General Meeting/Minutes/2012-11-29

• Attendance: 11
• Minutes of Nov 1 meeting approved.
• Lead by Phil Odence

Special Report on Open Compliance Summit, Japan - Adam

• Overview
  • End of October. Great Event in General.
  • Surprising amount of awareness/interest in SPDX to help with recruitment
  • Adam/Mark Gisi (Windriver) pulled together a come all SPDX info meeting to help with recruitment
  • Chatham House rules, so sharing but no attribution of comments
• Unscheduled Roundtable
  • Pulled together at last minute for end of first day
  • 12 participants (surprisingly high)
  • Lots of interest and awareness. According to Adam, "the concept of SPDX sold itself)
  • Continued discussion with a number of participants the next day
• Flavor of discussion/inquiry
  • Caution/Concern
  • Fear of Unknown
  • Language Issue
  • Fear of obligation- Worry that signing up is somehow a big commitment
• Concerns
  • Language Issue
    • More written materials would really help
    • English is OK (for written stuff) but looking for "User Manual" level documentation
    • The language of the Spec itself is difficult for non-English speakers
  • Seems Complicated
    • But MarkG was able to make folks understand it's not really
    • So a simple, written explanation would really help
    • Specific interest in understanding mandatory v. optional; what's the minimum
    • Kate had similar experience at U of Nebraska - Concern about complexity that went away after simple explanation.
    • So, all this is s general issue, but answer for Japan has to be written doc due to language.
  • Obligation
    • Concern that if you touch SPDX, you have to overhaul your entire compliance operation
    • Need to help folks understand, it's just a format and can fit your processes; it's a spec, not a business method
• Current State
  • A number of companies we didn't even know were aware are piloting internally
  • Some of these are not even on any mailing lists
• How we can help
  • Written, user level doc
  • Help people understand how to dip a toe in
  • Lots of interest in understanding how to be just a consumer

Business Team Report - Jack

• Met with Matt and team at U of Nebraska
  • Good progress with adding SPDX output capability to FOSSology
  • Turned up some issues with the existing tools which Gary is looking into
  • Discussion about creating tools for consuming SPDX
  • Looking at integrating with Git and Jack envisions an Eclipse-like plug-in framework
• Team understands need for a consumer guide- we need a resource to take that on
• After first of year need to start planning F2F at Collboartion Summit
• Steve Cropper is driving the idea of creating a model supply chain with different participants exchanging and compiling SPDX files.

Tech Team Report - Kate

• Working on Modeling different approaches
• Testing against use cases
• Anticipated slowness due to holiday and as well as Ed's being somewhat tied up

Legal Team Report - Jilayne

• Anticipating downtime over holidays.
• Finishing up FSF license list additions to be included in LL 1.17
  • Should be by end of year
  • Represents 30-40 new licenses
• Recent discussion has been about criteria or "filter" for license adds wiht a small group; needs broader input
• Next meeting will discuss 2013 priorities

Cross Functional Issues – Phil

• Web Site Update - Jack
  • Framework is in place
  • Getting feedback from Core Team
  • WE NEED SOME VOLUNTEERS TO WORK ON THE TRANSITION AND ONGOING. HELP

Attendees

• Phil Odence, Black Duck
• Jilayne Lovejoy, OpenLogic
• Kamyar Emami, Protecode
• Gary O'Neill, SourceAuditor
• Kirsten Newcomer, Black Duck
• Jason Buttura, Cisco
• Pierre Laponte, nexB
• Kate Stewart
• Jack Manbeck, TI
• Adam Cohn, Cisco
• Scott Lamons, HP