[Global_conference_committee] Amendments to the recently approved GCC Governance Document (was: vote thread)

Tin Zaw tin.zaw at owasp.org
Sun Dec 19 21:19:12 EST 2010


Let me discuss it from the potential attendee's perspective.

It is very confusing.

OWASP Global AppSec USA is a bloated, oxymoron term.

If I am an OWASP member in France, what's the difference between AppSec
Europe and AppSec Ireland?

If I am an OWASP member in Texas, should I go to AppSec USA or AppSec DC,
given that travel costs will be about the same, and both conferences have
similar content.

If we are not careful, we are splitting the potential attendees. At AppSec
USA 2010, 50% of the attendees are from California. Should California have
its own Tier 1 AppSec?


On Sun, Dec 19, 2010 at 5:04 PM, Mark Bristow <mark.bristow at owasp.org>wrote:

> I am for having a distinct name for the Tier 1 Conferences so they are
> easily identified.  At first, trying to limit the use of AppSec seemed like
> a good strategy, but it messes up existing branding and is basically
> un-enforceable.  Starting with a new term "Global AppSec" fills the bill for
> me if we limit it to the events I described.  And I think it will be easier
> to enforce a "new" term.  This will also be important for "Global
> Sponsorships".
>
> Re the GCC Compliance check.  They way I would like it to work is, not only
> do you get no Foundation support if you do not clear with us first, but your
> in violation of OWASP branding rules.  I think it's important that the GCC
> discuss applications for Global AppSec and Regional events and
> approve/move/deny them as appropriate (funds, linup to mission ect).  For
> local events, I think a "default permit" policy is more appropriate where
> the GCC has a limited opportunity window (say a week) to object otherwise it
> goes forward.
>
>
> On Sun, Dec 19, 2010 at 7:54 PM, John Wilander <john.wilander at owasp.org>wrote:
>
>> Not sure I understand, Mark. Are you for or against future regional
>> AppSecs? :)
>>
>> If we allow for new regional AppSecs I'd love to make that our way to
>> enforce GCC compliance. If you make contact with the GCC only a month before
>> your event, skip the event system, do local money transfers, don't accept
>> OWASP's global sponsors, or don't have an OWASP booth ... you cannot call
>> yourself OWASP AppSec.
>>
>> I understand that there might be confusion regarding the AppSec name. But
>> I think the addition of "Global" was intended to solve that. If we truly
>> believe that "Global" won't do the trick I think we should have the same
>> rules for all, regardless of history.
>>
>> (Dinis, you were cut out of the loop. Don't know why. Added you back in.)
>>
>>    /John
>>
>> 2010/12/20 Mark Bristow <mark.bristow at owasp.org>
>>
>> Personally I'm not that sticky about the AppSec name being used by
>>> regional cons.  However the Global AppSec title should be reserved for the
>>> class 1 events in North America, South America, Europe and Asia each year.
>>>
>>> On Sun, Dec 19, 2010 at 7:38 PM, John Wilander <john.wilander at owasp.org>wrote:
>>>
>>>> 2010/12/20 Lucas Ferreira <lucas.ferreira at owasp.org>
>>>>
>>>> John,
>>>>>
>>>>> Doesn't the new OWASP Global AppSec name solve this issue?
>>>>>
>>>>
>>>> No. Check the plan thread and you'll see that there's a policy change
>>>> clearly stating that the OWASP AppSec "title can only be used by global
>>>> cons, and by conferences who have already used this name twice by the end of
>>>> 2011, moving forward, only new Global AppSecs can use this name".
>>>>
>>>> So from now on only the lucky ones who managed to use the AppSec
>>>> name regionally twice before 2012 get to use it in the future. So we know
>>>> there will never be an AppSec Nordic, an AppSec France or an AppSec
>>>> Argentina.
>>>>
>>>> I think this is a biased decision. Either we allow for future regional
>>>> AppSecs (my vote) or we kill them all.
>>>>
>>>> Quote from the plan thread:
>>>>
>>>> Policy Changes
>>>>
>>>>    - Change Conference Types to include:
>>>>    - OWASP Global AppSec Conferences (Currently AppSec Conferences)
>>>>       - OWASP AppSec Conferences (*Title* can only be used by global
>>>>       cons, and by conferences who have already used this name twice by the end of
>>>>       2011, moving forward, only new Global AppSecs can use this name)
>>>>       - OWASP Regional/Theme Conference (currently Regional, *DROP *all
>>>>       regional cons will now have to have a unique theme,
>>>>
>>>> --
>>>> John Wilander, https://twitter.com/johnwilander
>>>> Chapter co-leader OWASP Sweden, http://owaspsweden.blogspot.com
>>>>  <http://owaspsweden.blogspot.com>Co-organizer Global Summit,
>>>> http://www.owasp.org/index.php/Summit_2011
>>>>  <http://www.owasp.org/index.php/Summit_2011>Conf Comm,
>>>> http://www.owasp.org/index.php/Global_Conferences_Committee
>>>>
>>>>
>>>> _______________________________________________
>>>> Global_conference_committee mailing list
>>>> Global_conference_committee at lists.owasp.org
>>>> https://lists.owasp.org/mailman/listinfo/global_conference_committee
>>>>
>>>>
>>>
>>>
>>> --
>>> Mark Bristow
>>> (703) 596-5175
>>> mark.bristow at owasp.org
>>>
>>> OWASP Global Conferences Committee Chair - http://is.gd/5MTvF
>>> OWASP DC Chapter Co-Chair - http://is.gd/5MTwu
>>> AppSec DC Organizer - https://www.appsecdc.org
>>>
>>>
>>
>>
>> --
>> John Wilander, https://twitter.com/johnwilander
>> Chapter co-leader OWASP Sweden, http://owaspsweden.blogspot.com
>>  <http://owaspsweden.blogspot.com>Co-organizer Global Summit,
>> http://www.owasp.org/index.php/Summit_2011
>> <http://www.owasp.org/index.php/Summit_2011>Conf Comm,
>> http://www.owasp.org/index.php/Global_Conferences_Committee
>>
>>
>
>
> --
> Mark Bristow
> (703) 596-5175
> mark.bristow at owasp.org
>
> OWASP Global Conferences Committee Chair - http://is.gd/5MTvF
> OWASP DC Chapter Co-Chair - http://is.gd/5MTwu
> AppSec DC Organizer - https://www.appsecdc.org
>
>
> _______________________________________________
> Global_conference_committee mailing list
> Global_conference_committee at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/global_conference_committee
>
>


-- 
Tin Zaw, CISSP, CSSLP
Chapter Leader and President, OWASP Los Angeles Chapter
Google Voice: (213) 973-9295
LinkedIn: http://www.linkedin.com/in/tinzaw
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/global_conference_committee/attachments/20101219/10bf53ca/attachment-0001.html 


More information about the Global_conference_committee mailing list