Hyperledger Project
Technical Steering Committee (TSC) Meeting
Hyperledger Project - Technical Steering Committee (TSC) 05.11.17.mp4
May 11, 2017 (7:00am - 8:00am PT) via GoToMeeting
TSC Members
Arnaud Le Hors | Yes |
Binh Nguyen | Yes |
Christopher Ferris | Yes |
Dan Middleton | Yes |
Greg Haskins | |
Hart Montgomery | Yes |
Mic Bowman | Yes |
Murali Krishna Katipalli | Yes |
Richard Brown | Yes |
Sheehan Anderson | Yes |
Tamas Blummer | Yes |
Resources:
- Rocket.Chat: chat.hyperledger.org (you can use your LFID to login)
- Github: www.github.com/hyperledger
- Wiki: https://wiki.hyperledger.org/
- Public lists: lists.hyperledger.org
- Information on the TSC Members can be found at https://www.hyperledger.org/about/tsc
- Meetings: wiki.hyperledger.org/community/calendar-public-meetings
Beijing Hackfest
- June 19-20, register now / agenda (draft)
- Focusing entirely on Hackfest (will not hold a Hackathon during weekend prior)
- Space for up to 200 participants at Hackfest on June 19-20
- In addition to typical Hackfest activities, let’s also focus on bringing in new devs and getting them up to speed on how to be contributors to the different projects
- Strongly encourage our global technical community to travel for this event
Cello Community
- Brian: Happy to see the Hyperledger Community have a frank discussion, positive contributions, and manage to resolution. One of the challenges in open source is the concern that the “real” conversation is happenign somewhere else -- anything we can do to migitate that is a good thing.
- Formal discussions need to happen in formal channels. Unofficial channels should only be used sparingly and should still be open and accessible. Encourage everyone to use the official channels in place.
- It is ok to observe what is happening in open source communities, do not need to be actively contributing to be allowed to observe.
- CF: TSC has deferred project governance to the projects themselves. But, having a periodic review of openness, diversity, communication, etc. would be a good thing.
- Brian: Should develop some documentation and basic guidelines around what we want to standardize around developer culture, how to move from contirbutor to code reviewier or maintainer, etc.
Iroha (Makoto Takemiya)
- Intent to seek approval to graduate to active status (proposal pending)
- Progress on core system, Community has also grown a lot (50% of contributors are non-Soramitsu)
- Suggestion was made to stop using Telegram for communication and encourage the Iroha Community over to the official channel on rocket.chat.
CII Badge Certification Requirements and Secruity Bug Process discussion
- Dave Huseby provided and overview of the Hyperledger Security Bug Proposal Draft
- Q: Why keep security bugs private?
- Dave: It takes time to figure out correct solution and also allows a response team to go out to existing installs to provide them a way to patch before it is known publicly. Once a vuln is disclosed, hacking tools will start scanning to exploit unpatched installs.
- Consider CII Badge requirement to advance a project from incubation to active?
- Q: What about is a project is not related to security?
- There can be security holes in any software.
- Q: Is the CII Badge enough? Does it provide a false sense of complacency related to security?
- Dave: CII badge is more focused on doing the right things in OSS. Under that umbrella, there are some security pieces that we will supplement a more robust process.
- Dave will update proposal based on this and other discussion, then bring to a vote next week.