OpenSSL Open hours - how could it work
How do I think OpenSSL Open Hours should work
(Sorry, the original text somehow disappeared)
It should be a live meeting between external people and OpenSSL representatives. Discord/Matrix has no advantages comparing to GitHub issues/discussions.
The agenda should consist of existing GitHub issues so OpenSSL representatives could prepare to the discussion. Probably with some simple AOB.
Normal frequency/timing is a one-hour bi-weekly meeting with time zone rotations.
Jeff Johnson Thu 15 May 2025 1:45PM
What about a Discord channel or some other OpenSSL approved messaging/chat application. Or do we feel that this channel is good along with issues in github? How do the TAC's feed into this notion? Are they more technically involved? Sorry but this does make me think about better ways to engage.... I hope we can discuss more in next Monday's meeting.

Jaroslav Reznik Thu 15 May 2025 8:40AM
Hey,
This is exactly the topic for today's and tomorrow's OpenSSL Corporation BAC meeting how to engage communities and what other communities do to share what are the best practices.

James Bourne Thu 15 May 2025 9:59AM
Excellent idea. I'm a Trusted Partner Network Assessor (https://ttpn.org), and we have a monthly Open Hours to discuss the cybersecurity program, updates to the control framework, issues encountered when auditing the media and entertainment supply chain, and so forth. The best part is that you meet with your peers and can gain insight and ideas regarding auditing techniques. The hard part will be socialising the Open Hours and ensuring the legitimacy of participants.

Neil Horman Fri 23 May 2025 1:40PM
an open meeting on a rotating timezone makes sense to me. We should probably assign an individual to run the meeting from each time zone so that there is some consistency in how the meeting is run.
Neil Horman · Thu 15 May 2025 12:27PM
Are you thinking of a live chat mechanism, or something with deferred latency (i.e. an issue tracker or mailing list)? The former would have some immediate impediments in that the openssl organization, while being fairly distributed still has some gaps in its time zone availability.