[GPC] OWASP OPA

Jason Li jason.li at owasp.org
Sat Apr 16 10:38:28 EDT 2011


David,

To elaborate on what Paulo is saying - there are no hard and fast
requirements on "what is a project roadmap".

The reason we ask for a project roadmap is two-fold:
* It gives us a picture of where you think the project will go. More
detailed roadmaps may even indicate *when* you plan to go there. That in
turn lets us look into how we can best support the project. For example,
we're currently starting a pilot program to promote OWASP projects at OWASP
conferences by reserving speaking slots for project leaders. If we know that
a particular project has a major milestone around the time of a conference
based on the project's roadmap, then we can throw that project into the ring
to be considered for the slot. If we see that a project eventually is going
to expand features outwards that start to overlap with other projects, then
we can put project leaders in touch with each other to harness some synergy.
In other words, it helps us to figure out how best we can help you.
* It gives us some guidance to find contributors, supporters, reviewers and
other parties interested in the project. In the worst case scenario, if a
project is abandoned by a leader, it also provides us a vision and direction
for the project so that someone else can adopt it and continue the project
on.

To that end, together we get out of the roadmap is reflective of what you
put into it. We don't want this to be a burden of a task or for you to put
an undue amount of effort into creating it. But at the same time, hopefully
it helps you organize your plan for the project and helps us figure out what
we can do to help support it.

Let us know if you have any questions!

-Jason

On Thu, Apr 14, 2011 at 9:05 AM, Paulo Coimbra <paulo.coimbra at owasp.org>wrote:

> Hello David,
>
>
>
> Thank you for getting back to me. As for your question regarding the level
> of roadmap’s detail, I would say that we haven’t a closed prescriptive
> measure to deal with this question. In my view, in general terms, a roadmap
> serves essentially to set up a possible sub-set of operations and needed
> resources, including time, to achieve an ultimate, previously determined,
> objective. More concretely in terms of OWASP culture, I would say that a
> roadmap as detailed as possible, in principle, facilitates the engagement,
> the potential contribution, of our comprehensive community of volunteers. It
> also allows the OWASP Projects Committee (GPC) to step in and provide
> guidance.
>
>
>
> However, having said that, please note that we also have projects with
> roadmaps extremely open and minimally detailed.  Sometimes it is a strategic
> decision that envisages keeping the research scope as open as possible. In
> other circumstances, to be honest, it seems to me that it is just the result
> of the amount of time a project leader has to donate to OWASP.
>
>
>
> In a nutshell, I would also say that being OWASP a community of volunteers
> it is very open to all kind of approaches, styles and levels of effort and
> we always count on cross collaboration to limit any possible shortage that a
> project or initiative may momentarily have.
>
>
>
> I hope that this may help but please feel free to get back to me whenever
> you feel we can be of any help.
>
>
>
> Nevertheless, the GPC is being carbon copied. Let us see if they provide us
> other perspective.
>
>
>
> Thanks,
>
> - Paulo
>
>
>
> Paulo Coimbra,
>
> OWASP Project Manager <http://www.owasp.org/index.php/User:Paulo_Coimbra>
>
>
>
> *From:* David Rajchenbach-Teller [mailto:David.Teller at mlstate.com]
> *Sent:* quinta-feira, 14 de Abril de 2011 10:16
> *To:* Paulo Coimbra
> *Cc:* 'Dave Wichers'; 'Global Projects Committee'
> *Subject:* Re: OWASP OPA
>
>
>
>           Hi Paulo,
>
>  Thanks for the details. I'll provide all of this as soon as possible. How
> much detail do you need for the roadmap?
>
>
>
> Best regards,
>
>  David
>
>
>
> --
>
>   David Rajchenbach-Teller
>
>   CSO, MLstate
>
>
>
> On Apr 11, 2011, at 7:20 PM, Paulo Coimbra wrote:
>
>
>
> Hi David,
>
>
>
> First of all, thank you for volunteering to lead an OWASP Project.  It is
> with volunteers like yourself that OWASP continues to succeed in making
> application security visible.
>
> Second, regarding your new leadership of this project, I'd like to request
> that you send a project roadmap - basically the high level details of where
> you'd like to take the project.  The OWASP Global Projects Committee (GPC)
> will look at the roadmap and provide feedback on your project:  suggesting
> projects which are closely related, resources and contacts which may assist
> your efforts and any other suggestions to increase your project's success.
>
>
>
> To get your project started, here are a couple of references for your
> review:
>
>  - The Guidelines for OWASP Projects provide a quick overview of items key
> to a projects success -
> http://www.owasp.org/index.php/Guidelines_for_OWASP_Projects,
>
>
>  - OWASP's Assessment Criteria is the metric by which projects are
> evaluated.  There are three categories for projects: Alpha, Beta, and Stable
> (former Release).  The Assessment Criteria allows project leaders to know
> what aspects of projects OWASP values -
> http://www.owasp.org/index.php/Category:OWASP_Project_Assessment,
>
>
>
>  - OWASP's GPC blog - http://globalprojectscommittee.wordpress.com/,
>
>
> Your project will have an OWASP wiki page to inform and promote your
> project to the OWASP community.  To setup your project's page, please
> provide the details below so that the GPC can establish your initial project
> page.  The details provided will be used to complete OWASP's project
> template.  Feel free to add any additional information to wiki page or
> request assistance about how to add to your projects wiki page.
>
> Details to create your project page:
> (0) Project Name,
>
> (1) Project purpose / overview,
> (2) Project Roadmap (as mentioned above),
> (3) Project links (if any) to external sites,
> (4) Project License (
> http://www.owasp.org/index.php/Guidelines_for_OWASP_Projects#Project_Licensing
> ),
> (5) Project Leader name,
>
> (6) Project Leader email address,
> (7) Project Leader wiki account - the username* (you'll need this to edit
> the wiki - http://www.owasp.org/index.php/Tutorial),
> (8) Project Contributor(s) (if any) - name email and wiki account (if any),
>
> As your project reaches a point that you'd like OWASP to assist in its
> promotion, the GPC will need the following to help spread the word about
> your project:
>
>  * Conference style presentation describing the project in at least 3
> slides -
> http://globalprojectscommittee.wordpress.com/2009/07/27/what-is-the-3x-slide-presentation-thing/
>
>
>  * Project Flyer/Pamphlet (PDF file) -
> http://globalprojectscommittee.wordpress.com/2009/07/21/what-is-this-project-flyerpamphlet-thing/
>
>
> As work on your project progresses and you are ready to create a release,
> please let the GPC know of the change in status.  The GPC can work with you
> to get your project assessed and moved up the OWASP quality ladder from
> Alpha to Beta to Stable.  Every release does not require an assessment -
> feel free to email the GPC if you are unsure about your project's
> requirements.  For examples of projects at various quality levels, please
> see the OWASP Project page -
> http://www.owasp.org/index.php/Category:OWASP_Project
>
> That is all for now - I wish you and your project great success.  Thank you
> for supporting OWASP's mission.
>
> Should you have any questions or require any further information, please do
> not hesitate to contact me.
>
> Many thanks, best regards,
>
>
>
> - Paulo
>
>
>
> * I suggest that, meanwhile, if you still do not have one, you create an
> OWASP wiki username so that you can edit our wiki pages.
>
> - https://www.owasp.org/index.php?title=Special:UserLogin&type=signup<https://www.owasp.org/index.php?title=Special:UserLogin&type=signup>
> ,
>
> - Please fill in your OWASP wiki username page with your above referred
> Bio/Curriculum, Wiki Contributions and Email Address. Those elements will
> help us with building a proper idea of your technical profile and will
> facilitate the contact within OWASP contributors. See
> http://www.owasp.org/index.php/User:Mtesauro for an example.
>
>
>
> Paulo Coimbra,
>
> OWASP Project Manager <http://www.owasp.org/index.php/User:Paulo_Coimbra>
>
>
>
> _______________________________________________
> Global-projects-committee mailing list
> Global-projects-committee at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/global-projects-committee
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/global-projects-committee/attachments/20110416/2f42c535/attachment.html 


More information about the Global-projects-committee mailing list