The 2023 TAC includes elected members: Aeva Black from Microsoft (returning), Bob Callaway from Google (returning), Dan Lorenc from Chainguard (returning), Dustin Ingram from Google (new) and appointed members: Arnaud Le Hors from IBM (new), Christopher “CRob” Robinson from Intel Corporation (returning), and Zach Steindler from GitHub (new). The OpenSSF held an election among all active contributors to technical projects, per the terms of the OpenSSF Charter to elect four members to the TAC and the Governing Board appointed three members to the TAC. The OpenSSF TAC is responsible for developing OpenSSF’s overall technical vision as well as structuring and facilitating collaboration among its technical initiatives.
Technical Advisory Council (TAC)
Meet our 2023 TAC members whose term will begin on May 2, 2023.
Open Source Hacker, Microsoft Azure Office of the CTO
Aeva Black is an incurably queer geek, passionate about privacy and ethics in tech. They’re an open source hacker in Azure’s Office of the CTO, focusing on community safety and supply chain security, and currently serve on the OSI Board and the OpenSSF TAC. In a previous life, Aeva founded the OpenStack Ironic project, served on the board of the Consent Academy, managed a few small MySQL databases, and lived on a tiny farm in the Olympic Mountains.
Arnaud Le Hors
Senior Technical Staff Member of Open Technologies, IBM
Arnaud Le Hors is Senior Technical Staff Member of Open Technologies at IBM, working on a range of technologies with a primary focus on Open Source supply chain security. Arnaud has been working on standards and open source for over 30 years, both as a staff member of the X Consortium and W3C, and as a representative for IBM. He has been involved in every aspect of the open technology development process: technical, strategic, political, and legal. Arnaud was editor of several key web specifications including HTML and DOM and was a pioneer of open source with the release of libXpm in 1990. Arnaud has participated in several prominent open source projects including the X Window System and Xerces, the Apache XML parser. Arnaud is the main representative for IBM at W3C and INCITS, a member of the Hyperledger Technical Oversight Committee and contributor to OpenSSF.
Tech Lead & Manager, Google Open Source Security Team
Bob Callaway is the technical lead and manager of the supply chain integrity group in Google’s Open Source Security Team. He and his team directly contribute to critical secure supply chain projects and drive communication & adoption of best practices throughout the open source ecosystem. Bob is a member of the Technical Advisory Council for sigstore, a Linux Foundation / OpenSSF set of projects focused on improving transparency and UX of software supply chains. Before joining Google in 2021, Bob was a member of Red Hat’s Office of the CTO where he was responsible for emerging technology strategy with strategic partners (including IBM) and a principal architect at NetApp where he focused on contributions to OpenStack and storage automation projects. He holds a PhD in Computer Engineering from NC State University where he also serves as an adjunct assistant professor in the ECE department.
Christopher “CRob” Robinson
Director of Security Communications, Intel
Christopher Robinson (aka CRob) is the Director of Security Communications at Intel Product Assurance and Security. With 25 years of Enterprise-class engineering, architectural, operational and leadership experience, Chris has worked at several Fortune 500 companies with experience in the Financial, Medical, Legal, and Manufacturing verticals, and spent 6 years helping lead the Red Hat Product Security team as their Program Architect.
Dan has been working on and worrying about containers since 2015 as an engineer, manager, founder and CEO. He started projects like Minikube, Skaffold, and Kaniko to make containers easy and fun, then got so worried about the state of OSS supply-chains he partnered up with Kim and others to found the Tekton and Sigstore projects to make it easier to build and use containers securely; as well as SLSA to create a common language for software security and supply chain integrity. He has been involved with the Cloud Native Computing Foundation, chaired the Continuous Delivery Foundation technical oversight committee, and sits on the governing board and technical advisory committee for the Open Source Security Foundation. He’s now a founder and CEO at Chainguard, a startup foucsed on software supply chain security.
Software Engineer, Google
Dustin is an engineer on Google’s Open Source Security Team, focused on improving the security of open-source software that Google (and the rest of the world) relies on. He’s also a director of the Python Software Foundation and maintainer of PyPI.
Principal Engineer, GitHub
Zach is a Principal Security Engineer at GitHub, where he drives efforts to secure software supply chains. He first became interested in securing open source at Python Package sprints, and more recently supported GitHub tooling producing SBOMs as well as npm’s integration with Sigstore to provide package provenance.
Security Community Individual Representative (SCIR)
We’re also pleased to announce our new Security Community Individual Representative (SCIR), a member of the Governing Board elected by contributors to Technical Initiatives. Meet our 2023 SCIR, Luke Hinds.
Open Source Security Hacker
Luke has held numerous community roles, such as a member of the Kubernetes Security Vulnerability response team and as an elected Project Team Lead for the OpenStack Security Group. Luke is a former member of the OpenSSF TAC. He started project sigstore and is well known for building other security projects such as the Keylime project, now in the CNCF.
Welcome to the 2023 Technical Advisory Council (TAC) and Security Community Individual Representative (SCIR) on the Governing Board of the OpenSSF! We look forward to a great year ahead.