Skip to main content
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
[eclipse.org-architecture-council] RFC: Eclipse Foundation Secure Software Supply Chain Levels
Dear Architecture Council members,

This is a request for review and feedback on a new security framework proposal, Eclipse Foundation Secure Supply Chain Lifecycle (EF3SCL). EF3SCL is a pragmatic security framework designed to promote actionable security practices and provide a clear progression path for Eclipse Foundation projects to secure their supply chains.


The draft document for EF3SCL can be found here: https://github.com/eclipse-csi/gradually/blob/main/EF3SCL.md 


We have shared this framework with several other groups. To gather all feedback and allow for inter-group discussion, we have initiated a discussion thread on GitHub. In this thread, we provide context and reasoning behind the creation of this framework. We would greatly appreciate it if you could share your comments there.


We look forward to your valuable feedback and guidance.


Cheers,


Mikaël Barbero 
Head of Security | Eclipse Foundation
Eclipse Foundation: The Community for Open Innovation and Collaboration

Back to the top