[GPC] Fwd: Funding and or Resource Donation

Jason Li jason.li at owasp.org
Thu Apr 14 12:57:53 EDT 2011


What kind of support exactly are we talking about?

The Board made a very deliberate decision back in 2009, one that I did not
initially support but now actually agree with, that OWASP should *not* be in
the business of paying project leaders to work on projects (as we have in
previous Seasons of Code). The reasons for this are many and *I don't want
this email thread to be derailed in a philosophical debate on the merits of
such a strategy*.

I'd rather focus on what we *can* do.

The direction of project funding is to provide support for projects to be
better exposed, promoted and received. To that end, we can certainly send
out messages to the OWASP community and highlight the project through all
our normal means (Podcast, Newsletter, etc) to gain help it gain some
visibility (which in turn may generate some interest). Long term, we're
working out plans to have resources available for graphic design and
technical writing review, but we do not yet have rules of engagement for
such resources (let alone the actual human resources identified to provide
those services). We're also working on getting a limited number of
conference speaking slots reserved for OWASP project leaders to highlight
their projects, but this effort is still underway (we are currently
targeting AppSecUSA 2011).

If there's something specific that you guys have in mind to support the
project along similar lines of project support, we can review the request.

OWASP Global Projects Committee Chair

On Thu, Apr 14, 2011 at 12:12 PM, Kate Hartmann <kate.hartmann at owasp.org>wrote:

> Ask.
> How much, what for?  I've copied Jason, chair for the GPC, on this since
> project budgets would fall under his committee's jurisdiction.
> Kate Hartmann
> Operations Director
> 301-275-9403
> www.owasp.org
> Skype:  Kate.hartmann1
> -----Original Message-----
> From: Jim Manico [mailto:jim.manico at owasp.org]
> Sent: Thursday, April 14, 2011 11:28 AM
> To: Eric Sheridan; Kate Hartmann
> Subject: Re: Fwd: Funding and or Resource Donation
> Kate,
> What can we do to get a little funding for the CSRFGuard project?
> Aloha,
> Jim
> > Jim,
> >
> > Can you help me obtain some funding (time/money/commits) from OWASP?
> > Just enough so the project doesn't fall apart. All of my free time is
> > going towards this other awesome project and CSRFGuard is suffering.
> >
> > -Eric
> >
> > -------- Original Message --------
> > Subject: Funding and or Resource Donation
> > Date: Thu, 14 Apr 2011 10:38:36 -0400
> > From: Eric Sheridan <eric.sheridan at owasp.org>
> > To: owasp-csrfguard at lists.owasp.org
> >
> > List,
> >
> > CSRFGuard adoption is steadily increasing and I'm finding myself
> > falling behind in terms of support. Many of you have identified valid
> > bugs or valid features that need addressing in CSRFGuard.
> > Unfortunately, I'm very low in "free time" these days and very much
> > need support. Support can be in the form of funding
> > (http://ericsheridan.blogspot.com/, see 'Donate' button in lower right
> > hand side) or in the form of code contributions/support. If you are
> > interested in donating to the project, whether it be in time or in
> dollars, please let me know!
> >
> > A couple of problems that CSRFGuard faces today:
> >
> > - incomplete multi-part file upload support
> > - dynamic javascript needs more testing/evaluation in internet
> > explorer
> > - javascript should inject tokens into dynamically created html
> >       -> i.e. hook calls such as 'createElement'
> > - general bugs that users have identified.
> >
> > -Eric
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/global-projects-committee/attachments/20110414/6662ee92/attachment.html 

More information about the Global-projects-committee mailing list