►
From YouTube: OpenSSF TAC Working Session Process Docs (April 8, 2022)
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
B
Flattery
will
not
help
my
memory.
Sadly,
so,
actually
let
me
do
the
quick
summary.
We
are
reviewing
the
this
text
proposal,
which
is,
I
I
think,
has
a
lot
go
going
for
it.
There
were.
We
had
a
couple
quick
comments.
One
of
them
was
that
we
need
to
make
it
clear
that
creating
a
new
project
involves
approval
by
the
working
group
if
it's
within
the
working
group
and
then
acceptance
by
the
time.
B
The
next
comment-
I
I
think
that
I
can't
remember,
I
think
it
was
bob-
was
we
need
to
make
it
clear
why
something
was
it
within
a
working
group
rather
than
its
own
thing.
What
I
proposed
is
building
on
what
seems
to
have
kind
of
happened
in
practice.
Anyway,
projects
usually
hap
are
created
within
working
groups
that
enables
us
to
have
various
related
projects,
work
together
and
try
to
reduce
some
dupl
unnecessary
duplication.
B
You
know
tend
to
have
you
know
their
own
funding
line
and
in
fact,
often
have
like
their
own
governing
boards
and
so
on
that,
basically,
that
has
to
be
pretty
large
for
it
to
justify
it
being
under
the
attack
you.
Nobody
else
needs
to
agree
with
me,
but
that
was
my
my
pitch
for
for
how
to
think
of
that.
C
Here
to
say
that
I
think
what
david
described
is
a
good
ideal
state.
Certainly
what
what
I
know
some
folks
would
like.
C
Historical
reasons,
among
other
reasons,
some
projects
aren't
in
that
state
today
and
might
not
go
towards
that
state
quickly,
maybe
over
time,
but
I
I
don't
think
it's
a
priority
to
try
and
move
projects
into
a
working
group,
necessarily
though
some
might
want
to
and
and
there's
a
division
in
the
documentation
that
I
would
love
to
see,
which
is
a
description
of
here's,
our
intent,
our
desired
structure
and
here's
the
reality
that
we
have
some
projects
that
are
working
a
little
differently
right
now.
A
Just
on
that,
because
sahindra
and
I
don't
have
the
history
of
the
existing
structure,
if
somebody
could
help
us
out
with
that,
that
would
be
a
big
help,
and
the
second
thing
I
was
thinking
of,
I
think
we
do
need
to
instead
of
having
generic
project
that's
under
a
working
group,
and
then
we
have
the
the
larger
project
that
david
was
talking
about.
I
think
for
clarification.
We
should
give
those
separate
names
of
some
sort.
B
I
have
a
diagram
of
the
open,
ssf
org
chart.
If
you
would
like
me
to
share
that
briefly,.
C
I
would
love
to
see
that
org,
as
in
the
people
or
org,
is
in
the
projects
or
can
mean
multiple
things.
C
C
C
B
B
Now,
like
all
like
all
models,
it
necessarily
omits
things.
The.
E
C
B
C
B
Yeah,
I
actually.
B
Thank
you.
I
copied
this
into
the
open,
ssf
membership
slides,
so
people
who
show
up
and
are
interested
in
new
members
are
going
to
suddenly
see
this
thing,
but
I
I
do
agree
that
maybe
this
would
be
this
or
something
like
this
would
be
a
good
thing
within
the
yeah
open,
ssf.
C
Long
term
I've
seen
plenty
of
other
organizations,
including
kubernetes
and
openstack
embed
their
organizational
structure
like
this
in
human
readable
and
machine
readable
files,
so
that
they
can
both
render
a
diagram
like
this.
For
you
know
the
the
community
guide
or
landing
page
and
have
the
updates
to
it
tracked
in
commit
history.
B
Having
just
created
this
slide
two
days
ago,
I
haven't
worked
that
far
ahead.
E
E
C
C
Yeah
yeah,
I
understand
at
a
at
a
higher
level
right:
the
committees
don't
report
to
the
attack,
and
so
we're
focused
in
the
tack
repo
on
modeling
everything
under
the
attack.
I
would
still
love
to
see
that
list
of
committees,
somewhere
in
the
open,
ssf,
github
and
governance,
documentation
that
this
is
the
overall
picture
of
the
org.
I
think
that's
very
helpful
for
folks
and
now
kubernetes
has
the
same
thing
for
them
it's
in
the
community
repo.
C
So
maybe
this
is
a
good
and
quick
segue.
Since
I
guess
a
couple
weeks
ago,
jori
and
I
had
created
a
slash,
open,
ssf
community
repo
and
my
my
thinking
there
was
based
on
how
other
again
other
foundations
structure
these
different
repos,
that
the
tac
repo
focuses
on
tac
process.
C
So
project
review
project
life
cycle
that
sort
of
stuff
that
a
lot
of
this
is
and
the
overall
community
structure
gets
copied
into
or
moved
into,
the
community
report
and
that's
sort
of
the
the
entry
point
for
new
members
of
the
community
send
them
to
the
community
page
if
they
want
to
come
work
in
the
tax
and
the
tax
page.
A
Yeah,
I've
seen
that
before
so
and
it
does
help
navigate
things
a
little
bit
easier.
B
Yeah,
I
I
do
think
for
this
particular
thing.
If
it's
going
to
be
shared,
it
might
even
be
useful
to
post
it
on
the
website
itself
and
then
make
sure
that
that's
generated
from
you
know,
there's
a
ghetto
repo.
It
generates
it,
and
then
you
can
see
the
the
figure
for
foreign
chart
so
haven't
thought
that
far
ahead,
that's
got
to
be
something
somebody
solved
before.
A
I
just
want
to
kind
of
bring
this
back
to
the
the
document
that
sahinder
and
I
have
been
working
on
just
to
help
move
that
along
do
we
need
to,
like,
I
said,
give
a
different
name
to
the
project.
That's
underneath
the
working
group
first
is
a
large
like
six
store
would
be.
Six-Four
is
a
bad
example,
because
it's
a
sif,
but
something
like
that.
B
To
be
honest,
all
of
the
top-level
projects
are
also
called
special
initiative
funds
they're
all
like
this
they're
they're.
You
know
they
have
their
own
budget
item.
They
often
have
their
own
internal
structure.
A
C
C
A
E
E
C
Maybe
we
need
to
capture
that
a
lot
of
what
we're
uncovering
right
now-
and
this
is
exactly
what
I
was
hoping
to
get
to
do-
is
the
reality
today
is
everything's
kind
of
chaotic
and
we
need
to
put
more
structure
in
place
and
so
writing
down
simultaneously.
Here's
what
we
want
to
see
and
here's
where
we
are,
let's
just
chart
a
course
between
the
two:
that's
the
struggle
we're
facing
as
attack
right
now
is,
is
you
know
not
knowing
where
we're
starting
from
and
where
we're
going?
E
I
understand,
I
think
it's
a
big
club,
but
but
so
the
question
to
me
is,
I
mean
you
know,
is
the
intent
to
cut
capture
what's
being
done
today
as
much
as
possible
without
changing
it,
and
I
I
mean
my
assumption
is
unless
we
have
a
good
reason
to
say
no,
this
is
broken.
We
need
to
change
it,
we're
just
going
to
try
to
basically
define
what
we
have.
C
G
Yeah,
I
would,
I
would
agree
with
that,
I
think,
documenting
what
we
have
is
just
a
prereq
to
being
able
to
articulate
where
we're
going
so
plus
one
to
what
ava
said.
I
still
think
the
questions
are
on.
What
do
we
want
the
ultimate
design
to
look
like
what
are
the
gives
and
gets
and
answering
the
question
around
like:
why
should
project
become
a
top-level
project
versus
be
underneath
the
working
group?
G
What
would
actually
be
more
beneficial
to
help
to
nurture
the
success
of
that
community,
and
is
there
an
implication
in
terms
of
financial
support
or
marketing
support
that
reporting
direct
to
the
tax
like
it's
that?
If,
if
steve
you
were
to
ask
me,
the
question
of
like
can
attack
recommend
what
the
ideal
process
is.
This
is
what
we
want
to
see
our
project
and
our
community
become
right.
D
G
No
strategy,
there's
no
vision.
So
to
me,
we
can
play
around
with
org
charts
and
dotted
lines
and
things
like
that,
but
at
the
end
of
the
day
it
still
kind
of
comes
back
to
how
do
we
most
effectively
like
what
are
the
goals
we
want
to
set
for
projects?
How
will
this
this
structure
help
to
facilitate
allowing
working
groups
and
projects
to
achieve
those
goals
and.
A
I'ma
jump
in
here
real
quick,
because
I
gotta
leave
in
a
few
minutes.
I
would
say
that
if
we
just
keep
in
the
back
of
our
mind
that
this
is
an
evolving
process
and
that
maybe
two
weeks
from
now,
we
have
a
whole
different
direction
than
we
do
today
that
we
just
kind
of
take
it
one
step
at
a
time
and
and
try
to
march
closer
to
something
that
can
be
used
like
by
persia
to
get
into
the
open
ssf.
G
G
E
E
H
G
G
D
B
I
Yeah,
well
so
bob
just
said,
you
know
so
much
of
what
I
would
have
said.
So
let
me,
instead
of
repeating
bob
suggests
that
one
of
the
things
that
that
we
can
do
is
start
to
itemize
like
here,
are
the
things
that
the
foundation
is
providing
for
the
working
groups
and
for
the
the
the
work
streams,
I'll
call
them
underneath
the
work
working
groups,
and
so
that
we
can
start
to
paint
a
little
bit
of
that
picture.
I
What
the
the
get
gives
are,
as
opposed
to
to
the
the
projects,
would
that
be
helpful
as
part
of
this
exercise.
E
C
Just
trying
to
make
sure
you,
I
know
what
you're
talking
about.
I
I
have
one
more
layer
to
add
in
the
in
the
current
draft
of
this
projects
and
working
groups
both
follow
the
same
stages,
but
what
does
it
mean
to
have
a
project
at
a
different
stage
than
the
working
group?
It's
nested
under.
C
B
Yeah,
so
I
was
gonna
plus
one
on
bob
bob's.
Basically,
structures
should
support
the
goal,
not
the
other
way
around.
I
I'll,
I
suspect
numbers
have
heard
about
chesterton's
fence.
You
know,
don't
change
something
until
you
understand
why
it's.
It
is
the
way
it
is.
That
doesn't
mean
that
we
can't
change
it
or
shouldn't
change
it.
I
I
think
there
are
things
that
need
changing,
but
it's
always
good
to
know
why
it
was
why
something
was
done.
B
The
way
it
was
first
because
to
get
back
to
the
let's
make
a
structure
so
that
we
get
the
jobs
done
yeah.
As
far
as
the
you
know,
sub-working
groups,
and
so
on.
You
know,
you
know
if
hey,
if
that
helps
sure
whatever,
but
as
long
as
we
get
to
solve
solving
the
problems,
that's
what
we
really
need
to
go
and
to
answer
the
particular
point
about
do
what
does
it
mean
that
a
project
has
a
higher
level
than
the
working?
B
C
Here's
what
I,
what
I
what
I
mean
or
what
I
see
the
complexity
there
david
as
we
start
defining
what
are
the
gives
and
gets
what
benefits
and
anybody
receives
from
marketing
or
infrastructure,
support
or
lf
staff
support.
If
the
project
nested
under
a
working
group
is
expecting
to
get
a
level
of
support
that
their
host
working
group
is
not
going
to
receive
that's
going
to
create
awkwardness
in
management
and
possibly
some
real
challenges.
B
C
C
E
E
And,
and
for
that
matter
we
have
already
a
pro
working
group
life
cycle.
I
put
the
url
in
the
chat
we
do
and
and
it's
very
simple,
but
I
think
it
actually
does
the
job.
C
Also
have
separate
life
cycle
and
separate
criteria
for
them,
though,
though
they
don't
nest
projects
under
working
groups.
For
quite
this
reason,
right,
a
working
group
might
support
one
or
many
projects,
but
doesn't
own
it.
The
tax
still
owns
that
oversight
in
that
relationship
and,
ultimately,
the
graduation
review
or
the
the
level
review
of
a
project
is
a
tax
responsibility,
not
a
working
group
responsibility
and
it
has
budgetary
ramifications
for
the
organization
within
the
cncf.
C
When
a
project
reaches
certain
maturity
levels,
it
is
granted
time
and
space
at
a
conference,
so
staff
and
facilities
requirements
and
budget.
It
is
granted
ci
infrastructure
spend
to
support
that
project's
testing,
that
incubating
projects
or
sorry
sandbox
products
don't
get
that
so
there
are
real
costs
associated
with
moving
a
project
up
those
levels
that
are
not
the
same.
When
a
working
group
moves
up
those
levels.
E
I
I
agree,
and
for
that
matter
we
have
similar
structuring
hyperledger
I
mean
and
there's
one
thing
we
haven't
really
talked
about
is
what
is
fundamentally
the
difference
between
a
working
group
and
a
project.
To
me,
a
project
is
about
code.
It's
some
kind
of
you
know,
code
development
effort.
While
a
working
group
is
not
directly,
it
might
be
indirectly
through
some
projects,
but
the
working
group
might
be
doing
documentation.
E
You
know
like
we,
we
have
like
the
the
the
vulnerability
disclosure
guide,
for
instance,
which
is
great,
and
that's
done
by
working
group,
makes
perfect
sense
to
me.
That's
where
I
see
the
difference,
and
maybe
others
see
it
differently,
but
that's
how
I
see
it
so
wait.
We
have
people
on
the
queue
david.
Are
you
still
there
in
the
queue
I
just
had.
G
Yeah,
I
think
the
the
other
point
I
would
make
is
that
it
starts
to
go
back
towards
the
special
interest
fund
thing,
but
I
want
to
call
it
out
in
that
with
scorecards
with
sig
store,
we
are
actually
offering
community-run
services
as
part
of
these
projects
that,
in
some
sense
you
could
think
of
them
as
extensions
of
things
like
ci
and
whatnot,
but
they're
actually
public
hosted
things
that
actually
run
today
with
you
know
effectively
no
sla
right,
but
in
terms
of
when
we
think
about
the
gives
and
gets
of
of
what
is
underneath
the
open,
ssf
banner
one
of
the
major
motivations
for
sync
store
to
come
in
under
the
bottle
of
an
sif
was
we
knew
we
were
going
to
have
operational
costs
that
were
associated
with
that,
and
so
that
led
us
down
more
the
financial
path.
G
D
Yeah,
I
I
had
just
a
question
around
the
way:
ayu
referred
to
talk
and
working
group
and
funds,
so
I
I
noticed
that
in
cncf
it
is
referred
to
as
stock
technical
oversight
committee,
while
at
openssf
it
is
referred
to
as
technical
advisory
committee
and
when,
when
I
read
those
words,
I
I
I
imagined
that
in
in
openssf
it
would
be
more
loosely
administered
or
there
will
be
more
loser
process
around
how
projects
find
the
resources
that
they
need
to
succeed
versus.
D
I-
and
I
I
heard
some-
you
know
side
conversations
about
oversight
versus
advisory.
So
am
I
understanding
it
correctly
when
we
refer
to
the
technical
advisory
in
in
open
ssf,
where
the
tag
actually
helps
projects
in
areas
that
they
might
be
struggling
instead
of
having
a
deeper
oversight
on
them.
C
The
one
hand,
I
think,
we're
still
feeling
our
way
through
that
to
to
you
know
comments.
Others
have
made
so
far.
This
is
all
evolving
and
we
are
collectively
right
now
helping
to
evolve
that
historically,
I
think
your
understanding
is
correct,
that
it
was
a
pretty
loosely
run.
C
Projects
show
up
and
do
some
stuff,
and
that
has
resulted
in
a
lot
of
the
struggles
and
challenges
that
the
persia
team
is
currently
facing,
and
the
latest
in
a
line
of
projects
that
have
run
to
the
same
question
of
what
exactly
do
we
get
and
how
is
this
governed,
and
where
do
we
go
when
we
have
questions
to
be
able
to
answer
that
and
help
the
organization
become
stable
and
sustainable
and
predictable
to
work
with
for
projects
or
companies
want
to
contribute
projects?
B
Yeah,
so
let
me
put
a
minus
one
on
the
notice
on
the
statement
that
a
project
is
something
that
generates
code,
that
isn't
how
we've
been
doing
things
and,
more
importantly,
I
don't
think
it
should
be.
I
I
I
can't
I
I
can't
count
and
listen
to
everybody
at
the
same
time,
but
I
just
pulled
up
a
slide
of
all
the
projects
that
are
going
on
with
it
in
the
open
ssf.
Maybe
I
should
share
this
one
thing.
B
This
thing
too
sure
screen
all
right,
so
you
can
see
what
I'm
looking
at.
So
this
is
a
slide
that
attempts
to
list
for
each
of
the
working
groups
a
you
know,
all
the
projects
within
them.
B
There
may
be
a
few
things
that's
missing
here,
but
I
think
around
half
and
I
suspect
more
than
half
are
not
code
projects,
so
we've
got
and
it's
because
of
the
kind
of
foundation
the
openssafe
is
so
many
of
the
things
aren't
code,
but
they're
documents
and
specs
and
guidelines
and
courses,
and
things
like
that.
C
So
I
would
like
to
propose
that
we
we
do
if
we
have
to
use
a
different
word
to
describe
the
other
things
and
go
do
a
little
bit
of
cleanup
part
of
the
reason
I
would
propose
that
and
subject
to
change.
My
mind
can
be
changed
on
this
compatibility
and
sort
of
ease
of
folks
working
across
foundations.
C
Right
folks,
who
are
used
to
working
in
a
bunch
of
other
linux
foundation,
environments
will
see
a
github
repo
and
a
thing
called
a
project
and
assume
there's
code.
That
is
part
of
the
deliverables.
Maybe
it's
a
library,
maybe
it's
samples.
Maybe
it's
test
tests
or
something,
but
it's
still
there's
a
there's.
A
code
deliverable
that
a
project
owns
and
products
also
own
documentation.
B
In
what
what
do
you
call
the
work,
efforts
to
write,
specs.
B
C
Yeah
yeah,
so
if
you
know
something
like
salsa
or
whether
it's
a
goal
to
produce
a
set
of
documentation
and
guidelines
to
be
broadly
consumed
in
the
cncf
terms,
that
would
be
a
working
group
and
it's
it's
time
bounded.
C
You
know
the
charter
to
spend
x
amount
of
time
to
make
this
publication
and
then
quite
likely
extend
it
because
it's
not
over,
you
know
just
publish
once,
but
they
have
a
clear
goal
and
the
goal
isn't
make
code.
It's
do
the
study,
publish
this
thing,
perform
a
security
audit,
something
like
that
and
it's
just
a
logical
distinction
between
what
owns
code
and
what
groups
are
delivering
a
non-code,
valuable
output.
E
C
In
the
original
kubernetes
formulation,
they
were
cigs
were,
and
we
don't
have
to
copy
that.
But
in.
H
B
Sense,
because,
for
most
of
this
stuff,
as
soon
as
you
release
something
you're
gonna
have
a
new
release.
That's
true
for
code!
It's
also
true
for
docs.
C
Yep-
that's
that's
true,
so
I'm
not
attached
to
the
time-boundedness
of
it,
but
I
do
think
it's
valuable
to
have
a
a
moniker
that
distinguishes
between
operational
services
and
a
group
that
owns
the
operational
service,
a
project
or
a
body
that
is
delivering
primarily
code
of
some
form
and
a
body
that
is
delivering
non-code
things
like
documentation,
guidance,
security
audits,
stuff.
Like
that.
B
I
am
not
I'm
not
convinced
that
we
need
another
term,
but
you
know
I
mean
if
that's
just
a
word
thing
we,
the
trick
will
be
finding
another
word
because
non-code
is
a.
B
B
We
already
have
working
groups-
that's
that's!
That's
probably
not
going
to
help.
D
C
B
Let's
see
here,
let's
see,
who
is
that
shared
to
anyone
with
the
link?
I
don't
see
any
reason.
You
know
what
I
guess.
I
don't
even
mean
you're
the
attack.
I'm
gonna
send
that
to
you,
I
assume
it's
fine,
but
I'm
gonna
send
it
the
link
to
you
directly
and
I'll.
D
B
Check
for
brian,
I
don't
see
why
there's
nothing
particularly
secretive
about
this.
We
share
it
to
anybody
who's
thinking
about
possibly
joining
the
open
ssf.
It's
our
it's!
The
standard,
hey
you're,
thinking
about
joining
the
open
ssf,
but
you
want
to
know
more
here's
the
deck
deck
so.
I
That
should
be
a
public
and
a
public
document.
Mike
actually
question
is,
if
it's
in,
let
me
double
check
before
you
do
send
that.
B
B
C
Understand
I
would,
I
would
expect
this
to
be
public
because
I'm
skimming
it.
The
only
question
would
be:
it
has
the
cost
structure
for
membership,
but
that
should
also
be
public.
As
I
understand
it,
I
believe.
B
E
C
F
Thanks
all
right,
so
somebody
who's
brand
new
right
brand
spanking
talking
about
like
newborn
babies
still
in
diapers
trying
to
try
trying
to
trying
to
trying
to
figure
this
whole
thing
out.
What
I
saw
earlier
were
a
couple
of
diagrams
that
I
thought
were
were
pretty
good.
Put
me
in
the
ballpark
until
we
started
asking
questions.
So
I'm
about
to
ask
a
couple
of
you
know,
really,
you
know
pretty
basic
questions
and
please,
if
it's,
if
it's
somewhere,
that
I
haven't
looked
yet
and
say:
no
look
over
here!
F
It's
right
here,
so
I
can
get
caught
up.
Tell
me
it's
right
there
somewhere.
Where
are
the
definitions
of
what
a
working
group
is
per
openness
itself,
we're
trying
to
define
that
right
now,
you're
in
the
right
meeting,
we're
working.
F
F
F
Or,
or
do
you
want
them
right?
Do
we
want
to
clear
right-
and
somebody
says:
oh
crap,
okay,
let's
go
back
so
now,
they're,
making
a
chocolate
frosted
cover,
bear
claw
for
the
coffee,
and
somebody
says
who
wants
a
chocolate
covered
bread.
What
if
we
want
to
don't
know
what
sprinkles?
That's
that's
a
lot.
I
I
like
I
said,
I'm
I'm
brand
spanking
new
to
me.
It's
a
lot.
C
You
know
so
I
I've
had
my
first
ever
gluten-free
queso
in
new
york.
I'm
sorry
in
dc
a
couple
weeks
ago.
It's
amazing
I
haven't
had
a
croissant
in
almost
a
decade.
Jay
you've
made
us
all
hungry.
Now.
Thank
you
for
that.
I'm
looking
forward
to
the
end
of
this
meeting,
so
I
can
go
get
some
some
food.
Maybe
a
bear
claw,
because.
C
Right
now,
but
I
wanna
we,
we,
I
wanna
last
couple
of
minutes
to
wrap
something
up
in
the
conversation,
but
to
your
point
jay.
I
think
a
bunch
of
us
have
used
the
analogy
of
we're
building
a
ship
while
we're
sailing
and
we're
trying
not
to
sink
in
the
process
right.
There
are
leaks,
but
also
the
sail
isn't
working
and
we've
got
some
timber
sitting
around
so
we're
trying
to
patch
things
while
also
make
the
ship
more
efficient
at
the
same
time,
and
it
is
a
messy
process.
C
A
couple
of
us
have
sort
of
lived
through
these
trenches
before
the
ccc
went
through
a
very
similar
phase.
Where
we
had.
You
know
several
projects
joined
right
at
the
beginning,
but
we
hadn't
figured
out
what
the
projects
actually
got
from
their
membership
from
from
their
from
their
from
their
being
in
the
foundation
of
the
companies
from
their
membership,
and
so
we're
defining
that
right
now
and
it
is
messy-
and
hopefully
we
don't
end
up
with
a
what's
a
cronut
jory.
I
F
E
And
I
I
think
that's
the
difference
with
other
efforts
similar.
You
know
I've
been
involved
in
before,
like
hyperledger,
we
had
this
effort
going
on.
At
the
same
time,
we
were
growing
the
organization,
while
here
it
has
actually
been
going
on
for
a
while
and
now
we're
saying,
wait,
wait,
wait.
What
are
the
rules
here
and
yeah?
I
agree
with
eva.
We
can't
afford
to
just
say,
stop
everything.
E
C
Are
we're
about
four
years
into
this
chris
robb
or
he's
not
on
this
call,
but
krobe
can
give
anybody
a
much
longer
backstory
in
those
four
years,
and
some
of
the
reason
why
the
boat
launched
before
it
was
in
an
ideal
state
is
the
executive
order
a
couple
years
ago.
That
said,
we
all
need
to
go
solve
some
supply
chain
security
and
all
the
companies
got
together
and
started
to
solve
it.
It's
like
great
we've
got
to
put
this
and
this
and
this
and
this
in
the
in
the
batter.
C
That's
how
we
make
batter
right
and
we
started
making
donuts
before
realizing.
You
know.
Maybe
we
used
the
wrong
kind
of
milk,
we're
supposed
to
use
whole
milk,
not
two
percent
or
something,
and
now
we're
trying
to
like
fit.
You
know
fix
the
batter
a
little
bit.
I'm
totally
mixing
my
metaphors
here.
C
F
C
B
I
mean
today
there
are
specific,
focused
actions
to
generate
code
or
documents
or
servers
or
documents
or
services
or
specifications
and
ava's,
suggesting
that
we
call
them
different
things
and
that's.
Okay.
C
But
we
we
can't
change
the
charter
easily,
so
I
would
and
if,
if
anyone
looks
at
the
oscilloslash
community
repo
in
my
pr
there,
I
did
use
that
set
of
terms.
I
said
technical
initiative,
which
is
how
it's
phrased
in
the
charter
and
I
nested
projects
and
working
groups
under
technical
initiative,
and
I
think
we
can
reflect
that
in
in
the
docs
here
as
well.
Last
couple
of
minutes,
I'd
like
to
ask
everyone
to
sort
of
pause,
take
a
step
back.
I
know
sagendra
you're
out
next
week.
C
If
you
can
open
that,
if
you
can
move
your
pr
onto
the
branch
bob
or
I
can
merge
it
right
away,
awesome
we've
all
just
had
a
a
great.
You
know
two
days
of
talking
about
a
lot
of
ideas
and
how
to
refine
the
documentation.
C
Let's
continue
using
the
slack
channel
and
I'd
say
this
is
what
I'd
like
to
propose.
Everybody
here
go
take
a
crack
at
it.
Try
to
capture
these
ideas
in
prs
against
that
branch
and
ping
bob
or
I
or
anybody
else
who
can
maybe
david
can
to
merge
those
so
that
we
can
iterate
rapidly
against
each
other's
pr's.
Not
have
a
pr
sitting
there
for
a
week
and
duplicating
efforts,
but
the
faster
we
can
merge
them
the
faster
we
can
iterate
as
a
group.
C
I
Question
ava
on
the
the
the
points
bob
was
asking
about
sort
of
like
the
the
benefits
to
working
groups
and
and
projects.
As
david
pointed
out,
we
don't
have
that
like
published
clearly
somewhere,
but
obviously
there's
a
list
of
things
that
we
do.
Where
would
you
like
to
see
that
sort
of
thing
live
because
I'm
not
sure
it
belongs
in
this
pr,
but
maybe
it
does
because
I
don't
know.
C
I
still
think
that
the
organizational
structure
I'd
like
to
see
us
reach
in
terms
of
the
the
documents
here
the
repos
is
the
community
repo
describes
all
of
that
stuff
that
you
were
just
asking
about
jewelry
of
like
what
do
projects
get,
what
do
working
groups
get
from
the
foundation
or
from
the
staff?
How
do
they
work
together
and
the
tack
repo
focuses
much
more
on
the
the
tax
actual
process?
C
What
does
attack
do?
How
does
attack
evaluate
things?
What's
the
cadence
we
expect
from
projects?
What's
the
list
of
projects
on
and
or
sorry
technical
initiatives
under
the
tack,
and
so
I'd
like
to
see
us
divide
them,
but
I
don't
want
to
slow
down
our
current
work.
If
we
have
to,
you
know,
move
some
files
between
repos
later
I'm
okay
with
that.
B
I
think
the
one
advantage
of
being
part
of
a
working
group
is
that
you
can
interact
with
interested
parties
to
discuss
directions
and,
of
course,
the
open
ossf
governing
board
can
choose
to
provide
funding
and
I
think,
that's
easier
to
justify
for
something
that's
within
the
open
ssf.
As
far
as
what
does
the
tac
provide.
C
Having
having
a
description
of
the
benefits
and
the
expectations,
yes,
it's
really
important
to
write
that
down
and
and
for
what
you
have
in
the
powerpoint
to
move
it
out
of
that
powerpoint
and
into
one
of
the
two
github
repos.
It's
also
really
important
so
troy,
since
you
have
a
sense
of
that.
You
want
to
do
it,
go
for
it.
Yes,.
I
I
E
That's
all
right
so
before
we
go,
I
wanted
to
add
something
because
I've
been
trying
to
challenge
my
expectation
with
regard
to
the
projects
versus
working
group
and-
and
I
think
there
is
a
one
reason
we
need
to
have
different
types
of
group,
for
whether
this
is
about
code
or
some
documentation.
Effort
is
because
there
are
certain
things
that
are
very
specific
to
code
projects.
E
Coding
projects,
like
you
know,
security
audits,
I
don't
think
you're
gonna
have
a
security
audit
if
all
you're
doing
is
developing
some
documentation
or
some
specification,
and
so
I
think
the
life
cycle
and
the
criteria
to
move
in
the
different
stage
you
know
are
going
to
be
different
depending
on
the
nature
of
the
work,
then,
whether
it's
developing
documentations
or
code.
E
D
Yeah,
I
had
just
a
comment
on
what
jordy
is
going
to
add,
so
my
only
request
is,
I
can't
keep
in
my
head
whether
process
and
community
are
connected
or
somehow
can
we
surface
it
into
the
process
documentation
as
well,
even
though,
if
you
add
the
gets
and
gives
inside
the
community
area,
so
that
so
that
when
I
have
questions
like
jay,
where
what
is
what
does
it
mean?
I
have
one
place
to
go:
look
at
it
and
understand.
You
know
what
I
get
by
becoming
a
project
or
a
working
group.
G
D
G
D
G
D
Yeah
we
are
trying
to
create
a
case
and
write
down,
write
down
concrete
asks
and
where
the
direction
is
so
we'll
bring
that
thank
you
and
we
are
working
on
it.
Great
thanks.
C
In
here
in
case
folks,
hadn't
seen
it
within
the
confidential
computing
consortium,
we
put
a
bunch
of
work
to
define
those
gives
and
gets
in
this
document
right.
There's
a
there's
lists
of
expectations
that
are
bi-directional
like
what
do
pro?
What
can
projects
expect
to
get
in
return?
So.
B
C
B
To
there
we
go
right
there,
it's
the
tac
tree
version
working
version
process,
the.
C
C
So
if,
for
example,
if
jory
opened
a
pr
about
some
of
the
what
the
products
get
back
from
the
foundation
and
if
david
you
open
one
with
a
list
of
projects,
bob-
and
I
might
just
go
see
both
those
pr's
without
discussion-
just
merge
them
and
and
then
maybe
our
nod
comes
in
two
hours
later
and
see
if
they're,
both
in
there
and
builds
his
change
on
top
of
both.
B
C
B
Got
it
I'm?
I
probably
won't
do
it
today,
because
I'm
rushing
on
updating
the
the
course
I've
got
a
deadline,
but
my
I'm
definitely
interested
in
in
getting
this
resolved.