[Governance] Creating new list for violation requests and related discussion (was Re: JOSH SOKOL...)

Bev Corwin bev.corwin at owasp.org
Fri Feb 28 17:33:01 UTC 2014

What does one do when a situation may be a combination of policy,
compliance, ethics, leadership, and governance? Shouldn't there be an
initial "complaints" list to determine scope, and then perhaps later
delegated to other lists when things become more clear? Things are often
complex in the real world and not so simple.


On Fri, Feb 28, 2014 at 6:39 AM, Bil Corry <bil.corry at owasp.org> wrote:

> The purpose of this list is to discuss policy and governance issues, as
> related to the OWASP Foundation.
> If there is a conflict that can be resolved by clarifying OWASP policy (or
> creating a new policy), then this list is appropriate.  An example would
> be, "I'm the chapter leader, do OWASP policies allow me to hand out my
> business card to attendees at a chapter meeting?"
> If there is an ethics violation, or a breach of fiduciary
> responsibilities, or similar, then those complaints should be sent directly
> to the Compliance Officer.  It sounds like some want it to be more
> transparent, thus my suggestion to NOT use the governance list, but rather
> create a dedicated email list for those complaints.
> If the distinction between policy conflicts and ethics violations is too
> slight, then I suggest moving all complaints to a dedicated list.  The
> primary purpose of the governance list is to shape and clarify policy, not
> implement it.
> I hope that clarifies my request.
> - Bil
> -----Original Message-----
> From: Christian Heinrich [mailto:christian.heinrich at cmlh.id.au]
> Sent: Friday, February 28, 2014 12:55 AM
> To: bil.corry at owasp.org
> Cc: governance at lists.owasp.org
> Subject: Re: [Governance] Creating new list for violation requests and
> related discussion (was Re: JOSH SOKOL...)
> Bill,
> I have *no* issue with Yiannis as an outspoken critic of corruption within
> the OWASP Board prior to 2010 and I support his view %100 i.e.
> http://lists.owasp.org/pipermail/owasp-board/2011-January/009563.htmland
> also he went out his way to make me well welcome at the OWASP London
> Chapter when I presented there in 2010 so any views expressed by the OWASP
> Board (at that time) are false.
> As I understand
> https://www.owasp.org/index.php/Governance/ConflictHandling I have
> followed the intent of the "governance" mailing list but I do agree that
> its title of the mailing list might be misleading, maybe "conflict
> handling" might be better?
> > On Wed, Feb 26, 2014 at 11:49 AM, Bil Corry <bil.corry at owasp.org> wrote:
> >> "I would recommend that Christian start a new thread on the
> >> governance list with his allegations of ethical violations against
> >> Yiannis and not place them in this one."
> --
> Regards,
> Christian Heinrich
> http://cmlh.id.au/contact
> _______________________________________________
> Governance mailing list
> Governance at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/governance
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/governance/attachments/20140228/0c2767e2/attachment.html>

More information about the Governance mailing list