Hello here, One of our security team members proposed that we apply for the "OpenSSF Best Practices" [1] badge. I know those kinds of badges might be seen as good/positive, but also it's not guaranteed. I know Brian Behlendorf who is one of the founding members of the ASF, is the General Manager of the OpenSSF so there are good connections. Also several of the ASF projects [2] already got the badges.
Do you think it's worth/interesting to have such a badge, what is the notion of its validity/value ? Is it worth doing? [1] Here are the criteria for the prohttps:// www.bestpractices.dev/en/criteria/0 [2] https://www.bestpractices.dev/en/projects?q=Apache J.