[GPC] [Global_industry_committee] An open letter to the Brazilian Government

Paulo Coimbra paulo.coimbra at owasp.org
Thu Mar 24 13:00:32 EDT 2011


Lucas,

 

If I have correctly understood the meaning of your question, I am pushing
this work forward having into account the OWASP mission & values and the
attached document. As for the approval process I am simply counting on
putting it for Board’s considerations as soon as I have anything worth
seeing written down.

 

Please skype me if you think I haven’t been enough clear.

 

Thanks,

- Paulo

 

 

Paulo Coimbra,

 <http://www.owasp.org/index.php/User:Paulo_Coimbra> OWASP Project Manager

 

From: lucas.ferreira at gmail.com [mailto:lucas.ferreira at gmail.com] On Behalf
Of Lucas Ferreira
Sent: quinta-feira, 24 de Março de 2011 02:15
To: Paulo Coimbra
Cc: Kate Hartmann; Colin Watson; jeff williams; Dinis Cruz;
global_industry_committee at lists.owasp.org;
global-projects-committee at lists.owasp.org
Subject: Re: [Global_industry_committee] An open letter to the Brazilian
Government

 

Hello Paulo,

 

has a process of analysis and approval of this document inside OWASP been
defined?

 

Regarding the document contents and a comparison with the open letter I
wrote, the open letter aims to start the collaboration with government as
you did prior to the Summit. The open letter is one of my bets to reach the
right people in the Brazilian government.

 

Regards,

 

Lucas

 

On Wed, Mar 23, 2011 at 16:11, Paulo Coimbra <paulo.coimbra at owasp.org>
wrote:

> Lucas, all,

> 

> 

> 

> The experience we are having with the Portuguese government is 

> currently limited to a protocol that aims to define the terms, 

> conditions and actions of collaboration between UMIC - Agency for the 

> Knowledge Society - and OWASP on aspects of training and development 

> of ICAT (Information, Communications, and Application Technologies)
skills.

> 

> 

> 

> Please find attached the translated version of the very initial draft 

> that had been sent off by Luís Magalhães, the Portuguese government 

> representative that you met in the Summit. Currently, it is only kind 

> of a skeleton produced exclusively by UMIC from its own experience in 

> building other protocols with organizations like CISCO and Microsoft. 

> Being so, the developed and actual protocol between OWASP and UMIC is 

> still to be written down but I am working on it. I’ve exchanged point 

> of views with Dinis and yesterday I met Carlos Serrão to push the 

> issue forward and concretely to understand how his university understand
this issue.

> 

> 

> 

> If you find useful we talk further about this matter my Skype contact 

> is

>  ‘paulocoimbra7’.

> 

> 

> 

> Thanks,

> 

> - Paulo

> 

> 

> 

> 

> 

> Paulo Coimbra,

> 

> OWASP Project Manager

> 

> 

> 

> From: Kate Hartmann [mailto:kate.hartmann at owasp.org]

> Sent: quarta-feira, 23 de Março de 2011 17:39

> To: Colin Watson; Paulo Coimbra

> Cc: Lucas Ferreira; jeff williams; Dinis Cruz; 

> global_industry_committee at lists.owasp.org

> Subject: Re: [Global_industry_committee] An open letter to the 

> Brazilian Government

> 

> 

> 

> Please check in with Paulo as he is working with the Portuguese
government.

> I am not sure if the initiatives are similar.

> 

> 

> 

> Kate Hartmann

> 

> OWASP Operations Director

> 

> 

> 

> 

> 

> On Mar 23, 2011, at 1:08 PM, Colin Watson <colin.watson at owasp.org> wrote:

> 

> 

> 

>> Lucas

> 

>> 

> 

>> I'm not sure anyone has engaged a government so directly... but

> 

>> perhaps Dinis did with the Portuguese Government for the Summit?

> 

>> 

> 

>> I will have a read through of the document - at first glance it looks 

>> great.

> 

>> 

> 

>> Are you aware of the draft Code of Conducts which Jeff Williams led

> 

>> the creation of during the summit?  They were emailed to summit

> 

>> participants - I can forward you the file if you don't have it.  I

> 

>> wasn't at that particular session, but contributed some ideas

> 

>> afterwards, and hence my name has appeared!  I don't think anything

> 

>> has progressed yet on them, and some of the concepts (e.g. the

> 

>> Executive Councils mentioned).  I offered to draft out an equivalent

> 

>> CoP for Trade Organisations which I can send too.

> 

>> 

> 

>> These documents were briefly mentioned in a recent Global Industry

> 

>> Committee conference call, but we haven't discussed them any further.

> 

>> The Educational Institutions one is probably more in the realm of the

> 

>> GEC anyway.  But there seems to be some overlap with what you have

> 

>> written, so it might be worth comparing them?

> 

>> 

> 

>> In terms of "approving" anything, I don't think OWASP seems to work

> 

>> that way.  Maybe if you ensure you engage with the local Brazilian

> 

>> chapters to get input, and ask for ideas from GIC (and the leaders

> 

>> list as you say in another thread) - and don't get any complaints -

> 

>> that may be sufficient?

> 

>> 

> 

>> In terms of who the document is "from", it might be more appropriate

> 

>> to say "Local OWASP chapters in Brazil" instead of "OWASP", so that 

>> it

> 

>> doesn't seem like some international organization trying to set

> 

>> national policy.

> 

>> 

> 

>> Regards

> 

>> 

> 

>> Colin (my own thoughts, not necessarily those of GIC)

> 

>> 

> 

>> 

> 

>> On 21 March 2011 20:37, Lucas Ferreira <lucas.ferreira at owasp.org> wrote:

> 

>>> Hello Industry Committee Members,

> 

>>> 

> 

>>> Based on Dinis' keynote at IBWAS 2010, I wrote a white paper on how

> 

>>> the Brazilian Government could improve web application security in 

>>> the country.

> 

>>> I'd like to be able to send this out as a message from OWASP and am

> 

>>> trying to understand how this could be done. I think this could be a

> 

>>> good introduction of OWASP to many government officials, as it

> 

>>> contains prescriptive advice.

> 

>>> 

> 

>>> So, I ask you to tell me what would be the best way to proceed.

> 

>>> 

> 

>>> The original version (in Portuguese) is available here:

> 

>>> https://docs.google.com/a/owasp.org/viewer?a=v
<https://docs.google.com/a/owasp.org/viewer?a=v&pid=explorer&chrome=t>
&pid=explorer&chrome=t

>>> r

> 

>>> ue&srcid=0B80Pq13j4HaqYTJlYjYyMjQtZGIyZS00NGY2LTlmOTMtZDUyMDk5MzUzYm

>>> E

> 

>>> x&hl=en&authkey=CIi7r5EP

> 

>>> 

> 

>>> A Google translated version is here:

> 

>>> https://docs.google.com/a/owasp.org/document/d/1pWNIlMvbl9DueibfrETI

>>> R

> 

>>> ZBj4qxKLjz6DgavTxnYNDQ/edit?hl=en&authkey=CNOWjaQL

> 

>>> 

> 

>>> I will try to improve the translated version in the next days.

> 

>>> 

> 

>>> Thanks for your help,

> 

>>> 

> 

>>> Lucas

> 

>>> 

> 

>>> --

> 

>>> Homo sapiens non urinat in ventum.

> 

>>> 

> 

>>> _______________________________________________

> 

>>> Global_industry_committee mailing list

> 

>>> Global_industry_committee at lists.owasp.org

> 

>>> https://lists.owasp.org/mailman/listinfo/global_industry_committee

> 

>>> 

> 

>>> 

> 

>> _______________________________________________

> 

>> Global_industry_committee mailing list

> 

>> Global_industry_committee at lists.owasp.org

> 

>> https://lists.owasp.org/mailman/listinfo/global_industry_committee

 

 

 

--

Homo sapiens non urinat in ventum.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/global-projects-committee/attachments/20110324/a035b664/attachment-0001.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OWASP Codes of Conduct.docx
Type: application/vnd.openxmlformats-officedocument.wordprocessingml.document
Size: 68293 bytes
Desc: not available
Url : https://lists.owasp.org/pipermail/global-projects-committee/attachments/20110324/a035b664/attachment-0001.bin 


More information about the Global-projects-committee mailing list