Skip to content


Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?

Latest commit


Git stats


Failed to load latest commit information.
Latest commit message
Commit time

OpenSSF Technical Advisory Council (TAC)

The OpenSSF Technical Advisory Council is responsible for oversight of the various Technical Initiatives of the OpenSSF.

Get Involved

Official communications occur on the TAC mailing list. Manage your subscriptions to Open SSF mailing lists.

Informal discussions occur in the TAC channel of the OpenSSF Slack. To join, use the following invite link.

Use Github Issues to request and discuss agenda items.


The TAC meetings minutes are online and appear on the OpenSSF Community Calendar.

Meetings are also recorded and posted to the OpenSSF YouTube channel.


Name Email Organization
Abhishek Arya Google
Aeva Black Microsoft
Bob Callaway Google
CRob Robinson Intel
Dan Lorenc Chainguard
Josh Bressers Anchore
Luke Hinds Red Hat


The TAC is chartered as part of the Open Source Security Foundation Charter.

Technical Initiatives

The following Technical Initatives have been approved by the TAC:

Working Groups

Name Repository Notes Status
Vulnerability Disclosures Meeting Notes Incubating
Security Tooling Meeting Notes Incubating
Security Best Practices Meeting Notes Incubating
Identifying Security Threats Meeting Notes Incubating
Securing Critical Projects Meeting Notes Incubating
Supply Chain Integrity Meeting Notes Incubating
Securing Software Repositories Meeting Notes Incubating
End Users Meeting Notes Incubating


Name Repository Notes Sponsoring Org Status
Allstar Meeting Notes Best Practices WG TBD
Criticality Score Meeting Notes Securing Critical Projects WG TBD
Fuzz Introspector Meeting Notes Security Tooling WG TBD
OSV Schema Meeting Notes Vulnerability Disclosures WG TBD
Package Analysis Meeting Notes Securing Critical Projects WG TBD
Package Feeds Meeting Notes Securing Critical Projects WG TBD
Scorecard Meeting Notes Best Practices WG TBD
Security Insights Spec Meeting Notes Identifying Security Threats WG TBD
Security Metrics Meeting Notes Identifying Security Threats WG TBD
Sigstore Meeting Notes OpenSSF TAC TBD

OpenSSF affliated projects

Name Repository Notes Status
GNU Toolchain Infrastructure Coming Soon TBD TBD
Alpha Omega TBD TBD

Charters for these Technical Intiatives are located in the Charters directory of this repository.

Antitrust Policy

Linux Foundation meetings involve participation by industry competitors, and it is the intention of the Linux Foundation to conduct all of its activities in accordance with applicable antitrust and competition laws. It is therefore extremely important that attendees adhere to meeting agendas, and be aware of, and not participate in, any activities that are prohibited under applicable US state, federal or foreign antitrust and competition laws.

Examples of types of actions that are prohibited at Linux Foundation meetings and in connection with Linux Foundation activities are described in the Linux Foundation Antitrust Policy available at If you have questions about these matters, please contact your company counsel, or if you are a member of the Linux Foundation, feel free to contact Andrew Updegrove of the firm of Gesmer Updegrove LLP, which provides legal counsel to the Linux Foundation.