Re: OCA Project Governance


Jason Keirstead
 

Hi Duncan;
 
I have not forgotten about this email. As you know - we have a lot of open switches around project governance in the OCA.

Despite our best efforts we are having a lot of trouble bringing it to a close. This is also related to our issues fielding the TSC. Despite having the recruitment window open for an extended period and many CTA - including trying to cast a wider net - we did not get any volunteers, not even from OCA sponsors. Without a diverse TSC who has some minimal cycles to organize governance, it is hard to execute.

We are very open to suggestions on how we can both fill some seats in the TSC, and create a more solid governance structure around the projects. 

We have a PGB meeting on Dec 2, and I would suggest this should be the primary focus of the session. I also think we should do individual reach-outs to members to try to encourage attendance in this meeting. 
 
-
Jason Keirstead
Distinguished Engineer, CTO - IBM Security Threat Management
www.ibm.com/security

 
Assistant - Mauricio Durán Cambronero (mauduran@...)
Book a meeting with me - https://calendly.com/jason-keirstead

Co-Chair - Open Cybersecurity Alliance, Project Governing Board
www.opencybersecurityalliance.org
 
 
 

----- Original message -----
From: "sfractal" <duncan@...>
Sent by: oca-pgb@...
To: "oca-pgb@..." <oca-pgb@...>
Cc:
Subject: [EXTERNAL] [oca-pgb] OCA Project Governance
Date: Tue, Nov 16, 2021 1:26 PM
 
PACE is now a new OCA project. It would help me to understand the governance models of the other existing OCA projects and if there are rules or guidance from the OCA PGB on the governance models of new projects. If we use the terms in ‍ ‍ ‍ ZjQcmQRYFpfptBannerStart
This Message Is From an External Sender
This message came from outside your organization.
ZjQcmQRYFpfptBannerEnd
 
PACE is now a new OCA project. It would help me to understand the governance models of the other existing OCA projects and if there are rules or guidance from the OCA PGB on the governance models of new projects. If we use the terms in https://www.redhat.com/en/blog/understanding-open-source-governance-models, what are the existing projects governance models?
 - stix-shifter
 - ontology (btw didn’t we change the name from open-d ontology which is what the OCA website still says), 
  - kestrel, 
  - scapv2 (is this still an active project?)
 
If their governance models are known, are they also documented? If they aren’t known, shouldn’t we decide and document them?
 
Note there are pros and cons to the various models and combinations are allowed.
 
iPhone, iTypo, iApologize
 
Duncan Sparrell
sFractal Consulting, LLC
I welcome VSRE emails. Learn more at http://vsre.info/
 
 


Join oca-pgb@lists.oasis-open-projects.org to automatically receive all group messages.