Add information about Red Hat as a Root

docs/guides/becoming-a-cna-as-an-open-source-org-or-project.md

@@ -102,9 +102,13 @@ Optionally have the answers to this information:
 ### Contact Red Hat to become a CNA under their Root
 
 [Red Hat is the recommended Root for Open Source projects](https://www.cve.org/PartnerInformation/ListofPartners/partner/redhat). You can contact them to start the conversation at `[email protected]`.
+
 If you don't want Red Hat to be your Root you can contact any other Root (search "Root" in the [list of CNAs](https://www.cve.org/PartnerInformation/ListofPartners)).
 
-You can always ask your prospective Root questions about the process of becoming and operating a CNA, they will be an excellent resource to you.
+> [!TIP]
+> A [Root CNA](https://www.cve.org/ResourcesSupport/Glossary#glossaryRoot) is an organization authorized within the CVE Program that is responsible, within a specific Scope, for the recruitment, training, and governance of one or more entities that are a CNA, CNA-LR, or another Root. Red Hat became a Root CNA to develop governance focusing on **open source software (OSS)** needs. Red Hat uses this approach to invite the community to create unique and different aspects of OSS for the CVE Program to consider. For example, as a Root CNA, Red Hat has created opportunities for CNAs to collaborate with other projects and communities, has championed OSS automated tooling improvements within the Program, and has successfully helped OSS projects like [curl](https://curl.se/docs/CVE-2023-52071.html) navigate CVE complexities. Learn more [here](https://access.redhat.com/articles/red_hat_cve_program) & [here](https://github.com/ossf/wg-vulnerability-disclosures/issues/157#issuecomment-2545939617) about Red Hat's engagement with CVE.
+
+You can always ask your prospective Root questions about the process of becoming and operating a CNA - they will be an excellent resource to you.
 
 ### Submitting the Onboarding Form