Process for Creating Papers
This document provides a consistent mechanism for cloud native security to produce community papers, ensure they are reviewed, and subsequently published. This content complements existing proposal-to-project instructions.
For detailed guidelines on publishing standards and protocols, refer to Publishing Protocols for Project Deliverables and Publishing Guidelines and Standards.
Proposalโ
When proposing a paper as a deliverable, ensure there is a clearly identified lead and a well-defined scope. The paper scope and topic should be raised in at least one TAG meeting to solicit more volunteers (ideally 4). Interested parties should meet to outline the paper and present it to TAG leadership for planning and scheduling.
Projectโ
Once a TAG Leadership sponsor is assigned, the group should agree on a tentative schedule with the following milestones:
Tentative Schedule Milestonesโ
| Milestone | Estimated Time |
|---|---|
| Audience, Goals, & refining scope | 1 week |
| Tasking Assignment | 1 week |
| Content Rough-in | 2-3 weeks |
| Collaborative Review | 2 weeks |
| Executive Summary and content wrap up | 2 weeks |
| Narrative Voice | 1-2 weeks |
| Final Group Review | 1 week |
| Community Review | 2 weeks |
| Public comment adjudication | 2 weeks (simultaneous with review) |
| CNCF publishing engagement | ~2-3 weeks |
| Addition to the repo | 2 weeks |
| Blog post and publishing coordination | 2-3 weeks |
Milestones Detailsโ
Audience, Goals, and Refining Scopeโ
Define the following:
- Who is the intended audience?
- What positions do they hold?
- What problem are we addressing?
- What assumptions are we making about the audience or content?
- Document these in the "Introduction > Assumptions" section.
Tasking Assignmentโ
Contributors should assign themselves to various outline areas. This allows focus and identifies gaps needing more contributors. Use tools like Google Docs' "assign to me" feature for task assignment.
Content Rough-inโ
Assignees provide rough content through phrases, paragraphs, or bullets. Draft content should be marked clearly.
Collaborative Reviewโ
Contributors refine raw content into drafts, comment on sections, expand ideas, and provide citations. Use the corresponding Slack channel for larger thematic discussions.
Executive Summary and Content Wrap-upโ
If the paper exceeds five pages, write an executive summary. Finalize content and discussions.
Narrative Voiceโ
Assign no more than three individuals for this task to ensure a unified voice. Ensure consistent language, phrasing, acronym use, footnotes, and citations.
Final Group Reviewโ
Collectively review the polished paper before opening it for community review.
Community Reviewโ
Lock the paper from editing (except for Adjudicators). Make it public for comments and suggestions. Announce the review period via the CNCF TAG-Security mailing list.
Public Comment Adjudicationโ
Adjudicators resolve community comments and suggestions. Larger discussions should be decisively resolved and documented.
CNCF Publishing Engagementโ
TAG Leadership sponsor works with CNCF for final edits, PDF conversion, and graphics inclusion. Review drafts before the final version is added to the repo.
Addition to the Repoโ
The paper lead creates a README.md with:
- Title
- About: Brief summary
- Updates: Maintenance intentions
- Markdown: Maintained in markdown
- Contributing updates: Guidance for contributors
- Versioning and publishing: Criteria for updates
- Original design decisions
- Links to files in the repo
Blog Publishing and Coordinationโ
Coordinate with TAG leadership and CNCF for a blog post to increase visibility. Consider presenting at community events.
Authorship, Attribution, and Acknowledgementsโ
Papers created by TAG-Security are authored by the group, with contributors and reviewers acknowledged. Major contributors are highlighted in the "Acknowledgements" section. Each document should contain "Contributors," "Reviewers," and "Acknowledgements" sections as appropriate.