[Global_conference_committee] Amendments to the recently approved GCC Governance Document (was: vote thread)

John Wilander john.wilander at owasp.org
Sun Dec 19 06:30:58 EST 2010


Just to be clear on the protected AppSec name ...

I've been thinking and now lean towards opening up for new regional AppSecs. The "only historic regional AppSecs can use the name" argument is too weak and Mark really risks getting criticism for having been biased when the GCC took the decision. At the same time I would hate to ruin all the hard, volunteer work of building up great brands for OWASP (AppSec Ireland, AppSec DC etc).

Instead I think we should use the sought after AppSec name as a way of injecting all the GCC stuff we want to get in place. Such as welcoming global sponsors, planning and communicating with the GCC X months ahead, having a mandatory OWASP booth, allowing for an OWASP track should there be good speakers available, using the event system etc.

What do you think? A nuisance bringing this closed question up again?

   Regards, John


Sent from my iPad

On 18 dec 2010, at 19:29, John Wilander <john.wilander at owasp.org> wrote:

> I don't think secret votes are the prime thing. The ability to bring up sensitive questions to discussion is.
> 
> Example: I've been concerned about the GCC's decision to let _current_ regional AppSecs keep their AppSec names whereas new regional OWASP conferences cannot use the protected AppSec label. This is a clear conflict of interest for Mark since he really wants to keep his AppSec DC brand (understandable) but might stir up arguments in the community down the road.
> 
> I would like to discuss such questions free from conflicts of interest to be able to do my best for OWASP. Then my vote, should there be one, can and should be open and on the record.
> 
> Regards, John
> 
> 
> Skickat från min iPhone
> 
> 18 dec 2010 kl. 19:14 skrev dinis cruz <dinis.cruz at owasp.org>:
> 
>> Can you think of the scenarious where you would need a 'secret vote'?
>> 
>> Dinis Cruz
>> 
>> On 18 Dec 2010, at 16:16, Lucas Ferreira <lucas.ferreira at owasp.org>
>> wrote:
>> 
>>> Regarding the need to step aside during calls, maybe secret votes
>>> could be a solution. In the case more than one committee member
>>> requires, we should implement secret votes. Some may argue that this
>>> goes against the required openess, but I secret votes may be important
>>> in some accasions.
>>> 
>>> Regards,
>>> 
>>> Lucas
>>> 
>>> On Friday, December 17, 2010, Mark Bristow <mark.bristow at owasp.org>
>>> wrote:
>>>> John,
>>>> Inline comments below.
>>>> FYI All, Looped in the GCC list.
>>>> 
>>>> 
>>>> On Fri, Dec 17, 2010 at 10:39 AM, John Wilander <john.wilander at owasp.org
>>>>> wrote:
>>>> 
>>>> 2010/12/17 Mark Bristow <mark.bristow at owasp.org>
>>>> 
>>>> 
>>>> 
>>>> 
>>>> So john, some inline comments to your comments below.
>>>> Also, do you approve the doc as is and want to put up separate
>>>> changes, or is this a reject?  If so, we'll re-open for discussion.
>>>> 
>>>> 
>>>> 
>>>> 
>>>> I approve as long as we can discuss and get changes in there
>>>> eventually.
>>>> Doing it now,  Looped in the main GCC list.
>>>> 
>>>> 
>>>> 
>>>> 
>>>> 
>>>> 
>>>> 
>>>> 
>>>> 
>>>> 
>>>> 
>>>> I like Mark but I still think we should have a max on how many
>>>> years (in a row) you can be chair. My suggestion is three years.
>>>> 
>>>> 
>>>> 
>>>> 
>>>> 
>>>> 
>>>> Fine by me.  If I got elected for 2011, would make it my last year.
>>>> To be clear – I think you're doing a great job and I'm not challen
>>>> ging you. But I think it's healthy to have a max. Would be good fo
>>>> r the OWASP Board too. People tend to deliver their best if they k
>>>> now the timeframe for their engagement and there's a natural succe
>>>> ssion when people know there has to be a new leader/chair chosen.
>>>> Look at American presidents vs Swedish ever-prime ministers. I muc
>>>> h prefer the American "you get two terms max".
>>>> 
>>>> 
>>>> A) feel free to challenge meB) I agree, some term limits are
>>>> healthy to keep things fresh.  I agree on the board comment but
>>>> that's for the new Governance working session that I just found out
>>>> I'm in......
>>>> 
>>>> C) I don't think that Lifetime MAXes are necessary, but i"m good
>>>> with only 3 consecutive years.
>>>> 
>>>> 
>>>> 
>>>> 
>>>> 
>>>> 
>>>> 
>>>> 
>>>> 
>>>> We need to comment that scheduling of the meetings have to take
>>>> into consideration the different time zones we're in. I constantly
>>>> have trouble attending OWASP phone calls because they're in odd
>>>> time of the day or night. If I have a Skype meeting until 1 am I
>>>> will not do a good job the day after. Mark has been good in
>>>> scheduling so far but we should have a sentence about not only
>>>> fitting for instance US time zones. I suspect any Asian GCC members
>>>> will have a lot to say about this.
>>>> 
>>>> 
>>>> 
>>>> 
>>>> 
>>>> 
>>>> 
>>>> Since a GCC member can be kicked out if not attending enough
>>>> meetings the scheduling is important.
>>>> I think that "Meetings will be scheduled based on the availability
>>>> of the majority of the members" settles this somewhat.  This forces
>>>> some type of "polling" in order to set the meeting date time.  Much
>>>> like I use Doodle now for scheduling.
>>>> 
>>>> 
>>>> 
>>>> 
>>>> Yeah. As long as we don't end up in the GCC always having a
>>>> majority of people in certain time zones so the majority of members
>>>> constantly prefer that time zone.
>>>> 
>>>> 
>>>> This is an entirely separate problem.  I'd love to have more people
>>>> from europe, asia and south america on the committee but
>>>> unfortunately we haven't had many takers to date.  I think that we
>>>> as a committee should not accept additional members from the US
>>>> unless one resigns.
>>>> 
>>>> 
>>>> 
>>>> 
>>>> 
>>>> 
>>>> 
>>>> 
>>>> 
>>>> 
>>>> 
>>>> 
>>>> 
>>>> 
>>>> Add a sentence about the GCC member(s) with conflicting interests
>>>> to temporarily leave the meeting during discussion. This is
>>>> important if we want to have an open and effective committee. For
>>>> instance – if AppSec in Stockholm would have produced a loss and t
>>>> he GCC wanted to discuss this you would have asked me questions fi
>>>> rst and then discussed privately for 10 minutes without me hearing.
>>>> 
>>>> 
>>>> 
>>>> 
>>>> 
>>>> 
>>>> Recusal is not a bad idea, however since our meetings are open to
>>>> anyone to join it would be odd for the GCC member to have to leave
>>>> when anyone in OWASP is welcome to stay.
>>>> 
>>>> 
>>>> 
>>>> 
>>>> I wouldn't mind. As a formal member I understand that people will
>>>> need to discuss freely for the committee to reach the right decision.
>>>> 
>>>> 
>>>> I just feel this is counter to "openness".  It's a tough call,
>>>> because if I wasn't a GCC member, and I knew the GCC was taking
>>>> something up important to me, I'd be on the call anyway to argue my
>>>> case if needed.  However I find that I'm better with mental
>>>> compartmentalization than most.
>>>> 
>>>> 
>>>> 
>>>> 
>>>> 
>>>> I don't it'll be a problem but gas prices vary a lot around the
>>>> globe. For instance gas is USD 7 per gallon in Sweden. So we might
>>>> want to say something about adjusting for local gas prices.
>>>> 
>>>> 
>>>> 
>>>> 
>>>> 
>>>> 
>>>> Do you have an internationally recognized index we can throw in here?
>>>> :D. No, but just a note on proving by receipt what your fuel costs
>>>> were per km/mile would be fine. Then we can default to the amount
>>>> you have there.
>>>> 
>>>> 
>>>> Well, on tho the 2011 plan vote so we can ask the board for funds
>>>> for this to matter ;)
>>>> 
>>>> 
>>>> 
>>>> 
>>>>  /John
>>>> --
>>>> John Wilander, https://twitter.com/johnwilander
>>>> Chapter co-leader OWASP Sweden, http://owaspsweden.blogspot.com
>>>> <http://owaspsweden.blogspot.com>Co-organizer Global Summit, http://www.owasp.org/index.php/Summit_2011
>>>> <http://www.owasp.org/index.php/Summit_2011>Conf Comm, http://www.owasp.org/index.php/Global_Conferences_Committee
>>>> 
>>>> 
>>>> 
>>>> 
>>>> 
>>>> 
>>>> --
>>>> Mark Bristow
>>>> (703) 596-5175
>>>> mark.bristow at owasp.org
>>>> 
>>>> OWASP Global Conferences Committee Chair - http://is.gd/5MTvF
>>>> OWASP DC Chapter Co-Chair - http://is.gd/5MTwu
>>>> AppSec DC Organizer - https://www.appsecdc.org
>>>> 
>>>> 
>>>> 
>>>> 
>>>> --
>>>> Mark Bristow
>>>> (703) 596-5175
>>>> mark.bristow at owasp.org
>>>> 
>>>> OWASP Global Conferences Committee Chair - http://is.gd/5MTvF
>>>> OWASP DC Chapter Co-Chair - http://is.gd/5MTwu
>>>> AppSec DC Organizer - https://www.appsecdc.org
>>>> 
>>>> 
>>> 
>>> --
>>> Homo sapiens non urinat in ventum.
>>> _______________________________________________
>>> Global_conference_committee mailing list
>>> Global_conference_committee at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/global_conference_committee
>> _______________________________________________
>> Global_conference_committee mailing list
>> Global_conference_committee at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/global_conference_committee


More information about the Global_conference_committee mailing list