funding
as
well.
The
you
know
this
could
is
the
kind
of
thing
that
potentially
Alpha
Omega
could
consider
funding.
G
You
know
to
them:
hey
here's,
some,
some
promising
ideas
coming
out
and
let's
talk
further
and
they're
still
thinking
and
talking
and
evaluating
that
so
I,
don't
no!
No,
nothing
don't
want
to
promise
or
or
even
even
suggest
anything
happening
there
yet,
but
basically
the
honest
will
be
on
us,
then,
to
go
and
and
figure
out
where
the
funding
can
come
from
and
including
potentially
from
openness
is
core
budget,
but
that
I
think
is
probably
less
likely
than
from
from
other
streams.
G
So
this
step,
the
attack
approving
these
things
is
important,
as
validation
important
when
we
go
out
and
raise
those
funds
to
be
able
to
say
this
has
been
reviewed
by
a
wide
Community,
this
alliance,
with
where
people
think
things
are
heading.
Obviously,
there's
proposals
also
do
have
expiration
dates.
G
So
you
know
we
can't
go
in
fundraise
for
a
year
on
something
and
expect
it
to
be
the
same
proposal
as
before,
and
sometimes
New
Opportunities
emerge
too.
So
this
will
be
an
organic
process.
Some
of
these
things
might
come
back
for
further
discussion
if
they've
been
adjusted
based
on
where
we
think
we
can
get
funding
or
or
something
like
that,
but
I
do
want
to
emphasize.
G
It's
basically
down
to
a
setup,
cost
I
think
it
was
of
60
or
50-ish
K
and
then
75k
for
the
first
year,
or
something
like
that
I,
that's
small
enough
that
hopefully
we
can
get
that
funded
sooner
but
again,
you
know
many
of
these
companies.
Many
of
all
of
your
companies
have
had
some
painful
cutbacks
in
the
in
the
last
quarter
or
two.
So
I
just
wanted
to
be
a
bit
realistic
about
our
ability
to
removing
this
and
I
might
need
to
ask
some
of
you
to
help
me.
E
G
E
G
E
G
So
there
have
been
pledges
and
we'll
certainly
start
by
going
to
those
organizations
that
have
made
those
pledges
and
say:
hey,
here's
a
way
to
to
meet
some
of
the
the
pledged
amount
that
you
made
back
in
May.
Again,
those
were
pledges
made
in
may.
They
were
not
signed.
You
know
most
commit
documents,
but
but
it's
it's
a
plausible
case
that
those
are
the
first
ones
to
start
with
and
say
Hey.
You
can
help
fulfill
some
of
your
pledges.
G
We
did
receive
one
donation
last
year
from
Amazon
focused
on
improvements
to
scorecard,
and
so
we're
working
now
with
the
scorecard
leads
to
figure
out
what
what
should
a
you
know,
a
funding
process
for
that
look
like
and
and
we'll
come
back
to,
the
attack
with
with
an
update
on
that
and
and
and
kind
of
a
discussion
review.
But
that's
that
was
that
was
the
only
donation
for
future
work
that
that
we've
received
that
this
kind
of
specifically
identified
to
that
and.
E
G
B
In
terms
of
the
process,
since
I
think
the
132
is
the
first
time
that
the
attack,
at
least
recently
this
year,
has
voted
on
a
funding
proposal,
any
comments
from
Tech
members
or
others
present
on
the
process
of
that
vote.
Since
we
have
a
few
other
things
that
we
now
need
to
vote
on,
should
we
use
the
same
process
for
those
foreign
I
think
it
worked.
We
we
discussed
it
here.
We
have
to
take
some
email
discussions
because
didn't
have
Quorum
in
a
call
and
is
now
recorded
on
the
GitHub
issue.
E
B
I
think
the
131,
the
the
search
mobilization
plan
review,
probably
needs
to
bake
a
bit
more,
as
it
were
more
folks
need
to
read.
It
comment
on
the
GitHub
issue,
myself
included.
So
let's
skip
that
for
now.
Thanks
for
the
update
earlier
and
talk
about
one
three,
eight,
the
slack
upgrade
request
since
that's
had
a
little
bit
of
discussion
already.
E
B
Agree
with
slack
not
being
a
permanent
system
of
record,
certainly
not
for
decisions
that
have
always
found
in
distributed
decentralized,
sort
of
time
zone
spanning
organizations
that
having
both
a
long-form
discussion,
emails
or
message
boards
and
a
real-time
chat
forum
is
incredibly
valuable.
It
augments
the
the
synchronicity
of
these
Zoom
meetings
with
a
way
a
place
for
us
all
to
sort
of
Converse
and
share
thoughts
over
time.
J
D
B
That
it
is
very
often
useful
to
be
able
to
go
back
and
reference
things
read
things
that
happened
both
from
a
community
standpoint
of
like
gosh.
There
was
this
really
cool
conversation,
I
was
having
with
Josh
I
think
it
was
about
three
months
ago,
on
this
topic,
Let
me
refresh
my
memory
and
from
the
moderation
perspective,
we
are
not
a
large
enough
Community,
yet
we
haven't,
as
far
as
I'm
aware
had
you
know,
contentious
code
of
conduct,
style
issues,
but
from
a
moderation
standpoint
in
bigger
communities.
That
archive
is
important.
B
D
That's
fair
I
mean
I
I
like
to
always
say
that
the
slack
not
keeping
messages
is
a
featured
because
it
theoretically
makes
us
write
things
down,
but
like
that's
only
a
theory,
because
we've
all
seen
how
well
that
works,
yeah
but
yeah
I
mean
I
I.
Think
the
challenge
we're
going
to
see
with
this
one
is
you're
going
to
get
people
on
every
Side
of
Everything.
Can
we.
G
The
conversations
with
slack
are
very
personality,
driven
and
very
much
dependent
upon
the
right
person
as
on
one
side
asking
the
right
person
on
the
other
side,
which
is
pretty
fragile
when
you
think
about
how
often
people
change
organizations,
and
so
I
worry
that
in
good
faith,
it'd
be
hard
for
me
to
base
a
decisional
or
or
critical
infrastructure
upon
I
mean
I.
Guess
we
do
all
the
time
anyways
but
like
on
on
the
back
of
a
relationship
that
could
change
without
much
recourse,
and
you
know
yeah,
it's
it's
it's
it's!
B
G
B
Of
the
issues
that
I
I've
been
chatting
with
folks
about
for
a
while
and
sort
of
casually
is
accessibility
and
welcomingness
of
our
community.
How
does
a
new
party
interested
in
contributing
find
out
where
to
go
where
to
contribute
diagram?
Society
is
a
huge
effort
in
that
in
that
direction.
Github
discussions
are
not
good
for
that
they're
siled
into
each
repo,
and
so
someone
who's
like
who's
heard
of
the
open,
ssf
and
wants
to
come
contribute
they'd
have
to
figure
out
which
particular
repo
to
go.
Look
in
for
a
discussion,
as
opposed
to
slack.
B
They
can
just
hop
on
slack
and
start
chatting
with
people
in
the
community
and
find
a
welcoming
voice
to
help
them
get
oriented
and
land
somewhere
that
onboarding
experience
has
been
crucial
to
Growing
the
communities
in
openstack
in
kubernetes
in
a
lot
of
other
projects,
and-
and
we
don't
really
do
too
much
there,
but
we
could
do
more
and
slack
or
something
like
it
is
really
key
to
that.
Onboarding.
D
Can
can
I
I
feel
like
there's
two
conversations
happening
here.
There's
the
I
feel
like
one
side
is
saying
we
shouldn't
use
slack
in
another
size,
saying
we
should
just
pay
for
Slack
I,
don't
think
anyone
suggests
we
should
not
have
slack
right
just
just
that
we're
on
the
free
one.
Now
we
don't
have
the
old
stuff
and
I
also
suspect
that
a
new
person
showing
up
isn't
going
to
scroll
back
so
I
mean
they
might
but,
like
generally
speaking,
I
suspect
like
a
couple
weeks.
Max
is
what
we're
going
to
look
at
so.
D
M
M
B
Yeah
I
like
that
and
my
concern
is,
like
you
said:
the
attack
isn't
everywhere.
Neither
are
the
staff
we
don't
really
have
a
moderation
team
right
kubernetes,
for
example,
has
a
dedicated
moderation
team
for
all
of
their
their
official
spaces.
I
worked
with
them
for
a
while.
It's
a
much
it's
like
tourism
attitude,
larger
Community
granted,
but
imagine
a
situation
where,
35
days
later,
someone
in
a
working
group
says
Hey
I
was
on
vacation
for
a
week.
B
I,
don't
remember
this
decision
ever
being
made
and
the
lead
failed
to
Archive
it
or
copy
it
somewhere.
There's
now,
no
longer
a
record
for
anyone
to
go
review.
How
decision
was
made
that
kind
of
a
lack
of
transparency,
lack
of
accountability
might
be
in
one
person's
side.
Just
a
small
mistake:
oops
I
was
busy
and
forgot
on.
The
other
side
suddenly
leads
to
a
loss
of
trust
and
faith
in
the
working
group
leader
I've
seen
that
situation
arise
more
times
than
I
can
count
in
other
orgs
and
even
back
in
the
openstack
days.
B
A
decade
ago,
we
added
a
an
IRC
chat
bot
to
every
single
official
room,
hundreds
of
them
simply
to
archive
all
of
that,
so
the
attack
equivalent,
when
called
upon
to
step
in
and
mediate
a
process
like
that
go
well,
okay,
who
who
actually
messed
up
here?
What
should
we
do?
Who's
right
had
a
reference
to
go
back
to
so
I
I.
Don't
think
we
have
that
problem
today,
but
I've
seen
it
in
every
Community
as
they
grow
and
I
I'd
love
to
set
us
up
for
Success.
There
bless.
G
A
quick
comment
and
a
quick
proposal:
I
want
to
speak
up
for
the
value
of
forgetting
I.
Remember
when
the
Usenet
message
archives
became
searchable
by
Google
in
the
early
it
was
early
2000s
and
you
could
go
and
find
all
sorts
of
silly
posts
of
mine
from
the
early
90s
on
completely
on
news
groups
that
I
had
no
business
being
posting
to
it,
but
but
it
was
on
a
presumption
that
you
know
messages
were
somewhat
ephemeral
and
I
think
actually,
especially
for
people
who
are
newbies
to
a
community.
G
The
idea
that
these
messages
aren't
going
to
go
down
on
their
permanent
record
is
actually
a
positive
thing.
Many
of
us
are
Old-Timers
who
don't
have
any
problem
being
fools
in
public,
but
a
lot
of
other
people
tend
to
so
yeah
I
think
I.
Think
there's
actually
a
you
know
a
welcoming
thing
about
slack
being
you
know,
having
that
cut
off
at
90.
B
G
True,
that's
true,
so
so
I
think
that
gets
to
my
second
point,
which
is
we
can
document
what
it
sounds
like
is
the
consensus
on
this
call,
which
is
slack,
has
its
place.
Real-Time
Communications
has
its
place.
Slack
has
its
place,
here's
how
to
use
slack
to
to
get
the
most
out
of
it
and
and
and
here's
when
you
want
to
move
those
conversations,
those
topics
to
a
pull
request
or
a
GitHub
issue
or
or
to
craft
a
document.
G
I
I'd
offer
us
on
the
staff
side
being
willing
to
draft
a
paragraph
or
two
that
captures
this
to
try
to
take
this
off
of
everyone
else
has
been
Z
plates
and
then
you
can
bring
it
back
here
for
discussion
and
approval,
but
but
I
think.
If
we
do
that,
then
I
think
we'll
steer
folks
in
the
right
direction.
So
I
don't
know
how
folks
feel
about
that,
or
somebody
else
wants
to
volunteer
to
write
that
feel
free.
E
N
Yeah
I
just
I
mean
that
so
I
created
the
issue
against
attack
repository
just
from
the
conversations
that
I
saw
with
some
of
the
general
population
about
you
know,
should,
should
the
ossf
be
paying
for
slack,
the
the
I
think.
The
thing
that
just
needs
to
be
considered
here
is
there's
the
policies
of
how
you
should
be
using
slack
and
then
how
it
actually
ends
up
getting
used
in
the
real
world
and
trying
to
differentiate
those
two
things
and
to
what
I'm
trying
to
say
here
is
like.
N
We
should
be
realistic
about
sure
we
can
put
these
policies
in
place,
but
if,
if
slack
has
already
got
this
place
in
the
community,
that's
that's
been
created.
Do
we
want
to
try
to
force
that
or
do
we
want
to,
let
that
be
as
it
is
or
find
another
you
you
did
about.
You
did
a
bunch
of
digging
and
pull
a
bunch
of
statistic,
statistics
about
Slack's,
current
usage
for
anybody
who
hasn't
seen
that
do
you
want
to
quickly
share
those
stats
with
the
group
here?
I,
don't
have
it
up
myself
sure.
B
I
linked
it
in
the
in
the
GitHub
issue,
it's
I
think,
second
from
the
bottom.
The
short
version
is
on
our
mailing
lists.
There
are
approximately
1
500
accounts
active
most
mailing
lists,
other
than
announce
have
less
than
100
subscribers
on
each
list
and
very
little
activity.
The
tack
list
has
less
than
700
messages
in
its
entire
lifespan.
B
By
contrast,
slack
is
incredibly
active
out
of
2
000
total
accounts
a
little
more
than
the
mailing
list.
We
actually
have
about
three-fifths
two
two-fifths
about
700
weekly,
active
members
in
any
given
week
about
a
hundred
thousand
messages
sent
total
in
the
lifetime
of
that
slack
instance,
and
about
75
percent
of
those
are
in
non-public
channels
which
could
be
DMS.
It
could
be
private
channels.
B
So
it's
it's
a
very
active
place
where
our
community
spends
time
connecting
with
each
other
talking
about
stuff
relevant
to
this
Mission
I
I
do
think
we
have
to
have
something
like
that
for
real-time
communication.
I,
ask
folks
in
the
chat
right
now
and
zoom
chat
are
mentioning.
Switching
costs
are
high
I
unless
there
were
a
strong
reason
to
switch.
B
For
example,
if
the
Linens
Foundation
said
hey
we're
going
to
host
a
thing
like
rocket
chat
or
element
or
something
that
would
be
a
compelling
enough
reason,
I
would
Advocate
to
make
a
switch,
otherwise
I
personally
I,
like
Discord
I,
think
it's
terrible
for
work
and
so
I,
don't
think.
There's
a
benefit
to
us
which
an
off
of
slack
I,
think
it
really
is
a
discussion
of.
B
Do
we
value
the
archival
nature
of
slacks
messages
over
the
the
sort
of
real-time
ephemerality
of
it,
with
the
recognition
that
it's
never
actually
ephemeral
right.
If,
if
ephemerality
is
a
core
value
that
folks
want
to
place
in
the
chat
system,
then
we
should
provide
a
stronger
guarantee
of
that
ephemerality
and
slack
does
not
do
that.
N
G
Around
20
I'm
sorry
240
220
people
in
a
given
week.
Right-
and
you
know
it
scales
up
linearly
with
numbers
of
users.
So
if
we
accidentally
start
doing
something
really
important
and
have
10
times
the
number
of
users,
then
we
kind
of
are
trapped
into
paying.
You
know
a
much
larger
fee
without
because
switching
costs
are
so
high
and.
O
I
just
wanted
to
raise
the
possibility.
I
mean
there
seems
to
be
like
an
artificial
dichotomy
that
we
asked
slack
for
some,
given
the
purpose
of
open
ssf
that
this
sort
of
an
in-kind
contribution,
or
at
least
partial
discount
I,
mean
I,
mean
I,
understand
what
the
commercial
price
is.
But
has
anybody
actually
asked
them
if
they
would
be
willing
to
discount
it
for
this
purpose,.