[GPC] [Owasp-board] ESAPI Party

Mark Bristow mark.bristow at owasp.org
Fri Sep 23 11:48:56 EDT 2011

I for one do not vote for a "dry county" but we don't need to be soaked.

FWIW from the cheap seats, I think this is a totally reasonable expense and
that the release is something that should absolutely be celebrated and this
is a great way to reward contributors for all their hard work.  I think that
if we choose to continue the policy of not compensating people for the time,
this is a great way to show the appreciation of the community.

I also agree it would be great if a company could sponsor it, but if that
can't be found the foundation should support.

On Fri, Sep 23, 2011 at 10:27 AM, Tom Brennan <tomb at owasp.org> wrote:

> Vote to approve the "meet-up"  always helps our efforts and community.
> **bookmark this all**
> https://www.owasp.org/index.php/Donation_Scoreboard
> There is no budget in the project bucket for ESAPI hmm....
> Perhaps you can find a sponsor example Denim/Aspect/Cigital/WhiteHat or the
> otherson the show floor or any of the other involved ESAPI or get a chapter
> to help it (Denver, NYC, San Ant, etc...)
> Pass the hat and ask for $20 bucks
> Are we having fun yet or have we now become a "dry county" organization.
> On Sep 23, 2011, at 10:10 AM, Jason Li <jason.li at owasp.org> wrote:
> Chairs/Board/GPC,
> Based on the Board/Chair discussion last night, I believe the general
> consensus was that these types of events for projects are reasonable and
> supported (with some sanity-check BS-meter type caveats). Note that each
> committee has an action item to draft guidance regarding appropriate
> expenditures for their areas of responsibilities (chapters, projects, etc).
> Everyone's concern over the OWAS ModSecurity Core Rule Set event
> reimbursement request was that:
> 1) The reimbursement request for the event was preceded by a request that
> was NOT appropriate (the "if dad says no, ask mom" problem)
> 2) The event was not clearly an event about an OWASP Project (someone
> attested that as an attendee, it "felt" like a Trustwave event about
> ModSecurity, not an OWASP event about the Core Rule Set)
> In the case of this ESAPI party, the "plan" and "intent" have been stated
> and the event is clearly an event about an OWASP Project.
> While we haven't yet decided on a process, *one* of the proposed methods of
> budget approval for these events brought up was that the "approval" role for
> such project expenditures should lie with the Project Leader, followed by
> the GPC Chair, followed by the Treasurer/Board.
> Since Chris is the project leader and it is his event, it'd be
> inappropriate for his approval.
> For the record, based on the Board's/Chair's mutual understanding, I
> believe this event should be approved and would normally approve the
> expenditure. However, as the party is planned to be held in the room that I
> am sharing with Chris, I feel that I should abstain from this process to
> prevent the appearance of conflict of interest.
> I ask that the approval decision instead be made by the Treasurer (or the
> Board as appropriate).
> -Jason
> ---------- Forwarded message ----------
> From: Chris Schmidt < <chris.schmidt at owasp.org>chris.schmidt at owasp.org>
> Date: Fri, Sep 23, 2011 at 9:17 AM
> Subject: ESAPI Party
> To: Jason Li < <jason.li at owasp.org>jason.li at owasp.org>, Tom Brennan <<tomb at owasp.org>
> tomb at owasp.org>, Michael Coates < <michael.coates at owasp.org>
> michael.coates at owasp.org>, Dave Wichers < <dave.wichers at owasp.org>
> dave.wichers at owasp.org>, Kate Hartmann < <kate.hartmann at owasp.org>
> kate.hartmann at owasp.org>, <matt.tesauro at owasp.org>matt.tesauro at owasp.org,
> " <eoin.keary at owasp.org>eoin.keary at owasp.org" < <eoin.keary at owasp.org>
> eoin.keary at owasp.org>
>  All -
> Given the events of last night’s meeting, Kate wanted to to run this up the
> flagpole so that we are sure everyone is on the same page.
> As you guys are aware, I had planned on having a Room Party to celebrate
> the ESAPI 2.0 release tonight. My plan with this (from the beginning) was to
> charge this to the ESAPI budget as I don’t *personally* have the money to
> do the party.
> I am not sure what the actual cost will be, but what I had planned on was
> 4 Bottles of wine
> 2 Cases of Beer
> 2 Bags of Chips
> Salsa
> Dip
> I had hoped that since we are all here I could charge this directly to the
> ESAPI budget and not buy It and expense for reimbursement. However, Kate
> expressed concern given after the meeting last night that this may not even
> be a reimbursable event. Rather than chasing everyone around, I figured the
> simplest form of resolution was to do this over e-mail. I would like to get
> this resolved, one way or the other this morning as early as possible so I
> can make other arrangements if necessary.
> Chris Schmidt
> ESAPI Project Leader ( <http://www.esapi.org>http://www.esapi.org)
> Blog: <http://yet-another-dev.blogspot.com>
> http://yet-another-dev.blogspot.com
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board

Mark Bristow
(703) 596-5175
mark.bristow at owasp.org

OWASP Global Conferences Committee Chair - http://is.gd/5MTvF
OWASP DC Chapter Co-Chair - http://is.gd/5MTwu
AppSec DC Organizer - https://www.appsecdc.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/global-projects-committee/attachments/20110923/a8e1a417/attachment.html 

More information about the Global-projects-committee mailing list