[GPC] [Owasp-board] Summit Alcohol WAS [Committees-chairs] ESAPI Party

Jim Manico jim.manico at owasp.org
Fri Sep 23 12:12:42 EDT 2011


I've been a drunk bastard on occasion myself. I'm not innocent here.

I take more of an extreme stance on alcohol purchases and consumption
that is very unpopular. We are having severe economic difficulties and
I'd rather see OWASP go more dry and focus more on spending $ only when
it is in-line with the mission of awareness.

- Jim


> Jim,
>
> I agree 100% that we choose lights over beer.  Our
> total alcohol expenditure for the Summit was:
>
>   * Drink tickets were $2547 for the entirety of the event ($7 a drink
>     rate but if you do the math that was 2 drinks per attendee)
>   * $684 in beer and wine supplement at dinner
>   * roughly $250 (kate would have the actual receipts as she paid for
>     it but it was charged to the event petty cash account) in beer and
>     a case of port for the villia I was in for evening activities (two
>     governance sessions and
>     the official conference "party"/band/cookout were held there, much
>     to the dismay of my sleeping pattern)
>
> When you add that all up, we spent about $20 on alcohol per person
> over the whole event, or $4 a day.  Personally I think that's pretty
> reasonable.  I know that A LOT more alcohol was drank at the summit
> (by me included) however much of the alcohol floating round was paid
> for by individuals.  For example only the beer (I think in total we
> bought 10 cases over the whole event) and the one case of port in my
> villa was covered by the event, but there was more beer there because
> we had "conference" beer and "personal" beer in the villa.  There was
> also some wine and hard liquor floating around our villa
> that myself and the other members of the villa purchased on our own
> dime.  I know for a fact that some attendees did drink from the
> "personal' stash and that was perfectly fine to me and the other
> people there in the tradition of being good hosts.
>
> So while there were a number of "drunk bastards" there, much of
> the drinking wasn't paid by OWASP.
>
> Regards,
> -Mark
>
> On Fri, Sep 23, 2011 at 10:48 AM, Jim Manico <jim.manico at owasp.org
> <mailto:jim.manico at owasp.org>> wrote:
>
>     Less alcohol purchases is probably a good thing. Waiting to drink
>     until *after* the board meeting is something to consider as well.
>
>     If I had to vote between keeping the lights on and paying for
>     beer, I'd go lights.
>
>     Even some of the most drunk bastards within OWASP have confided in
>     me that we, especially at Portugal, go to extremes when it comes
>     to this topic.
>
>     - Jim
>
>>     Vote to approve the "meet-up"  always helps our efforts and
>>     community.
>>
>>     **bookmark this all**
>>     https://www.owasp.org/index.php/Donation_Scoreboard
>>
>>     There is no budget in the project bucket for ESAPI hmm....
>>
>>     Perhaps you can find a sponsor example
>>     Denim/Aspect/Cigital/WhiteHat or the otherson the show floor or
>>     any of the other involved ESAPI or get a chapter to help it
>>     (Denver, NYC, San Ant, etc...)
>>
>>     Pass the hat and ask for $20 bucks
>>
>>     Are we having fun yet or have we now become a "dry county"
>>     organization.
>>
>>
>>
>>
>>     On Sep 23, 2011, at 10:10 AM, Jason Li <jason.li at owasp.org
>>     <mailto:jason.li at owasp.org>> wrote:
>>
>>>     Chairs/Board/GPC,
>>>
>>>     Based on the Board/Chair discussion last night, I believe the
>>>     general consensus was that these types of events for projects
>>>     are reasonable and supported (with some sanity-check BS-meter
>>>     type caveats). Note that each committee has an action item to
>>>     draft guidance regarding appropriate expenditures for their
>>>     areas of responsibilities (chapters, projects, etc).
>>>
>>>     Everyone's concern over the OWAS ModSecurity Core Rule Set event
>>>     reimbursement request was that:
>>>     1) The reimbursement request for the event was preceded by a
>>>     request that was NOT appropriate (the "if dad says no, ask mom"
>>>     problem)
>>>     2) The event was not clearly an event about an OWASP Project
>>>     (someone attested that as an attendee, it "felt" like a
>>>     Trustwave event about ModSecurity, not an OWASP event about the
>>>     Core Rule Set)
>>>
>>>     In the case of this ESAPI party, the "plan" and "intent" have
>>>     been stated and the event is clearly an event about an OWASP
>>>     Project.
>>>
>>>     While we haven't yet decided on a process, *one* of the proposed
>>>     methods of budget approval for these events brought up was that
>>>     the "approval" role for such project expenditures should lie
>>>     with the Project Leader, followed by the GPC Chair, followed by
>>>     the Treasurer/Board.
>>>
>>>     Since Chris is the project leader and it is his event, it'd be
>>>     inappropriate for his approval.
>>>
>>>     For the record, based on the Board's/Chair's mutual
>>>     understanding, I believe this event should be approved and would
>>>     normally approve the expenditure. However, as the party is
>>>     planned to be held in the room that I am sharing with Chris, I
>>>     feel that I should abstain from this process to prevent the
>>>     appearance of conflict of interest. 
>>>
>>>     I ask that the approval decision instead be made by the
>>>     Treasurer (or the Board as appropriate).
>>>
>>>     -Jason
>>>
>>>     ---------- Forwarded message ----------
>>>     From: *Chris Schmidt* <chris.schmidt at owasp.org
>>>     <mailto:chris.schmidt at owasp.org>>
>>>     Date: Fri, Sep 23, 2011 at 9:17 AM
>>>     Subject: ESAPI Party
>>>     To: Jason Li <jason.li at owasp.org <mailto:jason.li at owasp.org>>,
>>>     Tom Brennan <tomb at owasp.org <mailto:tomb at owasp.org>>, Michael
>>>     Coates <michael.coates at owasp.org
>>>     <mailto:michael.coates at owasp.org>>, Dave Wichers
>>>     <dave.wichers at owasp.org <mailto:dave.wichers at owasp.org>>, Kate
>>>     Hartmann <kate.hartmann at owasp.org
>>>     <mailto:kate.hartmann at owasp.org>>, matt.tesauro at owasp.org
>>>     <mailto:matt.tesauro at owasp.org>, "eoin.keary at owasp.org
>>>     <mailto:eoin.keary at owasp.org>" <eoin.keary at owasp.org
>>>     <mailto:eoin.keary at owasp.org>>
>>>
>>>
>>>     All -
>>>
>>>     Given the events of last night's meeting, Kate wanted to to run
>>>     this up the flagpole so that we are sure everyone is on the same
>>>     page.
>>>
>>>     As you guys are aware, I had planned on having a Room Party to
>>>     celebrate the ESAPI 2.0 release tonight. My plan with this (from
>>>     the beginning) was to charge this to the ESAPI budget as I don't
>>>     *personally* have the money to do the party.
>>>
>>>     I am not sure what the actual cost will be, but what I had
>>>     planned on was
>>>
>>>     4 Bottles of wine
>>>     2 Cases of Beer
>>>     2 Bags of Chips
>>>     Salsa
>>>     Dip
>>>
>>>     I had hoped that since we are all here I could charge this
>>>     directly to the ESAPI budget and not buy It and expense for
>>>     reimbursement. However, Kate expressed concern given after the
>>>     meeting last night that this may not even be a reimbursable
>>>     event. Rather than chasing everyone around, I figured the
>>>     simplest form of resolution was to do this over e-mail. I would
>>>     like to get this resolved, one way or the other this morning as
>>>     early as possible so I can make other arrangements if necessary.
>>>
>>>     Chris Schmidt
>>>     ESAPI Project Leader (http://www.esapi.org)
>>>     Blog: http://yet-another-dev.blogspot.com
>>>
>>>
>>>     _______________________________________________
>>>     Owasp-board mailing list
>>>     Owasp-board at lists.owasp.org <mailto:Owasp-board at lists.owasp.org>
>>>     https://lists.owasp.org/mailman/listinfo/owasp-board
>>
>>
>>     _______________________________________________
>>     Owasp-board mailing list
>>     Owasp-board at lists.owasp.org <mailto:Owasp-board at lists.owasp.org>
>>     https://lists.owasp.org/mailman/listinfo/owasp-board
>
>
>     -- 
>     Jim Manico
>
>     Connections Committee Chair
>     Cheatsheet Series Product Manager
>     OWASP Podcast Producer/Host
>
>     jim at owasp.org <mailto:jim at owasp.org>
>     www.owasp.org <http://www.owasp.org>
>
>
>     _______________________________________________
>     Committees-chairs mailing list
>     Committees-chairs at lists.owasp.org
>     <mailto:Committees-chairs at lists.owasp.org>
>     https://lists.owasp.org/mailman/listinfo/committees-chairs
>
>
>
>
> -- 
> Mark Bristow
> (703) 596-5175
> mark.bristow at owasp.org <mailto:mark.bristow at owasp.org>
>
> OWASP Global Conferences Committee Chair - http://is.gd/5MTvF
> OWASP DC Chapter Co-Chair - http://is.gd/5MTwu
> AppSec DC Organizer - https://www.appsecdc.org
>
>
>
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board


-- 
Jim Manico

Connections Committee Chair
Cheatsheet Series Product Manager
OWASP Podcast Producer/Host

jim at owasp.org
www.owasp.org

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/global-projects-committee/attachments/20110923/d435d5ec/attachment-0001.html 


More information about the Global-projects-committee mailing list