RE: [sarif] Acknowledgements

["Larry Golding \(Comcast\)" <larrygolding@comcast.net>]

That’s a really nice idea.

Michael, do you still have the victory mail where we acknowledged the contributors to SARIF v1.0?

-----Original Message-----
From: sarif@lists.oasis-open.org <sarif@lists.oasis-open.org> On Behalf Of Stefan Hagen
Sent: Sunday, May 6, 2018 5:57 AM
To: Stefan Hagen <stefan@dilettant.eu>; Larry Golding <larrygolding@comcast.net>; Michael Fanning <Michael.Fanning@microsoft.com>; sarif@lists.oasis-open.org
Subject: Re: [sarif] Acknowledgements

In addition to current contributions, we can also acknowledge past contributions say which brought the previous (contributed version of
SARIF) to life when under the auspices of Microsoft like so:

On the title page we could easily add say editors by name in the Related work section (we did this in CSAF to honor the work, the editor of the previous version which was contributed to OASIS but the editor did not join the TC):

So instead of (current):

"""
Related work:

This specification replaces or supersedes:
* None
"""

We could write:

"""
Related work:
This specification replaces or supersedes:
* Static Analysis Results Interchange Format (SARIF) Version 1.0, Microsoft Corporation, <HERE_LIST_OF_PREVIOUS_EDITORS>, 2015, <OFFICIAL_URL_I_HAVE_ONLY_THE OASIS_CONTRIB_ONE> """

As a sample, in CSAF we did:

"""
Related work:
This specification replaces or supersedes:
* The Common Vulnerability Reporting Framework (CVRF) Version 1.1., ICASI, ICASI CVRF Working Group, Mike Schiffman, Editor, May 2012, http://www.icasi.org/the-common-vulnerability-reporting-framework-cvrf-v1-1/.

"""

All the best,
Stefan.

Am 06.05.18 um 14:32 schrieb Stefan Hagen:
> Hi,
>
> I suggest as Participant list offered initially to use:
>
> Andrew Pardoe, Microsoft
> Chris Wysopal, CA Technologies
> David Keaton, Individual
> Douglas Smith, Kestrel Technology
> Duncan Sparrell, sFractal Consulting LLC Everett Maus, Microsoft 
> Hendrik Buchwald, RIPS Technologies Henny Sipma, Kestrel Technology 
> Jim Kupsch, SWAMP Jordyn Puryear, Microsoft Joseph Feiman, CA 
> Technologies Ken Prole, Code Dx, Inc.
> Kevin Greene, Mitre Corporation
> Larry Hines, Micro Focus
> Laurence Golding, Individual
> Luke Cartey, Semmle
> Mel Llaguno, Synopsys
> Michael Fanning, Microsoft
> Nikolai Mansourov, Object Management Group Paul Anderson, GrammaTech, 
> Inc.
> Paul Brookes, Microsoft
> Paul Patrick, FireEye, Inc.
> Philip Royer, Phantom
> Pooya Mehregan, Security Compass
> Ram Jeyaraman, Microsoft
> Sean Barnum, FireEye, Inc.
> Smith Douglas, Kestrel Technology
> Stefan Hagen, Individual
> Sunny Chatterjee, Microsoft
> Tim Hudson, Cryptsoft Pty Ltd.
> Trey Darley, New Context Services, Inc.
> Vamshi Basupalli, SWAMP
> Yekaterina O'Neil, Micro Focus
>
> As withing other TCs I only included members (regardless of voting
> state) iff they attended at least one meeting.
>
> I use the First/Given Name then Last/Family Name convention, as it is 
> practiced in some TCs, mirrors best our communication style in the TC 
> when conducting business, and helps finding people that sometimes 
> change that Last/Family  name (like eg. I did two times in my life).
>
> The affiliation is **not** used as grouping to make clear, that 
> individual experts are members of the TC not company delegates.
> Of course when being affiliated with a company, it is clear, that the 
> members have the clearance from the company they are affiliated with.
>
> People also changed affiliation during lifetime of this TC, so it is 
> noted the last, iff they are still members or their last participation 
> was with this affiliation.
>
> The restirction on members is naurally derived from the IPR 
> safeguarding function of the TC process and by the technical fact, 
> that observers are allowed to listen but not to talk during the 
> meetings, thus no input possible.
>
> I think this is a good candidate and I would be happy to see this 
> included in that way in our first CSD01 "baby"
>
> All the best,
> Stefan.
>
> Am 03.05.18 um 03:44 schrieb Larry Golding:
>> Yes, I agree.
>>
>>
>>
>> Sent from my Windows 10 phone
>>
>>
>>
>> *From: *Michael Fanning <mailto:Michael.Fanning@microsoft.com>
>> *Sent: *Wednesday, May 2, 2018 5:51 PM
>> *To: *Larry Golding (Comcast) <mailto:larrygolding@comcast.net>;
>> sarif@lists.oasis-open.org <mailto:sarif@lists.oasis-open.org>
>> *Subject: *RE: [sarif] Acknowledgements
>>
>>
>>
>> We should definitely start pulling together a list. I think it 
>> probably makes sense to solicit positive sign-off from all people who 
>> could be listed in this section that they would like to be, do you agree?
>>
>>
>>
>> *From:* sarif@lists.oasis-open.org <sarif@lists.oasis-open.org> *On 
>> Behalf Of *Larry Golding (Comcast)
>> *Sent:* Wednesday, May 2, 2018 4:25 PM
>> *To:* sarif@lists.oasis-open.org
>> *Subject:* [sarif] Acknowledgements
>>
>>
>>
>> As we get closer to publishing CSD.1, I need to fill in this appendix:
>>
>>
>>
>> Appendix A. (Informative) Acknowledgments
>>
>> (*Note:* A Work Product approved by the TC must include a list of 
>> people who participated in the development of the Work Product. This 
>> is generally done by collecting the list of names in this appendix. 
>> This list shall be initially compiled by the Chair, and any Member of 
>> the TC may add or remove their names from the list by request.
>>
>> Remove this note before submitting for publication.)
>>
>> The following individuals have participated in the creation of this 
>> specification and are gratefully acknowledged:
>>
>> Participants:
>>
>> [Participant Name, Affiliation | Individual Member]
>>
>> [Participant Name, Affiliation | Individual Member]
>>
>>
>>
>> Please let me know who we should list. I know there were a few Google 
>> people who contributed ideas about “fixes” early on. And then there 
>> was a long list of Microsoft people we acknowledged when we sent out 
>> our “victory mail” announcing SARIF v1. No doubt there are more.
>>
>>
>>
>> Thanks,
>>
>> Larry
>>
>>
>>
>
>


--
Stefan Hagen
read://shagen.de
talk: eventually

---------------------------------------------------------------------
To unsubscribe from this mail list, you must leave the OASIS TC that generates this mail.  Follow this link to all your TCs in OASIS at:
https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php