Jay White
Jay White
+1 This is an excellent way to get all the benefits of both SLSA and S2C2F. I've been pushing this from the start.
A page for security and compliance, and perhaps privacy engineers or a separate page for each would work here. A "SLSA for" page would be great to have. This, along...
I think more about optics and who will bear the responsibility of maintaining account and record of issued labs and their disposition. Jay White (He/Him) Security Principal Program Manager Azure...
Will the funding go to 1 or all of the "consultants"? Isn't Seth Larsen an LF employee? If so, is this a conflict of interest? Why does this work require...
We'll add more context today. Jay Get Outlook for Android ________________________________ From: CRob ***@***.***> Sent: Friday, May 17, 2024 5:51:39 AM To: ossf/tac ***@***.***> Cc: Mention ***@***.***>; Author ***@***.***> Subject:...
3k-5k. 4k was in case the number had to be static. Get Outlook for Android ________________________________ From: CRob ***@***.***> Sent: Thursday, June 6, 2024 6:48:26 AM To: ossf/tac ***@***.***> Cc:...
@hepwori @meder @tombedfordgit @bureado @adriandiglio Please see the reformatted S2C2F to fit SLSA tone and methodology for SLSA Dependency Track. Included are comments meant as discussion points. This is a...
What happens if during the research process there's a finding that sigstore may not be the best option? I'm not saying it isn't just asking since the front part of...
I'm supportive. I'd like staff to give us an idea of budget and constraints, if any, prior to voting. What would need to be dropped, etc?
Approve pending no concerns from license review Get Outlook for Android ________________________________ From: Amanda L Martin ***@***.***> Sent: Wednesday, July 31, 2024 7:24:09 AM To: ossf/tac ***@***.***> Cc: Jay White...