News

= Language 語言 = 

This event will be held mainly in English. Part of the sessions will be delivered in Mandarin. Please see the agenda below for details.

這次的活動將以英文為主要語言來進行，部分議程則將以中文進行，詳如議程表後標示。

= Register = 

= Overview = 

OpenChain 協助產業在碰觸或思索開源合規 (Open Source Compliance) 爭議或政策時，有一套流程可以提供參考！

這場工作坊將會介紹 OpenChain 專案，同時也邀請國內外的開源合規專家來分享實務經驗，特別是在日本流行起來的 SBOM (Software Bill of Materials) 及 OSPO (Open Source Program Office) 。OpenChain 的推動過程中如何會遭遇到什麼樣的困難，又有什麼克服的方法 ? 若是你正在使用、正要接觸開源軟體，或者是單純想要了解開源軟體，都歡迎你一起加入討論！

什麼是 OpenChain ?

OpenChain 已在 2020/12/16 正式成為 ISO 認證（ISO/IEC 5230:2020），透過導入 OpenChain ISO 標準，供應鏈裡各參與廠商將能清楚了解在哪個開發環節使用哪些自由開源軟體，並進一步釐清發生授權問題的解決方案。

開源軟體在全世界的應用非常廣泛，隨著開源軟體的商業化，複雜的開源授權規定也讓許多商業使用者不知所措，而層出不窮的侵權糾紛，也讓開源合規的議題逐漸受到企業重視。隸屬於 Linux Foundation Project 的 OpenChain 專案透過簡化及標準化開源合規實務，使企業、組織可更為有效滿足開源合規，從而建立產業供應鏈對開源軟體的信任。包含微軟、Google、高通、西門子、Sony 與 Uber 等都已採用OpenChain 進行開源合規管理並通過 OpenChain 認證。

 = Agenda 議程 = 

13:30~14:00｜Check-In 

14:00~14:10｜Opening 開場

14:10~14:40｜OpenChain – From One Standard To A Family
English / Shane Coughlan, General Manager at OpenChain Project, The Linux Foundation

14:40~15:10｜如何建立開源管理機制，做到安全又合規？ How to construct an open source managing system to achieve security & compliance?
Mandarin / 中文 / Singing Li, CEO, Open Culture Foundation (李欣穎，開放文化基金會執行長)

15:10~15:40｜Break – Tea Time 

15:40~16:10｜ “SBOM” and “OSPO” in JAPAN
English / Masato Endo, Group Manager of Driver Monitoring Group, Toyota.

16:10~16:40｜ 深入淺出國際開源資安標準 OpenChain Security Assurance Specification
Mandarin / 中文 / SZ Lin (林上智), Chief Expert, Bureau Veritas

16:40~17:00｜Q & A

= Information / 相關資訊 =

• OpenChain 台灣社群官網
  https://openchain-project.github.io/OpenChain-TWG/
• OpenChain 台灣社群 Telegram
  https://t.me/joinchat/O6BDhVXYm17Bm8_4s-aZIg
• OpenChain Project / OpenChain計畫官網
  https://www.openchainproject.org

 = Location / 場地位置 =

集思北科大會議中心 205 瑞特廳 

地址：台北市忠孝東路 3 段 1 號-億光大樓 2 樓 ( 197 號旁邊棟)

 = Contact / 聯絡信箱 = 

若您對於本活動有任何的問題或意見，歡迎透過電子郵件信箱 taiwan-wg@lists.openchainproject.org 或直接到 OpenChain telegram 頻道提出。

The Export Control work group is collaborating on a pre-existing website conversion project.

This involves:

• Getting reviews going for the per-country files.
• Thinking about common attributes of country files.

This is the website we are working on converting from HTML to MarkDown:

• http://www.cryptolaw.org/

We are working on it here:

• https://github.com/crypto-law-survey/crypto-law-survey

We have a bunch of issues opened:

• https://github.com/crypto-law-survey/crypto-law-survey/issues

Since the last call we have closed a few:

• https://github.com/crypto-law-survey/crypto-law-survey/issues/14
• https://github.com/crypto-law-survey/crypto-law-survey/issues/15
• https://github.com/crypto-law-survey/crypto-law-survey/issues/6

Check out the recording below to see what we did next.

Provisional minutes. Recording below.

(1) We are doing to do a reset of the group to help people engage more, especially with regards bringing back more technical people and technical updates.
(2) First, we use the Sharing Creates Value GitHub repo as the single source of truth for organizing things from now on, including (a) new content, (b) polls for next steps and (c) arranging future meetings.
(3) We move to a new agenda that brings back the emphasis on engineering as follows:
– News (~10 mins?);
– Technical discussions unpacking open source tools etc (~30-40 mins?);
– Update on the meta level (capabilities map) (~10 mins?).
(4) We will also introduce a fix group of chairs (volunteers) to help ensure the meetings are driven forward while not overloading any one person. Redundancy and mutual support is the goal.

• Seeking a volunteer to help run the 3rd Tuesday of August 🙂
• Shane can help run both meetings in September.
• Marcel is going to help run the first meeting in October.

Other items:

Make the Global Calendar clearer – including timezone offsets – so people can use this as the single-source of truth for confirming our call times. Done. See:
https://www.openchainproject.org/participate

The Software Engineering Maintenance and Evolution Research Unit (SEMERU) lab at William and Mary is running a new survey relating to third-party software license compliance. The target audience is “people with a background in law, preferably with a law degree and some amount of experience in practice.”

Research Goal and Procedure

The purpose of this study is to investigate issues, needs, and opportunities related to open source software licensing. In particular, this study aims to investigate how legal practitioners address concerns related to software licensing and identifying pain points and unmet needs.

If you decide to participate, you will take a brief survey via the Qualtrics platform. The study will last about 15 minutes during which time you will be asked questions regarding your familiarity and experience with several topics related to open source software licensing that pertain to your work.

With your permission, we may contact you by email and invite you to participate in a follow-up interview.

Access the Survey

• https://wmsas.qualtrics.com/jfe/form/SV_emy0Tqan7qRWAlw

About the College of William & Mary

The College of William & Mary is a public research university in Williamsburg, Virginia. Founded in 1693 by a royal charter issued by King William III and Queen Mary II, it is the second-oldest institution of higher education in the United States and the ninth-oldest in the English-speaking world.