Date   

FYI: CNCF Annual Report (2018)

Chris Aniszczyk
 

Here's our annual report for last year:



We'll discuss it briefly on tomorrow's TOC call too!

--
Chris Aniszczyk (@cra) | +1-512-961-6719


TOC Agenda 2/5/2019

Chris Aniszczyk
 

Here's the agenda and deck for tomorrow:

- Congrats CoreDNS on CNCF Graduation!
- FYI: CNCF Annual Report
- TOC Election 2019 Results!
- CNCF TOC Seat opens March 2019: https://github.com/cncf/toc/issues/191
- TOC Chair Election: https://github.com/cncf/toc/issues/192
- Diversity (dims)
- CNCF SIGs
- FYI: Summer of Code Call for Ideas: https://github.com/cncf/soc#project-ideas


Re: CNCF SIGs Proposal

Quinton Hoole
 

Yes, although I think that operators themselves will probably also be discussed in most of the SIG’s, as they’re a general-purpose automation mechanism, and may be applied anywhere.
  
So operators for Vitess, Cassandra, etcd  will likely be discussed under SIG-Storage, etc

Here’s a list of some example operators, for those who may not be familiar:


The Operator Framework, API etc will probably be discussed in App Dev, Ops & Testing.


Diane, were you referring to the Operator Framework, or the operators themselves?

Q

From: Diane Mueller-Klingspor <dmueller@...>
Date: Monday, February 4, 2019 at 10:13
To: Quinton Hoole <quinton.hoole@...>
Cc: Brian Grant <briangrant@...>, "cncf-toc@..." <cncf-toc@...>, Erin Boyd <eboyd@...>, Sarah Allen <sarahallen@...>, Bryan Cantrill <bryan@...>, Chris Aniszczyk <caniszczyk@...>, Matt Farina <matt.farina@...>, Alex Chircop <alex.chircop@...>, Alexis Richardson <alexis@...>
Subject: Re: [cncf-toc] CNCF SIGs Proposal


Quinton et al,

Would it be acceptable to add"Operators" to list of areas covered in the App Dev, Ops & Testing - "Area" column? As we get asked a lot which Kubernetes SIG this topic falls into. I know it's not a CNCF project, but it would be good to point people to the SIG where the conversations are happening.

Diane Mueller

On Fri, Feb 1, 2019 at 11:06 AM Quinton Hoole <quinton.hoole@...> wrote:

From: Brian Grant <briangrant@...>
Date: Friday, February 1, 2019 at 07:24
To: Quinton Hoole <quinton.hoole@...>
Cc: "cncf-toc@..." <cncf-toc@...>, Erin Boyd <eboyd@...>, Sarah Allen <sarahallen@...>, Bryan Cantrill <bryan@...>, Chris Aniszczyk <caniszczyk@...>, Matt Farina <matt.farina@...>, Alex Chircop <alex.chircop@...>, Alexis Richardson <alexis@...>
Subject: Re: [cncf-toc] CNCF SIGs Proposal

Thanks for all the work on this. It's much improved. I think the proposed governance model should address concerns with earlier proposals.

What is meant by "high level roadmap of projects within this space"? Usually I associate "roadmap" with a timeline. Landscape? Trailmap? How they fit into a reference architecture?

Quinton> I didn’t write those words, but my own thinking is that it is intended to encompass all of the above, including the timeline angle.  i.e. what this space looks like today (including projects, ref arch, landscape, common trail maps etc) and also how these are changing over time (trends), and how we would like to influence all of this (filling gaps, better integrations, timelines for this), etc.


Nit: I'd put Buildpacks under App Dev, Ops & Testing. 

Quinton> Yes, some of the project allocations were a bit strained, with non-perfect fits.  I agree regarding Buildpacks and have moved it.

Q


On Wed, Jan 30, 2019 at 10:47 PM Quinton Hoole <quinton.hoole@...> wrote:
Greetings to the new TOC

Late last year Alexis kicked off a public discussion regarding forming CNCF SIG’s (initially referred to as Categories).  Since then a few of us have collaborated on soliciting further input, addressing all the comments, and producing a finalish proposal for consideration by the TOC.

Please give it a read and we can decide how to proceed at the next meeting this Tue, Feb 5


Q

From: Alexis Richardson <alexis@...>
Date: Tuesday, January 15, 2019 at 07:58
To: Alex Chircop <alex.chircop@...>
Cc: Erin Boyd <eboyd@...>, Sarah Allen <sarahallen@...>, Bryan Cantrill <bryan@...>, Chris Aniszczyk <caniszczyk@...>, Quinton Hoole <quinton.hoole@...>, Matt Farina <matt.farina@...>
Subject: Re: CNCF TOC SIGs Doc

can you put this link into the main doc as a comment?

On Tue, Jan 15, 2019 at 3:57 PM Alex Chircop <alex.chircop@...> wrote:

Hi Alexis,


Following our initial discussion in Seattle, Quinton and I had a discussion on this.   I captured the notes and applied them to the operating model.   I decided to make a copy of the doc and apply the changes to operating model section only - the current doc is hard to process due to the number of comments.


Here is the amended operating model content: https://docs.google.com/document/d/1ySri5jVrPaJjTJ_tZnDzcc4Xmcm4uKoUrHT6lVO6Pcw/edit#heading=h.6cl6hmsbz9fv


Kind Regards,

Alex





From: Alexis Richardson <alexis@...>
Sent: 09 January 2019 19:36
To: Erin Boyd; Sarah Allen
Cc: Bryan Cantrill; Chris Aniszczyk; Quinton Hoole; Alex Chircop; Matt Farina
Subject: CNCF TOC SIGs Doc
 
hi all

happy 2019!

how's this doc looking?  I daren't look.  can we show the toc an update next week?

a



On Mon, Dec 10, 2018 at 5:35 AM Alexis Richardson <alexis@...> wrote:
+sarah

On Fri, 7 Dec 2018, 13:35 Erin Boyd, <eboyd@...> wrote:
Sounds good.
Please feel free to catch me on Slack.

Erin


On Wed, Dec 5, 2018 at 11:18 PM Alexis Richardson <alexis@...> wrote:
Thank you Erin.  Let's try and sync 1-1 during the week 

On Thu, 6 Dec 2018, 00:42 Erin Boyd, <eboyd@...> wrote:
HI Alexis,
I think I am speaking on a panel at this time.
I can collaborate in the document.
Sorry about that.
Thanks,
Erin


On Tue, Dec 4, 2018 at 11:46 AM Alexis Richardson <alexis@...> wrote:

CNCF TOC meeting re SIGs Doc

meeting to discuss the Categories and SIGs doc
identify and divide up work tasks to clean up draft doc.
eg: we agree a new section plan and each take one section? or something
When
Mon Dec 10, 2018 3:30pm – 4:10pm Mountain Time - Denver
Where
lobby of the Sheraton Grand Seattle (map)
Joining info
meet.google.com/hud-jxti-yvh
Or dial: +1 929-299-3513  PIN: 706587657#
Calendar
eboyd@...
Who
Alexis Richardson - organizer
Matt Farina
Chris Aniszczyk

Going (eboyd@...)?   Yes - Maybe - No    more options »

Invitation from Google Calendar

You are receiving this email at the account eboyd@... because you are subscribed for invitations on calendar eboyd@....

To stop receiving these emails, please log in to https://www.google.com/calendar/ and change your notification settings for this calendar.

Forwarding this invitation could allow any recipient to modify your RSVP response. Learn More.



--
Kind Regards,

Diane Mueller
Director, Community Development
Red Hat OpenShift
@openshiftcommons

We have more in Common than you know, learn more at http://commons.openshift.org


Re: CNCF SIGs Proposal

Diane Mueller
 


Quinton et al,

Would it be acceptable to add"Operators" to list of areas covered in the App Dev, Ops & Testing - "Area" column? As we get asked a lot which Kubernetes SIG this topic falls into. I know it's not a CNCF project, but it would be good to point people to the SIG where the conversations are happening.

Diane Mueller


On Fri, Feb 1, 2019 at 11:06 AM Quinton Hoole <quinton.hoole@...> wrote:

From: Brian Grant <briangrant@...>
Date: Friday, February 1, 2019 at 07:24
To: Quinton Hoole <quinton.hoole@...>
Cc: "cncf-toc@..." <cncf-toc@...>, Erin Boyd <eboyd@...>, Sarah Allen <sarahallen@...>, Bryan Cantrill <bryan@...>, Chris Aniszczyk <caniszczyk@...>, Matt Farina <matt.farina@...>, Alex Chircop <alex.chircop@...>, Alexis Richardson <alexis@...>
Subject: Re: [cncf-toc] CNCF SIGs Proposal

Thanks for all the work on this. It's much improved. I think the proposed governance model should address concerns with earlier proposals.

What is meant by "high level roadmap of projects within this space"? Usually I associate "roadmap" with a timeline. Landscape? Trailmap? How they fit into a reference architecture?

Quinton> I didn’t write those words, but my own thinking is that it is intended to encompass all of the above, including the timeline angle.  i.e. what this space looks like today (including projects, ref arch, landscape, common trail maps etc) and also how these are changing over time (trends), and how we would like to influence all of this (filling gaps, better integrations, timelines for this), etc.


Nit: I'd put Buildpacks under App Dev, Ops & Testing. 

Quinton> Yes, some of the project allocations were a bit strained, with non-perfect fits.  I agree regarding Buildpacks and have moved it.

Q


On Wed, Jan 30, 2019 at 10:47 PM Quinton Hoole <quinton.hoole@...> wrote:
Greetings to the new TOC

Late last year Alexis kicked off a public discussion regarding forming CNCF SIG’s (initially referred to as Categories).  Since then a few of us have collaborated on soliciting further input, addressing all the comments, and producing a finalish proposal for consideration by the TOC.

Please give it a read and we can decide how to proceed at the next meeting this Tue, Feb 5


Q

From: Alexis Richardson <alexis@...>
Date: Tuesday, January 15, 2019 at 07:58
To: Alex Chircop <alex.chircop@...>
Cc: Erin Boyd <eboyd@...>, Sarah Allen <sarahallen@...>, Bryan Cantrill <bryan@...>, Chris Aniszczyk <caniszczyk@...>, Quinton Hoole <quinton.hoole@...>, Matt Farina <matt.farina@...>
Subject: Re: CNCF TOC SIGs Doc

can you put this link into the main doc as a comment?

On Tue, Jan 15, 2019 at 3:57 PM Alex Chircop <alex.chircop@...> wrote:

Hi Alexis,


Following our initial discussion in Seattle, Quinton and I had a discussion on this.   I captured the notes and applied them to the operating model.   I decided to make a copy of the doc and apply the changes to operating model section only - the current doc is hard to process due to the number of comments.


Here is the amended operating model content: https://docs.google.com/document/d/1ySri5jVrPaJjTJ_tZnDzcc4Xmcm4uKoUrHT6lVO6Pcw/edit#heading=h.6cl6hmsbz9fv


Kind Regards,

Alex





From: Alexis Richardson <alexis@...>
Sent: 09 January 2019 19:36
To: Erin Boyd; Sarah Allen
Cc: Bryan Cantrill; Chris Aniszczyk; Quinton Hoole; Alex Chircop; Matt Farina
Subject: CNCF TOC SIGs Doc
 
hi all

happy 2019!

how's this doc looking?  I daren't look.  can we show the toc an update next week?

a



On Mon, Dec 10, 2018 at 5:35 AM Alexis Richardson <alexis@...> wrote:
+sarah

On Fri, 7 Dec 2018, 13:35 Erin Boyd, <eboyd@...> wrote:
Sounds good.
Please feel free to catch me on Slack.

Erin


On Wed, Dec 5, 2018 at 11:18 PM Alexis Richardson <alexis@...> wrote:
Thank you Erin.  Let's try and sync 1-1 during the week 

On Thu, 6 Dec 2018, 00:42 Erin Boyd, <eboyd@...> wrote:
HI Alexis,
I think I am speaking on a panel at this time.
I can collaborate in the document.
Sorry about that.
Thanks,
Erin


On Tue, Dec 4, 2018 at 11:46 AM Alexis Richardson <alexis@...> wrote:

CNCF TOC meeting re SIGs Doc

meeting to discuss the Categories and SIGs doc
identify and divide up work tasks to clean up draft doc.
eg: we agree a new section plan and each take one section? or something
When
Mon Dec 10, 2018 3:30pm – 4:10pm Mountain Time - Denver
Where
lobby of the Sheraton Grand Seattle (map)
Joining info
meet.google.com/hud-jxti-yvh
Or dial: +1 929-299-3513  PIN: 706587657#
Calendar
eboyd@...
Who
Alexis Richardson - organizer
Matt Farina
Chris Aniszczyk

Going (eboyd@...)?   Yes - Maybe - No    more options »

Invitation from Google Calendar

You are receiving this email at the account eboyd@... because you are subscribed for invitations on calendar eboyd@....

To stop receiving these emails, please log in to https://www.google.com/calendar/ and change your notification settings for this calendar.

Forwarding this invitation could allow any recipient to modify your RSVP response. Learn More.



--
Kind Regards,

Diane Mueller
Director, Community Development
Red Hat OpenShift
@openshiftcommons

We have more in Common than you know, learn more at http://commons.openshift.org


Re: CNCF SIGs Proposal

Sonya Koptyev <sonya@...>
 

Agreed that this should likely be left up to the chartering process, but Oversight to me says “management”. So something like a steering committee or advisory board, not necessary related to technology at all. 

Thanks,
Sonya

Sonya Koptyev | Director of Evangelism | m: +1 425 505 0100



On Feb 2, 2019, 11:54 AM -0800, Quinton Hoole <quinton.hoole@...>, wrote:

For what it’s worth, I poked around in some dictionaries and thesauri, and am now even more convinced that you’re all right and Governance is not the best term.  Succinct alternatives seem fairly hard to come by, but the best one I could find (in all of 2 minutes poking around) was (drumroll):

“Oversight”
Definition: supervision, watchful care

Synonyms: control, inspection, surveillance, check, guardianship, …
Antonyms (opposites): neglect, mismanagement, ignorance,…

At this point I’m going to hand over further bike-shedding to the chartering process for this particular SIG :-)

Q

From: Quinton Hoole <quinton.hoole@...>
Date: Saturday, February 2, 2019 at 11:19
To: Igor Mameshin <igor@...>, Michael Ducy <michael.ducy@...>
Cc: Liz Rice <liz@...>, Alexis Richardson <alexis@...>, CNCF TOC <cncf-toc@...>, Sarah Allen <sarahallen@...>, Zhipeng Huang <zhipengh512@...>
Subject: Re: [cncf-toc] CNCF SIGs Proposal

I fully expect some of the SIG names to be wordsmithed by the TOC Liaison, Chairs and other interested parties of that SIG during the chartering process, where the more detailed scope of the SIG will be defined and fleshed out.  I’d prefer to feed all this input into that process, rather than hash it all out here, now.

As a general principle, when we crafted the initial draft names, we aimed for short names, sufficiently broad to cover the domain.  As soon as we ended up with “X and Y and Z” type names, we tried to come up with a more succinct term that covered X and Y and Z as well as all closely related fields.   That’s why “Security” (too narrow), “Security and Policy” (too narrow and too verbose), and various others got chucked out.  "Security and Compliance” is probably one of the better names I’ve heard, and probably better than “Governance”, but lets hash all that out as part of the chartering process described above.

Q

From: Igor Mameshin <igor@...>
Date: Saturday, February 2, 2019 at 10:33
To: Michael Ducy <michael.ducy@...>
Cc: Liz Rice <liz@...>, Alexis Richardson <alexis@...>, CNCF TOC <cncf-toc@...>, Quinton Hoole <quinton.hoole@...>, Sarah Allen <sarahallen@...>, Zhipeng Huang <zhipengh512@...>
Subject: Re: [cncf-toc] CNCF SIGs Proposal

"Security and Compliance" is a good name.  I would not limit it just to "Security".  Rapidly evolving cloud environments do require governance, and there is a broad range of policies that need to be automated - security, cloud tagging, data filtering, cost management, GDPR, data provenance, bias checkers for AI, etc.     

I suggest to update the SIG description to also include "policy compliance".  One of the CNCF projects is already providing capabilities around automated policy compliance beyond security:

This description may help to promote more work on automated policy compliance beyond security, which I think is very important.  May be "Security and Governance"?

Thank you,
Igor



On Sat, Feb 2, 2019 at 7:55 AM Michael Ducy <michael.ducy@...> wrote:
+1 to Security & Compliance over Governance 

(Which will get abbreviated to SecComp and then everyone will think there’s a SIG on seccomp profiles. :) 

On Feb 2, 2019, at 9:41 AM, Liz Rice <liz@...> wrote:

Sure - regulations are what folks have to be in compliance with. So long as the SIG doesn't start writing more regulations :-)

On Sat, 2 Feb 2019 at 14:26, Alexis Richardson <alexis@...> wrote:
RegSec?

On Sat, 2 Feb 2019, 14:24 Liz Rice, <liz@...> wrote:
+1 that "Governance" isn't a great name for this security-related SIG. I'd suggest "Security and Compliance". In many cases end users are concerned not just with security but also with associated standards compliance (PCI, GDPR, FedRamp etc). I believe the CNCF could add a lot of value by helping to establish what's necessary or best practice for meeting these compliance requirements.

On Sat, 2 Feb 2019 at 00:39, Zhipeng Huang <zhipengh512@...> wrote:
I agree with Sarah, and this is where most people missunderstand policy - they think of it in terms of governance instead of a set of rules which provides constraints for a cluster. Could we change it to security & policy or even just Security , or something else ?

On Sat, Feb 2, 2019 at 6:31 AM Sarah Allen via Lists.Cncf.Io <sarahallen=google.com@...> wrote:
Overall the doc looks great -- thanks Alexis for your editorial work and Quinton for moving this forward!

One small point on naming of a specific SIG: 

Governance

security, authentication, authorization, auditing, policy enforcement

SPIFFE, SPIRE, Open Policy Agent, Notary, TUF,  Falco,


The word "governance" is often used to convey human processes of policy (e.g. how decisions are made, roles and responsibilities, etc.), and if I saw that in a list of SIGs, I probably wouldn't go looking there for security.  

Also note that the "Governance" section of the same doc addressees those same kinds of human policy concerns (e.g. "SIGs must have a documented governance process that encourages community participation and clear guidelines to avoid biased decision-making."), yet the topics for the SIG and list of projects are more about the software used to implement security and privacy, along with ensuring compliance (auditing, etc).

Also, note that some open source projects have a GOVERNANCE.md (or similarly named directory) to define project roles and decision-making process (examples: Nodecloudevents, SAFE, docker, k8s community)

Interested in what others think about this naming detail.

Thanks!
Sarah

On Thu, Jan 31, 2019 at 7:34 AM Quinton Hoole <quinton.hoole@...> wrote:
My apologies Diane – I just reread the Operating Model section and you’re right - it’s not sufficiently clear on the point you raised.  I will add some wording to the effect of my email reply below.

Regards

Q

From: <cncf-toc@...> on behalf of Diane Mueller-Klingspor <dmueller@...>
Date: Thursday, January 31, 2019 at 06:54
To: Quinton Hoole <quinton.hoole@...>
Cc: "cncf-toc@..." <cncf-toc@...>, Erin Boyd <eboyd@...>, Sarah Allen <sarahallen@...>, Bryan Cantrill <bryan@...>, Chris Aniszczyk <caniszczyk@...>, Matt Farina <matt.farina@...>, Alex Chircop <alex.chircop@...>, Alexis Richardson <alexis@...>
Subject: Re: [cncf-toc] CNCF SIGs Proposal

Quinton, 

If you are referring to this one sentence:

"The TOC makes use of this input to act as an informed and effective executive board to select and promote appropriate CNCF projects and practices, and to disseminate high quality information to end users and the cloud-native community in general." as the section discussion the creation/instantiation/proposal process for new SIGs"

I'd like a bit more clarity. If someone from the community (outside of the TOC) wishes to propose a SIG, what it the process? Or is it just the purview of the TOC on know when a new SIG should be created - then that would be nice to have clarified further.

If there's another section of the document, that you feel clarifies this SIG instantiation/proposal process, please point me in the right direction. I'm just not finding it.

Thanks for your help,

Diane Mueller
@openshiftcommon

On Thu, Jan 31, 2019 at 6:16 AM Quinton Hoole <quinton.hoole@...> wrote:
Thanks Diane

I think that’s adequately covered in the doc - the TOC creates and approves SIG’s.  If anyone believes we need to create more SIG’s, they should, by implication, ask the TOC to do that.  The current intention is to keep the number of SIGs relatively small, at least initially, and make sure they’re all highly effective before expanding the number of SIG's.

Q

From: <cncf-toc@...> on behalf of Diane Mueller-Klingspor <dmueller@...>
Date: Thursday, January 31, 2019 at 05:27
To: Quinton Hoole <quinton.hoole@...>
Cc: "cncf-toc@..." <cncf-toc@...>, Erin Boyd <eboyd@...>, Sarah Allen <sarahallen@...>, Bryan Cantrill <bryan@...>, Chris Aniszczyk <caniszczyk@...>, Matt Farina <matt.farina@...>, Alex Chircop <alex.chircop@...>, Alexis Richardson <alexis@...>
Subject: Re: [cncf-toc] CNCF SIGs Proposal

Quinton et al,

Would it be possible to ask for a section in the Operator Model on how one goes about proposing a new SIG and the process for getting it approved?
(or if there is documentation on this topic elsewhere, reference/link to it in an appendix)?

Kind Regards,

Diane Mueller
Director, Community Development
Red Hat 
@openshiftcommon

On Wed, Jan 30, 2019 at 10:47 PM Quinton Hoole <quinton.hoole@...> wrote:
Greetings to the new TOC

Late last year Alexis kicked off a public discussion regarding forming CNCF SIG’s (initially referred to as Categories).  Since then a few of us have collaborated on soliciting further input, addressing all the comments, and producing a finalish proposal for consideration by the TOC.

Please give it a read and we can decide how to proceed at the next meeting this Tue, Feb 5


Q

From: Alexis Richardson <alexis@...>
Date: Tuesday, January 15, 2019 at 07:58
To: Alex Chircop <alex.chircop@...>
Cc: Erin Boyd <eboyd@...>, Sarah Allen <sarahallen@...>, Bryan Cantrill <bryan@...>, Chris Aniszczyk <caniszczyk@...>, Quinton Hoole <quinton.hoole@...>, Matt Farina <matt.farina@...>
Subject: Re: CNCF TOC SIGs Doc

can you put this link into the main doc as a comment?

On Tue, Jan 15, 2019 at 3:57 PM Alex Chircop <alex.chircop@...> wrote:

Hi Alexis,


Following our initial discussion in Seattle, Quinton and I had a discussion on this.   I captured the notes and applied them to the operating model.   I decided to make a copy of the doc and apply the changes to operating model section only - the current doc is hard to process due to the number of comments.


Here is the amended operating model content: https://docs.google.com/document/d/1ySri5jVrPaJjTJ_tZnDzcc4Xmcm4uKoUrHT6lVO6Pcw/edit#heading=h.6cl6hmsbz9fv


Kind Regards,

Alex





From: Alexis Richardson <alexis@...>
Sent: 09 January 2019 19:36
To: Erin Boyd; Sarah Allen
Cc: Bryan Cantrill; Chris Aniszczyk; Quinton Hoole; Alex Chircop; Matt Farina
Subject: CNCF TOC SIGs Doc
 
hi all

happy 2019!

how's this doc looking?  I daren't look.  can we show the toc an update next week?

a



On Mon, Dec 10, 2018 at 5:35 AM Alexis Richardson <alexis@...> wrote:
+sarah

On Fri, 7 Dec 2018, 13:35 Erin Boyd, <eboyd@...> wrote:
Sounds good.
Please feel free to catch me on Slack.

Erin


On Wed, Dec 5, 2018 at 11:18 PM Alexis Richardson <alexis@...> wrote:
Thank you Erin.  Let's try and sync 1-1 during the week 

On Thu, 6 Dec 2018, 00:42 Erin Boyd, <eboyd@...> wrote:
HI Alexis,
I think I am speaking on a panel at this time.
I can collaborate in the document.
Sorry about that.
Thanks,
Erin


On Tue, Dec 4, 2018 at 11:46 AM Alexis Richardson <alexis@...> wrote:

CNCF TOC meeting re SIGs Doc

meeting to discuss the Categories and SIGs doc
identify and divide up work tasks to clean up draft doc.
eg: we agree a new section plan and each take one section? or something
When
Mon Dec 10, 2018 3:30pm – 4:10pm Mountain Time - Denver
Where
lobby of the Sheraton Grand Seattle (map)
Joining info
meet.google.com/hud-jxti-yvh
Or dial: +1 929-299-3513  PIN: 706587657#
Calendar
eboyd@...
Who
Alexis Richardson - organizer
Matt Farina
Chris Aniszczyk

Going (eboyd@...)?   Yes - Maybe - No    more options »

Invitation from Google Calendar

You are receiving this email at the account eboyd@... because you are subscribed for invitations on calendar eboyd@....

To stop receiving these emails, please log in to https://www.google.com/calendar/ and change your notification settings for this calendar.

Forwarding this invitation could allow any recipient to modify your RSVP response. Learn More.



--
Kind Regards,

Diane Mueller
Director, Community Development
Red Hat OpenShift
@openshiftcommons

We have more in Common than you know, learn more at http://commons.openshift.org



--
Kind Regards,

Diane Mueller
Director, Community Development
Red Hat OpenShift
@openshiftcommons

We have more in Common than you know, learn more at http://commons.openshift.org



--
Zhipeng (Howard) Huang

Principle Engineer
IT Standard & Patent/IT Product Line
Huawei Technologies Co,. Ltd
Office: Huawei Industrial Base, Longgang, Shenzhen

--
Liz Rice
@lizrice  | lizrice.com+44 (0) 780 126 1145

--
Liz Rice
@lizrice  | lizrice.com+44 (0) 780 126 1145


Re: CNCF SIGs Proposal

Quinton Hoole
 

For what it’s worth, I poked around in some dictionaries and thesauri, and am now even more convinced that you’re all right and Governance is not the best term.  Succinct alternatives seem fairly hard to come by, but the best one I could find (in all of 2 minutes poking around) was (drumroll):

“Oversight”
Definition: supervision, watchful care

Synonyms: control, inspection, surveillance, check, guardianship, …
Antonyms (opposites): neglect, mismanagement, ignorance,…

At this point I’m going to hand over further bike-shedding to the chartering process for this particular SIG :-)

Q

From: Quinton Hoole <quinton.hoole@...>
Date: Saturday, February 2, 2019 at 11:19
To: Igor Mameshin <igor@...>, Michael Ducy <michael.ducy@...>
Cc: Liz Rice <liz@...>, Alexis Richardson <alexis@...>, CNCF TOC <cncf-toc@...>, Sarah Allen <sarahallen@...>, Zhipeng Huang <zhipengh512@...>
Subject: Re: [cncf-toc] CNCF SIGs Proposal

I fully expect some of the SIG names to be wordsmithed by the TOC Liaison, Chairs and other interested parties of that SIG during the chartering process, where the more detailed scope of the SIG will be defined and fleshed out.  I’d prefer to feed all this input into that process, rather than hash it all out here, now.

As a general principle, when we crafted the initial draft names, we aimed for short names, sufficiently broad to cover the domain.  As soon as we ended up with “X and Y and Z” type names, we tried to come up with a more succinct term that covered X and Y and Z as well as all closely related fields.   That’s why “Security” (too narrow), “Security and Policy” (too narrow and too verbose), and various others got chucked out.  "Security and Compliance” is probably one of the better names I’ve heard, and probably better than “Governance”, but lets hash all that out as part of the chartering process described above.

Q

From: Igor Mameshin <igor@...>
Date: Saturday, February 2, 2019 at 10:33
To: Michael Ducy <michael.ducy@...>
Cc: Liz Rice <liz@...>, Alexis Richardson <alexis@...>, CNCF TOC <cncf-toc@...>, Quinton Hoole <quinton.hoole@...>, Sarah Allen <sarahallen@...>, Zhipeng Huang <zhipengh512@...>
Subject: Re: [cncf-toc] CNCF SIGs Proposal

"Security and Compliance" is a good name.  I would not limit it just to "Security".  Rapidly evolving cloud environments do require governance, and there is a broad range of policies that need to be automated - security, cloud tagging, data filtering, cost management, GDPR, data provenance, bias checkers for AI, etc.     

I suggest to update the SIG description to also include "policy compliance".  One of the CNCF projects is already providing capabilities around automated policy compliance beyond security:

This description may help to promote more work on automated policy compliance beyond security, which I think is very important.  May be "Security and Governance"?

Thank you,
Igor



On Sat, Feb 2, 2019 at 7:55 AM Michael Ducy <michael.ducy@...> wrote:
+1 to Security & Compliance over Governance 

(Which will get abbreviated to SecComp and then everyone will think there’s a SIG on seccomp profiles. :) 

On Feb 2, 2019, at 9:41 AM, Liz Rice <liz@...> wrote:

Sure - regulations are what folks have to be in compliance with. So long as the SIG doesn't start writing more regulations :-)

On Sat, 2 Feb 2019 at 14:26, Alexis Richardson <alexis@...> wrote:
RegSec?

On Sat, 2 Feb 2019, 14:24 Liz Rice, <liz@...> wrote:
+1 that "Governance" isn't a great name for this security-related SIG. I'd suggest "Security and Compliance". In many cases end users are concerned not just with security but also with associated standards compliance (PCI, GDPR, FedRamp etc). I believe the CNCF could add a lot of value by helping to establish what's necessary or best practice for meeting these compliance requirements.

On Sat, 2 Feb 2019 at 00:39, Zhipeng Huang <zhipengh512@...> wrote:
I agree with Sarah, and this is where most people missunderstand policy - they think of it in terms of governance instead of a set of rules which provides constraints for a cluster. Could we change it to security & policy or even just Security , or something else ?

On Sat, Feb 2, 2019 at 6:31 AM Sarah Allen via Lists.Cncf.Io <sarahallen=google.com@...> wrote:
Overall the doc looks great -- thanks Alexis for your editorial work and Quinton for moving this forward!

One small point on naming of a specific SIG: 

Governance

security, authentication, authorization, auditing, policy enforcement

SPIFFE, SPIRE, Open Policy Agent, Notary, TUF,  Falco,


The word "governance" is often used to convey human processes of policy (e.g. how decisions are made, roles and responsibilities, etc.), and if I saw that in a list of SIGs, I probably wouldn't go looking there for security.  

Also note that the "Governance" section of the same doc addressees those same kinds of human policy concerns (e.g. "SIGs must have a documented governance process that encourages community participation and clear guidelines to avoid biased decision-making."), yet the topics for the SIG and list of projects are more about the software used to implement security and privacy, along with ensuring compliance (auditing, etc).

Also, note that some open source projects have a GOVERNANCE.md (or similarly named directory) to define project roles and decision-making process (examples: Nodecloudevents, SAFE, docker, k8s community)

Interested in what others think about this naming detail.

Thanks!
Sarah

On Thu, Jan 31, 2019 at 7:34 AM Quinton Hoole <quinton.hoole@...> wrote:
My apologies Diane – I just reread the Operating Model section and you’re right - it’s not sufficiently clear on the point you raised.  I will add some wording to the effect of my email reply below.

Regards

Q

From: <cncf-toc@...> on behalf of Diane Mueller-Klingspor <dmueller@...>
Date: Thursday, January 31, 2019 at 06:54
To: Quinton Hoole <quinton.hoole@...>
Cc: "cncf-toc@..." <cncf-toc@...>, Erin Boyd <eboyd@...>, Sarah Allen <sarahallen@...>, Bryan Cantrill <bryan@...>, Chris Aniszczyk <caniszczyk@...>, Matt Farina <matt.farina@...>, Alex Chircop <alex.chircop@...>, Alexis Richardson <alexis@...>
Subject: Re: [cncf-toc] CNCF SIGs Proposal

Quinton, 

If you are referring to this one sentence:

"The TOC makes use of this input to act as an informed and effective executive board to select and promote appropriate CNCF projects and practices, and to disseminate high quality information to end users and the cloud-native community in general." as the section discussion the creation/instantiation/proposal process for new SIGs"

I'd like a bit more clarity. If someone from the community (outside of the TOC) wishes to propose a SIG, what it the process? Or is it just the purview of the TOC on know when a new SIG should be created - then that would be nice to have clarified further.

If there's another section of the document, that you feel clarifies this SIG instantiation/proposal process, please point me in the right direction. I'm just not finding it.

Thanks for your help,

Diane Mueller
@openshiftcommon

On Thu, Jan 31, 2019 at 6:16 AM Quinton Hoole <quinton.hoole@...> wrote:
Thanks Diane

I think that’s adequately covered in the doc - the TOC creates and approves SIG’s.  If anyone believes we need to create more SIG’s, they should, by implication, ask the TOC to do that.  The current intention is to keep the number of SIGs relatively small, at least initially, and make sure they’re all highly effective before expanding the number of SIG's.

Q

From: <cncf-toc@...> on behalf of Diane Mueller-Klingspor <dmueller@...>
Date: Thursday, January 31, 2019 at 05:27
To: Quinton Hoole <quinton.hoole@...>
Cc: "cncf-toc@..." <cncf-toc@...>, Erin Boyd <eboyd@...>, Sarah Allen <sarahallen@...>, Bryan Cantrill <bryan@...>, Chris Aniszczyk <caniszczyk@...>, Matt Farina <matt.farina@...>, Alex Chircop <alex.chircop@...>, Alexis Richardson <alexis@...>
Subject: Re: [cncf-toc] CNCF SIGs Proposal

Quinton et al,

Would it be possible to ask for a section in the Operator Model on how one goes about proposing a new SIG and the process for getting it approved?
(or if there is documentation on this topic elsewhere, reference/link to it in an appendix)?

Kind Regards,

Diane Mueller
Director, Community Development
Red Hat 
@openshiftcommon

On Wed, Jan 30, 2019 at 10:47 PM Quinton Hoole <quinton.hoole@...> wrote:
Greetings to the new TOC

Late last year Alexis kicked off a public discussion regarding forming CNCF SIG’s (initially referred to as Categories).  Since then a few of us have collaborated on soliciting further input, addressing all the comments, and producing a finalish proposal for consideration by the TOC.

Please give it a read and we can decide how to proceed at the next meeting this Tue, Feb 5


Q

From: Alexis Richardson <alexis@...>
Date: Tuesday, January 15, 2019 at 07:58
To: Alex Chircop <alex.chircop@...>
Cc: Erin Boyd <eboyd@...>, Sarah Allen <sarahallen@...>, Bryan Cantrill <bryan@...>, Chris Aniszczyk <caniszczyk@...>, Quinton Hoole <quinton.hoole@...>, Matt Farina <matt.farina@...>
Subject: Re: CNCF TOC SIGs Doc

can you put this link into the main doc as a comment?

On Tue, Jan 15, 2019 at 3:57 PM Alex Chircop <alex.chircop@...> wrote:

Hi Alexis,


Following our initial discussion in Seattle, Quinton and I had a discussion on this.   I captured the notes and applied them to the operating model.   I decided to make a copy of the doc and apply the changes to operating model section only - the current doc is hard to process due to the number of comments.


Here is the amended operating model content: https://docs.google.com/document/d/1ySri5jVrPaJjTJ_tZnDzcc4Xmcm4uKoUrHT6lVO6Pcw/edit#heading=h.6cl6hmsbz9fv


Kind Regards,

Alex





From: Alexis Richardson <alexis@...>
Sent: 09 January 2019 19:36
To: Erin Boyd; Sarah Allen
Cc: Bryan Cantrill; Chris Aniszczyk; Quinton Hoole; Alex Chircop; Matt Farina
Subject: CNCF TOC SIGs Doc
 
hi all

happy 2019!

how's this doc looking?  I daren't look.  can we show the toc an update next week?

a



On Mon, Dec 10, 2018 at 5:35 AM Alexis Richardson <alexis@...> wrote:
+sarah

On Fri, 7 Dec 2018, 13:35 Erin Boyd, <eboyd@...> wrote:
Sounds good.
Please feel free to catch me on Slack.

Erin


On Wed, Dec 5, 2018 at 11:18 PM Alexis Richardson <alexis@...> wrote:
Thank you Erin.  Let's try and sync 1-1 during the week 

On Thu, 6 Dec 2018, 00:42 Erin Boyd, <eboyd@...> wrote:
HI Alexis,
I think I am speaking on a panel at this time.
I can collaborate in the document.
Sorry about that.
Thanks,
Erin


On Tue, Dec 4, 2018 at 11:46 AM Alexis Richardson <alexis@...> wrote:

CNCF TOC meeting re SIGs Doc

meeting to discuss the Categories and SIGs doc
identify and divide up work tasks to clean up draft doc.
eg: we agree a new section plan and each take one section? or something
When
Mon Dec 10, 2018 3:30pm – 4:10pm Mountain Time - Denver
Where
lobby of the Sheraton Grand Seattle (map)
Joining info
meet.google.com/hud-jxti-yvh
Or dial: +1 929-299-3513  PIN: 706587657#
Calendar
eboyd@...
Who
Alexis Richardson - organizer
Matt Farina
Chris Aniszczyk

Going (eboyd@...)?   Yes - Maybe - No    more options »

Invitation from Google Calendar

You are receiving this email at the account eboyd@... because you are subscribed for invitations on calendar eboyd@....

To stop receiving these emails, please log in to https://www.google.com/calendar/ and change your notification settings for this calendar.

Forwarding this invitation could allow any recipient to modify your RSVP response. Learn More.



--
Kind Regards,

Diane Mueller
Director, Community Development
Red Hat OpenShift
@openshiftcommons

We have more in Common than you know, learn more at http://commons.openshift.org



--
Kind Regards,

Diane Mueller
Director, Community Development
Red Hat OpenShift
@openshiftcommons

We have more in Common than you know, learn more at http://commons.openshift.org



--
Zhipeng (Howard) Huang

Principle Engineer
IT Standard & Patent/IT Product Line
Huawei Technologies Co,. Ltd
Office: Huawei Industrial Base, Longgang, Shenzhen

--
Liz Rice
@lizrice  | lizrice.com+44 (0) 780 126 1145

--
Liz Rice
@lizrice  | lizrice.com+44 (0) 780 126 1145


Re: CNCF SIGs Proposal

Quinton Hoole
 

I fully expect some of the SIG names to be wordsmithed by the TOC Liaison, Chairs and other interested parties of that SIG during the chartering process, where the more detailed scope of the SIG will be defined and fleshed out.  I’d prefer to feed all this input into that process, rather than hash it all out here, now.

As a general principle, when we crafted the initial draft names, we aimed for short names, sufficiently broad to cover the domain.  As soon as we ended up with “X and Y and Z” type names, we tried to come up with a more succinct term that covered X and Y and Z as well as all closely related fields.   That’s why “Security” (too narrow), “Security and Policy” (too narrow and too verbose), and various others got chucked out.  "Security and Compliance” is probably one of the better names I’ve heard, and probably better than “Governance”, but lets hash all that out as part of the chartering process described above.

Q

From: Igor Mameshin <igor@...>
Date: Saturday, February 2, 2019 at 10:33
To: Michael Ducy <michael.ducy@...>
Cc: Liz Rice <liz@...>, Alexis Richardson <alexis@...>, CNCF TOC <cncf-toc@...>, Quinton Hoole <quinton.hoole@...>, Sarah Allen <sarahallen@...>, Zhipeng Huang <zhipengh512@...>
Subject: Re: [cncf-toc] CNCF SIGs Proposal

"Security and Compliance" is a good name.  I would not limit it just to "Security".  Rapidly evolving cloud environments do require governance, and there is a broad range of policies that need to be automated - security, cloud tagging, data filtering, cost management, GDPR, data provenance, bias checkers for AI, etc.     

I suggest to update the SIG description to also include "policy compliance".  One of the CNCF projects is already providing capabilities around automated policy compliance beyond security:

This description may help to promote more work on automated policy compliance beyond security, which I think is very important.  May be "Security and Governance"?

Thank you,
Igor



On Sat, Feb 2, 2019 at 7:55 AM Michael Ducy <michael.ducy@...> wrote:
+1 to Security & Compliance over Governance 

(Which will get abbreviated to SecComp and then everyone will think there’s a SIG on seccomp profiles. :) 

On Feb 2, 2019, at 9:41 AM, Liz Rice <liz@...> wrote:

Sure - regulations are what folks have to be in compliance with. So long as the SIG doesn't start writing more regulations :-)

On Sat, 2 Feb 2019 at 14:26, Alexis Richardson <alexis@...> wrote:
RegSec?

On Sat, 2 Feb 2019, 14:24 Liz Rice, <liz@...> wrote:
+1 that "Governance" isn't a great name for this security-related SIG. I'd suggest "Security and Compliance". In many cases end users are concerned not just with security but also with associated standards compliance (PCI, GDPR, FedRamp etc). I believe the CNCF could add a lot of value by helping to establish what's necessary or best practice for meeting these compliance requirements.

On Sat, 2 Feb 2019 at 00:39, Zhipeng Huang <zhipengh512@...> wrote:
I agree with Sarah, and this is where most people missunderstand policy - they think of it in terms of governance instead of a set of rules which provides constraints for a cluster. Could we change it to security & policy or even just Security , or something else ?

On Sat, Feb 2, 2019 at 6:31 AM Sarah Allen via Lists.Cncf.Io <sarahallen=google.com@...> wrote:
Overall the doc looks great -- thanks Alexis for your editorial work and Quinton for moving this forward!

One small point on naming of a specific SIG: 

Governance

security, authentication, authorization, auditing, policy enforcement

SPIFFE, SPIRE, Open Policy Agent, Notary, TUF,  Falco,


The word "governance" is often used to convey human processes of policy (e.g. how decisions are made, roles and responsibilities, etc.), and if I saw that in a list of SIGs, I probably wouldn't go looking there for security.  

Also note that the "Governance" section of the same doc addressees those same kinds of human policy concerns (e.g. "SIGs must have a documented governance process that encourages community participation and clear guidelines to avoid biased decision-making."), yet the topics for the SIG and list of projects are more about the software used to implement security and privacy, along with ensuring compliance (auditing, etc).

Also, note that some open source projects have a GOVERNANCE.md (or similarly named directory) to define project roles and decision-making process (examples: Nodecloudevents, SAFE, docker, k8s community)

Interested in what others think about this naming detail.

Thanks!
Sarah

On Thu, Jan 31, 2019 at 7:34 AM Quinton Hoole <quinton.hoole@...> wrote:
My apologies Diane – I just reread the Operating Model section and you’re right - it’s not sufficiently clear on the point you raised.  I will add some wording to the effect of my email reply below.

Regards

Q

From: <cncf-toc@...> on behalf of Diane Mueller-Klingspor <dmueller@...>
Date: Thursday, January 31, 2019 at 06:54
To: Quinton Hoole <quinton.hoole@...>
Cc: "cncf-toc@..." <cncf-toc@...>, Erin Boyd <eboyd@...>, Sarah Allen <sarahallen@...>, Bryan Cantrill <bryan@...>, Chris Aniszczyk <caniszczyk@...>, Matt Farina <matt.farina@...>, Alex Chircop <alex.chircop@...>, Alexis Richardson <alexis@...>
Subject: Re: [cncf-toc] CNCF SIGs Proposal

Quinton, 

If you are referring to this one sentence:

"The TOC makes use of this input to act as an informed and effective executive board to select and promote appropriate CNCF projects and practices, and to disseminate high quality information to end users and the cloud-native community in general." as the section discussion the creation/instantiation/proposal process for new SIGs"

I'd like a bit more clarity. If someone from the community (outside of the TOC) wishes to propose a SIG, what it the process? Or is it just the purview of the TOC on know when a new SIG should be created - then that would be nice to have clarified further.

If there's another section of the document, that you feel clarifies this SIG instantiation/proposal process, please point me in the right direction. I'm just not finding it.

Thanks for your help,

Diane Mueller
@openshiftcommon

On Thu, Jan 31, 2019 at 6:16 AM Quinton Hoole <quinton.hoole@...> wrote:
Thanks Diane

I think that’s adequately covered in the doc - the TOC creates and approves SIG’s.  If anyone believes we need to create more SIG’s, they should, by implication, ask the TOC to do that.  The current intention is to keep the number of SIGs relatively small, at least initially, and make sure they’re all highly effective before expanding the number of SIG's.

Q

From: <cncf-toc@...> on behalf of Diane Mueller-Klingspor <dmueller@...>
Date: Thursday, January 31, 2019 at 05:27
To: Quinton Hoole <quinton.hoole@...>
Cc: "cncf-toc@..." <cncf-toc@...>, Erin Boyd <eboyd@...>, Sarah Allen <sarahallen@...>, Bryan Cantrill <bryan@...>, Chris Aniszczyk <caniszczyk@...>, Matt Farina <matt.farina@...>, Alex Chircop <alex.chircop@...>, Alexis Richardson <alexis@...>
Subject: Re: [cncf-toc] CNCF SIGs Proposal

Quinton et al,

Would it be possible to ask for a section in the Operator Model on how one goes about proposing a new SIG and the process for getting it approved?
(or if there is documentation on this topic elsewhere, reference/link to it in an appendix)?

Kind Regards,

Diane Mueller
Director, Community Development
Red Hat 
@openshiftcommon

On Wed, Jan 30, 2019 at 10:47 PM Quinton Hoole <quinton.hoole@...> wrote:
Greetings to the new TOC

Late last year Alexis kicked off a public discussion regarding forming CNCF SIG’s (initially referred to as Categories).  Since then a few of us have collaborated on soliciting further input, addressing all the comments, and producing a finalish proposal for consideration by the TOC.

Please give it a read and we can decide how to proceed at the next meeting this Tue, Feb 5


Q

From: Alexis Richardson <alexis@...>
Date: Tuesday, January 15, 2019 at 07:58
To: Alex Chircop <alex.chircop@...>
Cc: Erin Boyd <eboyd@...>, Sarah Allen <sarahallen@...>, Bryan Cantrill <bryan@...>, Chris Aniszczyk <caniszczyk@...>, Quinton Hoole <quinton.hoole@...>, Matt Farina <matt.farina@...>
Subject: Re: CNCF TOC SIGs Doc

can you put this link into the main doc as a comment?

On Tue, Jan 15, 2019 at 3:57 PM Alex Chircop <alex.chircop@...> wrote:

Hi Alexis,


Following our initial discussion in Seattle, Quinton and I had a discussion on this.   I captured the notes and applied them to the operating model.   I decided to make a copy of the doc and apply the changes to operating model section only - the current doc is hard to process due to the number of comments.


Here is the amended operating model content: https://docs.google.com/document/d/1ySri5jVrPaJjTJ_tZnDzcc4Xmcm4uKoUrHT6lVO6Pcw/edit#heading=h.6cl6hmsbz9fv


Kind Regards,

Alex





From: Alexis Richardson <alexis@...>
Sent: 09 January 2019 19:36
To: Erin Boyd; Sarah Allen
Cc: Bryan Cantrill; Chris Aniszczyk; Quinton Hoole; Alex Chircop; Matt Farina
Subject: CNCF TOC SIGs Doc
 
hi all

happy 2019!

how's this doc looking?  I daren't look.  can we show the toc an update next week?

a



On Mon, Dec 10, 2018 at 5:35 AM Alexis Richardson <alexis@...> wrote:
+sarah

On Fri, 7 Dec 2018, 13:35 Erin Boyd, <eboyd@...> wrote:
Sounds good.
Please feel free to catch me on Slack.

Erin


On Wed, Dec 5, 2018 at 11:18 PM Alexis Richardson <alexis@...> wrote:
Thank you Erin.  Let's try and sync 1-1 during the week 

On Thu, 6 Dec 2018, 00:42 Erin Boyd, <eboyd@...> wrote:
HI Alexis,
I think I am speaking on a panel at this time.
I can collaborate in the document.
Sorry about that.
Thanks,
Erin


On Tue, Dec 4, 2018 at 11:46 AM Alexis Richardson <alexis@...> wrote:

CNCF TOC meeting re SIGs Doc

meeting to discuss the Categories and SIGs doc
identify and divide up work tasks to clean up draft doc.
eg: we agree a new section plan and each take one section? or something
When
Mon Dec 10, 2018 3:30pm – 4:10pm Mountain Time - Denver
Where
lobby of the Sheraton Grand Seattle (map)
Joining info
meet.google.com/hud-jxti-yvh
Or dial: +1 929-299-3513  PIN: 706587657#
Calendar
eboyd@...
Who
Alexis Richardson - organizer
Matt Farina
Chris Aniszczyk

Going (eboyd@...)?   Yes - Maybe - No    more options »

Invitation from Google Calendar

You are receiving this email at the account eboyd@... because you are subscribed for invitations on calendar eboyd@....

To stop receiving these emails, please log in to https://www.google.com/calendar/ and change your notification settings for this calendar.

Forwarding this invitation could allow any recipient to modify your RSVP response. Learn More.



--
Kind Regards,

Diane Mueller
Director, Community Development
Red Hat OpenShift
@openshiftcommons

We have more in Common than you know, learn more at http://commons.openshift.org



--
Kind Regards,

Diane Mueller
Director, Community Development
Red Hat OpenShift
@openshiftcommons

We have more in Common than you know, learn more at http://commons.openshift.org



--
Zhipeng (Howard) Huang

Principle Engineer
IT Standard & Patent/IT Product Line
Huawei Technologies Co,. Ltd
Office: Huawei Industrial Base, Longgang, Shenzhen

--
Liz Rice
@lizrice  | lizrice.com+44 (0) 780 126 1145

--
Liz Rice
@lizrice  | lizrice.com+44 (0) 780 126 1145


Re: CNCF SIGs Proposal

Igor Mameshin
 

"Security and Compliance" is a good name.  I would not limit it just to "Security".  Rapidly evolving cloud environments do require governance, and there is a broad range of policies that need to be automated - security, cloud tagging, data filtering, cost management, GDPR, data provenance, bias checkers for AI, etc.     

I suggest to update the SIG description to also include "policy compliance".  One of the CNCF projects is already providing capabilities around automated policy compliance beyond security:

This description may help to promote more work on automated policy compliance beyond security, which I think is very important.  May be "Security and Governance"?

Thank you,
Igor



On Sat, Feb 2, 2019 at 7:55 AM Michael Ducy <michael.ducy@...> wrote:
+1 to Security & Compliance over Governance 

(Which will get abbreviated to SecComp and then everyone will think there’s a SIG on seccomp profiles. :) 

On Feb 2, 2019, at 9:41 AM, Liz Rice <liz@...> wrote:

Sure - regulations are what folks have to be in compliance with. So long as the SIG doesn't start writing more regulations :-)

On Sat, 2 Feb 2019 at 14:26, Alexis Richardson <alexis@...> wrote:
RegSec?

On Sat, 2 Feb 2019, 14:24 Liz Rice, <liz@...> wrote:
+1 that "Governance" isn't a great name for this security-related SIG. I'd suggest "Security and Compliance". In many cases end users are concerned not just with security but also with associated standards compliance (PCI, GDPR, FedRamp etc). I believe the CNCF could add a lot of value by helping to establish what's necessary or best practice for meeting these compliance requirements.

On Sat, 2 Feb 2019 at 00:39, Zhipeng Huang <zhipengh512@...> wrote:
I agree with Sarah, and this is where most people missunderstand policy - they think of it in terms of governance instead of a set of rules which provides constraints for a cluster. Could we change it to security & policy or even just Security , or something else ?

On Sat, Feb 2, 2019 at 6:31 AM Sarah Allen via Lists.Cncf.Io <sarahallen=google.com@...> wrote:
Overall the doc looks great -- thanks Alexis for your editorial work and Quinton for moving this forward!

One small point on naming of a specific SIG: 

Governance

security, authentication, authorization, auditing, policy enforcement

SPIFFE, SPIRE, Open Policy Agent, Notary, TUF,  Falco,


The word "governance" is often used to convey human processes of policy (e.g. how decisions are made, roles and responsibilities, etc.), and if I saw that in a list of SIGs, I probably wouldn't go looking there for security.  

Also note that the "Governance" section of the same doc addressees those same kinds of human policy concerns (e.g. "SIGs must have a documented governance process that encourages community participation and clear guidelines to avoid biased decision-making."), yet the topics for the SIG and list of projects are more about the software used to implement security and privacy, along with ensuring compliance (auditing, etc).

Also, note that some open source projects have a GOVERNANCE.md (or similarly named directory) to define project roles and decision-making process (examples: Nodecloudevents, SAFE, docker, k8s community)

Interested in what others think about this naming detail.

Thanks!
Sarah

On Thu, Jan 31, 2019 at 7:34 AM Quinton Hoole <quinton.hoole@...> wrote:
My apologies Diane – I just reread the Operating Model section and you’re right - it’s not sufficiently clear on the point you raised.  I will add some wording to the effect of my email reply below.

Regards

Q

From: <cncf-toc@...> on behalf of Diane Mueller-Klingspor <dmueller@...>
Date: Thursday, January 31, 2019 at 06:54
To: Quinton Hoole <quinton.hoole@...>
Cc: "cncf-toc@..." <cncf-toc@...>, Erin Boyd <eboyd@...>, Sarah Allen <sarahallen@...>, Bryan Cantrill <bryan@...>, Chris Aniszczyk <caniszczyk@...>, Matt Farina <matt.farina@...>, Alex Chircop <alex.chircop@...>, Alexis Richardson <alexis@...>
Subject: Re: [cncf-toc] CNCF SIGs Proposal

Quinton, 

If you are referring to this one sentence:

"The TOC makes use of this input to act as an informed and effective executive board to select and promote appropriate CNCF projects and practices, and to disseminate high quality information to end users and the cloud-native community in general." as the section discussion the creation/instantiation/proposal process for new SIGs"

I'd like a bit more clarity. If someone from the community (outside of the TOC) wishes to propose a SIG, what it the process? Or is it just the purview of the TOC on know when a new SIG should be created - then that would be nice to have clarified further.

If there's another section of the document, that you feel clarifies this SIG instantiation/proposal process, please point me in the right direction. I'm just not finding it.

Thanks for your help,

Diane Mueller
@openshiftcommon

On Thu, Jan 31, 2019 at 6:16 AM Quinton Hoole <quinton.hoole@...> wrote:
Thanks Diane

I think that’s adequately covered in the doc - the TOC creates and approves SIG’s.  If anyone believes we need to create more SIG’s, they should, by implication, ask the TOC to do that.  The current intention is to keep the number of SIGs relatively small, at least initially, and make sure they’re all highly effective before expanding the number of SIG's.

Q

From: <cncf-toc@...> on behalf of Diane Mueller-Klingspor <dmueller@...>
Date: Thursday, January 31, 2019 at 05:27
To: Quinton Hoole <quinton.hoole@...>
Cc: "cncf-toc@..." <cncf-toc@...>, Erin Boyd <eboyd@...>, Sarah Allen <sarahallen@...>, Bryan Cantrill <bryan@...>, Chris Aniszczyk <caniszczyk@...>, Matt Farina <matt.farina@...>, Alex Chircop <alex.chircop@...>, Alexis Richardson <alexis@...>
Subject: Re: [cncf-toc] CNCF SIGs Proposal

Quinton et al,

Would it be possible to ask for a section in the Operator Model on how one goes about proposing a new SIG and the process for getting it approved?
(or if there is documentation on this topic elsewhere, reference/link to it in an appendix)?

Kind Regards,

Diane Mueller
Director, Community Development
Red Hat 
@openshiftcommon

On Wed, Jan 30, 2019 at 10:47 PM Quinton Hoole <quinton.hoole@...> wrote:
Greetings to the new TOC

Late last year Alexis kicked off a public discussion regarding forming CNCF SIG’s (initially referred to as Categories).  Since then a few of us have collaborated on soliciting further input, addressing all the comments, and producing a finalish proposal for consideration by the TOC.

Please give it a read and we can decide how to proceed at the next meeting this Tue, Feb 5


Q

From: Alexis Richardson <alexis@...>
Date: Tuesday, January 15, 2019 at 07:58
To: Alex Chircop <alex.chircop@...>
Cc: Erin Boyd <eboyd@...>, Sarah Allen <sarahallen@...>, Bryan Cantrill <bryan@...>, Chris Aniszczyk <caniszczyk@...>, Quinton Hoole <quinton.hoole@...>, Matt Farina <matt.farina@...>
Subject: Re: CNCF TOC SIGs Doc

can you put this link into the main doc as a comment?

On Tue, Jan 15, 2019 at 3:57 PM Alex Chircop <alex.chircop@...> wrote:

Hi Alexis,


Following our initial discussion in Seattle, Quinton and I had a discussion on this.   I captured the notes and applied them to the operating model.   I decided to make a copy of the doc and apply the changes to operating model section only - the current doc is hard to process due to the number of comments.


Here is the amended operating model content: https://docs.google.com/document/d/1ySri5jVrPaJjTJ_tZnDzcc4Xmcm4uKoUrHT6lVO6Pcw/edit#heading=h.6cl6hmsbz9fv


Kind Regards,

Alex





From: Alexis Richardson <alexis@...>
Sent: 09 January 2019 19:36
To: Erin Boyd; Sarah Allen
Cc: Bryan Cantrill; Chris Aniszczyk; Quinton Hoole; Alex Chircop; Matt Farina
Subject: CNCF TOC SIGs Doc
 
hi all

happy 2019!

how's this doc looking?  I daren't look.  can we show the toc an update next week?

a



On Mon, Dec 10, 2018 at 5:35 AM Alexis Richardson <alexis@...> wrote:
+sarah

On Fri, 7 Dec 2018, 13:35 Erin Boyd, <eboyd@...> wrote:
Sounds good.
Please feel free to catch me on Slack.

Erin


On Wed, Dec 5, 2018 at 11:18 PM Alexis Richardson <alexis@...> wrote:
Thank you Erin.  Let's try and sync 1-1 during the week 

On Thu, 6 Dec 2018, 00:42 Erin Boyd, <eboyd@...> wrote:
HI Alexis,
I think I am speaking on a panel at this time.
I can collaborate in the document.
Sorry about that.
Thanks,
Erin


On Tue, Dec 4, 2018 at 11:46 AM Alexis Richardson <alexis@...> wrote:

CNCF TOC meeting re SIGs Doc

meeting to discuss the Categories and SIGs doc
identify and divide up work tasks to clean up draft doc.
eg: we agree a new section plan and each take one section? or something
When
Mon Dec 10, 2018 3:30pm – 4:10pm Mountain Time - Denver
Where
lobby of the Sheraton Grand Seattle (map)
Joining info
meet.google.com/hud-jxti-yvh
Or dial: +1 929-299-3513  PIN: 706587657#
Calendar
eboyd@...
Who
Alexis Richardson - organizer
Matt Farina
Chris Aniszczyk

Going (eboyd@...)?   Yes - Maybe - No    more options »

Invitation from Google Calendar

You are receiving this email at the account eboyd@... because you are subscribed for invitations on calendar eboyd@....

To stop receiving these emails, please log in to https://www.google.com/calendar/ and change your notification settings for this calendar.

Forwarding this invitation could allow any recipient to modify your RSVP response. Learn More.



--
Kind Regards,

Diane Mueller
Director, Community Development
Red Hat OpenShift
@openshiftcommons

We have more in Common than you know, learn more at http://commons.openshift.org



--
Kind Regards,

Diane Mueller
Director, Community Development
Red Hat OpenShift
@openshiftcommons

We have more in Common than you know, learn more at http://commons.openshift.org



--
Zhipeng (Howard) Huang

Principle Engineer
IT Standard & Patent/IT Product Line
Huawei Technologies Co,. Ltd
Office: Huawei Industrial Base, Longgang, Shenzhen

--
Liz Rice
@lizrice  | lizrice.com+44 (0) 780 126 1145

--
Liz Rice
@lizrice  | lizrice.com+44 (0) 780 126 1145


Re: CNCF SIGs Proposal

Michael Ducy
 

+1 to Security & Compliance over Governance 

(Which will get abbreviated to SecComp and then everyone will think there’s a SIG on seccomp profiles. :) 

On Feb 2, 2019, at 9:41 AM, Liz Rice <liz@...> wrote:

Sure - regulations are what folks have to be in compliance with. So long as the SIG doesn't start writing more regulations :-)

On Sat, 2 Feb 2019 at 14:26, Alexis Richardson <alexis@...> wrote:
RegSec?

On Sat, 2 Feb 2019, 14:24 Liz Rice, <liz@...> wrote:
+1 that "Governance" isn't a great name for this security-related SIG. I'd suggest "Security and Compliance". In many cases end users are concerned not just with security but also with associated standards compliance (PCI, GDPR, FedRamp etc). I believe the CNCF could add a lot of value by helping to establish what's necessary or best practice for meeting these compliance requirements.

On Sat, 2 Feb 2019 at 00:39, Zhipeng Huang <zhipengh512@...> wrote:
I agree with Sarah, and this is where most people missunderstand policy - they think of it in terms of governance instead of a set of rules which provides constraints for a cluster. Could we change it to security & policy or even just Security , or something else ?

On Sat, Feb 2, 2019 at 6:31 AM Sarah Allen via Lists.Cncf.Io <sarahallen=google.com@...> wrote:
Overall the doc looks great -- thanks Alexis for your editorial work and Quinton for moving this forward!

One small point on naming of a specific SIG: 

Governance

security, authentication, authorization, auditing, policy enforcement

SPIFFE, SPIRE, Open Policy Agent, Notary, TUF,  Falco,


The word "governance" is often used to convey human processes of policy (e.g. how decisions are made, roles and responsibilities, etc.), and if I saw that in a list of SIGs, I probably wouldn't go looking there for security.  

Also note that the "Governance" section of the same doc addressees those same kinds of human policy concerns (e.g. "SIGs must have a documented governance process that encourages community participation and clear guidelines to avoid biased decision-making."), yet the topics for the SIG and list of projects are more about the software used to implement security and privacy, along with ensuring compliance (auditing, etc).

Also, note that some open source projects have a GOVERNANCE.md (or similarly named directory) to define project roles and decision-making process (examples: Nodecloudevents, SAFE, docker, k8s community)

Interested in what others think about this naming detail.

Thanks!
Sarah

On Thu, Jan 31, 2019 at 7:34 AM Quinton Hoole <quinton.hoole@...> wrote:
My apologies Diane – I just reread the Operating Model section and you’re right - it’s not sufficiently clear on the point you raised.  I will add some wording to the effect of my email reply below.

Regards

Q

From: <cncf-toc@...> on behalf of Diane Mueller-Klingspor <dmueller@...>
Date: Thursday, January 31, 2019 at 06:54
To: Quinton Hoole <quinton.hoole@...>
Cc: "cncf-toc@..." <cncf-toc@...>, Erin Boyd <eboyd@...>, Sarah Allen <sarahallen@...>, Bryan Cantrill <bryan@...>, Chris Aniszczyk <caniszczyk@...>, Matt Farina <matt.farina@...>, Alex Chircop <alex.chircop@...>, Alexis Richardson <alexis@...>
Subject: Re: [cncf-toc] CNCF SIGs Proposal

Quinton, 

If you are referring to this one sentence:

"The TOC makes use of this input to act as an informed and effective executive board to select and promote appropriate CNCF projects and practices, and to disseminate high quality information to end users and the cloud-native community in general." as the section discussion the creation/instantiation/proposal process for new SIGs"

I'd like a bit more clarity. If someone from the community (outside of the TOC) wishes to propose a SIG, what it the process? Or is it just the purview of the TOC on know when a new SIG should be created - then that would be nice to have clarified further.

If there's another section of the document, that you feel clarifies this SIG instantiation/proposal process, please point me in the right direction. I'm just not finding it.

Thanks for your help,

Diane Mueller
@openshiftcommon

On Thu, Jan 31, 2019 at 6:16 AM Quinton Hoole <quinton.hoole@...> wrote:
Thanks Diane

I think that’s adequately covered in the doc - the TOC creates and approves SIG’s.  If anyone believes we need to create more SIG’s, they should, by implication, ask the TOC to do that.  The current intention is to keep the number of SIGs relatively small, at least initially, and make sure they’re all highly effective before expanding the number of SIG's.

Q

From: <cncf-toc@...> on behalf of Diane Mueller-Klingspor <dmueller@...>
Date: Thursday, January 31, 2019 at 05:27
To: Quinton Hoole <quinton.hoole@...>
Cc: "cncf-toc@..." <cncf-toc@...>, Erin Boyd <eboyd@...>, Sarah Allen <sarahallen@...>, Bryan Cantrill <bryan@...>, Chris Aniszczyk <caniszczyk@...>, Matt Farina <matt.farina@...>, Alex Chircop <alex.chircop@...>, Alexis Richardson <alexis@...>
Subject: Re: [cncf-toc] CNCF SIGs Proposal

Quinton et al,

Would it be possible to ask for a section in the Operator Model on how one goes about proposing a new SIG and the process for getting it approved?
(or if there is documentation on this topic elsewhere, reference/link to it in an appendix)?

Kind Regards,

Diane Mueller
Director, Community Development
Red Hat 
@openshiftcommon

On Wed, Jan 30, 2019 at 10:47 PM Quinton Hoole <quinton.hoole@...> wrote:
Greetings to the new TOC

Late last year Alexis kicked off a public discussion regarding forming CNCF SIG’s (initially referred to as Categories).  Since then a few of us have collaborated on soliciting further input, addressing all the comments, and producing a finalish proposal for consideration by the TOC.

Please give it a read and we can decide how to proceed at the next meeting this Tue, Feb 5


Q

From: Alexis Richardson <alexis@...>
Date: Tuesday, January 15, 2019 at 07:58
To: Alex Chircop <alex.chircop@...>
Cc: Erin Boyd <eboyd@...>, Sarah Allen <sarahallen@...>, Bryan Cantrill <bryan@...>, Chris Aniszczyk <caniszczyk@...>, Quinton Hoole <quinton.hoole@...>, Matt Farina <matt.farina@...>
Subject: Re: CNCF TOC SIGs Doc

can you put this link into the main doc as a comment?

On Tue, Jan 15, 2019 at 3:57 PM Alex Chircop <alex.chircop@...> wrote:

Hi Alexis,


Following our initial discussion in Seattle, Quinton and I had a discussion on this.   I captured the notes and applied them to the operating model.   I decided to make a copy of the doc and apply the changes to operating model section only - the current doc is hard to process due to the number of comments.


Here is the amended operating model content: https://docs.google.com/document/d/1ySri5jVrPaJjTJ_tZnDzcc4Xmcm4uKoUrHT6lVO6Pcw/edit#heading=h.6cl6hmsbz9fv


Kind Regards,

Alex





From: Alexis Richardson <alexis@...>
Sent: 09 January 2019 19:36
To: Erin Boyd; Sarah Allen
Cc: Bryan Cantrill; Chris Aniszczyk; Quinton Hoole; Alex Chircop; Matt Farina
Subject: CNCF TOC SIGs Doc
 
hi all

happy 2019!

how's this doc looking?  I daren't look.  can we show the toc an update next week?

a



On Mon, Dec 10, 2018 at 5:35 AM Alexis Richardson <alexis@...> wrote:
+sarah

On Fri, 7 Dec 2018, 13:35 Erin Boyd, <eboyd@...> wrote:
Sounds good.
Please feel free to catch me on Slack.

Erin


On Wed, Dec 5, 2018 at 11:18 PM Alexis Richardson <alexis@...> wrote:
Thank you Erin.  Let's try and sync 1-1 during the week 

On Thu, 6 Dec 2018, 00:42 Erin Boyd, <eboyd@...> wrote:
HI Alexis,
I think I am speaking on a panel at this time.
I can collaborate in the document.
Sorry about that.
Thanks,
Erin


On Tue, Dec 4, 2018 at 11:46 AM Alexis Richardson <alexis@...> wrote:

CNCF TOC meeting re SIGs Doc

meeting to discuss the Categories and SIGs doc
identify and divide up work tasks to clean up draft doc.
eg: we agree a new section plan and each take one section? or something
When
Mon Dec 10, 2018 3:30pm – 4:10pm Mountain Time - Denver
Where
lobby of the Sheraton Grand Seattle (map)
Joining info
meet.google.com/hud-jxti-yvh
Or dial: +1 929-299-3513  PIN: 706587657#
Calendar
eboyd@...
Who
Alexis Richardson - organizer
Matt Farina
Chris Aniszczyk

Going (eboyd@...)?   Yes - Maybe - No    more options »

Invitation from Google Calendar

You are receiving this email at the account eboyd@... because you are subscribed for invitations on calendar eboyd@....

To stop receiving these emails, please log in to https://www.google.com/calendar/ and change your notification settings for this calendar.

Forwarding this invitation could allow any recipient to modify your RSVP response. Learn More.



--
Kind Regards,

Diane Mueller
Director, Community Development
Red Hat OpenShift
@openshiftcommons

We have more in Common than you know, learn more at http://commons.openshift.org



--
Kind Regards,

Diane Mueller
Director, Community Development
Red Hat OpenShift
@openshiftcommons

We have more in Common than you know, learn more at http://commons.openshift.org



--
Zhipeng (Howard) Huang

Principle Engineer
IT Standard & Patent/IT Product Line
Huawei Technologies Co,. Ltd
Office: Huawei Industrial Base, Longgang, Shenzhen

--
Liz Rice
@lizrice  | lizrice.com+44 (0) 780 126 1145

--
Liz Rice
@lizrice  | lizrice.com+44 (0) 780 126 1145


Re: CNCF SIGs Proposal

Liz Rice
 

Sure - regulations are what folks have to be in compliance with. So long as the SIG doesn't start writing more regulations :-)


On Sat, 2 Feb 2019 at 14:26, Alexis Richardson <alexis@...> wrote:
RegSec?

On Sat, 2 Feb 2019, 14:24 Liz Rice, <liz@...> wrote:
+1 that "Governance" isn't a great name for this security-related SIG. I'd suggest "Security and Compliance". In many cases end users are concerned not just with security but also with associated standards compliance (PCI, GDPR, FedRamp etc). I believe the CNCF could add a lot of value by helping to establish what's necessary or best practice for meeting these compliance requirements.

On Sat, 2 Feb 2019 at 00:39, Zhipeng Huang <zhipengh512@...> wrote:
I agree with Sarah, and this is where most people missunderstand policy - they think of it in terms of governance instead of a set of rules which provides constraints for a cluster. Could we change it to security & policy or even just Security , or something else ?

On Sat, Feb 2, 2019 at 6:31 AM Sarah Allen via Lists.Cncf.Io <sarahallen=google.com@...> wrote:
Overall the doc looks great -- thanks Alexis for your editorial work and Quinton for moving this forward!

One small point on naming of a specific SIG: 

Governance

security, authentication, authorization, auditing, policy enforcement

SPIFFE, SPIRE, Open Policy Agent, Notary, TUF,  Falco,


The word "governance" is often used to convey human processes of policy (e.g. how decisions are made, roles and responsibilities, etc.), and if I saw that in a list of SIGs, I probably wouldn't go looking there for security.  

Also note that the "Governance" section of the same doc addressees those same kinds of human policy concerns (e.g. "SIGs must have a documented governance process that encourages community participation and clear guidelines to avoid biased decision-making."), yet the topics for the SIG and list of projects are more about the software used to implement security and privacy, along with ensuring compliance (auditing, etc).

Also, note that some open source projects have a GOVERNANCE.md (or similarly named directory) to define project roles and decision-making process (examples: Nodecloudevents, SAFE, docker, k8s community)

Interested in what others think about this naming detail.

Thanks!
Sarah

On Thu, Jan 31, 2019 at 7:34 AM Quinton Hoole <quinton.hoole@...> wrote:
My apologies Diane – I just reread the Operating Model section and you’re right - it’s not sufficiently clear on the point you raised.  I will add some wording to the effect of my email reply below.

Regards

Q

From: <cncf-toc@...> on behalf of Diane Mueller-Klingspor <dmueller@...>
Date: Thursday, January 31, 2019 at 06:54
To: Quinton Hoole <quinton.hoole@...>
Cc: "cncf-toc@..." <cncf-toc@...>, Erin Boyd <eboyd@...>, Sarah Allen <sarahallen@...>, Bryan Cantrill <bryan@...>, Chris Aniszczyk <caniszczyk@...>, Matt Farina <matt.farina@...>, Alex Chircop <alex.chircop@...>, Alexis Richardson <alexis@...>
Subject: Re: [cncf-toc] CNCF SIGs Proposal

Quinton, 

If you are referring to this one sentence:

"The TOC makes use of this input to act as an informed and effective executive board to select and promote appropriate CNCF projects and practices, and to disseminate high quality information to end users and the cloud-native community in general." as the section discussion the creation/instantiation/proposal process for new SIGs"

I'd like a bit more clarity. If someone from the community (outside of the TOC) wishes to propose a SIG, what it the process? Or is it just the purview of the TOC on know when a new SIG should be created - then that would be nice to have clarified further.

If there's another section of the document, that you feel clarifies this SIG instantiation/proposal process, please point me in the right direction. I'm just not finding it.

Thanks for your help,

Diane Mueller
@openshiftcommon

On Thu, Jan 31, 2019 at 6:16 AM Quinton Hoole <quinton.hoole@...> wrote:
Thanks Diane

I think that’s adequately covered in the doc - the TOC creates and approves SIG’s.  If anyone believes we need to create more SIG’s, they should, by implication, ask the TOC to do that.  The current intention is to keep the number of SIGs relatively small, at least initially, and make sure they’re all highly effective before expanding the number of SIG's.

Q

From: <cncf-toc@...> on behalf of Diane Mueller-Klingspor <dmueller@...>
Date: Thursday, January 31, 2019 at 05:27
To: Quinton Hoole <quinton.hoole@...>
Cc: "cncf-toc@..." <cncf-toc@...>, Erin Boyd <eboyd@...>, Sarah Allen <sarahallen@...>, Bryan Cantrill <bryan@...>, Chris Aniszczyk <caniszczyk@...>, Matt Farina <matt.farina@...>, Alex Chircop <alex.chircop@...>, Alexis Richardson <alexis@...>
Subject: Re: [cncf-toc] CNCF SIGs Proposal

Quinton et al,

Would it be possible to ask for a section in the Operator Model on how one goes about proposing a new SIG and the process for getting it approved?
(or if there is documentation on this topic elsewhere, reference/link to it in an appendix)?

Kind Regards,

Diane Mueller
Director, Community Development
Red Hat 
@openshiftcommon

On Wed, Jan 30, 2019 at 10:47 PM Quinton Hoole <quinton.hoole@...> wrote:
Greetings to the new TOC

Late last year Alexis kicked off a public discussion regarding forming CNCF SIG’s (initially referred to as Categories).  Since then a few of us have collaborated on soliciting further input, addressing all the comments, and producing a finalish proposal for consideration by the TOC.

Please give it a read and we can decide how to proceed at the next meeting this Tue, Feb 5


Q

From: Alexis Richardson <alexis@...>
Date: Tuesday, January 15, 2019 at 07:58
To: Alex Chircop <alex.chircop@...>
Cc: Erin Boyd <eboyd@...>, Sarah Allen <sarahallen@...>, Bryan Cantrill <bryan@...>, Chris Aniszczyk <caniszczyk@...>, Quinton Hoole <quinton.hoole@...>, Matt Farina <matt.farina@...>
Subject: Re: CNCF TOC SIGs Doc

can you put this link into the main doc as a comment?

On Tue, Jan 15, 2019 at 3:57 PM Alex Chircop <alex.chircop@...> wrote:

Hi Alexis,


Following our initial discussion in Seattle, Quinton and I had a discussion on this.   I captured the notes and applied them to the operating model.   I decided to make a copy of the doc and apply the changes to operating model section only - the current doc is hard to process due to the number of comments.


Here is the amended operating model content: https://docs.google.com/document/d/1ySri5jVrPaJjTJ_tZnDzcc4Xmcm4uKoUrHT6lVO6Pcw/edit#heading=h.6cl6hmsbz9fv


Kind Regards,

Alex





From: Alexis Richardson <alexis@...>
Sent: 09 January 2019 19:36
To: Erin Boyd; Sarah Allen
Cc: Bryan Cantrill; Chris Aniszczyk; Quinton Hoole; Alex Chircop; Matt Farina
Subject: CNCF TOC SIGs Doc
 
hi all

happy 2019!

how's this doc looking?  I daren't look.  can we show the toc an update next week?

a



On Mon, Dec 10, 2018 at 5:35 AM Alexis Richardson <alexis@...> wrote:
+sarah

On Fri, 7 Dec 2018, 13:35 Erin Boyd, <eboyd@...> wrote:
Sounds good.
Please feel free to catch me on Slack.

Erin


On Wed, Dec 5, 2018 at 11:18 PM Alexis Richardson <alexis@...> wrote:
Thank you Erin.  Let's try and sync 1-1 during the week 

On Thu, 6 Dec 2018, 00:42 Erin Boyd, <eboyd@...> wrote:
HI Alexis,
I think I am speaking on a panel at this time.
I can collaborate in the document.
Sorry about that.
Thanks,
Erin


On Tue, Dec 4, 2018 at 11:46 AM Alexis Richardson <alexis@...> wrote:

CNCF TOC meeting re SIGs Doc

meeting to discuss the Categories and SIGs doc
identify and divide up work tasks to clean up draft doc.
eg: we agree a new section plan and each take one section? or something
When
Mon Dec 10, 2018 3:30pm – 4:10pm Mountain Time - Denver
Where
lobby of the Sheraton Grand Seattle (map)
Joining info
meet.google.com/hud-jxti-yvh
Or dial: +1 929-299-3513  PIN: 706587657#
Calendar
eboyd@...
Who
Alexis Richardson - organizer
Matt Farina
Chris Aniszczyk

Going (eboyd@...)?   Yes - Maybe - No    more options »

Invitation from Google Calendar

You are receiving this email at the account eboyd@... because you are subscribed for invitations on calendar eboyd@....

To stop receiving these emails, please log in to https://www.google.com/calendar/ and change your notification settings for this calendar.

Forwarding this invitation could allow any recipient to modify your RSVP response. Learn More.



--
Kind Regards,

Diane Mueller
Director, Community Development
Red Hat OpenShift
@openshiftcommons

We have more in Common than you know, learn more at http://commons.openshift.org



--
Kind Regards,

Diane Mueller
Director, Community Development
Red Hat OpenShift
@openshiftcommons

We have more in Common than you know, learn more at http://commons.openshift.org



--
Zhipeng (Howard) Huang

Principle Engineer
IT Standard & Patent/IT Product Line
Huawei Technologies Co,. Ltd
Office: Huawei Industrial Base, Longgang, Shenzhen

--
Liz Rice
@lizrice  | lizrice.com+44 (0) 780 126 1145

--
Liz Rice
@lizrice  | lizrice.com+44 (0) 780 126 1145


Re: CNCF SIGs Proposal

alexis richardson
 

RegSec?


On Sat, 2 Feb 2019, 14:24 Liz Rice, <liz@...> wrote:
+1 that "Governance" isn't a great name for this security-related SIG. I'd suggest "Security and Compliance". In many cases end users are concerned not just with security but also with associated standards compliance (PCI, GDPR, FedRamp etc). I believe the CNCF could add a lot of value by helping to establish what's necessary or best practice for meeting these compliance requirements.

On Sat, 2 Feb 2019 at 00:39, Zhipeng Huang <zhipengh512@...> wrote:
I agree with Sarah, and this is where most people missunderstand policy - they think of it in terms of governance instead of a set of rules which provides constraints for a cluster. Could we change it to security & policy or even just Security , or something else ?

On Sat, Feb 2, 2019 at 6:31 AM Sarah Allen via Lists.Cncf.Io <sarahallen=google.com@...> wrote:
Overall the doc looks great -- thanks Alexis for your editorial work and Quinton for moving this forward!

One small point on naming of a specific SIG: 

Governance

security, authentication, authorization, auditing, policy enforcement

SPIFFE, SPIRE, Open Policy Agent, Notary, TUF,  Falco,


The word "governance" is often used to convey human processes of policy (e.g. how decisions are made, roles and responsibilities, etc.), and if I saw that in a list of SIGs, I probably wouldn't go looking there for security.  

Also note that the "Governance" section of the same doc addressees those same kinds of human policy concerns (e.g. "SIGs must have a documented governance process that encourages community participation and clear guidelines to avoid biased decision-making."), yet the topics for the SIG and list of projects are more about the software used to implement security and privacy, along with ensuring compliance (auditing, etc).

Also, note that some open source projects have a GOVERNANCE.md (or similarly named directory) to define project roles and decision-making process (examples: Nodecloudevents, SAFE, docker, k8s community)

Interested in what others think about this naming detail.

Thanks!
Sarah

On Thu, Jan 31, 2019 at 7:34 AM Quinton Hoole <quinton.hoole@...> wrote:
My apologies Diane – I just reread the Operating Model section and you’re right - it’s not sufficiently clear on the point you raised.  I will add some wording to the effect of my email reply below.

Regards

Q

From: <cncf-toc@...> on behalf of Diane Mueller-Klingspor <dmueller@...>
Date: Thursday, January 31, 2019 at 06:54
To: Quinton Hoole <quinton.hoole@...>
Cc: "cncf-toc@..." <cncf-toc@...>, Erin Boyd <eboyd@...>, Sarah Allen <sarahallen@...>, Bryan Cantrill <bryan@...>, Chris Aniszczyk <caniszczyk@...>, Matt Farina <matt.farina@...>, Alex Chircop <alex.chircop@...>, Alexis Richardson <alexis@...>
Subject: Re: [cncf-toc] CNCF SIGs Proposal

Quinton, 

If you are referring to this one sentence:

"The TOC makes use of this input to act as an informed and effective executive board to select and promote appropriate CNCF projects and practices, and to disseminate high quality information to end users and the cloud-native community in general." as the section discussion the creation/instantiation/proposal process for new SIGs"

I'd like a bit more clarity. If someone from the community (outside of the TOC) wishes to propose a SIG, what it the process? Or is it just the purview of the TOC on know when a new SIG should be created - then that would be nice to have clarified further.

If there's another section of the document, that you feel clarifies this SIG instantiation/proposal process, please point me in the right direction. I'm just not finding it.

Thanks for your help,

Diane Mueller
@openshiftcommon

On Thu, Jan 31, 2019 at 6:16 AM Quinton Hoole <quinton.hoole@...> wrote:
Thanks Diane

I think that’s adequately covered in the doc - the TOC creates and approves SIG’s.  If anyone believes we need to create more SIG’s, they should, by implication, ask the TOC to do that.  The current intention is to keep the number of SIGs relatively small, at least initially, and make sure they’re all highly effective before expanding the number of SIG's.

Q

From: <cncf-toc@...> on behalf of Diane Mueller-Klingspor <dmueller@...>
Date: Thursday, January 31, 2019 at 05:27
To: Quinton Hoole <quinton.hoole@...>
Cc: "cncf-toc@..." <cncf-toc@...>, Erin Boyd <eboyd@...>, Sarah Allen <sarahallen@...>, Bryan Cantrill <bryan@...>, Chris Aniszczyk <caniszczyk@...>, Matt Farina <matt.farina@...>, Alex Chircop <alex.chircop@...>, Alexis Richardson <alexis@...>
Subject: Re: [cncf-toc] CNCF SIGs Proposal

Quinton et al,

Would it be possible to ask for a section in the Operator Model on how one goes about proposing a new SIG and the process for getting it approved?
(or if there is documentation on this topic elsewhere, reference/link to it in an appendix)?

Kind Regards,

Diane Mueller
Director, Community Development
Red Hat 
@openshiftcommon

On Wed, Jan 30, 2019 at 10:47 PM Quinton Hoole <quinton.hoole@...> wrote:
Greetings to the new TOC

Late last year Alexis kicked off a public discussion regarding forming CNCF SIG’s (initially referred to as Categories).  Since then a few of us have collaborated on soliciting further input, addressing all the comments, and producing a finalish proposal for consideration by the TOC.

Please give it a read and we can decide how to proceed at the next meeting this Tue, Feb 5


Q

From: Alexis Richardson <alexis@...>
Date: Tuesday, January 15, 2019 at 07:58
To: Alex Chircop <alex.chircop@...>
Cc: Erin Boyd <eboyd@...>, Sarah Allen <sarahallen@...>, Bryan Cantrill <bryan@...>, Chris Aniszczyk <caniszczyk@...>, Quinton Hoole <quinton.hoole@...>, Matt Farina <matt.farina@...>
Subject: Re: CNCF TOC SIGs Doc

can you put this link into the main doc as a comment?

On Tue, Jan 15, 2019 at 3:57 PM Alex Chircop <alex.chircop@...> wrote:

Hi Alexis,


Following our initial discussion in Seattle, Quinton and I had a discussion on this.   I captured the notes and applied them to the operating model.   I decided to make a copy of the doc and apply the changes to operating model section only - the current doc is hard to process due to the number of comments.


Here is the amended operating model content: https://docs.google.com/document/d/1ySri5jVrPaJjTJ_tZnDzcc4Xmcm4uKoUrHT6lVO6Pcw/edit#heading=h.6cl6hmsbz9fv


Kind Regards,

Alex





From: Alexis Richardson <alexis@...>
Sent: 09 January 2019 19:36
To: Erin Boyd; Sarah Allen
Cc: Bryan Cantrill; Chris Aniszczyk; Quinton Hoole; Alex Chircop; Matt Farina
Subject: CNCF TOC SIGs Doc
 
hi all

happy 2019!

how's this doc looking?  I daren't look.  can we show the toc an update next week?

a



On Mon, Dec 10, 2018 at 5:35 AM Alexis Richardson <alexis@...> wrote:
+sarah

On Fri, 7 Dec 2018, 13:35 Erin Boyd, <eboyd@...> wrote:
Sounds good.
Please feel free to catch me on Slack.

Erin


On Wed, Dec 5, 2018 at 11:18 PM Alexis Richardson <alexis@...> wrote:
Thank you Erin.  Let's try and sync 1-1 during the week 

On Thu, 6 Dec 2018, 00:42 Erin Boyd, <eboyd@...> wrote:
HI Alexis,
I think I am speaking on a panel at this time.
I can collaborate in the document.
Sorry about that.
Thanks,
Erin


On Tue, Dec 4, 2018 at 11:46 AM Alexis Richardson <alexis@...> wrote:

CNCF TOC meeting re SIGs Doc

meeting to discuss the Categories and SIGs doc
identify and divide up work tasks to clean up draft doc.
eg: we agree a new section plan and each take one section? or something
When
Mon Dec 10, 2018 3:30pm – 4:10pm Mountain Time - Denver
Where
lobby of the Sheraton Grand Seattle (map)
Joining info
meet.google.com/hud-jxti-yvh
Or dial: +1 929-299-3513  PIN: 706587657#
Calendar
eboyd@...
Who
Alexis Richardson - organizer
Matt Farina
Chris Aniszczyk

Going (eboyd@...)?   Yes - Maybe - No    more options »

Invitation from Google Calendar

You are receiving this email at the account eboyd@... because you are subscribed for invitations on calendar eboyd@....

To stop receiving these emails, please log in to https://www.google.com/calendar/ and change your notification settings for this calendar.

Forwarding this invitation could allow any recipient to modify your RSVP response. Learn More.



--
Kind Regards,

Diane Mueller
Director, Community Development
Red Hat OpenShift
@openshiftcommons

We have more in Common than you know, learn more at http://commons.openshift.org



--
Kind Regards,

Diane Mueller
Director, Community Development
Red Hat OpenShift
@openshiftcommons

We have more in Common than you know, learn more at http://commons.openshift.org



--
Zhipeng (Howard) Huang

Principle Engineer
IT Standard & Patent/IT Product Line
Huawei Technologies Co,. Ltd
Office: Huawei Industrial Base, Longgang, Shenzhen

--
Liz Rice
@lizrice  | lizrice.com+44 (0) 780 126 1145


Re: CNCF SIGs Proposal

Liz Rice
 

+1 that "Governance" isn't a great name for this security-related SIG. I'd suggest "Security and Compliance". In many cases end users are concerned not just with security but also with associated standards compliance (PCI, GDPR, FedRamp etc). I believe the CNCF could add a lot of value by helping to establish what's necessary or best practice for meeting these compliance requirements.


On Sat, 2 Feb 2019 at 00:39, Zhipeng Huang <zhipengh512@...> wrote:
I agree with Sarah, and this is where most people missunderstand policy - they think of it in terms of governance instead of a set of rules which provides constraints for a cluster. Could we change it to security & policy or even just Security , or something else ?

On Sat, Feb 2, 2019 at 6:31 AM Sarah Allen via Lists.Cncf.Io <sarahallen=google.com@...> wrote:
Overall the doc looks great -- thanks Alexis for your editorial work and Quinton for moving this forward!

One small point on naming of a specific SIG: 

Governance

security, authentication, authorization, auditing, policy enforcement

SPIFFE, SPIRE, Open Policy Agent, Notary, TUF,  Falco,


The word "governance" is often used to convey human processes of policy (e.g. how decisions are made, roles and responsibilities, etc.), and if I saw that in a list of SIGs, I probably wouldn't go looking there for security.  

Also note that the "Governance" section of the same doc addressees those same kinds of human policy concerns (e.g. "SIGs must have a documented governance process that encourages community participation and clear guidelines to avoid biased decision-making."), yet the topics for the SIG and list of projects are more about the software used to implement security and privacy, along with ensuring compliance (auditing, etc).

Also, note that some open source projects have a GOVERNANCE.md (or similarly named directory) to define project roles and decision-making process (examples: Nodecloudevents, SAFE, docker, k8s community)

Interested in what others think about this naming detail.

Thanks!
Sarah

On Thu, Jan 31, 2019 at 7:34 AM Quinton Hoole <quinton.hoole@...> wrote:
My apologies Diane – I just reread the Operating Model section and you’re right - it’s not sufficiently clear on the point you raised.  I will add some wording to the effect of my email reply below.

Regards

Q

From: <cncf-toc@...> on behalf of Diane Mueller-Klingspor <dmueller@...>
Date: Thursday, January 31, 2019 at 06:54
To: Quinton Hoole <quinton.hoole@...>
Cc: "cncf-toc@..." <cncf-toc@...>, Erin Boyd <eboyd@...>, Sarah Allen <sarahallen@...>, Bryan Cantrill <bryan@...>, Chris Aniszczyk <caniszczyk@...>, Matt Farina <matt.farina@...>, Alex Chircop <alex.chircop@...>, Alexis Richardson <alexis@...>
Subject: Re: [cncf-toc] CNCF SIGs Proposal

Quinton, 

If you are referring to this one sentence:

"The TOC makes use of this input to act as an informed and effective executive board to select and promote appropriate CNCF projects and practices, and to disseminate high quality information to end users and the cloud-native community in general." as the section discussion the creation/instantiation/proposal process for new SIGs"

I'd like a bit more clarity. If someone from the community (outside of the TOC) wishes to propose a SIG, what it the process? Or is it just the purview of the TOC on know when a new SIG should be created - then that would be nice to have clarified further.

If there's another section of the document, that you feel clarifies this SIG instantiation/proposal process, please point me in the right direction. I'm just not finding it.

Thanks for your help,

Diane Mueller
@openshiftcommon

On Thu, Jan 31, 2019 at 6:16 AM Quinton Hoole <quinton.hoole@...> wrote:
Thanks Diane

I think that’s adequately covered in the doc - the TOC creates and approves SIG’s.  If anyone believes we need to create more SIG’s, they should, by implication, ask the TOC to do that.  The current intention is to keep the number of SIGs relatively small, at least initially, and make sure they’re all highly effective before expanding the number of SIG's.

Q

From: <cncf-toc@...> on behalf of Diane Mueller-Klingspor <dmueller@...>
Date: Thursday, January 31, 2019 at 05:27
To: Quinton Hoole <quinton.hoole@...>
Cc: "cncf-toc@..." <cncf-toc@...>, Erin Boyd <eboyd@...>, Sarah Allen <sarahallen@...>, Bryan Cantrill <bryan@...>, Chris Aniszczyk <caniszczyk@...>, Matt Farina <matt.farina@...>, Alex Chircop <alex.chircop@...>, Alexis Richardson <alexis@...>
Subject: Re: [cncf-toc] CNCF SIGs Proposal

Quinton et al,

Would it be possible to ask for a section in the Operator Model on how one goes about proposing a new SIG and the process for getting it approved?
(or if there is documentation on this topic elsewhere, reference/link to it in an appendix)?

Kind Regards,

Diane Mueller
Director, Community Development
Red Hat 
@openshiftcommon

On Wed, Jan 30, 2019 at 10:47 PM Quinton Hoole <quinton.hoole@...> wrote:
Greetings to the new TOC

Late last year Alexis kicked off a public discussion regarding forming CNCF SIG’s (initially referred to as Categories).  Since then a few of us have collaborated on soliciting further input, addressing all the comments, and producing a finalish proposal for consideration by the TOC.

Please give it a read and we can decide how to proceed at the next meeting this Tue, Feb 5


Q

From: Alexis Richardson <alexis@...>
Date: Tuesday, January 15, 2019 at 07:58
To: Alex Chircop <alex.chircop@...>
Cc: Erin Boyd <eboyd@...>, Sarah Allen <sarahallen@...>, Bryan Cantrill <bryan@...>, Chris Aniszczyk <caniszczyk@...>, Quinton Hoole <quinton.hoole@...>, Matt Farina <matt.farina@...>
Subject: Re: CNCF TOC SIGs Doc

can you put this link into the main doc as a comment?

On Tue, Jan 15, 2019 at 3:57 PM Alex Chircop <alex.chircop@...> wrote:

Hi Alexis,


Following our initial discussion in Seattle, Quinton and I had a discussion on this.   I captured the notes and applied them to the operating model.   I decided to make a copy of the doc and apply the changes to operating model section only - the current doc is hard to process due to the number of comments.


Here is the amended operating model content: https://docs.google.com/document/d/1ySri5jVrPaJjTJ_tZnDzcc4Xmcm4uKoUrHT6lVO6Pcw/edit#heading=h.6cl6hmsbz9fv


Kind Regards,

Alex





From: Alexis Richardson <alexis@...>
Sent: 09 January 2019 19:36
To: Erin Boyd; Sarah Allen
Cc: Bryan Cantrill; Chris Aniszczyk; Quinton Hoole; Alex Chircop; Matt Farina
Subject: CNCF TOC SIGs Doc
 
hi all

happy 2019!

how's this doc looking?  I daren't look.  can we show the toc an update next week?

a



On Mon, Dec 10, 2018 at 5:35 AM Alexis Richardson <alexis@...> wrote:
+sarah

On Fri, 7 Dec 2018, 13:35 Erin Boyd, <eboyd@...> wrote:
Sounds good.
Please feel free to catch me on Slack.

Erin


On Wed, Dec 5, 2018 at 11:18 PM Alexis Richardson <alexis@...> wrote:
Thank you Erin.  Let's try and sync 1-1 during the week 

On Thu, 6 Dec 2018, 00:42 Erin Boyd, <eboyd@...> wrote:
HI Alexis,
I think I am speaking on a panel at this time.
I can collaborate in the document.
Sorry about that.
Thanks,
Erin


On Tue, Dec 4, 2018 at 11:46 AM Alexis Richardson <alexis@...> wrote:

CNCF TOC meeting re SIGs Doc

meeting to discuss the Categories and SIGs doc
identify and divide up work tasks to clean up draft doc.
eg: we agree a new section plan and each take one section? or something
When
Mon Dec 10, 2018 3:30pm – 4:10pm Mountain Time - Denver
Where
lobby of the Sheraton Grand Seattle (map)
Joining info
meet.google.com/hud-jxti-yvh
Or dial: +1 929-299-3513  PIN: 706587657#
Calendar
eboyd@...
Who
Alexis Richardson - organizer
Matt Farina
Chris Aniszczyk

Going (eboyd@...)?   Yes - Maybe - No    more options »

Invitation from Google Calendar

You are receiving this email at the account eboyd@... because you are subscribed for invitations on calendar eboyd@....

To stop receiving these emails, please log in to https://www.google.com/calendar/ and change your notification settings for this calendar.

Forwarding this invitation could allow any recipient to modify your RSVP response. Learn More.



--
Kind Regards,

Diane Mueller
Director, Community Development
Red Hat OpenShift
@openshiftcommons

We have more in Common than you know, learn more at http://commons.openshift.org



--
Kind Regards,

Diane Mueller
Director, Community Development
Red Hat OpenShift
@openshiftcommons

We have more in Common than you know, learn more at http://commons.openshift.org



--
Zhipeng (Howard) Huang

Principle Engineer
IT Standard & Patent/IT Product Line
Huawei Technologies Co,. Ltd
Office: Huawei Industrial Base, Longgang, Shenzhen

--
Liz Rice
@lizrice  | lizrice.com+44 (0) 780 126 1145


FYI: Summer of Code 2019 + CNCF

Chris Aniszczyk
 

CNCF plans on participating in Summer of Code again this year:

If you're a CNCF project/mentor interested in participating, please submit a project idea with a pull request, e.g., https://github.com/cncf/soc/pull/60

Thanks!

--
Chris Aniszczyk (@cra) | +1-512-961-6719


Re: CNCF SIGs Proposal

Zhipeng Huang
 

I agree with Sarah, and this is where most people missunderstand policy - they think of it in terms of governance instead of a set of rules which provides constraints for a cluster. Could we change it to security & policy or even just Security , or something else ?


On Sat, Feb 2, 2019 at 6:31 AM Sarah Allen via Lists.Cncf.Io <sarahallen=google.com@...> wrote:
Overall the doc looks great -- thanks Alexis for your editorial work and Quinton for moving this forward!

One small point on naming of a specific SIG: 

Governance

security, authentication, authorization, auditing, policy enforcement

SPIFFE, SPIRE, Open Policy Agent, Notary, TUF,  Falco,


The word "governance" is often used to convey human processes of policy (e.g. how decisions are made, roles and responsibilities, etc.), and if I saw that in a list of SIGs, I probably wouldn't go looking there for security.  

Also note that the "Governance" section of the same doc addressees those same kinds of human policy concerns (e.g. "SIGs must have a documented governance process that encourages community participation and clear guidelines to avoid biased decision-making."), yet the topics for the SIG and list of projects are more about the software used to implement security and privacy, along with ensuring compliance (auditing, etc).

Also, note that some open source projects have a GOVERNANCE.md (or similarly named directory) to define project roles and decision-making process (examples: Nodecloudevents, SAFE, docker, k8s community)

Interested in what others think about this naming detail.

Thanks!
Sarah

On Thu, Jan 31, 2019 at 7:34 AM Quinton Hoole <quinton.hoole@...> wrote:
My apologies Diane – I just reread the Operating Model section and you’re right - it’s not sufficiently clear on the point you raised.  I will add some wording to the effect of my email reply below.

Regards

Q

From: <cncf-toc@...> on behalf of Diane Mueller-Klingspor <dmueller@...>
Date: Thursday, January 31, 2019 at 06:54
To: Quinton Hoole <quinton.hoole@...>
Cc: "cncf-toc@..." <cncf-toc@...>, Erin Boyd <eboyd@...>, Sarah Allen <sarahallen@...>, Bryan Cantrill <bryan@...>, Chris Aniszczyk <caniszczyk@...>, Matt Farina <matt.farina@...>, Alex Chircop <alex.chircop@...>, Alexis Richardson <alexis@...>
Subject: Re: [cncf-toc] CNCF SIGs Proposal

Quinton, 

If you are referring to this one sentence:

"The TOC makes use of this input to act as an informed and effective executive board to select and promote appropriate CNCF projects and practices, and to disseminate high quality information to end users and the cloud-native community in general." as the section discussion the creation/instantiation/proposal process for new SIGs"

I'd like a bit more clarity. If someone from the community (outside of the TOC) wishes to propose a SIG, what it the process? Or is it just the purview of the TOC on know when a new SIG should be created - then that would be nice to have clarified further.

If there's another section of the document, that you feel clarifies this SIG instantiation/proposal process, please point me in the right direction. I'm just not finding it.

Thanks for your help,

Diane Mueller
@openshiftcommon

On Thu, Jan 31, 2019 at 6:16 AM Quinton Hoole <quinton.hoole@...> wrote:
Thanks Diane

I think that’s adequately covered in the doc - the TOC creates and approves SIG’s.  If anyone believes we need to create more SIG’s, they should, by implication, ask the TOC to do that.  The current intention is to keep the number of SIGs relatively small, at least initially, and make sure they’re all highly effective before expanding the number of SIG's.

Q

From: <cncf-toc@...> on behalf of Diane Mueller-Klingspor <dmueller@...>
Date: Thursday, January 31, 2019 at 05:27
To: Quinton Hoole <quinton.hoole@...>
Cc: "cncf-toc@..." <cncf-toc@...>, Erin Boyd <eboyd@...>, Sarah Allen <sarahallen@...>, Bryan Cantrill <bryan@...>, Chris Aniszczyk <caniszczyk@...>, Matt Farina <matt.farina@...>, Alex Chircop <alex.chircop@...>, Alexis Richardson <alexis@...>
Subject: Re: [cncf-toc] CNCF SIGs Proposal

Quinton et al,

Would it be possible to ask for a section in the Operator Model on how one goes about proposing a new SIG and the process for getting it approved?
(or if there is documentation on this topic elsewhere, reference/link to it in an appendix)?

Kind Regards,

Diane Mueller
Director, Community Development
Red Hat 
@openshiftcommon

On Wed, Jan 30, 2019 at 10:47 PM Quinton Hoole <quinton.hoole@...> wrote:
Greetings to the new TOC

Late last year Alexis kicked off a public discussion regarding forming CNCF SIG’s (initially referred to as Categories).  Since then a few of us have collaborated on soliciting further input, addressing all the comments, and producing a finalish proposal for consideration by the TOC.

Please give it a read and we can decide how to proceed at the next meeting this Tue, Feb 5


Q

From: Alexis Richardson <alexis@...>
Date: Tuesday, January 15, 2019 at 07:58
To: Alex Chircop <alex.chircop@...>
Cc: Erin Boyd <eboyd@...>, Sarah Allen <sarahallen@...>, Bryan Cantrill <bryan@...>, Chris Aniszczyk <caniszczyk@...>, Quinton Hoole <quinton.hoole@...>, Matt Farina <matt.farina@...>
Subject: Re: CNCF TOC SIGs Doc

can you put this link into the main doc as a comment?

On Tue, Jan 15, 2019 at 3:57 PM Alex Chircop <alex.chircop@...> wrote:

Hi Alexis,


Following our initial discussion in Seattle, Quinton and I had a discussion on this.   I captured the notes and applied them to the operating model.   I decided to make a copy of the doc and apply the changes to operating model section only - the current doc is hard to process due to the number of comments.


Here is the amended operating model content: https://docs.google.com/document/d/1ySri5jVrPaJjTJ_tZnDzcc4Xmcm4uKoUrHT6lVO6Pcw/edit#heading=h.6cl6hmsbz9fv


Kind Regards,

Alex





From: Alexis Richardson <alexis@...>
Sent: 09 January 2019 19:36
To: Erin Boyd; Sarah Allen
Cc: Bryan Cantrill; Chris Aniszczyk; Quinton Hoole; Alex Chircop; Matt Farina
Subject: CNCF TOC SIGs Doc
 
hi all

happy 2019!

how's this doc looking?  I daren't look.  can we show the toc an update next week?

a



On Mon, Dec 10, 2018 at 5:35 AM Alexis Richardson <alexis@...> wrote:
+sarah

On Fri, 7 Dec 2018, 13:35 Erin Boyd, <eboyd@...> wrote:
Sounds good.
Please feel free to catch me on Slack.

Erin


On Wed, Dec 5, 2018 at 11:18 PM Alexis Richardson <alexis@...> wrote:
Thank you Erin.  Let's try and sync 1-1 during the week 

On Thu, 6 Dec 2018, 00:42 Erin Boyd, <eboyd@...> wrote:
HI Alexis,
I think I am speaking on a panel at this time.
I can collaborate in the document.
Sorry about that.
Thanks,
Erin


On Tue, Dec 4, 2018 at 11:46 AM Alexis Richardson <alexis@...> wrote:

CNCF TOC meeting re SIGs Doc

meeting to discuss the Categories and SIGs doc
identify and divide up work tasks to clean up draft doc.
eg: we agree a new section plan and each take one section? or something
When
Mon Dec 10, 2018 3:30pm – 4:10pm Mountain Time - Denver
Where
lobby of the Sheraton Grand Seattle (map)
Joining info
meet.google.com/hud-jxti-yvh
Or dial: +1 929-299-3513  PIN: 706587657#
Calendar
eboyd@...
Who
Alexis Richardson - organizer
Matt Farina
Chris Aniszczyk

Going (eboyd@...)?   Yes - Maybe - No    more options »

Invitation from Google Calendar

You are receiving this email at the account eboyd@... because you are subscribed for invitations on calendar eboyd@....

To stop receiving these emails, please log in to https://www.google.com/calendar/ and change your notification settings for this calendar.

Forwarding this invitation could allow any recipient to modify your RSVP response. Learn More.



--
Kind Regards,

Diane Mueller
Director, Community Development
Red Hat OpenShift
@openshiftcommons

We have more in Common than you know, learn more at http://commons.openshift.org



--
Kind Regards,

Diane Mueller
Director, Community Development
Red Hat OpenShift
@openshiftcommons

We have more in Common than you know, learn more at http://commons.openshift.org



--
Zhipeng (Howard) Huang

Principle Engineer
IT Standard & Patent/IT Product Line
Huawei Technologies Co,. Ltd
Office: Huawei Industrial Base, Longgang, Shenzhen


Re: Thank-yous (was Re: [cncf-toc] CNCF SIGs Proposal)

Brian Grant
 

+1.

On Fri, Feb 1, 2019 at 2:34 PM alexis richardson <alexis@...> wrote:


On Fri, Feb 1, 2019 at 10:31 PM Sarah Allen <sarahallen@...> wrote:
Overall the doc looks great -- thanks Alexis for your editorial work and Quinton for moving this forward!

Quinton has done all the "final" edits, and the team of volunteers (Erin, Matt, Alex & some others) got the doc into an editable state.

THANK-YOU!

a

 


Thank-yous (was Re: [cncf-toc] CNCF SIGs Proposal)

alexis richardson
 



On Fri, Feb 1, 2019 at 10:31 PM Sarah Allen <sarahallen@...> wrote:
Overall the doc looks great -- thanks Alexis for your editorial work and Quinton for moving this forward!

Quinton has done all the "final" edits, and the team of volunteers (Erin, Matt, Alex & some others) got the doc into an editable state.

THANK-YOU!

a

 


Re: CNCF SIGs Proposal

Sarah Allen <sarahallen@...>
 

Overall the doc looks great -- thanks Alexis for your editorial work and Quinton for moving this forward!

One small point on naming of a specific SIG: 

Governance

security, authentication, authorization, auditing, policy enforcement

SPIFFE, SPIRE, Open Policy Agent, Notary, TUF,  Falco,


The word "governance" is often used to convey human processes of policy (e.g. how decisions are made, roles and responsibilities, etc.), and if I saw that in a list of SIGs, I probably wouldn't go looking there for security.  

Also note that the "Governance" section of the same doc addressees those same kinds of human policy concerns (e.g. "SIGs must have a documented governance process that encourages community participation and clear guidelines to avoid biased decision-making."), yet the topics for the SIG and list of projects are more about the software used to implement security and privacy, along with ensuring compliance (auditing, etc).

Also, note that some open source projects have a GOVERNANCE.md (or similarly named directory) to define project roles and decision-making process (examples: Nodecloudevents, SAFE, docker, k8s community)

Interested in what others think about this naming detail.

Thanks!
Sarah

On Thu, Jan 31, 2019 at 7:34 AM Quinton Hoole <quinton.hoole@...> wrote:
My apologies Diane – I just reread the Operating Model section and you’re right - it’s not sufficiently clear on the point you raised.  I will add some wording to the effect of my email reply below.

Regards

Q

From: <cncf-toc@...> on behalf of Diane Mueller-Klingspor <dmueller@...>
Date: Thursday, January 31, 2019 at 06:54
To: Quinton Hoole <quinton.hoole@...>
Cc: "cncf-toc@..." <cncf-toc@...>, Erin Boyd <eboyd@...>, Sarah Allen <sarahallen@...>, Bryan Cantrill <bryan@...>, Chris Aniszczyk <caniszczyk@...>, Matt Farina <matt.farina@...>, Alex Chircop <alex.chircop@...>, Alexis Richardson <alexis@...>
Subject: Re: [cncf-toc] CNCF SIGs Proposal

Quinton, 

If you are referring to this one sentence:

"The TOC makes use of this input to act as an informed and effective executive board to select and promote appropriate CNCF projects and practices, and to disseminate high quality information to end users and the cloud-native community in general." as the section discussion the creation/instantiation/proposal process for new SIGs"

I'd like a bit more clarity. If someone from the community (outside of the TOC) wishes to propose a SIG, what it the process? Or is it just the purview of the TOC on know when a new SIG should be created - then that would be nice to have clarified further.

If there's another section of the document, that you feel clarifies this SIG instantiation/proposal process, please point me in the right direction. I'm just not finding it.

Thanks for your help,

Diane Mueller
@openshiftcommon

On Thu, Jan 31, 2019 at 6:16 AM Quinton Hoole <quinton.hoole@...> wrote:
Thanks Diane

I think that’s adequately covered in the doc - the TOC creates and approves SIG’s.  If anyone believes we need to create more SIG’s, they should, by implication, ask the TOC to do that.  The current intention is to keep the number of SIGs relatively small, at least initially, and make sure they’re all highly effective before expanding the number of SIG's.

Q

From: <cncf-toc@...> on behalf of Diane Mueller-Klingspor <dmueller@...>
Date: Thursday, January 31, 2019 at 05:27
To: Quinton Hoole <quinton.hoole@...>
Cc: "cncf-toc@..." <cncf-toc@...>, Erin Boyd <eboyd@...>, Sarah Allen <sarahallen@...>, Bryan Cantrill <bryan@...>, Chris Aniszczyk <caniszczyk@...>, Matt Farina <matt.farina@...>, Alex Chircop <alex.chircop@...>, Alexis Richardson <alexis@...>
Subject: Re: [cncf-toc] CNCF SIGs Proposal

Quinton et al,

Would it be possible to ask for a section in the Operator Model on how one goes about proposing a new SIG and the process for getting it approved?
(or if there is documentation on this topic elsewhere, reference/link to it in an appendix)?

Kind Regards,

Diane Mueller
Director, Community Development
Red Hat 
@openshiftcommon

On Wed, Jan 30, 2019 at 10:47 PM Quinton Hoole <quinton.hoole@...> wrote:
Greetings to the new TOC

Late last year Alexis kicked off a public discussion regarding forming CNCF SIG’s (initially referred to as Categories).  Since then a few of us have collaborated on soliciting further input, addressing all the comments, and producing a finalish proposal for consideration by the TOC.

Please give it a read and we can decide how to proceed at the next meeting this Tue, Feb 5


Q

From: Alexis Richardson <alexis@...>
Date: Tuesday, January 15, 2019 at 07:58
To: Alex Chircop <alex.chircop@...>
Cc: Erin Boyd <eboyd@...>, Sarah Allen <sarahallen@...>, Bryan Cantrill <bryan@...>, Chris Aniszczyk <caniszczyk@...>, Quinton Hoole <quinton.hoole@...>, Matt Farina <matt.farina@...>
Subject: Re: CNCF TOC SIGs Doc

can you put this link into the main doc as a comment?

On Tue, Jan 15, 2019 at 3:57 PM Alex Chircop <alex.chircop@...> wrote:

Hi Alexis,


Following our initial discussion in Seattle, Quinton and I had a discussion on this.   I captured the notes and applied them to the operating model.   I decided to make a copy of the doc and apply the changes to operating model section only - the current doc is hard to process due to the number of comments.


Here is the amended operating model content: https://docs.google.com/document/d/1ySri5jVrPaJjTJ_tZnDzcc4Xmcm4uKoUrHT6lVO6Pcw/edit#heading=h.6cl6hmsbz9fv


Kind Regards,

Alex





From: Alexis Richardson <alexis@...>
Sent: 09 January 2019 19:36
To: Erin Boyd; Sarah Allen
Cc: Bryan Cantrill; Chris Aniszczyk; Quinton Hoole; Alex Chircop; Matt Farina
Subject: CNCF TOC SIGs Doc
 
hi all

happy 2019!

how's this doc looking?  I daren't look.  can we show the toc an update next week?

a



On Mon, Dec 10, 2018 at 5:35 AM Alexis Richardson <alexis@...> wrote:
+sarah

On Fri, 7 Dec 2018, 13:35 Erin Boyd, <eboyd@...> wrote:
Sounds good.
Please feel free to catch me on Slack.

Erin


On Wed, Dec 5, 2018 at 11:18 PM Alexis Richardson <alexis@...> wrote:
Thank you Erin.  Let's try and sync 1-1 during the week 

On Thu, 6 Dec 2018, 00:42 Erin Boyd, <eboyd@...> wrote:
HI Alexis,
I think I am speaking on a panel at this time.
I can collaborate in the document.
Sorry about that.
Thanks,
Erin


On Tue, Dec 4, 2018 at 11:46 AM Alexis Richardson <alexis@...> wrote:

CNCF TOC meeting re SIGs Doc

meeting to discuss the Categories and SIGs doc
identify and divide up work tasks to clean up draft doc.
eg: we agree a new section plan and each take one section? or something
When
Mon Dec 10, 2018 3:30pm – 4:10pm Mountain Time - Denver
Where
lobby of the Sheraton Grand Seattle (map)
Joining info
meet.google.com/hud-jxti-yvh
Or dial: +1 929-299-3513  PIN: 706587657#
Calendar
eboyd@...
Who
Alexis Richardson - organizer
Matt Farina
Chris Aniszczyk

Going (eboyd@...)?   Yes - Maybe - No    more options »

Invitation from Google Calendar

You are receiving this email at the account eboyd@... because you are subscribed for invitations on calendar eboyd@....

To stop receiving these emails, please log in to https://www.google.com/calendar/ and change your notification settings for this calendar.

Forwarding this invitation could allow any recipient to modify your RSVP response. Learn More.



--
Kind Regards,

Diane Mueller
Director, Community Development
Red Hat OpenShift
@openshiftcommons

We have more in Common than you know, learn more at http://commons.openshift.org



--
Kind Regards,

Diane Mueller
Director, Community Development
Red Hat OpenShift
@openshiftcommons

We have more in Common than you know, learn more at http://commons.openshift.org


Re: CNCF SIGs Proposal

Quinton Hoole
 


From: Brian Grant <briangrant@...>
Date: Friday, February 1, 2019 at 07:24
To: Quinton Hoole <quinton.hoole@...>
Cc: "cncf-toc@..." <cncf-toc@...>, Erin Boyd <eboyd@...>, Sarah Allen <sarahallen@...>, Bryan Cantrill <bryan@...>, Chris Aniszczyk <caniszczyk@...>, Matt Farina <matt.farina@...>, Alex Chircop <alex.chircop@...>, Alexis Richardson <alexis@...>
Subject: Re: [cncf-toc] CNCF SIGs Proposal

Thanks for all the work on this. It's much improved. I think the proposed governance model should address concerns with earlier proposals.

What is meant by "high level roadmap of projects within this space"? Usually I associate "roadmap" with a timeline. Landscape? Trailmap? How they fit into a reference architecture?

Quinton> I didn’t write those words, but my own thinking is that it is intended to encompass all of the above, including the timeline angle.  i.e. what this space looks like today (including projects, ref arch, landscape, common trail maps etc) and also how these are changing over time (trends), and how we would like to influence all of this (filling gaps, better integrations, timelines for this), etc.


Nit: I'd put Buildpacks under App Dev, Ops & Testing. 

Quinton> Yes, some of the project allocations were a bit strained, with non-perfect fits.  I agree regarding Buildpacks and have moved it.

Q


On Wed, Jan 30, 2019 at 10:47 PM Quinton Hoole <quinton.hoole@...> wrote:
Greetings to the new TOC

Late last year Alexis kicked off a public discussion regarding forming CNCF SIG’s (initially referred to as Categories).  Since then a few of us have collaborated on soliciting further input, addressing all the comments, and producing a finalish proposal for consideration by the TOC.

Please give it a read and we can decide how to proceed at the next meeting this Tue, Feb 5


Q

From: Alexis Richardson <alexis@...>
Date: Tuesday, January 15, 2019 at 07:58
To: Alex Chircop <alex.chircop@...>
Cc: Erin Boyd <eboyd@...>, Sarah Allen <sarahallen@...>, Bryan Cantrill <bryan@...>, Chris Aniszczyk <caniszczyk@...>, Quinton Hoole <quinton.hoole@...>, Matt Farina <matt.farina@...>
Subject: Re: CNCF TOC SIGs Doc

can you put this link into the main doc as a comment?

On Tue, Jan 15, 2019 at 3:57 PM Alex Chircop <alex.chircop@...> wrote:

Hi Alexis,


Following our initial discussion in Seattle, Quinton and I had a discussion on this.   I captured the notes and applied them to the operating model.   I decided to make a copy of the doc and apply the changes to operating model section only - the current doc is hard to process due to the number of comments.


Here is the amended operating model content: https://docs.google.com/document/d/1ySri5jVrPaJjTJ_tZnDzcc4Xmcm4uKoUrHT6lVO6Pcw/edit#heading=h.6cl6hmsbz9fv


Kind Regards,

Alex





From: Alexis Richardson <alexis@...>
Sent: 09 January 2019 19:36
To: Erin Boyd; Sarah Allen
Cc: Bryan Cantrill; Chris Aniszczyk; Quinton Hoole; Alex Chircop; Matt Farina
Subject: CNCF TOC SIGs Doc
 
hi all

happy 2019!

how's this doc looking?  I daren't look.  can we show the toc an update next week?

a



On Mon, Dec 10, 2018 at 5:35 AM Alexis Richardson <alexis@...> wrote:
+sarah

On Fri, 7 Dec 2018, 13:35 Erin Boyd, <eboyd@...> wrote:
Sounds good.
Please feel free to catch me on Slack.

Erin


On Wed, Dec 5, 2018 at 11:18 PM Alexis Richardson <alexis@...> wrote:
Thank you Erin.  Let's try and sync 1-1 during the week 

On Thu, 6 Dec 2018, 00:42 Erin Boyd, <eboyd@...> wrote:
HI Alexis,
I think I am speaking on a panel at this time.
I can collaborate in the document.
Sorry about that.
Thanks,
Erin


On Tue, Dec 4, 2018 at 11:46 AM Alexis Richardson <alexis@...> wrote:

CNCF TOC meeting re SIGs Doc

meeting to discuss the Categories and SIGs doc
identify and divide up work tasks to clean up draft doc.
eg: we agree a new section plan and each take one section? or something
When
Mon Dec 10, 2018 3:30pm – 4:10pm Mountain Time - Denver
Where
lobby of the Sheraton Grand Seattle (map)
Joining info
meet.google.com/hud-jxti-yvh
Or dial: +1 929-299-3513  PIN: 706587657#
Calendar
eboyd@...
Who
Alexis Richardson - organizer
Matt Farina
Chris Aniszczyk

Going (eboyd@...)?   Yes - Maybe - No    more options »

Invitation from Google Calendar

You are receiving this email at the account eboyd@... because you are subscribed for invitations on calendar eboyd@....

To stop receiving these emails, please log in to https://www.google.com/calendar/ and change your notification settings for this calendar.

Forwarding this invitation could allow any recipient to modify your RSVP response. Learn More.


Re: CNCF SIGs Proposal

Erin Boyd
 

Maybe we can put the doc into GitHub and capture comments in there.
Geri - we had commenting turn on before and we had hundreds of comments so it was intended to provide a cleaner view of the document by turning it off.

Open to suggestions.

Erin

On Fri, Feb 1, 2019, 7:35 AM Geri Jennings <geri.jennings@... wrote:

Is there a way to have the ability to add comments and notes directly in the doc? In read-only mode, it is hard to provide much detailed feedback.

 

Thanks,

Geri Jennings

CyberArk

 

From: <cncf-toc@...> on behalf of Quinton Hoole <quinton.hoole@...>
Date: Thursday, January 31, 2019 at 1:47 AM
To: "cncf-toc@..." <cncf-toc@...>
Cc: Erin Boyd <eboyd@...>, Sarah Allen <sarahallen@...>, Bryan Cantrill <bryan@...>, Chris Aniszczyk <caniszczyk@...>, Matt Farina <matt.farina@...>, Alex Chircop <alex.chircop@...>, Alexis Richardson <alexis@...>
Subject: [cncf-toc] CNCF SIGs Proposal

 

Greetings to the new TOC

 

Late last year Alexis kicked off a public discussion regarding forming CNCF SIG’s (initially referred to as Categories).  Since then a few of us have collaborated on soliciting further input, addressing all the comments, and producing a finalish proposal for consideration by the TOC.

 

Please give it a read and we can decide how to proceed at the next meeting this Tue, Feb 5

 

 

Q

 

From: Alexis Richardson <alexis@...>
Date: Tuesday, January 15, 2019 at 07:58
To: Alex Chircop <alex.chircop@...>
Cc: Erin Boyd <eboyd@...>, Sarah Allen <sarahallen@...>, Bryan Cantrill <bryan@...>, Chris Aniszczyk <caniszczyk@...>, Quinton Hoole <quinton.hoole@...>, Matt Farina <matt.farina@...>
Subject: Re: CNCF TOC SIGs Doc

 

can you put this link into the main doc as a comment?

 

On Tue, Jan 15, 2019 at 3:57 PM Alex Chircop <alex.chircop@...> wrote:

Hi Alexis,

 

Following our initial discussion in Seattle, Quinton and I had a discussion on this.   I captured the notes and applied them to the operating model.   I decided to make a copy of the doc and apply the changes to operating model section only - the current doc is hard to process due to the number of comments.

 

Here is the amended operating model content: https://docs.google.com/document/d/1ySri5jVrPaJjTJ_tZnDzcc4Xmcm4uKoUrHT6lVO6Pcw/edit#heading=h.6cl6hmsbz9fv

 

Kind Regards,

Alex

 

 


From: Alexis Richardson <alexis@...>
Sent: 09 January 2019 19:36
To: Erin Boyd; Sarah Allen
Cc: Bryan Cantrill; Chris Aniszczyk; Quinton Hoole; Alex Chircop; Matt Farina
Subject: CNCF TOC SIGs Doc

 

hi all

 

happy 2019!

 

how's this doc looking?  I daren't look.  can we show the toc an update next week?

 

a

 

 

 

On Mon, Dec 10, 2018 at 5:35 AM Alexis Richardson <alexis@...> wrote:

+sarah

On Fri, 7 Dec 2018, 13:35 Erin Boyd, <eboyd@...> wrote:

Sounds good.

Please feel free to catch me on Slack.

 

Erin

 

On Wed, Dec 5, 2018 at 11:18 PM Alexis Richardson <alexis@...> wrote:

Thank you Erin.  Let's try and sync 1-1 during the week 

On Thu, 6 Dec 2018, 00:42 Erin Boyd, <eboyd@...> wrote:

HI Alexis,

I think I am speaking on a panel at this time.

I can collaborate in the document.

Sorry about that.

Thanks,

Erin

 

On Tue, Dec 4, 2018 at 11:46 AM Alexis Richardson <alexis@...> wrote:

CNCF TOC meeting re SIGs Doc

meeting to discuss the Categories and SIGs doc
identify and divide up work tasks to clean up draft doc.
eg: we agree a new section plan and each take one section? or something

When

Mon Dec 10, 2018 3:30pm – 4:10pm Mountain Time - Denver

Where

lobby of the Sheraton Grand Seattle (map)

Joining info

meet.google.com/hud-jxti-yvh

Or dial: +1 929-299-3513  PIN: 706587657#

Calendar

eboyd@...

Who

Alexis Richardson - organizer

Matt Farina

Chris Aniszczyk

Going (eboyd@...)?   Yes - Maybe - No    more options »

Invitation from Google Calendar

You are receiving this email at the account eboyd@... because you are subscribed for invitations on calendar eboyd@....

To stop receiving these emails, please log in to https://www.google.com/calendar/ and change your notification settings for this calendar.

Forwarding this invitation could allow any recipient to modify your RSVP response. Learn More.


_______________________________________________
This e-mail may contain information that is confidential, privileged or otherwise protected from disclosure.
If you are not an intended recipient of this e-mail, do not duplicate or redistribute it by any means. Please delete it and any attachments and notify the sender that you have received it in error.


Re: CNCF SIGs Proposal

Diane Mueller
 

Erin (and Quinton),

Yes, Quinton's edits and clarification are spot on - and much appreciated!

Many thanks!

Diane 

On Thu, Jan 31, 2019 at 8:55 AM Erin Boyd <eboyd@...> wrote:
Does this sufficiently cover what you are looking for, Diane?
Let us know.
Thanks,
Erin


On Thu, Jan 31, 2019 at 9:30 AM Quinton Hoole <quinton.hoole@...> wrote:
I added the following to the main doc to clarify:

"SIGs are formed by the TOC.  Initial SIGs are listed below, and will be adapted over time as required.  If members of the community believe that additional SIGs are desired, they should propose these to the TOC, with clear justification, and ideally volunteers to lead the SIG. The TOC wishes to have the smallest viable number of SIGs, and for all of them to be highly effective (as opposed to a “SIG sprawl” with large numbers of relatively ineffective SIGS)."

Q

From: Quinton Hoole <quinton.hoole@...>
Date: Thursday, January 31, 2019 at 08:07
To: Diane Mueller-Klingspor <dmueller@...>
Cc: "cncf-toc@..." <cncf-toc@...>, Erin Boyd <eboyd@...>, Sarah Allen <sarahallen@...>, Bryan Cantrill <bryan@...>, Chris Aniszczyk <caniszczyk@...>, Matt Farina <matt.farina@...>, Alex Chircop <alex.chircop@...>, Alexis Richardson <alexis@...>
Subject: Re: [cncf-toc] CNCF SIGs Proposal

Oh, now I understand where the confusion arose.  There is a link in the intro of the main document to a description of the differences between Kubernetes SIGs and CNCF SIGS. That’s where the following wording is:

“CNCF SIGS: Created by the TOC”


But I agree with you Diane – I should add it to the body of the doc too, to clarify.

Q

From: Quinton Hoole <quinton.hoole@...>
Date: Thursday, January 31, 2019 at 07:29
To: Diane Mueller-Klingspor <dmueller@...>
Cc: "cncf-toc@..." <cncf-toc@...>, Erin Boyd <eboyd@...>, Sarah Allen <sarahallen@...>, Bryan Cantrill <bryan@...>, Chris Aniszczyk <caniszczyk@...>, Matt Farina <matt.farina@...>, Alex Chircop <alex.chircop@...>, Alexis Richardson <alexis@...>
Subject: Re: [cncf-toc] CNCF SIGs Proposal

My apologies Diane – I just reread the Operating Model section and you’re right - it’s not sufficiently clear on the point you raised.  I will add some wording to the effect of my email reply below.

Regards

Q

From: <cncf-toc@...> on behalf of Diane Mueller-Klingspor <dmueller@...>
Date: Thursday, January 31, 2019 at 06:54
To: Quinton Hoole <quinton.hoole@...>
Cc: "cncf-toc@..." <cncf-toc@...>, Erin Boyd <eboyd@...>, Sarah Allen <sarahallen@...>, Bryan Cantrill <bryan@...>, Chris Aniszczyk <caniszczyk@...>, Matt Farina <matt.farina@...>, Alex Chircop <alex.chircop@...>, Alexis Richardson <alexis@...>
Subject: Re: [cncf-toc] CNCF SIGs Proposal

Quinton, 

If you are referring to this one sentence:

"The TOC makes use of this input to act as an informed and effective executive board to select and promote appropriate CNCF projects and practices, and to disseminate high quality information to end users and the cloud-native community in general." as the section discussion the creation/instantiation/proposal process for new SIGs"

I'd like a bit more clarity. If someone from the community (outside of the TOC) wishes to propose a SIG, what it the process? Or is it just the purview of the TOC on know when a new SIG should be created - then that would be nice to have clarified further.

If there's another section of the document, that you feel clarifies this SIG instantiation/proposal process, please point me in the right direction. I'm just not finding it.

Thanks for your help,

Diane Mueller
@openshiftcommon

On Thu, Jan 31, 2019 at 6:16 AM Quinton Hoole <quinton.hoole@...> wrote:
Thanks Diane

I think that’s adequately covered in the doc - the TOC creates and approves SIG’s.  If anyone believes we need to create more SIG’s, they should, by implication, ask the TOC to do that.  The current intention is to keep the number of SIGs relatively small, at least initially, and make sure they’re all highly effective before expanding the number of SIG's.

Q

From: <cncf-toc@...> on behalf of Diane Mueller-Klingspor <dmueller@...>
Date: Thursday, January 31, 2019 at 05:27
To: Quinton Hoole <quinton.hoole@...>
Cc: "cncf-toc@..." <cncf-toc@...>, Erin Boyd <eboyd@...>, Sarah Allen <sarahallen@...>, Bryan Cantrill <bryan@...>, Chris Aniszczyk <caniszczyk@...>, Matt Farina <matt.farina@...>, Alex Chircop <alex.chircop@...>, Alexis Richardson <alexis@...>
Subject: Re: [cncf-toc] CNCF SIGs Proposal

Quinton et al,

Would it be possible to ask for a section in the Operator Model on how one goes about proposing a new SIG and the process for getting it approved?
(or if there is documentation on this topic elsewhere, reference/link to it in an appendix)?

Kind Regards,

Diane Mueller
Director, Community Development
Red Hat 
@openshiftcommon

On Wed, Jan 30, 2019 at 10:47 PM Quinton Hoole <quinton.hoole@...> wrote:
Greetings to the new TOC

Late last year Alexis kicked off a public discussion regarding forming CNCF SIG’s (initially referred to as Categories).  Since then a few of us have collaborated on soliciting further input, addressing all the comments, and producing a finalish proposal for consideration by the TOC.

Please give it a read and we can decide how to proceed at the next meeting this Tue, Feb 5


Q

From: Alexis Richardson <alexis@...>
Date: Tuesday, January 15, 2019 at 07:58
To: Alex Chircop <alex.chircop@...>
Cc: Erin Boyd <eboyd@...>, Sarah Allen <sarahallen@...>, Bryan Cantrill <bryan@...>, Chris Aniszczyk <caniszczyk@...>, Quinton Hoole <quinton.hoole@...>, Matt Farina <matt.farina@...>
Subject: Re: CNCF TOC SIGs Doc

can you put this link into the main doc as a comment?

On Tue, Jan 15, 2019 at 3:57 PM Alex Chircop <alex.chircop@...> wrote:

Hi Alexis,


Following our initial discussion in Seattle, Quinton and I had a discussion on this.   I captured the notes and applied them to the operating model.   I decided to make a copy of the doc and apply the changes to operating model section only - the current doc is hard to process due to the number of comments.


Here is the amended operating model content: https://docs.google.com/document/d/1ySri5jVrPaJjTJ_tZnDzcc4Xmcm4uKoUrHT6lVO6Pcw/edit#heading=h.6cl6hmsbz9fv


Kind Regards,

Alex





From: Alexis Richardson <alexis@...>
Sent: 09 January 2019 19:36
To: Erin Boyd; Sarah Allen
Cc: Bryan Cantrill; Chris Aniszczyk; Quinton Hoole; Alex Chircop; Matt Farina
Subject: CNCF TOC SIGs Doc
 
hi all

happy 2019!

how's this doc looking?  I daren't look.  can we show the toc an update next week?

a



On Mon, Dec 10, 2018 at 5:35 AM Alexis Richardson <alexis@...> wrote:
+sarah

On Fri, 7 Dec 2018, 13:35 Erin Boyd, <eboyd@...> wrote:
Sounds good.
Please feel free to catch me on Slack.

Erin


On Wed, Dec 5, 2018 at 11:18 PM Alexis Richardson <alexis@...> wrote:
Thank you Erin.  Let's try and sync 1-1 during the week 

On Thu, 6 Dec 2018, 00:42 Erin Boyd, <eboyd@...> wrote:
HI Alexis,
I think I am speaking on a panel at this time.
I can collaborate in the document.
Sorry about that.
Thanks,
Erin


On Tue, Dec 4, 2018 at 11:46 AM Alexis Richardson <alexis@...> wrote:

CNCF TOC meeting re SIGs Doc

meeting to discuss the Categories and SIGs doc
identify and divide up work tasks to clean up draft doc.
eg: we agree a new section plan and each take one section? or something
When
Mon Dec 10, 2018 3:30pm – 4:10pm Mountain Time - Denver
Where
lobby of the Sheraton Grand Seattle (map)
Joining info
meet.google.com/hud-jxti-yvh
Or dial: +1 929-299-3513  PIN: 706587657#
Calendar
eboyd@...
Who
Alexis Richardson - organizer
Matt Farina
Chris Aniszczyk

Going (eboyd@...)?   Yes - Maybe - No    more options »

Invitation from Google Calendar

You are receiving this email at the account eboyd@... because you are subscribed for invitations on calendar eboyd@....

To stop receiving these emails, please log in to https://www.google.com/calendar/ and change your notification settings for this calendar.

Forwarding this invitation could allow any recipient to modify your RSVP response. Learn More.



--
Kind Regards,

Diane Mueller
Director, Community Development
Red Hat OpenShift
@openshiftcommons

We have more in Common than you know, learn more at http://commons.openshift.org



--
Kind Regards,

Diane Mueller
Director, Community Development
Red Hat OpenShift
@openshiftcommons

We have more in Common than you know, learn more at http://commons.openshift.org



--
Kind Regards,

Diane Mueller
Director, Community Development
Red Hat OpenShift
@openshiftcommons

We have more in Common than you know, learn more at http://commons.openshift.org

4841 - 4860 of 7697