Figure out TAC election/nomination process after 6 months

[caniszczyk]

The charter states that the TAC needs to figure out its composition and election process after bootstrapping.

[caniszczyk]

There are a lot of options here, usually it's good to ensure the TAC represents the different constituents in the community. Here's a rough sketch of what it may look like

• 5 slots WG elected participants
• 2 slots GB elected/appointed
• 2 slots independent security experts

[dlorenc]

Do we know the exact day the 6 months comes up?

[LindsayLF]

Hi @dlorenc! OpenSSF launched on Aug 3, 2020, here are the 3 months & 6-months marks:

• 3 months: November 3, 2020
• 6 months: February 3, 2021

[dlorenc]

We started to discuss this yesterday. There are a lot of options on how to fill the TAC. I'll start with my strawperson:

• Keep the TAC at 7 members
• 4 members are elected by the Governing Board
• 3 members are elected by contributors to the Technical Initiatives.
  • Each technical initiative is responsible for deciding who is a "contributor" and eligible to vote. The final list is de-duped across initiatives.

I don't like the ideas where each initiative appoints a representative. I'd rather see each spot election-based, with the GB members choosing some and the contributors choosing the rest. The exact split can vary.

[david-a-wheeler]

I'll see if I can learn any legal issues or recommended constraints.

[david-a-wheeler]

Please note that the OpenSSF charter, exhibit B, section 6(d) says:

"d) OpenSSF Members that are part of a group of Related Companies (as defined in Section 8) may have no more than two voting representatives on the TAC."

Section 8(a)(i)-(iii) then includes the definitions of Related Companies and related terms.

For the Charter see: https://github.com/ossf/foundation/blob/main/Review%20Copy%20Only%20-%20Not%20for%20Execution_OpenSSF%20Participation%20Agreement%20and%20Charter%20(rev.%202020%2011-10-2020).pdf

I presume this was to ensure that no one organization could just control the group; the whole point is to let everyone work together.

[mayakacz]

Keep the TAC at 7 members

I agree with this. We discussed the potential concerns on including WG leads as TAC members, and the conflict of interest it would create.

I don't like the ideas where each initiative appoints a representative.

Agreed.

may have no more than two voting representatives on the TAC.

I presume this was to ensure that no one organization could just control the group; the whole point is to let everyone work together.

The simple solution here is a runoff - whoever are the 'first' two are eligible, and any further open positions go to the next eligible candidate.

---

With that, I'd support @dlorenc 's proposal here

• Keep the TAC at 7 members
• 4 members are elected by the Governing Board
• 3 members are elected by contributors to the Technical Initiatives.
  • Each technical initiative is responsible for deciding who is a "contributor" and eligible to vote. The final list is de-duped across initiatives.

We need to decide quite soon if this is for a change in <a month.

[LindsayLF]

Feedback Requested

@dlorenc @rhaning @david-a-wheeler and I reviewed and created the following doc, we would like the community's feedback on the TAC election/nomination process for the future:
OpenSSF TAC 6-Month Process Overview Draft

[SecurityCRob]

This issue has been replaced with the process listed in #65.
This issue can be closed.