This morning the OpenSSF Best Practices WG and Security Threats WG each voted that the CII Best Practices badge project should move into their respective WGs. I think there was general agreement that the badge project should have just one “official” place (to minimize confusion).

It’s good that CII Badge Projects is wanted! And I think this result confirms that there’s a general desire to move it into the OpenSSF. That said, there’s conflict that needs resolution.

SO:

I propose that the TAC decide which OpenSSF WG ends up with the CII Best Practices badge. The Security Threats WG will write a few sentences arguing their case, and I think someone in the Best Practices WG should do the same. I further propose that this decision at least be an agenda item for the OpenSSF TAC meeting on Oct 6; the TAC could then decide to vote immediately, or kick off an electronic voting process to give people time to think.

No matter what the outcome, I think the CII Best Practices badge work will need to work with both working groups, as it can (and should!) support both WGs.

— David A. Wheeler