Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OpenSSF Best practices badge #45

Closed
planetf1 opened this issue Aug 15, 2024 · 2 comments
Closed

OpenSSF Best practices badge #45

planetf1 opened this issue Aug 15, 2024 · 2 comments
Assignees
@planetf1

Comments

@planetf1
Copy link
Contributor

planetf1 commented Aug 15, 2024
edited
Loading

The openssf best practices badge can demonstrate a project follows best practice.

I propose we consider this at an appropriate time for our PQCA projects (I went through this process in a previous project).
@baentsch
Copy link

Looking at the link above, I see lots of opt-outs ("It is SUGGESTED"...) that I'd consider mandatory for security software. But then again, there are some sensible MUST statements... What about the suggestion to create concrete issues in liboqs for all badge line items the project does not yet pass (incl. the SUGGESTED ones)? We don't need to work on them right away but maybe someone in the wider community may feel enticed to take some on before the "appropriate time" has come thus saving the core team effort? Seems to relate to https://github.com/orgs/open-quantum-safe/discussions/1892 and open-quantum-safe/tsc#1.

@planetf1 planetf1 mentioned this issue Dec 10, 2024
Open
@planetf1
Copy link
Contributor Author

As agreed at TAC meeting, this is a project specific issue. Opened up open-quantum-safe/tsc#120 at liboqs for further discussion there.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@planetf1 planetf1

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@planetf1 @baentsch