Meetup at CD Summit / KubeCon

Subject: Meetup at CD Summit / KubeCon

From: Kay Williams <kayw@microsoft.com>

Date: Tue, 12 Nov 2019 19:28:46 +0000

Accept-language: en-US

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=P7ZjrfhXhMTKrXfbQ5+efLeWfI69Zv2EpK930Nut2c8=; b=Ujc+28Z0Xdosih9pY9/awkU8ANGwyChG6+gZFl7ZJGhP3ZyEI+zsytFHP1dHR3cEyraayzcl+wK7XzsKHN7VnkhcSxGWCFTihsz33k3yokLVk7UlZRaQNoaL3XmNi8It8ZohDT5LLb6kPFIZe6uptDOI8eqSrxs49ohHI2YCufXJo+G5GlTnCpiWlPlOJYByLrOj6AFVjRsuWeOGX9R+HBxrzsC/BEa3g1gxgJpRnZN5pFXssg9BI+aJ7WI5XpAn+AdOWsn8JzSvyMSUb8dypeuFCX1PlKPugz8iitrA86R+RvZc0JOeWoMIPyVD+pcMg38XQ7Hk7hd02pLU9bJE+Q==

Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=debHJrEjGdqPWzjYgbDRXx0ihrbt6HmE5ATEVsIkY5MxNqInMlb+BZw6d41GTRoFgqg7q9zfisRHXXWFu9jA+lXcMinCxGz4b0UrY0hmy7LRCUGgyct88uGAJXko2qNYNFouMcKoOyzb3TD3HZWLOz0zaj3ghTpNX6KKQe5QzDglt3e7oyI+eBek7VP7eD7/o/S43J3Ah2jVccqRxORa8clpXmoJDoA6zbL6nhBrpj82GsGtsgT0v4hSeqGd19zQWHTpF4SocOscucmdr69OxP52uyDtYyKaAz+nW+oQaACtuSvcX+prDm/srhoO2N0lO2YMhYc0uMy0QX9+GYwNOg==

Authentication-results: spf=none (sender IP is ) smtp.mailfrom=kayw@microsoft.com;

Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=P7ZjrfhXhMTKrXfbQ5+efLeWfI69Zv2EpK930Nut2c8=; b=WfMiu6MPfUeJDa+xT4+j40ORguwCH0S1By9MQXlDggtHUUHx4yw20yCiH+zh3sMbFnWjwDX/SEBSBXwOC7z9Gv8zexPmYT6HvCEhRH2zuipdFaaVio2kDpz9PZjv57uPjwikHjvDgbvdYc0VekChwtQ0Go6jtYlvfrMl5gmHlDU=

Msip_labels: MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Enabled=True; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SiteId=72f988bf-86f1-41af-91ab-2d7cd011db47; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Owner=kayw@microsoft.com; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SetDate=2019-11-12T19:28:45.3894992Z; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Name=General; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Application=Microsoft Azure Information Protection; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ActionId=3a81e3eb-77ba-48f7-ae07-230b70397dee; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Extended_MSFT_Method=Automatic

Thread-index: AdWZiRGEfDLVlleiSu+ZfvUBKT2i9A==

Thread-topic: Meetup at CD Summit / KubeCon

Hi everyone,

Several of us will be in San Diego next week (Nov 18 – 21) for CD Summit / KubeCon. I would like to find a 3 hour block of time to meet (physically and virtually) for discussion and planning. For this 3-hour meeting, I would like to broaden the conversation from SBOM to the overall software supply chain ecosystem including the following:

Artifact signing - how do producers sign artifacts, and distribute, revoke and replace keys?
Artifact metadata repositories – how do producers allow queries and updates of the artifacts and SBOMS they provide?
Artifact policy - how do consumers specify which artifacts they allow?
Artifact enforcement - how do consumers enforce policies on artifacts entering their ecosystems?

I am working with the Marriot Marquis to secure a room for the meeting. Here are some tentative times:

Monday 11/18

5-8 PM

Thursday 11/21

9-Noon
1-4 PM
5-8 PM

Please reply (to me) with the following:

Are you interested in participating in these discussions?
Will you be at CD Summit / KubeCon?
Do you have a preference for any of the above dates and times?

I will create a separate email thread with interested folks.

Thanks,

Kay

Follow-Ups:

Re: Meetup at CD Summit / KubeCon
- From: Santiago Torres Arias <santiago@nyu.edu>