[Governance] Transparency Policy

Tobias tobias.gondrom at owasp.org
Sat Jun 21 14:03:38 UTC 2014


Guys,

today we already have an implicit classification:
if a public mailing-list is on cc, made statements are obviously public.

So I don't see why everyone should put a label at the beginning of each
email to say so.
And what would we do, with all the emails we receive that don't have a
label and start with "how are you" or "can you help me with xyz question"...

Best regards, Tobias



On 21/06/14 12:54, Bil Corry wrote:
>
> This sounds like something the BoD and Staff should discuss on how to
> implement, since the bulk of the burden of classifying documents will
> be on them.
>
>  
>
> - Bil
>
>  
>
> *From:*Dinis Cruz [mailto:dinis.cruz at owasp.org]
> *Sent:* Friday, June 20, 2014 7:02 AM
> *To:* Josh Sokol
> *Cc:* Bil Corry; OWASP GOVERNING
> *Subject:* Re: [Governance] Transparency Policy
>
>  
>
> Labelling documents and emails based on the levels outlined would be
> quite useful, since we could then assume that /'if there is no
> classification then that email or document could/should be public'
> /(re-enforcing the idea that all info is public by default).
>
>  
>
> This would allow for the easier de-classification of such
> email/document (when the views have been clarified/defended)
>
>  
>
> Dinis
>
>  
>
> On 19 June 2014 15:05, Josh Sokol <josh.sokol at owasp.org
> <mailto:josh.sokol at owasp.org>> wrote:
>
> I really like where this is going.  It reads similar to a data
> classification plan and maybe we should even consider labeling
> documents based on the levels outlined.  When I have some time, I will
> try to add additional examples for consideration.  In the meantime, my
> only advice may be to rephrase the policy violations section at the
> bottom more along the lines of "including the possibility of
> suspension or revocation of membership, exclusion from OWASP events
> and mailing lists, or other such action as determined."
>
> ~josh
>
>  
>
> On Thu, Jun 19, 2014 at 5:18 AM, Bil Corry <bil.corry at owasp.org
> <mailto:bil.corry at owasp.org>> wrote:
>
>     Hello Governance,
>
>      
>
>     I am proposing we create (and have the BoD adopt) a policy on
>     transparency to clarify the information that should never be
>     shared publicly.
>
>      
>
>     To that end, I've created an initial draft, which you can find here:
>
>      
>
>     https://www.owasp.org/index.php/Transparency_Policy
>
>      
>
>     I'm requesting discussion and feedback on the draft, along with
>     additional exclusions (I only started with two).
>
>      
>
>     Thank you for your time in advance,
>
>      
>
>     - Bil
>
>      
>
>     _______________________________________________
>     Governance mailing list
>     Governance at lists.owasp.org <mailto:Governance at lists.owasp.org>
>     https://lists.owasp.org/mailman/listinfo/governance
>
>  
>
>
> _______________________________________________
> Governance mailing list
> Governance at lists.owasp.org <mailto:Governance at lists.owasp.org>
> https://lists.owasp.org/mailman/listinfo/governance
>
>  
>
>
>
> _______________________________________________
> Governance mailing list
> Governance at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/governance

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/governance/attachments/20140621/a8fa9747/attachment.html>


More information about the Governance mailing list