Dale Peterson interview.
FYI: There's no shortage of SPDX bashing out there claiming SPDX doesn't support vulnerability reporting. https://unsolicitedresponse.libsyn.com/tom-alrich-on-all-things-sbom Listen around the 8 minute mark. These are the words of the NTIA Energy POC leader. Clearly biased. SPDX V 2.3 will shut down these boisterous claims from those that bash SPDX. Thanks, Dick Brooks <https://reliableenergyanalytics.com/products> Never trust software, always verify and report! T <http://www.reliableenergyanalytics.com/> http://www.reliableenergyanalytics.com Email: <mailto:[email protected]> [email protected] Tel: +1 978-696-1788 From: [email protected] <[email protected]> On Behalf Of Thomas Steenbergen Sent: Tuesday, February 8, 2022 8:10 PM To: Thomas Steenbergen <[email protected]>; [email protected]; [email protected] Subject: Re: [spdx-defects] SPDX Defects (Vulnerabilities) Profile call Hi everyone, Based on people submitting their availability to the doodle <https://doodle.com/poll/9752zbs29fn6ch77?utm_source=poll&utm_medium=link> poll the best time to meet for weekly SPDX Defects meeting is on Wednesday at: * 8 - 9 PM CET (Amsterdam / Paris) * 1 - 2 PM CST (Chicago) * 2 - 3 PM EST (New York) * 1 AM - 12 PM PST (San Francisco) * 4 AM - 5 AM JST (Seoul / Tokyo) I will shortly send out a re-occurring meeting invite to everyone on the spdx-defects <https://lists.spdx.org/g/spdx-defects> mailing list - our next meeting will be on February 16th. One of the first agenda topics will be to discuss making it possible to link to security vulnerability information in SPDX 2.3 to offer a solution until SPDX 3.0 is ready. Regards, Thomas _____ From: Thomas Steenbergen on behalf of Thomas Steenbergen <[email protected] <mailto:[email protected]> > Sent: Tuesday, January 25, 2022 6:49 PM To: [email protected] <mailto:[email protected]> <[email protected] <mailto:[email protected]> >; [email protected] <mailto:[email protected]> <[email protected] <mailto:[email protected]> > Cc: [email protected] <mailto:[email protected]> <[email protected] <mailto:[email protected]> > Subject: SPDX Defects (Vulnerabilities) Profile call Hi all, I would like to start a new weekly meeting series to continue the work on the SPDX Defects profile - the new profile in SPDX 3.0 to exchange defects information including security vulnerabilities. If you are interested, in participating in this profile please join spdx-defects mailinglist <https://lists.spdx.org/g/spdx-defects> and fill in below linked doodle so I can learn which day of the week and time works best for everyone to schedule the weekly call. https://doodle.com/poll/9752zbs29fn6ch77?utm_source=poll <https://doodle.com/poll/9752zbs29fn6ch77?utm_source=poll&utm_medium=link> &utm_medium=link Regards, Thomas -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#4368): https://lists.spdx.org/g/Spdx-tech/message/4368 Mute This Topic: https://lists.spdx.org/mt/89031871/21656 Group Owner: [email protected] Unsubscribe: https://lists.spdx.org/g/Spdx-tech/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
