Dick Brooks

A truly amazing achievement – well done and congratulations to Kate and the entire SPDX and Linux Foundation community that made this happen.


So much looking forward to advancing SPDX interoperability via the DocFest event.




Dick Brooks

Never trust software, always verify and report!

Email: dick@...

Tel: +1 978-696-1788


From: spdx@... <spdx@...> On Behalf Of Steve Winslow
Sent: Thursday, September 9, 2021 11:15 AM
To: spdx@...
Subject: Re: [spdx] SPDX Goes ISO


A big +1 from me. Thank you to all the SPDX contributors and everyone involved in the years-long process of getting the SPDX standard to where it is today, and especially to Kate for her tireless efforts in making it all happen!




On Thu, Sep 9, 2021 at 11:03 AM Phil Odence via <> wrote:

I’m pleased to announce that SPDX is now ISO/IEC 5962:2021.


Many people have worked hard over the last decade to get us to this point. Big credit goes to my Steering Committee colleagues who have all been instrumental. And we should recognize that this was all Kate’s brainchild. I believe it was Fall of 2009 when she started informally socializing the idea of a standard SBOM format at Linux Foundation events. Not too long thereafter, in the then single weekly meeting, early participants began debating whether it should be SPDE, ultimately deciding “X” at the end would be catchier. And now it’s officially caught.



L. Philip Odence

General Manager, Black Duck Audit Business

Synopsys Software Integrity Group, Burlington, MA

M (781) 258-9502 | phil.odence@...  






signature_653089988   signature_1312878970   signature_1721301777   signature_106429426



Steve Winslow
VP, Compliance and Legal
The Linux Foundation

Join { to automatically receive all group messages.