CRob

Staff has process for permissions & Dana is working up better definition of roles. Closing.

> > Versus a full post mortem with sensitive information, are there high level recommendations the staff has for best practices in the OpenSSF github? The TAC can then review...

has there been any progress on this issue?

Jory will be visiting us on 3Sept to discuss this and how we can move forward together on Standardization!

There are currently 4 specs that we should consider going through the standardization process: 1.) SLSA - https://github.com/slsa-framework/slsa 2.) sigstore - https://github.com/sigstore/ 3.) OpenVEX - https://github.com/openvex 4.) OSV - https://github.com/ossf/osv-schema

I don't see a specific dollar request in this. I see "2-3 contractors", but no projected cost. It is hard to approve funding without specific figures. @ware

Perfect, tyvm. The TAC will discuss this in our next call (11June)

I agree with the objective, but I would prefer to see this application come from a specific TI instead of us hunting one down. I think @ware 's suggestion of...

> Is this a duplicate of #84? If so, we can probably close that issue due to inactivity. Oh wow.... 84. That's a blast from the past. Yes, I think...

related to https://github.com/ossf/tac/issues/45