Folks,

Please see https://lists.cncf.io/g/cncf-toc/message/6999 !

Crossing Streams!!!

On Mon, May 23, 2022 at 3:13 PM Divya Mohan <divya.mohan0209@...> wrote:

Just catching up on emails after the event, but a huge +1 to this effort and I'd be happy to help/contribute in any way I can :)

Regards,

Divya

On Sat, 21 May, 2022, 7:35 pm Scott Rigby, <scott@...> wrote:

a few days late to the party...

Paris, 💯 to this

Dims, 👍 to designing in collaboration with the community

xo

On Thu, May 19, 2022 at 1:08 AM Davanum Srinivas <davanum@...> wrote:

Joanna,

Quick note on something I touched on when we chatted at dinner.

Here's the relevant section as pointed out by Paris below (pasting the same url here for your reference):
https://github.com/cncf/foundation/blob/main/charter.md#13-code-of-conduct

The text as it stands today says two things:

Point #1 -  "All participants agree to abide by The Linux Foundation Code of Conduct available at https://events.linuxfoundation.org/code-of-conduct."

Point #2 - "The TOC may vote to adopt its own code of conduct for the CNCF community."

Our Charter clearly puts "code of conduct for the CNCF community" in the hands of the TOC (says so right there!), just writing one is not enough and any Code of Conduct needs to be enforced for it to have any effect, So we will look at options to design this properly in collaboration with the community which this Code of Conduct will end up governing!

thanks,

Dims

On Tue, May 17, 2022 at 12:40 PM Paris Pittman <paris.pittman@...> wrote:

Hi TOC and community,

 I believe we are at a point where a CNCF code of conduct community of practice will serve us well. I sat on the first Kubernetes Code of Conduct committee and many of the below ideas stemmed from my experiences there. Whether this is a body, community of practice, incident management team, etc is all up for discussion.

Would it be possible to put this on the next TOC agenda? If folks are interested in this work and at KubeCon, give a shout; even if you’re virtual, I’m hanging on CNCF Slack. 

-paris 

To help get the ball rolling for discussion, here are some rough ideas:

https://github.com/cncf/foundation/blob/main/charter.md#13-code-of-conduct

Purpose

Create a community of practice around code of conduct matters at the CNCF Community level. This community of practice could be bootstrapped by an independant committee, a working group of TAG Contributor Strategy, or another organizational design that TOC thinks would position this group for success with the ultimate goal of an independent body. This doc is not intended to be implementation details but the establishment of such a community.

Goals

• community members creating policy and carrying out enforcement
• creating a safe space for reporters
• Focus on mediation rather than ligitation. goals of having a community member/body take reports vs CNCF staff and lawyers. 
• cncf community members, project contributors, toc, ambassadors, and cncf staff would have this as a resource
• build trust via community involvement and transparency reporting 

NonGoals

• require changes to projects that already have defined code of conduct systems in place that aren’t LF support; eg Kubernetes Code of Conduct Committee

Knowns

• Kubernetes has a code of conduct committee. It was created independently due to scale, our values, and desire for a community run program. https://github.com/kubernetes/community/blob/master/committee-code-of-conduct/bootstrapping-process.md
• OpenTelemetry’s GC acts as a CoCC.
• All other projects, which are governed by CNCF staff, go to Chris A or Priyanka as first step
• CNCF Staff consults with laywers to enforce their code of conduct; this is seen as a power differential in the community; “a business approach”
• Most CoC language on LF sites are geared towards events and not other situations or related conduct matters
• There have been issues in the past with community members confused on where to file issues, who enforces, and where/when at cloud native related events. Example: If its “kubecon” does that mean conduct@...?

Responsibilities and Composition

• Nominations from TOC and community; TOC shortlist for qualifications; community votes
• everyone gets training
• initial group bootstraps the function
• build out policies and procedures that fit with the ecosystem
• create roles and teams
• create a charter

Opportunities

• Allows CNCF staff to focus on project operations and membership vs mediating community challenges and incidents. Instead puts mediation and enforcement into the community. 
• focus on mediation vs litigation.
• incident management and transparecy reporting //build out an incident management team
• projects can plug into this with better incident reporting structures than contact someone an attorney at Linux Foundation
• projects can have liasion reps which can then feed into staffing for incident response groups

Next Steps

• Discuss at a TOC meeting
• Bring in current and emeritus Kubernetes CoCC to help formulate and bootstrap discussions
• Bring in project maintainers from CNCF projects; possiby create a special Maintainers Circle for this topic

Open Questions

• We would need this to be an independent body. Where would that sit?
• can an overarching committee have sufficient visibility into project-specific context to offer quality outcomes around restoration after an incident?
• Does a CoC action taken in one project affect a contributor’s ability to participate in other CNCF projects?
• Escalation path for events?
• Liability coverage for Committee decisions

--

Davanum Srinivas :: https://twitter.com/dims

--

Davanum Srinivas :: https://twitter.com/dims

Just catching up on emails after the event, but a huge +1 to this effort and I'd be happy to help/contribute in any way I can :)

Regards,

Divya

On Sat, 21 May, 2022, 7:35 pm Scott Rigby, <scott@...> wrote:

a few days late to the party...

Paris, 💯 to this

Dims, 👍 to designing in collaboration with the community

xo

On Thu, May 19, 2022 at 1:08 AM Davanum Srinivas <davanum@...> wrote:

Joanna,

Quick note on something I touched on when we chatted at dinner.

Here's the relevant section as pointed out by Paris below (pasting the same url here for your reference):
https://github.com/cncf/foundation/blob/main/charter.md#13-code-of-conduct

The text as it stands today says two things:

Point #1 -  "All participants agree to abide by The Linux Foundation Code of Conduct available at https://events.linuxfoundation.org/code-of-conduct."

Point #2 - "The TOC may vote to adopt its own code of conduct for the CNCF community."

Our Charter clearly puts "code of conduct for the CNCF community" in the hands of the TOC (says so right there!), just writing one is not enough and any Code of Conduct needs to be enforced for it to have any effect, So we will look at options to design this properly in collaboration with the community which this Code of Conduct will end up governing!

thanks,

Dims

On Tue, May 17, 2022 at 12:40 PM Paris Pittman <paris.pittman@...> wrote:

Hi TOC and community,

 I believe we are at a point where a CNCF code of conduct community of practice will serve us well. I sat on the first Kubernetes Code of Conduct committee and many of the below ideas stemmed from my experiences there. Whether this is a body, community of practice, incident management team, etc is all up for discussion.

Would it be possible to put this on the next TOC agenda? If folks are interested in this work and at KubeCon, give a shout; even if you’re virtual, I’m hanging on CNCF Slack. 

-paris 

To help get the ball rolling for discussion, here are some rough ideas:

https://github.com/cncf/foundation/blob/main/charter.md#13-code-of-conduct

Purpose

Create a community of practice around code of conduct matters at the CNCF Community level. This community of practice could be bootstrapped by an independant committee, a working group of TAG Contributor Strategy, or another organizational design that TOC thinks would position this group for success with the ultimate goal of an independent body. This doc is not intended to be implementation details but the establishment of such a community.

Goals

• community members creating policy and carrying out enforcement
• creating a safe space for reporters
• Focus on mediation rather than ligitation. goals of having a community member/body take reports vs CNCF staff and lawyers. 
• cncf community members, project contributors, toc, ambassadors, and cncf staff would have this as a resource
• build trust via community involvement and transparency reporting 

NonGoals

• require changes to projects that already have defined code of conduct systems in place that aren’t LF support; eg Kubernetes Code of Conduct Committee

Knowns

• Kubernetes has a code of conduct committee. It was created independently due to scale, our values, and desire for a community run program. https://github.com/kubernetes/community/blob/master/committee-code-of-conduct/bootstrapping-process.md
• OpenTelemetry’s GC acts as a CoCC.
• All other projects, which are governed by CNCF staff, go to Chris A or Priyanka as first step
• CNCF Staff consults with laywers to enforce their code of conduct; this is seen as a power differential in the community; “a business approach”
• Most CoC language on LF sites are geared towards events and not other situations or related conduct matters
• There have been issues in the past with community members confused on where to file issues, who enforces, and where/when at cloud native related events. Example: If its “kubecon” does that mean conduct@...?

Responsibilities and Composition

• Nominations from TOC and community; TOC shortlist for qualifications; community votes
• everyone gets training
• initial group bootstraps the function
• build out policies and procedures that fit with the ecosystem
• create roles and teams
• create a charter

Opportunities

• Allows CNCF staff to focus on project operations and membership vs mediating community challenges and incidents. Instead puts mediation and enforcement into the community. 
• focus on mediation vs litigation.
• incident management and transparecy reporting //build out an incident management team
• projects can plug into this with better incident reporting structures than contact someone an attorney at Linux Foundation
• projects can have liasion reps which can then feed into staffing for incident response groups

Next Steps

• Discuss at a TOC meeting
• Bring in current and emeritus Kubernetes CoCC to help formulate and bootstrap discussions
• Bring in project maintainers from CNCF projects; possiby create a special Maintainers Circle for this topic

Open Questions

• We would need this to be an independent body. Where would that sit?
• can an overarching committee have sufficient visibility into project-specific context to offer quality outcomes around restoration after an incident?
• Does a CoC action taken in one project affect a contributor’s ability to participate in other CNCF projects?
• Escalation path for events?
• Liability coverage for Committee decisions

--

Davanum Srinivas :: https://twitter.com/dims

a few days late to the party...

Paris, 💯 to this

Dims, 👍 to designing in collaboration with the community

xo

On Thu, May 19, 2022 at 1:08 AM Davanum Srinivas <davanum@...> wrote:

Joanna,

Quick note on something I touched on when we chatted at dinner.

Here's the relevant section as pointed out by Paris below (pasting the same url here for your reference):
https://github.com/cncf/foundation/blob/main/charter.md#13-code-of-conduct

The text as it stands today says two things:

Point #1 -  "All participants agree to abide by The Linux Foundation Code of Conduct available at https://events.linuxfoundation.org/code-of-conduct."

Point #2 - "The TOC may vote to adopt its own code of conduct for the CNCF community."

Our Charter clearly puts "code of conduct for the CNCF community" in the hands of the TOC (says so right there!), just writing one is not enough and any Code of Conduct needs to be enforced for it to have any effect, So we will look at options to design this properly in collaboration with the community which this Code of Conduct will end up governing!

thanks,

Dims

On Tue, May 17, 2022 at 12:40 PM Paris Pittman <paris.pittman@...> wrote:

Hi TOC and community,

 I believe we are at a point where a CNCF code of conduct community of practice will serve us well. I sat on the first Kubernetes Code of Conduct committee and many of the below ideas stemmed from my experiences there. Whether this is a body, community of practice, incident management team, etc is all up for discussion.

Would it be possible to put this on the next TOC agenda? If folks are interested in this work and at KubeCon, give a shout; even if you’re virtual, I’m hanging on CNCF Slack. 

-paris 

To help get the ball rolling for discussion, here are some rough ideas:

https://github.com/cncf/foundation/blob/main/charter.md#13-code-of-conduct

Purpose

Create a community of practice around code of conduct matters at the CNCF Community level. This community of practice could be bootstrapped by an independant committee, a working group of TAG Contributor Strategy, or another organizational design that TOC thinks would position this group for success with the ultimate goal of an independent body. This doc is not intended to be implementation details but the establishment of such a community.

Goals

• community members creating policy and carrying out enforcement
• creating a safe space for reporters
• Focus on mediation rather than ligitation. goals of having a community member/body take reports vs CNCF staff and lawyers. 
• cncf community members, project contributors, toc, ambassadors, and cncf staff would have this as a resource
• build trust via community involvement and transparency reporting 

NonGoals

• require changes to projects that already have defined code of conduct systems in place that aren’t LF support; eg Kubernetes Code of Conduct Committee

Knowns

• Kubernetes has a code of conduct committee. It was created independently due to scale, our values, and desire for a community run program. https://github.com/kubernetes/community/blob/master/committee-code-of-conduct/bootstrapping-process.md
• OpenTelemetry’s GC acts as a CoCC.
• All other projects, which are governed by CNCF staff, go to Chris A or Priyanka as first step
• CNCF Staff consults with laywers to enforce their code of conduct; this is seen as a power differential in the community; “a business approach”
• Most CoC language on LF sites are geared towards events and not other situations or related conduct matters
• There have been issues in the past with community members confused on where to file issues, who enforces, and where/when at cloud native related events. Example: If its “kubecon” does that mean conduct@...?

Responsibilities and Composition

• Nominations from TOC and community; TOC shortlist for qualifications; community votes
• everyone gets training
• initial group bootstraps the function
• build out policies and procedures that fit with the ecosystem
• create roles and teams
• create a charter

Opportunities

• Allows CNCF staff to focus on project operations and membership vs mediating community challenges and incidents. Instead puts mediation and enforcement into the community. 
• focus on mediation vs litigation.
• incident management and transparecy reporting //build out an incident management team
• projects can plug into this with better incident reporting structures than contact someone an attorney at Linux Foundation
• projects can have liasion reps which can then feed into staffing for incident response groups

Next Steps

• Discuss at a TOC meeting
• Bring in current and emeritus Kubernetes CoCC to help formulate and bootstrap discussions
• Bring in project maintainers from CNCF projects; possiby create a special Maintainers Circle for this topic

Open Questions

• We would need this to be an independent body. Where would that sit?
• can an overarching committee have sufficient visibility into project-specific context to offer quality outcomes around restoration after an incident?
• Does a CoC action taken in one project affect a contributor’s ability to participate in other CNCF projects?
• Escalation path for events?
• Liability coverage for Committee decisions

--

Davanum Srinivas :: https://twitter.com/dims

Joanna,

Quick note on something I touched on when we chatted at dinner.

Here's the relevant section as pointed out by Paris below (pasting the same url here for your reference):
https://github.com/cncf/foundation/blob/main/charter.md#13-code-of-conduct

The text as it stands today says two things:

Point #1 -  "All participants agree to abide by The Linux Foundation Code of Conduct available at https://events.linuxfoundation.org/code-of-conduct."

Point #2 - "The TOC may vote to adopt its own code of conduct for the CNCF community."

Our Charter clearly puts "code of conduct for the CNCF community" in the hands of the TOC (says so right there!), just writing one is not enough and any Code of Conduct needs to be enforced for it to have any effect, So we will look at options to design this properly in collaboration with the community which this Code of Conduct will end up governing!

thanks,

Dims

On Tue, May 17, 2022 at 12:40 PM Paris Pittman <paris.pittman@...> wrote:

Hi TOC and community,

 I believe we are at a point where a CNCF code of conduct community of practice will serve us well. I sat on the first Kubernetes Code of Conduct committee and many of the below ideas stemmed from my experiences there. Whether this is a body, community of practice, incident management team, etc is all up for discussion.

Would it be possible to put this on the next TOC agenda? If folks are interested in this work and at KubeCon, give a shout; even if you’re virtual, I’m hanging on CNCF Slack. 

-paris 

To help get the ball rolling for discussion, here are some rough ideas:

https://github.com/cncf/foundation/blob/main/charter.md#13-code-of-conduct

Purpose

Create a community of practice around code of conduct matters at the CNCF Community level. This community of practice could be bootstrapped by an independant committee, a working group of TAG Contributor Strategy, or another organizational design that TOC thinks would position this group for success with the ultimate goal of an independent body. This doc is not intended to be implementation details but the establishment of such a community.

Goals

• community members creating policy and carrying out enforcement
• creating a safe space for reporters
• Focus on mediation rather than ligitation. goals of having a community member/body take reports vs CNCF staff and lawyers. 
• cncf community members, project contributors, toc, ambassadors, and cncf staff would have this as a resource
• build trust via community involvement and transparency reporting 

NonGoals

• require changes to projects that already have defined code of conduct systems in place that aren’t LF support; eg Kubernetes Code of Conduct Committee

Knowns

• Kubernetes has a code of conduct committee. It was created independently due to scale, our values, and desire for a community run program. https://github.com/kubernetes/community/blob/master/committee-code-of-conduct/bootstrapping-process.md
• OpenTelemetry’s GC acts as a CoCC.
• All other projects, which are governed by CNCF staff, go to Chris A or Priyanka as first step
• CNCF Staff consults with laywers to enforce their code of conduct; this is seen as a power differential in the community; “a business approach”
• Most CoC language on LF sites are geared towards events and not other situations or related conduct matters
• There have been issues in the past with community members confused on where to file issues, who enforces, and where/when at cloud native related events. Example: If its “kubecon” does that mean conduct@...?

Responsibilities and Composition

• Nominations from TOC and community; TOC shortlist for qualifications; community votes
• everyone gets training
• initial group bootstraps the function
• build out policies and procedures that fit with the ecosystem
• create roles and teams
• create a charter

Opportunities

• Allows CNCF staff to focus on project operations and membership vs mediating community challenges and incidents. Instead puts mediation and enforcement into the community. 
• focus on mediation vs litigation.
• incident management and transparecy reporting //build out an incident management team
• projects can plug into this with better incident reporting structures than contact someone an attorney at Linux Foundation
• projects can have liasion reps which can then feed into staffing for incident response groups

Next Steps

• Discuss at a TOC meeting
• Bring in current and emeritus Kubernetes CoCC to help formulate and bootstrap discussions
• Bring in project maintainers from CNCF projects; possiby create a special Maintainers Circle for this topic

Open Questions

• We would need this to be an independent body. Where would that sit?
• can an overarching committee have sufficient visibility into project-specific context to offer quality outcomes around restoration after an incident?
• Does a CoC action taken in one project affect a contributor’s ability to participate in other CNCF projects?
• Escalation path for events?
• Liability coverage for Committee decisions

--

Davanum Srinivas :: https://twitter.com/dims

Folks,

FYI, This is happening!!! yay!

thanks,

Dims

---------- Forwarded message ---------
From: Gupta, Arun <arun.gupta@...>
Date: Thu, May 19, 2022 at 4:39 PM
Subject: [cncf-gb] Update on Code of Conduct process improvements
To: cncf-gb <cncf-gb@...>

Governing Board members,

 

A collaborative effort is underway to improve and better document our processes for responding to Code of Conduct incidents across all projects within CNCF.  We're committed to ensuring that incidents are resolved in a clear, consistent, fair, equitable, and transparent manner. Today we want to provide you all with an update on how we intend to move forward.

 

Members of The Linux Foundation staff, The Cloud Native Computing Foundation staff, CNCF Governing Board and Technical Oversight Committee, the Kubernetes Steering, and Kubernetes Code of Conduct Committees met today to discuss lessons learned from past incidents and proposed improvements to the CNCF code of conduct incident response processes.

 

Today's conversation is only a preliminary step.  We have a lot of work ahead of us, and we'll provide updates to the community on a regular basis.  Be on the lookout for more information in the weeks ahead, including opportunities to review and provide feedback on the proposals we're working on.  We want to make sure all voices are heard.

 

Thank you all for your patience with us.  We are all growing and learning together, and are committed to supporting community health and safety as we continue on this journey together.

 

Sincerely,

CNCF Governing Board & Technical Oversight Committee

 

--

Davanum Srinivas :: https://twitter.com/dims

Hi TOC and community,

 I believe we are at a point where a CNCF code of conduct community of practice will serve us well. I sat on the first Kubernetes Code of Conduct committee and many of the below ideas stemmed from my experiences there. Whether this is a body, community of practice, incident management team, etc is all up for discussion.

Would it be possible to put this on the next TOC agenda? If folks are interested in this work and at KubeCon, give a shout; even if you’re virtual, I’m hanging on CNCF Slack. 

-paris 

To help get the ball rolling for discussion, here are some rough ideas:

https://github.com/cncf/foundation/blob/main/charter.md#13-code-of-conduct

Purpose

Create a community of practice around code of conduct matters at the CNCF Community level. This community of practice could be bootstrapped by an independant committee, a working group of TAG Contributor Strategy, or another organizational design that TOC thinks would position this group for success with the ultimate goal of an independent body. This doc is not intended to be implementation details but the establishment of such a community.

Goals

• community members creating policy and carrying out enforcement
• creating a safe space for reporters
• Focus on mediation rather than ligitation. goals of having a community member/body take reports vs CNCF staff and lawyers. 
• cncf community members, project contributors, toc, ambassadors, and cncf staff would have this as a resource
• build trust via community involvement and transparency reporting 

NonGoals

• require changes to projects that already have defined code of conduct systems in place that aren’t LF support; eg Kubernetes Code of Conduct Committee

Knowns

• Kubernetes has a code of conduct committee. It was created independently due to scale, our values, and desire for a community run program. https://github.com/kubernetes/community/blob/master/committee-code-of-conduct/bootstrapping-process.md
• OpenTelemetry’s GC acts as a CoCC.
• All other projects, which are governed by CNCF staff, go to Chris A or Priyanka as first step
• CNCF Staff consults with laywers to enforce their code of conduct; this is seen as a power differential in the community; “a business approach”
• Most CoC language on LF sites are geared towards events and not other situations or related conduct matters
• There have been issues in the past with community members confused on where to file issues, who enforces, and where/when at cloud native related events. Example: If its “kubecon” does that mean conduct@...?

Responsibilities and Composition

• Nominations from TOC and community; TOC shortlist for qualifications; community votes
• everyone gets training
• initial group bootstraps the function
• build out policies and procedures that fit with the ecosystem
• create roles and teams
• create a charter

Opportunities

• Allows CNCF staff to focus on project operations and membership vs mediating community challenges and incidents. Instead puts mediation and enforcement into the community. 
• focus on mediation vs litigation.
• incident management and transparecy reporting //build out an incident management team
• projects can plug into this with better incident reporting structures than contact someone an attorney at Linux Foundation
• projects can have liasion reps which can then feed into staffing for incident response groups

Next Steps

• Discuss at a TOC meeting
• Bring in current and emeritus Kubernetes CoCC to help formulate and bootstrap discussions
• Bring in project maintainers from CNCF projects; possiby create a special Maintainers Circle for this topic

Open Questions

• We would need this to be an independent body. Where would that sit?
• can an overarching committee have sufficient visibility into project-specific context to offer quality outcomes around restoration after an incident?
• Does a CoC action taken in one project affect a contributor’s ability to participate in other CNCF projects?
• Escalation path for events?
• Liability coverage for Committee decisions

Paris,

thanks for the note to the TOC and the community. 

+1 to the principles behind it for sure. Let's figure out how to work together and get ideas/consensus from multiple folks and ensure that this works for all of us.

We will happily set aside time on the TOC agenda for sure to get the ball rolling when we get back from kubecon.

Thanks

-- Dims

(wearing TOC chair hat)

On Tue, May 17, 2022 at 12:40 PM Paris Pittman <paris.pittman@...> wrote:

Hi TOC and community,

 I believe we are at a point where a CNCF code of conduct community of practice will serve us well. I sat on the first Kubernetes Code of Conduct committee and many of the below ideas stemmed from my experiences there. Whether this is a body, community of practice, incident management team, etc is all up for discussion.

Would it be possible to put this on the next TOC agenda? If folks are interested in this work and at KubeCon, give a shout; even if you’re virtual, I’m hanging on CNCF Slack. 

-paris 

To help get the ball rolling for discussion, here are some rough ideas:

https://github.com/cncf/foundation/blob/main/charter.md#13-code-of-conduct

Purpose

Create a community of practice around code of conduct matters at the CNCF Community level. This community of practice could be bootstrapped by an independant committee, a working group of TAG Contributor Strategy, or another organizational design that TOC thinks would position this group for success with the ultimate goal of an independent body. This doc is not intended to be implementation details but the establishment of such a community.

Goals

• community members creating policy and carrying out enforcement
• creating a safe space for reporters
• Focus on mediation rather than ligitation. goals of having a community member/body take reports vs CNCF staff and lawyers. 
• cncf community members, project contributors, toc, ambassadors, and cncf staff would have this as a resource
• build trust via community involvement and transparency reporting 

NonGoals

• require changes to projects that already have defined code of conduct systems in place that aren’t LF support; eg Kubernetes Code of Conduct Committee

Knowns

• Kubernetes has a code of conduct committee. It was created independently due to scale, our values, and desire for a community run program. https://github.com/kubernetes/community/blob/master/committee-code-of-conduct/bootstrapping-process.md
• OpenTelemetry’s GC acts as a CoCC.
• All other projects, which are governed by CNCF staff, go to Chris A or Priyanka as first step
• CNCF Staff consults with laywers to enforce their code of conduct; this is seen as a power differential in the community; “a business approach”
• Most CoC language on LF sites are geared towards events and not other situations or related conduct matters
• There have been issues in the past with community members confused on where to file issues, who enforces, and where/when at cloud native related events. Example: If its “kubecon” does that mean conduct@...?

Responsibilities and Composition

• Nominations from TOC and community; TOC shortlist for qualifications; community votes
• everyone gets training
• initial group bootstraps the function
• build out policies and procedures that fit with the ecosystem
• create roles and teams
• create a charter

Opportunities

• Allows CNCF staff to focus on project operations and membership vs mediating community challenges and incidents. Instead puts mediation and enforcement into the community. 
• focus on mediation vs litigation.
• incident management and transparecy reporting //build out an incident management team
• projects can plug into this with better incident reporting structures than contact someone an attorney at Linux Foundation
• projects can have liasion reps which can then feed into staffing for incident response groups

Next Steps

• Discuss at a TOC meeting
• Bring in current and emeritus Kubernetes CoCC to help formulate and bootstrap discussions
• Bring in project maintainers from CNCF projects; possiby create a special Maintainers Circle for this topic

Open Questions

• We would need this to be an independent body. Where would that sit?
• can an overarching committee have sufficient visibility into project-specific context to offer quality outcomes around restoration after an incident?
• Does a CoC action taken in one project affect a contributor’s ability to participate in other CNCF projects?
• Escalation path for events?
• Liability coverage for Committee decisions

--

Davanum Srinivas :: https://twitter.com/dims

Hi TOC and community,

 I believe we are at a point where a CNCF code of conduct community of practice will serve us well. I sat on the first Kubernetes Code of Conduct committee and many of the below ideas stemmed from my experiences there. Whether this is a body, community of practice, incident management team, etc is all up for discussion.

Would it be possible to put this on the next TOC agenda? If folks are interested in this work and at KubeCon, give a shout; even if you’re virtual, I’m hanging on CNCF Slack. 

-paris 

To help get the ball rolling for discussion, here are some rough ideas:

https://github.com/cncf/foundation/blob/main/charter.md#13-code-of-conduct

Purpose

Create a community of practice around code of conduct matters at the CNCF Community level. This community of practice could be bootstrapped by an independant committee, a working group of TAG Contributor Strategy, or another organizational design that TOC thinks would position this group for success with the ultimate goal of an independent body. This doc is not intended to be implementation details but the establishment of such a community.

Goals

• community members creating policy and carrying out enforcement
• creating a safe space for reporters
• Focus on mediation rather than ligitation. goals of having a community member/body take reports vs CNCF staff and lawyers. 
• cncf community members, project contributors, toc, ambassadors, and cncf staff would have this as a resource
• build trust via community involvement and transparency reporting 

NonGoals

• require changes to projects that already have defined code of conduct systems in place that aren’t LF support; eg Kubernetes Code of Conduct Committee

Knowns

• Kubernetes has a code of conduct committee. It was created independently due to scale, our values, and desire for a community run program. https://github.com/kubernetes/community/blob/master/committee-code-of-conduct/bootstrapping-process.md
• OpenTelemetry’s GC acts as a CoCC.
• All other projects, which are governed by CNCF staff, go to Chris A or Priyanka as first step
• CNCF Staff consults with laywers to enforce their code of conduct; this is seen as a power differential in the community; “a business approach”
• Most CoC language on LF sites are geared towards events and not other situations or related conduct matters
• There have been issues in the past with community members confused on where to file issues, who enforces, and where/when at cloud native related events. Example: If its “kubecon” does that mean conduct@...?

Responsibilities and Composition

• Nominations from TOC and community; TOC shortlist for qualifications; community votes
• everyone gets training
• initial group bootstraps the function
• build out policies and procedures that fit with the ecosystem
• create roles and teams
• create a charter

Opportunities

• Allows CNCF staff to focus on project operations and membership vs mediating community challenges and incidents. Instead puts mediation and enforcement into the community. 
• focus on mediation vs litigation.
• incident management and transparecy reporting //build out an incident management team
• projects can plug into this with better incident reporting structures than contact someone an attorney at Linux Foundation
• projects can have liasion reps which can then feed into staffing for incident response groups

Next Steps

• Discuss at a TOC meeting
• Bring in current and emeritus Kubernetes CoCC to help formulate and bootstrap discussions
• Bring in project maintainers from CNCF projects; possiby create a special Maintainers Circle for this topic

Open Questions

• We would need this to be an independent body. Where would that sit?
• can an overarching committee have sufficient visibility into project-specific context to offer quality outcomes around restoration after an incident?
• Does a CoC action taken in one project affect a contributor’s ability to participate in other CNCF projects?
• Escalation path for events?
• Liability coverage for Committee decisions

Hi TOC and community,

 I believe we are at a point where a CNCF code of conduct community of practice will serve us well. I sat on the first Kubernetes Code of Conduct committee and many of the below ideas stemmed from my experiences there. Whether this is a body, community of practice, incident management team, etc is all up for discussion.

Would it be possible to put this on the next TOC agenda? If folks are interested in this work and at KubeCon, give a shout; even if you’re virtual, I’m hanging on CNCF Slack. 

-paris 

To help get the ball rolling for discussion, here are some rough ideas:

https://github.com/cncf/foundation/blob/main/charter.md#13-code-of-conduct

Purpose

Create a community of practice around code of conduct matters at the CNCF Community level. This community of practice could be bootstrapped by an independant committee, a working group of TAG Contributor Strategy, or another organizational design that TOC thinks would position this group for success with the ultimate goal of an independent body. This doc is not intended to be implementation details but the establishment of such a community.

Goals

• community members creating policy and carrying out enforcement
• creating a safe space for reporters
• Focus on mediation rather than ligitation. goals of having a community member/body take reports vs CNCF staff and lawyers. 
• cncf community members, project contributors, toc, ambassadors, and cncf staff would have this as a resource
• build trust via community involvement and transparency reporting 

NonGoals

• require changes to projects that already have defined code of conduct systems in place that aren’t LF support; eg Kubernetes Code of Conduct Committee

Knowns

• Kubernetes has a code of conduct committee. It was created independently due to scale, our values, and desire for a community run program. https://github.com/kubernetes/community/blob/master/committee-code-of-conduct/bootstrapping-process.md
• OpenTelemetry’s GC acts as a CoCC.
• All other projects, which are governed by CNCF staff, go to Chris A or Priyanka as first step
• CNCF Staff consults with laywers to enforce their code of conduct; this is seen as a power differential in the community; “a business approach”
• Most CoC language on LF sites are geared towards events and not other situations or related conduct matters
• There have been issues in the past with community members confused on where to file issues, who enforces, and where/when at cloud native related events. Example: If its “kubecon” does that mean conduct@...?

Responsibilities and Composition

• Nominations from TOC and community; TOC shortlist for qualifications; community votes
• everyone gets training
• initial group bootstraps the function
• build out policies and procedures that fit with the ecosystem
• create roles and teams
• create a charter

Opportunities

• Allows CNCF staff to focus on project operations and membership vs mediating community challenges and incidents. Instead puts mediation and enforcement into the community. 
• focus on mediation vs litigation.
• incident management and transparecy reporting //build out an incident management team
• projects can plug into this with better incident reporting structures than contact someone an attorney at Linux Foundation
• projects can have liasion reps which can then feed into staffing for incident response groups

Next Steps

• Discuss at a TOC meeting
• Bring in current and emeritus Kubernetes CoCC to help formulate and bootstrap discussions
• Bring in project maintainers from CNCF projects; possiby create a special Maintainers Circle for this topic

Open Questions

• We would need this to be an independent body. Where would that sit?
• can an overarching committee have sufficient visibility into project-specific context to offer quality outcomes around restoration after an incident?
• Does a CoC action taken in one project affect a contributor’s ability to participate in other CNCF projects?
• Escalation path for events?
• Liability coverage for Committee decisions

Hi TOC and community,

 I believe we are at a point where a CNCF code of conduct community of practice will serve us well. I sat on the first Kubernetes Code of Conduct committee and many of the below ideas stemmed from my experiences there. Whether this is a body, community of practice, incident management team, etc is all up for discussion.

Would it be possible to put this on the next TOC agenda? If folks are interested in this work and at KubeCon, give a shout; even if you’re virtual, I’m hanging on CNCF Slack. 

-paris 

To help get the ball rolling for discussion, here are some rough ideas:

https://github.com/cncf/foundation/blob/main/charter.md#13-code-of-conduct

Purpose

Create a community of practice around code of conduct matters at the CNCF Community level. This community of practice could be bootstrapped by an independant committee, a working group of TAG Contributor Strategy, or another organizational design that TOC thinks would position this group for success with the ultimate goal of an independent body. This doc is not intended to be implementation details but the establishment of such a community.

Goals

• community members creating policy and carrying out enforcement
• creating a safe space for reporters
• Focus on mediation rather than ligitation. goals of having a community member/body take reports vs CNCF staff and lawyers. 
• cncf community members, project contributors, toc, ambassadors, and cncf staff would have this as a resource
• build trust via community involvement and transparency reporting 

NonGoals

• require changes to projects that already have defined code of conduct systems in place that aren’t LF support; eg Kubernetes Code of Conduct Committee

Knowns

• Kubernetes has a code of conduct committee. It was created independently due to scale, our values, and desire for a community run program. https://github.com/kubernetes/community/blob/master/committee-code-of-conduct/bootstrapping-process.md
• OpenTelemetry’s GC acts as a CoCC.
• All other projects, which are governed by CNCF staff, go to Chris A or Priyanka as first step
• CNCF Staff consults with laywers to enforce their code of conduct; this is seen as a power differential in the community; “a business approach”
• Most CoC language on LF sites are geared towards events and not other situations or related conduct matters
• There have been issues in the past with community members confused on where to file issues, who enforces, and where/when at cloud native related events. Example: If its “kubecon” does that mean conduct@...?

Responsibilities and Composition

• Nominations from TOC and community; TOC shortlist for qualifications; community votes
• everyone gets training
• initial group bootstraps the function
• build out policies and procedures that fit with the ecosystem
• create roles and teams
• create a charter

Opportunities

• Allows CNCF staff to focus on project operations and membership vs mediating community challenges and incidents. Instead puts mediation and enforcement into the community. 
• focus on mediation vs litigation.
• incident management and transparecy reporting //build out an incident management team
• projects can plug into this with better incident reporting structures than contact someone an attorney at Linux Foundation
• projects can have liasion reps which can then feed into staffing for incident response groups

Next Steps

• Discuss at a TOC meeting
• Bring in current and emeritus Kubernetes CoCC to help formulate and bootstrap discussions
• Bring in project maintainers from CNCF projects; possiby create a special Maintainers Circle for this topic

Open Questions

• We would need this to be an independent body. Where would that sit?
• can an overarching committee have sufficient visibility into project-specific context to offer quality outcomes around restoration after an incident?
• Does a CoC action taken in one project affect a contributor’s ability to participate in other CNCF projects?
• Escalation path for events?
• Liability coverage for Committee decisions

+1 and happy to help in anyway I can!

On Tue, May 17, 2022 at 2:39 PM Brandon Lum <lumjjb@...> wrote:

+1!!!! For TAG security, we had added additional practice guidelines, as a start. So, it would definitely help if we had a forum or committee for this discussion!

On Tue, May 17, 2022 at 2:20 PM Chris Short via lists.cncf.io <cbshort=amazon.com@...> wrote:

HUGE +1 to this.

Chris Short

He/Him/His

Sr. Developer Advocate, AWS Kubernetes (GitOps)

TZ=America/Detroit

On May 17, 2022, at 13:19, Stephen Augustus (augustus) via lists.cncf.io <augustus=cisco.com@...> wrote:



CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you can confirm the sender and know the content is safe.

This is wonderful idea, Paris. +1!

---

Stephen Augustus (he/him)

Head of Open Source

augustus@...

My working hours may not be your working hours.

Please do not feel obligated to reply outside of your normal work schedule.

---

From: cncf-toc@... <cncf-toc@...> on behalf of Paris Pittman <paris.pittman@...>
Sent: Tuesday, May 17, 2022, 06:41
To: CNCF TOC <cncf-toc@...>
Subject: [cncf-toc] CNCF Code of Conduct Community of Practice?

Hi TOC and community,

 I believe we are at a point where a CNCF code of conduct community of practice will serve us well. I sat on the first Kubernetes Code of Conduct committee and many of the below ideas stemmed from my experiences there. Whether this is a body, community of practice, incident management team, etc is all up for discussion.

Would it be possible to put this on the next TOC agenda? If folks are interested in this work and at KubeCon, give a shout; even if you’re virtual, I’m hanging on CNCF Slack. 

-paris 

To help get the ball rolling for discussion, here are some rough ideas:

https://github.com/cncf/foundation/blob/main/charter.md#13-code-of-conduct

Purpose

Create a community of practice around code of conduct matters at the CNCF Community level. This community of practice could be bootstrapped by an independant committee, a working group of TAG Contributor Strategy, or another organizational design that TOC thinks would position this group for success with the ultimate goal of an independent body. This doc is not intended to be implementation details but the establishment of such a community.

Goals

• community members creating policy and carrying out enforcement
• creating a safe space for reporters
• Focus on mediation rather than ligitation. goals of having a community member/body take reports vs CNCF staff and lawyers. 
• cncf community members, project contributors, toc, ambassadors, and cncf staff would have this as a resource
• build trust via community involvement and transparency reporting 

NonGoals

• require changes to projects that already have defined code of conduct systems in place that aren’t LF support; eg Kubernetes Code of Conduct Committee

Knowns

• Kubernetes has a code of conduct committee. It was created independently due to scale, our values, and desire for a community run program. https://github.com/kubernetes/community/blob/master/committee-code-of-conduct/bootstrapping-process.md
• OpenTelemetry’s GC acts as a CoCC.
• All other projects, which are governed by CNCF staff, go to Chris A or Priyanka as first step
• CNCF Staff consults with laywers to enforce their code of conduct; this is seen as a power differential in the community; “a business approach”
• Most CoC language on LF sites are geared towards events and not other situations or related conduct matters
• There have been issues in the past with community members confused on where to file issues, who enforces, and where/when at cloud native related events. Example: If its “kubecon” does that mean conduct@...?

Responsibilities and Composition

• Nominations from TOC and community; TOC shortlist for qualifications; community votes
• everyone gets training
• initial group bootstraps the function
  • build out policies and procedures that fit with the ecosystem
  • create roles and teams
  • create a charter

Opportunities

• Allows CNCF staff to focus on project operations and membership vs mediating community challenges and incidents. Instead puts mediation and enforcement into the community. 
• focus on mediation vs litigation.
• incident management and transparecy reporting //build out an incident management team
• projects can plug into this with better incident reporting structures than contact someone an attorney at Linux Foundation
• projects can have liasion reps which can then feed into staffing for incident response groups

Next Steps

• Discuss at a TOC meeting
• Bring in current and emeritus Kubernetes CoCC to help formulate and bootstrap discussions
• Bring in project maintainers from CNCF projects; possiby create a special Maintainers Circle for this topic

Open Questions

• We would need this to be an independent body. Where would that sit?
• can an overarching committee have sufficient visibility into project-specific context to offer quality outcomes around restoration after an incident?
• Does a CoC action taken in one project affect a contributor’s ability to participate in other CNCF projects?
• Escalation path for events?
• Liability coverage for Committee decisions

--

Diane Mueller

(mobile) 604.765.3635
(twitter) pythondj
(skype) xbrlspy
(email) dmueller2001@...



This email is intended only for the person or entity to which it is addressed and may contain confidential information and/or privileged information. Any use of this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the email and all copies (electronic or otherwise) immediately. Thank you.

+1!!!! For TAG security, we had added additional practice guidelines, as a start. So, it would definitely help if we had a forum or committee for this discussion!

On Tue, May 17, 2022 at 2:20 PM Chris Short via lists.cncf.io <cbshort=amazon.com@...> wrote:

HUGE +1 to this.

Chris Short

He/Him/His

Sr. Developer Advocate, AWS Kubernetes (GitOps)

TZ=America/Detroit

On May 17, 2022, at 13:19, Stephen Augustus (augustus) via lists.cncf.io <augustus=cisco.com@...> wrote:



CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you can confirm the sender and know the content is safe.

This is wonderful idea, Paris. +1!

---

Stephen Augustus (he/him)

Head of Open Source

augustus@...

My working hours may not be your working hours.

Please do not feel obligated to reply outside of your normal work schedule.

---

From: cncf-toc@... <cncf-toc@...> on behalf of Paris Pittman <paris.pittman@...>
Sent: Tuesday, May 17, 2022, 06:41
To: CNCF TOC <cncf-toc@...>
Subject: [cncf-toc] CNCF Code of Conduct Community of Practice?

Hi TOC and community,

 I believe we are at a point where a CNCF code of conduct community of practice will serve us well. I sat on the first Kubernetes Code of Conduct committee and many of the below ideas stemmed from my experiences there. Whether this is a body, community of practice, incident management team, etc is all up for discussion.

Would it be possible to put this on the next TOC agenda? If folks are interested in this work and at KubeCon, give a shout; even if you’re virtual, I’m hanging on CNCF Slack. 

-paris 

To help get the ball rolling for discussion, here are some rough ideas:

https://github.com/cncf/foundation/blob/main/charter.md#13-code-of-conduct

Purpose

Create a community of practice around code of conduct matters at the CNCF Community level. This community of practice could be bootstrapped by an independant committee, a working group of TAG Contributor Strategy, or another organizational design that TOC thinks would position this group for success with the ultimate goal of an independent body. This doc is not intended to be implementation details but the establishment of such a community.

Goals

• community members creating policy and carrying out enforcement
• creating a safe space for reporters
• Focus on mediation rather than ligitation. goals of having a community member/body take reports vs CNCF staff and lawyers. 
• cncf community members, project contributors, toc, ambassadors, and cncf staff would have this as a resource
• build trust via community involvement and transparency reporting 

NonGoals

• require changes to projects that already have defined code of conduct systems in place that aren’t LF support; eg Kubernetes Code of Conduct Committee

Knowns

• Kubernetes has a code of conduct committee. It was created independently due to scale, our values, and desire for a community run program. https://github.com/kubernetes/community/blob/master/committee-code-of-conduct/bootstrapping-process.md
• OpenTelemetry’s GC acts as a CoCC.
• All other projects, which are governed by CNCF staff, go to Chris A or Priyanka as first step
• CNCF Staff consults with laywers to enforce their code of conduct; this is seen as a power differential in the community; “a business approach”
• Most CoC language on LF sites are geared towards events and not other situations or related conduct matters
• There have been issues in the past with community members confused on where to file issues, who enforces, and where/when at cloud native related events. Example: If its “kubecon” does that mean conduct@...?

Responsibilities and Composition

• Nominations from TOC and community; TOC shortlist for qualifications; community votes
• everyone gets training
• initial group bootstraps the function
  • build out policies and procedures that fit with the ecosystem
  • create roles and teams
  • create a charter

Opportunities

• Allows CNCF staff to focus on project operations and membership vs mediating community challenges and incidents. Instead puts mediation and enforcement into the community. 
• focus on mediation vs litigation.
• incident management and transparecy reporting //build out an incident management team
• projects can plug into this with better incident reporting structures than contact someone an attorney at Linux Foundation
• projects can have liasion reps which can then feed into staffing for incident response groups

Next Steps

• Discuss at a TOC meeting
• Bring in current and emeritus Kubernetes CoCC to help formulate and bootstrap discussions
• Bring in project maintainers from CNCF projects; possiby create a special Maintainers Circle for this topic

Open Questions

• We would need this to be an independent body. Where would that sit?
• can an overarching committee have sufficient visibility into project-specific context to offer quality outcomes around restoration after an incident?
• Does a CoC action taken in one project affect a contributor’s ability to participate in other CNCF projects?
• Escalation path for events?
• Liability coverage for Committee decisions

HUGE +1 to this.

Chris Short

He/Him/His

Sr. Developer Advocate, AWS Kubernetes (GitOps)

TZ=America/Detroit

On May 17, 2022, at 13:19, Stephen Augustus (augustus) via lists.cncf.io <augustus=cisco.com@...> wrote:



CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you can confirm the sender and know the content is safe.

This is wonderful idea, Paris. +1!

---

Stephen Augustus (he/him)

Head of Open Source

augustus@...

My working hours may not be your working hours.

Please do not feel obligated to reply outside of your normal work schedule.

---

From: cncf-toc@... <cncf-toc@...> on behalf of Paris Pittman <paris.pittman@...>
Sent: Tuesday, May 17, 2022, 06:41
To: CNCF TOC <cncf-toc@...>
Subject: [cncf-toc] CNCF Code of Conduct Community of Practice?

Hi TOC and community,

 I believe we are at a point where a CNCF code of conduct community of practice will serve us well. I sat on the first Kubernetes Code of Conduct committee and many of the below ideas stemmed from my experiences there. Whether this is a body, community of practice, incident management team, etc is all up for discussion.

Would it be possible to put this on the next TOC agenda? If folks are interested in this work and at KubeCon, give a shout; even if you’re virtual, I’m hanging on CNCF Slack. 

-paris 

To help get the ball rolling for discussion, here are some rough ideas:

https://github.com/cncf/foundation/blob/main/charter.md#13-code-of-conduct

Purpose

Create a community of practice around code of conduct matters at the CNCF Community level. This community of practice could be bootstrapped by an independant committee, a working group of TAG Contributor Strategy, or another organizational design that TOC thinks would position this group for success with the ultimate goal of an independent body. This doc is not intended to be implementation details but the establishment of such a community.

Goals

• community members creating policy and carrying out enforcement
• creating a safe space for reporters
• Focus on mediation rather than ligitation. goals of having a community member/body take reports vs CNCF staff and lawyers. 
• cncf community members, project contributors, toc, ambassadors, and cncf staff would have this as a resource
• build trust via community involvement and transparency reporting 

NonGoals

• require changes to projects that already have defined code of conduct systems in place that aren’t LF support; eg Kubernetes Code of Conduct Committee

Knowns

• Kubernetes has a code of conduct committee. It was created independently due to scale, our values, and desire for a community run program. https://github.com/kubernetes/community/blob/master/committee-code-of-conduct/bootstrapping-process.md
• OpenTelemetry’s GC acts as a CoCC.
• All other projects, which are governed by CNCF staff, go to Chris A or Priyanka as first step
• CNCF Staff consults with laywers to enforce their code of conduct; this is seen as a power differential in the community; “a business approach”
• Most CoC language on LF sites are geared towards events and not other situations or related conduct matters
• There have been issues in the past with community members confused on where to file issues, who enforces, and where/when at cloud native related events. Example: If its “kubecon” does that mean conduct@...?

Responsibilities and Composition

• Nominations from TOC and community; TOC shortlist for qualifications; community votes
• everyone gets training
• initial group bootstraps the function
  • build out policies and procedures that fit with the ecosystem
  • create roles and teams
  • create a charter

Opportunities

• Allows CNCF staff to focus on project operations and membership vs mediating community challenges and incidents. Instead puts mediation and enforcement into the community. 
• focus on mediation vs litigation.
• incident management and transparecy reporting //build out an incident management team
• projects can plug into this with better incident reporting structures than contact someone an attorney at Linux Foundation
• projects can have liasion reps which can then feed into staffing for incident response groups

Next Steps

• Discuss at a TOC meeting
• Bring in current and emeritus Kubernetes CoCC to help formulate and bootstrap discussions
• Bring in project maintainers from CNCF projects; possiby create a special Maintainers Circle for this topic

Open Questions

• We would need this to be an independent body. Where would that sit?
• can an overarching committee have sufficient visibility into project-specific context to offer quality outcomes around restoration after an incident?
• Does a CoC action taken in one project affect a contributor’s ability to participate in other CNCF projects?
• Escalation path for events?
• Liability coverage for Committee decisions