We're sorry but this page doesn't work properly without JavaScript enabled. Please enable it to continue.
Feedback

Counting down for CRA - updates and expectations

00:00
subtitles
off
playback rate
1
quality
1080p
subtitles
off
English (auto-generated)
playback rate
0.25
0.5
0.75
1
1.25
1.5
1.75
2
quality
1080p
720p
480p
360p
240p
0
 Cite
 Share
 Related Material
 Download Purchase
Logo of EuroPythonEuroPython
 Ho, Cheuk Ting Nicholson, Deborah

Formal Metadata

Title
Counting down for CRA - updates and expectations
Title of Series
Number of Parts
131
Author
Contributors
License
CC Attribution - NonCommercial - ShareAlike 3.0 Unported:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal and non-commercial purpose as long as the work is attributed to the author in the manner specified by the author or licensor and the work or content is shared also in adapted form only under the conditions of this
Identifiers
Publisher
Release Date
Language

Content Metadata

Subject Area
Genre
Abstract
The EU Commission is likely to vote on the Cyber Resilience Act (CRA) later this year. The CRA is an ambitious step towards protecting consumers from software security issues by creating a new list of responsibilities for software developers and providers. The Act also creates a new category of actor known as an “Open Source Steward” which we think makes important allowances for public open source repositories like CPython and Python Package Index (PyPI.) Once the dust settles, everyone who makes software will need to consider the CRA’s mandates in their security roadmaps. In this talk we will look at the timeline for the new legislation, any critical discussions happening around implementation and most importantly, the new responsibilities outlined by the CRA. We’ll also discuss what the PSF is doing for CPython and for PyPI and what each of us in the Python ecosystem might want to do to get ready for a new era of increased certainty – and liability – around security. ## Target audience Developers and maintainers whose project or product may be affected by the CRA. European legislation won’t just affect the European market, it will affect the software industry and the open source community globally as it is very hard to segregate one project or product from the EU market. So, this is for everyone in the Python community who shares their code with the world. ## Goal To educate the general public about CRA - how it can affect us and how to get ready for it. We also want to provide more information for the Python community about what has been done by the PSF regarding the CRA to reassure them that the Python community is aware and getting prepared for the CRA.
00:00
Green's functionExact sequenceIndian Remote SensingBoss CorporationTexture mappingDecision tree learningView (database)Proper mapPoint (geometry)Computer animationLecture/ConferenceMeeting/Interview
00:26
CybersexTime zoneTexture mappingCybersexRevision controlMultiplication signComputer animation
01:13
Open sourceSoftwareOpen setComputer animation
02:08
Open sourceCodeCombinational logicSound effectGoodness of fitRevision controlSoftwareSoftware maintenanceSelf-organizationRight angleMathematicsComputer animation
03:22
SoftwareOpen sourceFreewareTerm (mathematics)Design by contractCodeComputer animation
04:09
Latent heatElement (mathematics)Product (business)Digital signalBasis <Mathematik>SoftwareOpen sourceOpen sourceWeb pageSoftwareTerm (mathematics)Self-organizationComputer animation
05:16
Element (mathematics)SoftwareOpen sourceProduct (business)Operator (mathematics)Phase transitionFinitary relationSoftware developerDesign by contractService (economics)Open sourceMereologyWeb pageSelf-organizationRepository (publishing)SoftwareCodeOpen setComputer animation
06:36
RankingOpen sourceTouchscreenMultiplication signPresentation of a groupFlowchartSoftwareOpen setMereologyOpen sourceBitDataflowComputer animation
07:19
Open sourceRight angleTouch typingSoftwareCategory of being1 (number)MathematicsBitComputer animation
07:54
Open sourceTime zoneVulnerability (computing)AuthorizationTraffic reportingBitIncidence algebraTouch typingInformation securityCyberneticsComputer animation
08:34
SoftwareCyberneticsElectronic mailing listInformation securityComputer animation
09:26
Time zoneSinc functionOpen setInformation securityCyberneticsOpen sourceLoginComputer animation
09:53
Type theory1 (number)Information securityCodeComputer virusDegree (graph theory)Software developerCyberneticsComputer animation
11:15
Vulnerability (computing)Subject indexingLibrary (computing)MultiplicationTraffic reportingDecision theoryWhiteboardInformationstheorieShooting methodPatch (Unix)Instance (computer science)AuthorizationMultiplication signComputer animation
12:12
Radical (chemistry)BitTraffic reportingArithmetic meanVulnerability (computing)Computer virusComputer animation
12:57
Successive over-relaxationTime zoneProcess (computing)Traffic reportingVulnerability (computing)Open sourceLibrary (computing)Level (video gaming)CodeComputer animation
13:28
outputProcedural programmingTraffic reportingPatch (Unix)Different (Kate Ryan album)Information securityInterface (computing)Vulnerability (computing)Computer animation
14:10
Open sourceCyberneticsInformation securityGroup actionFunctional (mathematics)Latent heatCollaborationismVulnerability (computing)DatabaseQuicksortSpeech synthesisSoftwareMereologyComputer animation
15:41
Open setOpen sourceStandard deviationIncidence algebraProcess (computing)Formal languageComputer-assisted translationSound effectMereologyData conversionNational Institute of Standards and TechnologyComputer animation
16:36
Projective planeIncidence algebraOpen sourceCyberneticsSoftwareOpen setoutputComputer animation
17:41
Operations support systemDesign of experimentsMathematicsComputer animation
18:06
Time zoneInformation securityExpert systemConfiguration spaceSoftware developerCodeSelf-organizationComputer animation
18:48
Time zoneSoftware maintenanceLibrary (computing)Expert systemDrop (liquid)PlanningGoodness of fitBootingEmailData conversionType theoryInformation securityInheritance (object-oriented programming)SoftwareComputer animation
20:00
Time zoneInformation securityMeasurementEmailTraffic reportingMoment (mathematics)Content (media)Vulnerability (computing)Projective planeInformation securityComputing platformSoftwareBitBuildingState of matterBlock (periodic table)Computer animation
21:00
Open sourceRevision controlVulnerability (computing)Virtual machineInformationstheorieDatabaseLoginFile formatComputer animation
21:34
Time zoneInformation securityDifferent (Kate Ryan album)Expert systemOpen setSoftware developerComputer configurationMultiplication signGoodness of fitMereologyLevel (video gaming)Right angleTouch typingShared memoryBlogComputer animation
22:50
Connected spaceDesign of experimentsObject-oriented analysis and designLength of stayBlogRight angleComputer animation
23:17
Personal area networkVariancePerfect groupGroup actionTouch typingInformation securityMeeting/InterviewLecture/ConferencePanel painting
23:47
Single sign-onECosRouter (computing)Design of experimentsFinite-state machineSoftware developerDesign by contractMathematicsOpen sourceService (economics)Independence (probability theory)Library (computing)Level (video gaming)Operator (mathematics)Different (Kate Ryan album)Template (C++)Instance (computer science)Information securityBitSoftware maintenanceProjective planeAuthorizationDependent and independent variablesEmailPosition operatorData conversionType theoryContent (media)Multiplication signProduct (business)FreewareWritingLengthRegulator geneLecture/ConferenceMeeting/InterviewComputer animation
Transcript: English(auto-generated)