Meeting Minutes: Board and BAC Monthly (2025-09-22)

Below are the minutes from the recent BAC and Board of Directors meeting. All members receiving this notification are encouraged to review the minutes and actively participate in the discussion. That’s one of the opportunities to engage directly with BAC members by replying in the thread below. Your input helps us ensure the OpenSSL community remains transparent, collaborative, and responsive to your needs

Attendees

@Anton Arapov, @James Bourne, @Jaroslav Reznik, @Katerina Micova, @Lenka Luklova, @Paul Dale

Absent: @Billy Brumley, @Jeff Johnson, @Randall Becker, @Tim Hudson 

Agenda

1. Attendance and meeting setup

2. Deprecated API and engine removal strategy

3. BAC election timing and governance alignment

4. OpenSSL Conference planning and participation

5. Policy development on AI usage and detection

6. Open Source Security community engagement and media coverage

7. General updates and coordination

Key Points

• Attendance and setup: Participation was lower than usual, with confusion over scheduling and calendar invites. Some members reported difficulty joining. The group agreed to improve calendar coordination and explore using Google Meet to ease remote participation.

• Team transition: Lenka was introduced as a new team member, taking over Katerina’s position as she moves into the marketing department. Lenka will handle invitations and coordination going forward.

• Deprecated API removal: Anton and Paul led a discussion on the removal of deprecated APIs, especially engine-related functions. The consensus in the much smaller group was that it is better to remove deprecated APIs clearly—rather than maintaining silent stubs—provided communication is strong and transparent. Paul recommended compiling a full list of deprecated APIs with clear explanations of impact. A community consultation process will precede final decisions as there are clear views that are strongly opposed to deprecation within the community.

• BAC election timing: Anton proposed aligning BAC elections with director terms, tentatively targeting February elections, with new members seated in March to ensure smoother governance. Initial feedback supported this adjustment. Will be discussed in in-person meetings before the conference.

• Conference preparations: Registration is looking strong. Efforts are underway to encourage major companies, particularly in the Czech Republic, to participate even as we head up to the conference itself. Sponsorships are being leveraged to cover tickets and hotel costs for some key invitees. One speaker slot remains open due to a cancellation, and Jaroslav committed to sourcing participants from the open-source security community. Plans for a face-to-face dinner during the Prague conference will be finalized early to support travel planning.

• Policy development and AI usage: James raised the need for clearer policies on AI usage and detection. Anton stressed the importance of defining the problem before enacting rules, noting the challenges of detection and enforcement. A gradual, consensus-based process involving polling and advisory committee input was agreed upon.

• Community and media engagement: James reported progress on marketing and tracking downloads. Anton highlighted an interview on OpenSourceSecurity.io with Hana Andersen that generated publicity. Additional media coverage is being pursued ahead of the Prague conference.

• General coordination: Members discussed geographical and logistical challenges that limit participation. There was agreement on the importance of proactive communications and encouraging members to raise agenda items in advance.

Community and Technical Engagement

• A structured consultation process will be used for API removals, giving communities time to adapt and respond.

• Policy development on AI usage will proceed incrementally, balancing practicality with transparency.

• OpenSSL will continue outreach through media, conferences, and community-driven initiatives to strengthen engagement.

Future Releases and Transition Planning

• Deprecated API removals, including engine-related items, will be staged with clear documentation and notice.

• Feedback from the community will shape timelines and confirm impact.

• Aligning BAC elections with governance cycles will improve long-term stability.

Upcoming Actions

• A detailed email on BAC election timing to be circulated.

• A compiled list of deprecated APIs slated for removal to be shared publicly for consultation.

• Media coverage outreach to continue in support of the conference.

• AI policy discussions to remain on the agenda, with polling and proposals developed gradually.

Future Meetings and Events

• October 2–3, 2025: BAC and TAC face-to-face meeting in Brno.

• October 7–9, 2025: OpenSSL Conference in Prague.

Action Items

• Anton → Circulate email on BAC election timing; coordinate with potential conference attendees and sponsors; continue monitoring policy development process.

• James → Engage community on AI policy via feedback and polls; compile input for presentation in upcoming meetings.

• Jaroslav → Submit talk proposal for the conference; confirm speaker slot; assist in sourcing additional attendees; coordinate travel planning with Anton and Lenka.

• Katerina → Support Lenka during transition; assist with conference preparation before fully moving to marketing.

• Lenka → Take over Katerina’s responsibilities; send invitations for face-to-face meetings; coordinate logistics.