[Global_conference_committee] Amendments to the recently approved GCC Governance Document (was: vote thread)

dinis cruz dinis.cruz at owasp.org
Mon Dec 20 06:52:47 EST 2010


What you need to make really clear is that there will be ONE major
conference per year per location (this is the one that will be given more
marketing focus by OWASP and the one that most OWASP leaders should
attend).

The rest should all be 'local' conferences and (this is my recommendation)
should be required to have 'themes' so that each one can develop its own
identity (in addition to the local geography)

Once word of advise, don't be too hung on the concept of 'competing' OWASP
AppSecs. If you look at the attendance numbers (and Mark you should be able
to back this up with statistical numbers) a significant number of attendees
comes from the local geographical area. This means that the number of people
that will travel to an OWASP conference is still considerable low.

Also, and this is very important, part of OWASP success is its organic
growth and nature, so its important to only have a small number of rules and
allow local teams to be flexible and innovative.

In terms of 'forcing' the local conference teams to do anything, I like the
approach already mentioned that certain brand usage is tied up to resources
and capabilities provided by the Conferences Committee (funding,
speakers, organization, marketing, websites, etc..)

Dinis Cruz


On 20 December 2010 02:19, Tin Zaw <tin.zaw at owasp.org> wrote:

> Let me discuss it from the potential attendee's perspective.
>
> It is very confusing.
>
> OWASP Global AppSec USA is a bloated, oxymoron term.
>
> If I am an OWASP member in France, what's the difference between AppSec
> Europe and AppSec Ireland?
>
> If I am an OWASP member in Texas, should I go to AppSec USA or AppSec DC,
> given that travel costs will be about the same, and both conferences have
> similar content.
>
> If we are not careful, we are splitting the potential attendees. At AppSec
> USA 2010, 50% of the attendees are from California. Should California have
> its own Tier 1 AppSec?
>
>
> On Sun, Dec 19, 2010 at 5:04 PM, Mark Bristow <mark.bristow at owasp.org>wrote:
>
>> I am for having a distinct name for the Tier 1 Conferences so they are
>> easily identified.  At first, trying to limit the use of AppSec seemed like
>> a good strategy, but it messes up existing branding and is basically
>> un-enforceable.  Starting with a new term "Global AppSec" fills the bill for
>> me if we limit it to the events I described.  And I think it will be easier
>> to enforce a "new" term.  This will also be important for "Global
>> Sponsorships".
>>
>> Re the GCC Compliance check.  They way I would like it to work is, not
>> only do you get no Foundation support if you do not clear with us first, but
>> your in violation of OWASP branding rules.  I think it's important that the
>> GCC discuss applications for Global AppSec and Regional events and
>> approve/move/deny them as appropriate (funds, linup to mission ect).  For
>> local events, I think a "default permit" policy is more appropriate where
>> the GCC has a limited opportunity window (say a week) to object otherwise it
>> goes forward.
>>
>>
>> On Sun, Dec 19, 2010 at 7:54 PM, John Wilander <john.wilander at owasp.org>wrote:
>>
>>> Not sure I understand, Mark. Are you for or against future regional
>>> AppSecs? :)
>>>
>>> If we allow for new regional AppSecs I'd love to make that our way to
>>> enforce GCC compliance. If you make contact with the GCC only a month before
>>> your event, skip the event system, do local money transfers, don't accept
>>> OWASP's global sponsors, or don't have an OWASP booth ... you cannot call
>>> yourself OWASP AppSec.
>>>
>>> I understand that there might be confusion regarding the AppSec name. But
>>> I think the addition of "Global" was intended to solve that. If we truly
>>> believe that "Global" won't do the trick I think we should have the same
>>> rules for all, regardless of history.
>>>
>>> (Dinis, you were cut out of the loop. Don't know why. Added you back in.)
>>>
>>>    /John
>>>
>>> 2010/12/20 Mark Bristow <mark.bristow at owasp.org>
>>>
>>> Personally I'm not that sticky about the AppSec name being used by
>>>> regional cons.  However the Global AppSec title should be reserved for the
>>>> class 1 events in North America, South America, Europe and Asia each year.
>>>>
>>>> On Sun, Dec 19, 2010 at 7:38 PM, John Wilander <john.wilander at owasp.org
>>>> > wrote:
>>>>
>>>>> 2010/12/20 Lucas Ferreira <lucas.ferreira at owasp.org>
>>>>>
>>>>> John,
>>>>>>
>>>>>> Doesn't the new OWASP Global AppSec name solve this issue?
>>>>>>
>>>>>
>>>>> No. Check the plan thread and you'll see that there's a policy change
>>>>> clearly stating that the OWASP AppSec "title can only be used by global
>>>>> cons, and by conferences who have already used this name twice by the end of
>>>>> 2011, moving forward, only new Global AppSecs can use this name".
>>>>>
>>>>> So from now on only the lucky ones who managed to use the AppSec
>>>>> name regionally twice before 2012 get to use it in the future. So we know
>>>>> there will never be an AppSec Nordic, an AppSec France or an AppSec
>>>>> Argentina.
>>>>>
>>>>> I think this is a biased decision. Either we allow for future regional
>>>>> AppSecs (my vote) or we kill them all.
>>>>>
>>>>> Quote from the plan thread:
>>>>>
>>>>> Policy Changes
>>>>>
>>>>>    - Change Conference Types to include:
>>>>>    - OWASP Global AppSec Conferences (Currently AppSec Conferences)
>>>>>       - OWASP AppSec Conferences (*Title* can only be used by global
>>>>>       cons, and by conferences who have already used this name twice by the end of
>>>>>       2011, moving forward, only new Global AppSecs can use this name)
>>>>>       - OWASP Regional/Theme Conference (currently Regional, *DROP *all
>>>>>       regional cons will now have to have a unique theme,
>>>>>
>>>>> --
>>>>> John Wilander, https://twitter.com/johnwilander
>>>>> Chapter co-leader OWASP Sweden, http://owaspsweden.blogspot.com
>>>>>  <http://owaspsweden.blogspot.com>Co-organizer Global Summit,
>>>>> http://www.owasp.org/index.php/Summit_2011
>>>>>  <http://www.owasp.org/index.php/Summit_2011>Conf Comm,
>>>>> http://www.owasp.org/index.php/Global_Conferences_Committee
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> Global_conference_committee mailing list
>>>>> Global_conference_committee at lists.owasp.org
>>>>> https://lists.owasp.org/mailman/listinfo/global_conference_committee
>>>>>
>>>>>
>>>>
>>>>
>>>> --
>>>> Mark Bristow
>>>> (703) 596-5175
>>>> mark.bristow at owasp.org
>>>>
>>>> OWASP Global Conferences Committee Chair - http://is.gd/5MTvF
>>>> OWASP DC Chapter Co-Chair - http://is.gd/5MTwu
>>>> AppSec DC Organizer - https://www.appsecdc.org
>>>>
>>>>
>>>
>>>
>>> --
>>> John Wilander, https://twitter.com/johnwilander
>>> Chapter co-leader OWASP Sweden, http://owaspsweden.blogspot.com
>>>  <http://owaspsweden.blogspot.com>Co-organizer Global Summit,
>>> http://www.owasp.org/index.php/Summit_2011
>>> <http://www.owasp.org/index.php/Summit_2011>Conf Comm,
>>> http://www.owasp.org/index.php/Global_Conferences_Committee
>>>
>>>
>>
>>
>> --
>> Mark Bristow
>> (703) 596-5175
>> mark.bristow at owasp.org
>>
>> OWASP Global Conferences Committee Chair - http://is.gd/5MTvF
>> OWASP DC Chapter Co-Chair - http://is.gd/5MTwu
>> AppSec DC Organizer - https://www.appsecdc.org
>>
>>
>> _______________________________________________
>> Global_conference_committee mailing list
>> Global_conference_committee at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/global_conference_committee
>>
>>
>
>
> --
> Tin Zaw, CISSP, CSSLP
> Chapter Leader and President, OWASP Los Angeles Chapter
> Google Voice: (213) 973-9295
> LinkedIn: http://www.linkedin.com/in/tinzaw
>
>
> _______________________________________________
> Global_conference_committee mailing list
> Global_conference_committee at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/global_conference_committee
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/global_conference_committee/attachments/20101220/3397c942/attachment.html 


More information about the Global_conference_committee mailing list