[GPC] [Global_industry_committee] An open letter to the Brazilian Government

Lucas Ferreira lucas.ferreira at owasp.org
Wed Mar 23 22:14:34 EDT 2011


Hello Paulo,

has a process of analysis and approval of this document inside OWASP
been defined?

Regarding the document contents and a comparison with the open letter
I wrote, the open letter aims to start the collaboration with
government as you did prior to the Summit. The open letter is one of
my bets to reach the right people in the Brazilian government.

Regards,

Lucas

On Wed, Mar 23, 2011 at 16:11, Paulo Coimbra <paulo.coimbra at owasp.org> wrote:
> Lucas, all,
>
>
>
> The experience we are having with the Portuguese government is currently
> limited to a protocol that aims to define the terms, conditions and actions
> of collaboration between UMIC - Agency for the Knowledge Society - and OWASP
> on aspects of training and development of ICAT (Information, Communications,
> and Application Technologies) skills.
>
>
>
> Please find attached the translated version of the very initial draft that
> had been sent off by Luís Magalhães, the Portuguese government
> representative that you met in the Summit. Currently, it is only kind of a
> skeleton produced exclusively by UMIC from its own experience in building
> other protocols with organizations like CISCO and Microsoft. Being so, the
> developed and actual protocol between OWASP and UMIC is still to be written
> down but I am working on it. I’ve exchanged point of views with Dinis and
> yesterday I met Carlos Serrão to push the issue forward and concretely to
> understand how his university understand this issue.
>
>
>
> If you find useful we talk further about this matter my Skype contact is
>  ‘paulocoimbra7’.
>
>
>
> Thanks,
>
> - Paulo
>
>
>
>
>
> Paulo Coimbra,
>
> OWASP Project Manager
>
>
>
> From: Kate Hartmann [mailto:kate.hartmann at owasp.org]
> Sent: quarta-feira, 23 de Março de 2011 17:39
> To: Colin Watson; Paulo Coimbra
> Cc: Lucas Ferreira; jeff williams; Dinis Cruz;
> global_industry_committee at lists.owasp.org
> Subject: Re: [Global_industry_committee] An open letter to the Brazilian
> Government
>
>
>
> Please check in with Paulo as he is working with the Portuguese government.
> I am not sure if the initiatives are similar.
>
>
>
> Kate Hartmann
>
> OWASP Operations Director
>
>
>
>
>
> On Mar 23, 2011, at 1:08 PM, Colin Watson <colin.watson at owasp.org> wrote:
>
>
>
>> Lucas
>
>>
>
>> I'm not sure anyone has engaged a government so directly... but
>
>> perhaps Dinis did with the Portuguese Government for the Summit?
>
>>
>
>> I will have a read through of the document - at first glance it looks
>> great.
>
>>
>
>> Are you aware of the draft Code of Conducts which Jeff Williams led
>
>> the creation of during the summit?  They were emailed to summit
>
>> participants - I can forward you the file if you don't have it.  I
>
>> wasn't at that particular session, but contributed some ideas
>
>> afterwards, and hence my name has appeared!  I don't think anything
>
>> has progressed yet on them, and some of the concepts (e.g. the
>
>> Executive Councils mentioned).  I offered to draft out an equivalent
>
>> CoP for Trade Organisations which I can send too.
>
>>
>
>> These documents were briefly mentioned in a recent Global Industry
>
>> Committee conference call, but we haven't discussed them any further.
>
>> The Educational Institutions one is probably more in the realm of the
>
>> GEC anyway.  But there seems to be some overlap with what you have
>
>> written, so it might be worth comparing them?
>
>>
>
>> In terms of "approving" anything, I don't think OWASP seems to work
>
>> that way.  Maybe if you ensure you engage with the local Brazilian
>
>> chapters to get input, and ask for ideas from GIC (and the leaders
>
>> list as you say in another thread) - and don't get any complaints -
>
>> that may be sufficient?
>
>>
>
>> In terms of who the document is "from", it might be more appropriate
>
>> to say "Local OWASP chapters in Brazil" instead of "OWASP", so that it
>
>> doesn't seem like some international organization trying to set
>
>> national policy.
>
>>
>
>> Regards
>
>>
>
>> Colin (my own thoughts, not necessarily those of GIC)
>
>>
>
>>
>
>> On 21 March 2011 20:37, Lucas Ferreira <lucas.ferreira at owasp.org> wrote:
>
>>> Hello Industry Committee Members,
>
>>>
>
>>> Based on Dinis' keynote at IBWAS 2010, I wrote a white paper on how
>
>>> the Brazilian Government could improve web application security in the
>>> country.
>
>>> I'd like to be able to send this out as a message from OWASP and am
>
>>> trying to understand how this could be done. I think this could be a
>
>>> good introduction of OWASP to many government officials, as it
>
>>> contains prescriptive advice.
>
>>>
>
>>> So, I ask you to tell me what would be the best way to proceed.
>
>>>
>
>>> The original version (in Portuguese) is available here:
>
>>> https://docs.google.com/a/owasp.org/viewer?a=v&pid=explorer&chrome=tr
>
>>> ue&srcid=0B80Pq13j4HaqYTJlYjYyMjQtZGIyZS00NGY2LTlmOTMtZDUyMDk5MzUzYmE
>
>>> x&hl=en&authkey=CIi7r5EP
>
>>>
>
>>> A Google translated version is here:
>
>>> https://docs.google.com/a/owasp.org/document/d/1pWNIlMvbl9DueibfrETIR
>
>>> ZBj4qxKLjz6DgavTxnYNDQ/edit?hl=en&authkey=CNOWjaQL
>
>>>
>
>>> I will try to improve the translated version in the next days.
>
>>>
>
>>> Thanks for your help,
>
>>>
>
>>> Lucas
>
>>>
>
>>> --
>
>>> Homo sapiens non urinat in ventum.
>
>>>
>
>>> _______________________________________________
>
>>> Global_industry_committee mailing list
>
>>> Global_industry_committee at lists.owasp.org
>
>>> https://lists.owasp.org/mailman/listinfo/global_industry_committee
>
>>>
>
>>>
>
>> _______________________________________________
>
>> Global_industry_committee mailing list
>
>> Global_industry_committee at lists.owasp.org
>
>> https://lists.owasp.org/mailman/listinfo/global_industry_committee



-- 
Homo sapiens non urinat in ventum.


More information about the Global-projects-committee mailing list