First ITSC election thread

[SantiagoTorres]

Hi All,

With the charter and election process ready to merge, we are all set to carry out elections. I'll be collecting the name of nominated candidates, and you can add yourself to the list as follows:

1. By replying to this issue with your name and indicating your interest to nominate yourself, or somebody else.
2. By reaching out to me through my email/slack if you don't want to broadcast this
3. By reaching out in the corresponding email thread in a similar way to above

I'll be collecting the names for a couple of days, and then announce the vote site. As a reminder, here's the timeline

1. Self-nominations will be received through an issue in the /community repository in the in-toto project's GitHub site on March 6th, 2023
2. Nominations will be collected until March 15th
3. The election site will be collected until March 31st, 2023
4. The results will be announced on April 1st, 2023
5. The ITSC will start activities on April 18th, 2023

Please let me know if you have any questions or concerns about the process!

[SantiagoTorres]

To start things off. I'd like to nominate myself!

[idunbarh]

I'm nominating @kgangerlm to the ITSC.

• keith.e.ganger@lmco.com

Keith has a ton of Software Supply Chain experience building large scanning and compliance systems. He also is an excellent communicator and understands stands complex problems quickly. He would be an excellent addition to the ITSC and help drive the in-toto community to the next level.

[idunbarh]

Also nominating @colek42 to the ITSC.

Its clear from TestifySec's work on Witness and Archivista that Cole would be an outstanding member of the ITSC. Cole's expertise in attestations will ensure that decisions for the in-toto community have a user first perspective.

[colek42]

I want to nominate @SantiagoTorres, @trishankatdatadog and @adityasaky as long-time maintainers of the project whose expertise is needed to move it forward.

@mikhailswift and @pxp928 have been instrumental in moving the spec forward. I want to nominate them.

I second the nomination for @kgangerlm LMK is an end-user of in-toto, and having their use cases will help to project meet its adoption goals.

I also /accept my nomination

[JustinCappos]

I'd like to nominate myself.

[idunbarh]

I second the nomination of @justincappos, @trishankatdatadog, @adityasaky, and @pxp928; third the obvious choice of @SantiagoTorres!

[pxp928]

I second nominations of @JustinCappos , @trishankatdatadog , @adityasaky, @colek42, @mikhailswift, @SantiagoTorres

[colek42]

I'd like to nominate myself.

second @JustinCappos nomination

[jkjell]

I'd like to nominate myself. I've only recently become active as a user and attendee of in-toto community meetings but, I've been following the project for a long time. I'm currently working on implementing in-toto-based attestations in the projects I'm working at VMware, both directly and via SLSA, Sigstore, and Tekton Chains. In addition to this work, I'm active in CNCF's TAG Security and it's Supply Chain Working Group. I look forward to supporting this group and the projects work in whatever way I can.

[06kellyjac]

I'm aware I'm a bit late, I wanted to confirm the expectations for the position to ensure I'd be a good fit, but if possible I'd like to now nominate myself (Jack)

I work at ControlPlane where we've had a strong involvement with in-toto since early in the project's life & I maintain kubesec among other projects

I have an interest in dependency origin/management, software minimalism, opensource packaging and distribution, hermetic isolated and reproducible builds

I've been involved (to different degrees) in in-toto, SLSA/OpenSSF meetings, FRSCA, Tekton (Pipeline, Chains, CLI), TAG Security, and the nix community

[sublimino]

In amongst the awesome contributors and end users above, who I endorse en masse, I'd like to second my colleague @06kellyjac's nomination.

Jack was responsible for patching in-toto into Kubesec many moons ago, and is a passionate and dedicated personal and professional contributor to countless open source security and reproducibility communities and projects.

[adityasaky]

Lots of great nominations in here and I'd like to support all of them, I think the folks named here can bring a lot of value to in-toto. I also appreciate being nominated, thank you!

That said, I think I'll be more valuable to in-toto in my current role as a maintainer of implementations and my latest cap as one of the @in-toto/ite-editors. So, I'm taking myself out of the running for the first ITSC and I'm seconding @SantiagoTorres's and @JustinCappos's nominations specifically for the academic seats requirement. I hope to run in a future ITSC election, and in the meantime I look forward to working with all of you!

[SantiagoTorres]

Voting is up!

https://civs1.civs.us/cgi-bin/vote.pl?id=E_caccb56e7830ce9a&akey=36277170507da985

Please vote!

[SantiagoTorres]

Dear in-toto community.

It's my pleasure to announce that we've successfully concluded the first
election to form the in-toto steering committee (ITSC)! I am incredibly humbled
to see the amount of participation --- 80 votes --- from all the community. We
had an incredibly varied group of candidates, and, while I'm sure every single
candidate would've done a great job at the helm, the community has chosen the
following people to form the ITSC:

1. Santiago Torres-Arias, Academia, Purdue University  
2. Justin Cappos, Academia, New York University  
3. Jack Kelly, Industry, ControlPlane  
4. Cole Kennedy, Industry, TestifySec  
5. Aditya Saky, Academia, New York University  
6. Trishank Karthik Kuppusamy, Industry, Datadog  

Of these 6, Aditya has decided to decline and focus on the technical aspects of
the Attestation framework as well as ITEs 9 to 11 instead. I believe that,
regardless of Aditya's decision, it's heartwarming witness the support the
community showed his tireless efforts in keeping the community going as
smoothly as it is.

Further, in terms of composition, I'm happy to see that the community organically 
elected an good spread between academia and industry. It's great to see that
the community agrees that this representation is important.

To keep things very explicit, this is the new ITSC:

    Santiago Torres-Arias, Academia, Purdue University  
    Justin Cappos, Academia, New York University  
    Jack Kelly, Industry, ControlPlane  
    Cole Kennedy, Industry, TestifySec  
    Trishank Karthik Kuppusamy, Industry, Datadog  

While this election is over now, I'll be following up with the specifics to the
people above to kickstart activities.

[adityasaky]

Congrats @SantiagoTorres, @JustinCappos, @06kellyjac, @colek42, and @trishankatdatadog! This is a great first ITSC and I'm excited to work with all of you. And thank you everyone who put me in the top 5, I appreciate it!