Re: SPDX Goes ISO
I just realized that the DocFest will be demonstrating interoperability of an ISO standard SBOM.
Great timing getting the ISO standard status before the 9/16 DocFest. Very cool!
Thanks,
Dick Brooks
Never trust software, always verify and report! ™
http://www.reliableenergyanalytics.com
Email: dick@...
Tel: +1 978-696-1788
Sent: Friday, September 10, 2021 6:45 AM
To: spdx@...
Subject: Re: [spdx] SPDX Goes ISO
We may quote you on that!
From: spdx@... <spdx@...> on behalf of Shane Coughlan <scoughlan@...>
Date: Thursday, September 9, 2021 at 9:16 PM
To: spdx@... <spdx@...>
Subject: Re: [spdx] SPDX Goes ISO
Seconded!
This is tremendously important for the governance ecosystem.
Regards
Shane
On Sep 10, 2021, at 0:15, Steve Winslow <swinslow@...> wrote:
A big +1 from me. Thank you to all the SPDX contributors and everyone involved in the years-long process of getting the SPDX standard to where it is today, and especially to Kate for her tireless efforts in making it all happen!
Steve
On Thu, Sep 9, 2021 at 11:03 AM Phil Odence via lists.spdx.org <phil.odence=synopsys.com@...> wrote:
I’m pleased to announce that SPDX is now ISO/IEC 5962:2021.
Many people have worked hard over the last decade to get us to this point. Big credit goes to my Steering Committee colleagues who have all been instrumental. And we should recognize that this was all Kate’s brainchild. I believe it was Fall of 2009 when she started informally socializing the idea of a standard SBOM format at Linux Foundation events. Not too long thereafter, in the then single weekly meeting, early participants began debating whether it should be SPDE, ultimately deciding “X” at the end would be catchier. And now it’s officially caught.
Here’s the LF press release: http://www.linuxfoundation.org/press-release/spdx-becomes-internationally-recognized-standard-for-software-bill-of-materials
Best regards,
Phil
L. Philip Odence
General Manager, Black Duck Audit Business
Synopsys Software Integrity Group, Burlington, MA
M (781) 258-9502 | phil.odence@...
https://www.synopsys.com/audits
<image001.png>
--Steve Winslow
VP, Compliance and Legal
The Linux Foundation