OVAL Leadership Board¶
In general, members of the OVAL Leadership Board are:
- Responsible for steering the OVAL Mission, Use Cases and providing guidance to other key strategic artifacts including the OVAL Design Principles
- Expected to monitor project activities and weigh in on issues facing the Community, especially in areas in which they have special expertise
- Expected to offer guidance to the Community when called on by the Supervisors and/or Community Members, as outlined by the language development process (see “Language Governance Responsibilities” below)
- Expected to engage in online and in-person events subject to their availability
- Expected to advocate on behalf of the project to the general public when appropriate
- Expected to participate in quarterly calls and vote when votes are called
Leadership Board Members¶
- Center for Internet Security - William Munyan, Adam Montville
- Cisco Systems, Inc. - Omar Santos
- HCL Group - Rosario Gangemi
- Joval Continuous Monitoring - David Solin, David Ries
- McAfee - Kent Landfield
- Modulo - Alberto Bastos
- National Institute of Standards and Technology - Stephen Banghart
- Qualys, Inc. - Hariom Singh
- Red Hat, Inc. - Matej Tyc, Watson Sato
- SecPod Technologies - Chandrashekhar B
- NAVWARSYSCOM, U.S. Navy - Jack Vander Pol
- Unified Compliance - Stephen Pillero
- VMware - Dennis Moreau
- Blake Frantz
- Dale Rich
- Nils Puhlmann
- Anton Chuvakin
- Javier Fernandez-Sanguino
- Jay Beale
- Mark Cox
- Matt Hansbury
- Robert Hollis
- Tim “TK” Keanini
- Amol Sarwate
- Anthony Busciglio
- Carl Banzhof
- Chris Wood
- Eric Walker
- Gary Miliefsky
- Jamie Cromer
- Jay Graver
- Kurt Seifried
- Luigi Pichetti
- Martin Preisler
- Melissa Albanese
- Michael Tan
- Morey Haber
- Nick Connor
- Noah Salzman
- Panos Kampanakis
- Pat Fetty
- Randy Taylor
- Stephen Quinn
Language Governance Responsibilities¶
The OVAL Leadership Board plays a role in key aspects of the overall language development process.
In overall language development, the OVAL Leadership Board has an important, direct function in providing guiding support to a consensus call, when needed. Such support may be needed when consensus is too difficult for an Area Supervisor to judge. The IETF has published an excellent informational RFC on the subject: RFC 7282.
Update Design Principles¶
As proposals to the language are received in the language development process, we may find a need to update the OVAL Design Principles. A specific subprocess has been defined to handle this case, where the OVAL Leadership Board plays an important role.
- Review Proposed Update: All parties review the proposed update to the design principles
- Suggest Change: All parties are able to suggest changes to the proposed update
- Create Consensus Call: The leadership board MUST formally call for consensus on the design principle update proposal
- Address Issue: When issues are raised during a formal consensus call, the Leadership Board MUST acknowledge and take appropriate action for the raised issue
- Update Design Principles: The Leadership board MUST authorize updates to the design principles (another party, i.e. the sponsor, may actually update the design principles artifact)
Official OVAL Release¶
The OVAL Leadership Board is responsible for selecting a Stable releass at least once per year to be the Official release.
New members of the OVAL Leadership Board are nominated by one or more existing members. Appointment to the board is confirmed by a vote.  The Sponsor will facilitate such votes in a timely basis.
Recognition of Former Members¶
Former OVAL Leadership Board members will be considered for recognition by the Sponsor under the following guidelines:
- Emeritus Member: a person who made significant contributions to this community
- Former Contributing Member: a person who made clear contributions to this community
If a person did not make a measurable contribution to this community, then the person is not identified as a former member.
Changing Roles in an Organization¶
If a current OVAL Leadership Board member switches roles within an organization and serving on the Board no longer makes sense, they must notify the Sponsor. Upon notification, the member will be given an opportunity to nominate a new member to represent the organization. This prospective member will be considered in accordance with the New Members process.
Leaving an Organization¶
If a current OVAL Leadership Board member is going to leave an organization, they must notify the Sponsor. Upon notification, the current member will be given two options:
- They can continue to serve on the Board under their new organization.
- They can relinquish their membership and will be considered for recognition as a former member as described under Recognition of Former Members.
In either case, the organization that is losing representation on the OVAL Leadership Board will be given an opportunity to nominate a new member that will be considered in accordance with the New Members Process.
Revocation of Membership¶
If the Sponsor has evidence that an OVAL Leadership Board member is not fulfilling their responsibilities, they may be removed. The following process defines the steps that the Sponsor must follow in order to revoke the membership of a current member.
- The Sponsor must provide the member with a warning of revocation at least two (2) months before revocation is scheduled to occur explaining the reasons for revocation.
- The Sponsor may delay the date of revocation.
- Prior to revocation, the member will be given an opportunity to get in good standing according to the agreed upon responsibilities. If membership no longer makes sense, it will be terminated.
- If the member fails to get in good standing, their membership will be revoked and they will not be recognized as a former member.
What Is Voted On?¶
The OVAL Leadership Board will be required to vote on the following matters.
- Approval of an official OVAL release
- Approval of new OVAL Leadership Board members
Lastly, a vote may be requested for any other issue deemed necessary by the OVAL Leadership Board or the Sponsor. Each request will be considered on a case-by-case by the Sponsor to see if it is within the Board’s responsibilities as described herein. If a request falls within one of these areas, the request will be processed and a vote will be announced. To request a vote, a member can either publicly send a message to the Board mailing list or privately send a message to the Sponsor.
Who May Vote?¶
All active members of the OVAL Leadership Board are eligible to cast a vote. However, only one vote per organization will be accepted. Emeritus members are not eligible to cast a vote, but, they can provide their input on matters before a decision is made.
Announcing a Vote¶
All matters, which require a vote, will be announced on the Board mailing list and the OVAL developer mailing list along with the timeline. The timeline will provide a deadline for community and Board discussion as well as dates for when the voting period begins and ends.
Casting a Vote¶
All voting ballots will be distributed through email over the Board mailing list and will typically require that an organization select one or more options as well as provide justification. Please note that all votes and justifications will be posted to the OVAL Community repository to provide the community with transparency into the voting process and for record-keeping purposes.
Handling Multiple Votes from an Organization¶
In the event that multiple, conflicting votes are cast by the same organization, only the first vote received will count. If all members of the affected organization reaching consensus on changing a vote, they may request their vote be changed by emailing the Board mailing list before voting has closed. The Sponsor will consider the reasons for changing the vote and determine which of the votes should be considered valid. Please note that any changes to a vote will be considered on a case-by-case basis and should only be approved given extenuating circumstances.
Total Possible Votes¶
Because only one vote may be accepted per organization, the total number of possible votes equals the number of distinct organizations having organizational members plus the number of individual members.
In order to reach a quorum, votes must be cast by a simple majority of the Total Possible Votes. If a quorum is not reached, a vote will be deemed invalid.
Reaching a Decision¶
A decision is reached if there is a quorum and the results of the vote indicate that a simple majority of the votes are for or against a particular issue. If there is a tie, the Sponsor will re-open the discussion and schedule another vote on the issue.
Publishing Vote Results¶
Once the OVAL Leadership Board reaches a decision, the results of the vote will be announced over the Board mailing list and the OVAL developer mailing list, and posted to the OVAL Community repository.
|||OVAL Board members participating during the time MITRE was the OVAL Sponsor have been carried forward as initial members of the Leadership Board.|