Process for Creating Papers

This document provides a consistent mechanism for cloud native security to produce community papers, ensure they are reviewed, and subsequently published. This content complements existing proposal-to-project instructions.

For detailed guidelines on publishing standards and protocols, refer to Publishing Protocols for Project Deliverables and Publishing Guidelines and Standards .

Proposal

When proposing a paper as a deliverable, ensure there is a clearly identified lead and a well-defined scope. The paper scope and topic should be raised in at least one TAG meeting to solicit more volunteers (ideally 4). Interested parties should meet to outline the paper and present it to TAG leadership for planning and scheduling.

Project

Once a TAG Leadership sponsor is assigned, the group should agree on a tentative schedule with the following milestones:

Tentative Schedule Milestones

MilestoneEstimated Time
Audience, Goals, & refining scope1 week
Tasking Assignment1 week
Content Rough-in2-3 weeks
Collaborative Review2 weeks
Executive Summary and content wrap up2 weeks
Narrative Voice1-2 weeks
Final Group Review1 week
Community Review2 weeks
Public comment adjudication2 weeks (simultaneous with review)
CNCF publishing engagement~2-3 weeks
Addition to the repo2 weeks
Blog post and publishing coordination2-3 weeks

Milestones Details

Audience, Goals, and Refining Scope

Define the following:

  • Who is the intended audience?
  • What positions do they hold?
  • What problem are we addressing?
  • What assumptions are we making about the audience or content?
  • Document these in the “Introduction > Assumptions” section.

Tasking Assignment

Contributors should assign themselves to various outline areas. This allows focus and identifies gaps needing more contributors. Use tools like Google Docs’ “assign to me” feature for task assignment.

Content Rough-in

Assignees provide rough content through phrases, paragraphs, or bullets. Draft content should be marked clearly.

Collaborative Review

Contributors refine raw content into drafts, comment on sections, expand ideas, and provide citations. Use the corresponding Slack channel for larger thematic discussions.

Executive Summary and Content Wrap-up

If the paper exceeds five pages, write an executive summary. Finalize content and discussions.

Narrative Voice

Assign no more than three individuals for this task to ensure a unified voice. Ensure consistent language, phrasing, acronym use, footnotes, and citations.

Final Group Review

Collectively review the polished paper before opening it for community review.

Community Review

Lock the paper from editing (except for Adjudicators). Make it public for comments and suggestions. Announce the review period via the CNCF TAG-Security mailing list.

Public Comment Adjudication

Adjudicators resolve community comments and suggestions. Larger discussions should be decisively resolved and documented.

CNCF Publishing Engagement

TAG Leadership sponsor works with CNCF for final edits, PDF conversion, and graphics inclusion. Review drafts before the final version is added to the repo.

Addition to the Repo

The paper lead creates a README.md with:

  • Title
  • About: Brief summary
  • Updates: Maintenance intentions
  • Markdown: Maintained in markdown
  • Contributing updates: Guidance for contributors
  • Versioning and publishing: Criteria for updates
  • Original design decisions
  • Links to files in the repo

Blog Publishing and Coordination

Coordinate with TAG leadership and CNCF for a blog post to increase visibility. Consider presenting at community events.

Authorship, Attribution, and Acknowledgements

Papers created by TAG-Security are authored by the group, with contributors and reviewers acknowledged. Major contributors are highlighted in the “Acknowledgements” section. Each document should contain “Contributors,” “Reviewers,” and “Acknowledgements” sections as appropriate.