Has everyone (anyone) had a chance to review this yet?
Tod Olson summarized the comments / input from TC members to date. Some of the dates needed to be pushed ahead as "near-term", "long-term" etc mean something different now than they meant when the document was drafted.
In some instances, the commenters felt that certain objectives were really under the control of the service providers rather than the TC (dependencies on hosting environments and such). In such cases, Mike Gorrell and Ian Walls believe we might want to remove those objectives.
Zak Burke proposed that the TC could structure some of the minimal performance requirements, while also ensuring that performance is a priority of the developers and tech architects (preventing things like memory leaks etc)
VBar asked whether the bullet in question (#6) was really a performance requirement.
Jakub Skoczen sees this as belonging to the realm of SLA terms. The TC should not have a defining role on point 6.
VBar indicated we should be able to provide performance metrics within the project.
Marc Johnson believes that the TC needs to clarify and agree on concepts like performance / stability requirements first before moving forward with this document. Also, for today, we're just trying to figure out which Council should own #6 and whether it should be the TC.
Ingolf Kuss offered to take this point to the SysOps SIG for discussion - to help define the requirements and report them back to the TC.
Craig McNally recommended that we first note the topics in the document that we agree on, then focus in later meetings on the topics in the document that need additional discussion.
Tod Olson noted that the PC and TC would have input on FOLIO "roadmaps," just need to specify which roadmaps - a technical one vs a "shared roadmap"?
The Privacy SIG has updated their charter. Sounds like review is needed by the TC. See Privacy SIG. Has been approved by PC 2021-12-09 Meeting notes
Peter Murray discussed how the Privacy SIG became active again in the spring / summer of 2021. The SIG sees itself as privacy experts within FOLIO, and community members can consult with the SIG about privacy questions and issues. They meet every 2 weeks, co-convened by Carston Schwill and Adam Chandler. The Privacy SIG wanted to make the TC aware of their goals and activities.
One focus is on restricting logging levels to protect private information, and/or treating log files as sensitive data. The data disclosure agreements may need to be revised to incorporate log file management.
Craig McNally - question about what the statement about the Councils supporting the Privacy SIG means. Peter Murray replied that the SIG is trying to do its work on behalf of all the FOLIO operators and institutions. The SIG works on non-functional requirements, having to do with policy areas.
Craig McNally - a concrete example might be helpful. Such as the personal data disclosure form to include logging - should the TC help move that forward or help define it? Peter Murray replied that the TC could incorporate data disclosure policy into their reviews of new features / code.
Marc Johnson - the TC does not manage developer teams or significantly influence how development is done, so unclear how the TC would enforce prioritization of the privacy work. Peter Murray - that would be more in the PC realm, though the TC could help support privacy initiatives.
Ingolf Kuss - maybe the TC could help formulate the standards around the technical aspects.
Jeremy Huff - is there an example of a standards document, in draft form perhaps?
Craig McNally - the TC should have a separate conversation about the disclosure form, and maybe make the TC owners of it. We agree with most of the document, just need to discuss the involvement of TC in it. The TC will get back to the SIG about the document.
Jeremy Huff suggested that we form a working group to define more detail around this topic. Craig McNally agreed that was a good idea or alternatively, we need other proposals
Zak Burke volunteered to identify categories of decisions the TC makes and suggest applicable processes
5-10 min
Participation and Attendance Expectations
All
Jeremy Huff created a page to track working groups... Should we take a look together and see if anything should be added/adjusted?
Is there anything else we want to do for this topic?
Is it enough to ask those in sub groups to add them to the page?
Action: we should discuss at next meeting about appointing sub-groups when there are not enough volunteers.
Time permitting
Another meeting rules thing: should we have a formal policy/discussion about attendance, discussion, and decision making when attendance is low/less than half?
Action items
Bulk edit - Craig McNally will ask Magda and team for a self-eval