Our export control work group continues to explore pre-existing material and how it can be made easier to find, navigate and repurpose. The focus is on reviewing the new volunteer project being set up at https://github.com/crypto-law-survey to explore the continuation of Bert’s http://www.cryptolaw.org/ as a general community resource. Check out the recording to learn more.
The 52nd OpenChain Webinar will cover a proposal from the Okinawa Open Labs in Japan to help “label” items in the supply chain to increase trust.
Our presenter will be MASANORI TSUJIKAWA (辻川公章) from Alaxala.
Our topic will be the Trusted Network Introduction – Eco-system based Open Trust Chaining over existing value-chain and supply-chain.
Everyone can join from this link:
https://zoom.us/j/4377592799
What We Did On The Call
We focused on the Licensing Specification:
- Improved Terms and Definitions as per OpenChain Monthly North America and Europe Call – 2023-06-06:
- – Added some words on our side:
https://github.com/OpenChain-Project/License-Compliance-Specification/commit/78ba24492cdcfaf65a32c3de9f95044dabdafa9c - – Updated Terms and Definitions with key words as per https://www.ietf.org/rfc/rfc2119.txt:
https://github.com/OpenChain-Project/License-Compliance-Specification/issues/67
- Changed SPDX definition to Software Bill of Materials definition citing SPDX as per OpenChain Monthly North America and Europe Call – 2023-06-06 and #35:
https://github.com/OpenChain-Project/License-Compliance-Specification/issues/35
The next meeting of the OpenChain Automotive Work Group is scheduled for June 14th at 08:00 Central, 09:00 Eastern, 13:00 UTC, 15:00 CEST, 21:00 CST and 22:00 JST.
Schedules permitting, we will be having case studies from North American and Asian automotive experts. We want to have a particular focus on the practical aspects of managing open source in large manufacturers with complex automotive supply chains.
Our agenda will be lead by our Chair, Masato Endo of Toyota in Japan, and Russ Eling of OSS Consultants in the USA. As usual, this will be a live event, and everyone is free to join.
When
Wednesday (2023-06-14) @ 09:00 Eastern, 13:00 UTC, 15:00 CEST, 21:00 CST and 22:00 JST
Location
Newsletter – Issue 54 – May 2023
The OpenChain Newsletter provides a monthly summary of our work. It contains an overview of what we are doing to build trust around license compliance and security in the open source supply chain. We accept suggestions and ideas. Feel free to mail us at any time.
This edition of the newsletter was created and shared by Qiuyue Qi of OpenSCA, and we provide our thanks for the contribution!
Main News
Let’s welcome CARIAD to the board and NORDEMANN as a new partner:
Activities
The OpenChain Project has joined NLnet Software Supply Chain Webinar Series, and also presented at GOTC and OSCAR in China.
Additionally, we held a mini-summit at the Linux Foundation Open Source Summit North America:
Case Study
There is a case study for people who are interested in AI topics:
Material
OpenChain ISO/IEC 5230 now has Wikipedia page in Spanish:
A CC0 version of REUSE.software Specification 3.0 is available:
We have updated OpenChain Conformance Badges, and added new mascots to the community.
For June, overview presentations have been released.
Routine
Education and legal work groups had regular meetings:
- OpenChain Education Work Group 2023-05-11 – Recording
- OpenChain Education Work Group – 2023-05-25 – Recording
- OpenChain Legal Work Group – 2023-05-25 – Overview and Recording
Check our monthly meeting below:
- OpenChain Monthly Meeting 2023-05-02 – Recording
- OpenChain Monthly Meeting for North America and Asia – 2023-05-16 – Recording
- OpenChain Japan Work Group – Meeting 27 – Hybrid 2 – 2023-05-18
Others
The OpenChain Project has been featured at ‘Efficient IP management in a market increasingly using open source’ on IAM.
Check Out All Our Previous Newsletters:
The SBOM Sub-Group of the OpenChain Japan Work Group has officially submitted their proposal for the inclusion of SPDX Lite in the forthcoming SPDX 3.0 standard for Software Bill of Materials.
SPDX Lite was originally included in SPDX 2.2 and became part of SPDX ISO/IEC 5962:2021 in August 2021.
SPDX Lite is designed to make it quick and easy to get started with a Software Bill of Materials in situations where a company may have limited capacity for introducing new items in their process management. It aims to balance the SPDX standard and actual workflows in some industries.
Learn More In The Official SPDX Project Pull Request
NORDEMANN, a law firm based in Germany, is the latest official OpenChain Partner. Based in Berlin, NORDEMANN combines a team with a long pedigree of legal provision with a clear, modern vision for making the complex simple.
“NORDEMANN as an IP/IT boutique law firm from Germany is committed to excellence in its work for its clients, such as IT companies and other industries using open source and contributing to such projects”, says founding partner Christian Czychowski, Honorary Professor at the University of Potsdam. “We are happy to now underline such excellence by having been accepted as partner of the renown OpenChain industry standard for open source compliance. By that can be part of this great community around the globe that sets the rules which help to build the all important trust in supply chains.”
“We are delighted to welcome the NORDEMANN team to the our official partner program,” says Shane Coughlan, OpenChain General Manager. “The availability of reputable legal advice is a key pillar in the effective market growth of our standards for open source license compliance and security assurance. The delivery of more choice in the German market marks a further milestone in the maturity of the OpenChain ecosystem.”
Learn More About NORDEMANN On Their Website
The OpenChain Project releases presentations in English roughly every month to help with community outreach. You can find the full collection on our GitHub. June’s presentation comes in three variants:
- Corporate (minimal mascots)
- Cute (new 2023 mascots)
- Classic (our old penguin mascots)
