THE SPDX WIKI IS NO LONGER ACTIVE. ALL CONTENT HAS BEEN MOVED TO https://github.com/spdx

General Meeting/Minutes/2011-04-21

From SPDX Wiki
Jump to: navigation, search

Technical Team Report - Kate

Team is recovering from specification review held at the Linux Collaboration Summit face-to-face meeting.

An initial revised draft (PDF) incorporating first round of feedback, dated 20110411, is posted here: http://spdx.org/wiki/spdx/specification

Team is working through discrepancies and adding examples for RDF

It's still possible to have the tools complete (alpha quality) by the end of April, or within one week of beta spec being finalized.

Requested feedback from legal team on web page location (URI) for special terms such as UNDETERMINED.

  • Previously specified: the URI for these terms points to entries on on the spdx.org/licenses web page
  • New proposal: the URL for these terms points to appropriate Terms page on the spdx.org web page. Reasoning: These special terms are used for data fields for License, Copyright, and Project download/homepage URIs. Since the terms are not specific to licenses, it seems more appropriate to post the definitions for these terms on a terminology web page rather than the spdx.org/licenses web page.

Business Team Report - Kim

Coordinators have been identified for the 3 beta pairs. Kick off calls planned for early May (likely 2nd week).

Training materials in progress and will be finalized once beta spec is final.

Three new discussion/action threads were identified at the Linux Collaboration Summit face-to-face

  • connect with yocto project and possibly other build tools for potential integration
  • outreach to additional open source communities
  • review/update SPDX website for ease-of-use by newly members, beta participants and casual users

Legal Team Report - Rockett

2 active discussions continue: metadata licensing and how to handle id'ing author/reviewer

Metadata Licensing: Stil active discussion delving in aspects of:

  • Confidentiality
    • when exchanged between two parties
    • when made public (how to avoid copyright issues)

How to handle id'ing authors/reviewers

  • There is value in this data
  • Pedigree data creates concerns
  • Making author/reviewing anonymous creates trust issues

Related: Trying to determine beta approach for audit / revision history

  • Change log has been proposed but there are timing and complexity questions
  • Working to put together straw man
  • Team considers this is not required for beta but would like input from beta participants
  • This becomes more important as supply chain expands beyond two

Action Items

Most of the action items belong with the Teams. So, in addition to statusing, we will dispatch them to the respective teams and will not continue to track in this meeting. Action items for this meeting will be cross functional.

  • Kate- Beta collateral: Examples in XML and spreadsheet form. PENDING
  • MartinM- Report back on # of people on respective mailing lists. ONGOING
    • spdx: 98
    • spdz-biz: 17
    • spdx-legal: 23
    • spdx-tech: 21

Attendees

  • Kirsten Newcomer, Black Duck Software
  • Esteban Rockett, Motorola
  • Kate Stewart, Canonical
  • Tom Incorvia, Microfocus
  • Gary O'Neall, Source Auditor
  • Jillayne Lovejoy, OpenLogic
  • Michael Herzog, NexB
  • Kamal Hassin, Protecode
  • Peter Wiliams, OpenLogic
  • Richard Faulk, Black Duck