<div dir="ltr">Special and supportive "hugs" to all who made AppSecUSA NY a success, and especially to leadership. I agree with Josh that transparency is the "key" to managing conflicts of interests in these types of communities. Discussions like these are valuable learning and growing experiences for all. <div>
<br></div><div>Bev</div></div><div class="gmail_extra"><br><br><div class="gmail_quote">On Fri, Feb 7, 2014 at 1:41 PM, Jerry Hoff <span dir="ltr"><<a href="mailto:jerry@owasp.org" target="_blank">jerry@owasp.org</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="auto"><div>Get a room you two! :)<br><br>--<div>Jerry Hoff</div><div><a href="mailto:jerry@owasp.com" target="_blank">jerry@owasp.com</a></div>
<div>@jerryhoff</div></div><div><div class="h5"><div><br>On Feb 7, 2014, at 6:02 PM, Jim Manico <<a href="mailto:jim.manico@owasp.org" target="_blank">jim.manico@owasp.org</a>> wrote:<br><br></div><blockquote type="cite">
<div>
  
    
  
  
    I feel the love, Tom.<br>
    <br>
    *hugs*<br>
    <br>
    PS: Thanks for breaking all attendance and financial records for
    your work at AppSec NYC. ;)<br>
    <br>
    - Jim<br>
    <br>
    <div>On 2/7/14, 4:15 PM, Tom Brennan - OWASP
      wrote:<br>
    </div>
    <blockquote type="cite">
      
      <div>Ahh did not tie other lists to this post guess I need to
        change the folder and catch up on what's new in OWASP email land
        from Dennis G</div>
      <div><br>
      </div>
      <div>Re training IMHO your passion is highly motivational  and
        supported by hundreds who voted you to proactively provide
        guidance on nimble org.  Paid, unpaid free cbt or other is all
        goodness.  Hell we even talked about you coming out to NYC to be
        one of the (5) trainers to give paid training at NYC OWASP 2014
        the week of 2600/HOPE <a href="http://www.meetup.com/OWASP-NYC/" target="_blank">http://www.meetup.com/OWASP-NYC/</a>
        and we just spend tons if cycles on the RSA circus activities.. </div>
      <div><br>
      </div>
      <div>Leading from the front will always draw it's critics and you
        do so with a passion and hawaiian style +1</div>
      <div><br>
      </div>
      <div>Finally what you did here was awesome <a href="http://youtu.be/_ANdXIuhbzQ" target="_blank">http://youtu.be/_ANdXIuhbzQ</a></div>
      <div><br>
      </div>
      <div>Not sure I actually answered your question or what question
        you were initially posted, "proactively" and that was my simple
        point... *hug*</div>
      <div><br>
      </div>
      <div>Enjoy the trip catch up with you on the 24th - I'm out.</div>
      <div><br>
      </div>
      <div>--
        <div>
          <div style="font-family:UICTFontTextStyleBody">Sent from my mobile
            autocorrect typos included call <a href="tel:9732020122" value="+19732020122" target="_blank">9732020122</a> to discuss</div>
        </div>
      </div>
      <div><br>
      </div>
      <div><br>
        On Feb 7, 2014, at 9:41 AM, Jim Manico <<a href="mailto:jim.manico@owasp.org" target="_blank">jim.manico@owasp.org</a>>
        wrote:<br>
        <br>
      </div>
      <blockquote type="cite">
        <div>
          
          <div>I'm being ethically proactive Tom. My commercial
            activities are getting more related to OWASP and  I am just
            requesting a health check.</div>
          <div><br>
          </div>
          <div>I recently received a barrage of email from Dennis Groves
            about his disapproval on my stance on free training, and
            while they were disturbing, it did make me stop and think
            (and ask the gov list).  ;-)</div>
          <div><br>
          </div>
          <div>Tom, you as well have called out my free training efforts
            and other OWASP efforts as self serving (including this
            email) and have called me on my ethics, so you're happy I'm
            asking the list about this topic in some way right? :)</div>
          <div><br>
          </div>
          <div>Hello from rain-soaked Europe where I'm (REDACTED) and
            (REDACTED). Hope to see you at (REDACTED)!</div>
          <div><br>
          </div>
          <div>Aloha,</div>
          <div>
            <div>--</div>
            <div>Jim Manico</div>
            <div>@Manicode</div>
            <div>
              <a href="tel:%28808%29%20652-3805" value="+18086523805" target="_blank">(808) 652-3805</a></div>
          </div>
          <div><br>
            On Feb 7, 2014, at 3:24 PM, Tom Brennan - OWASP <<a href="mailto:tomb@owasp.org" target="_blank">tomb@owasp.org</a>>
            wrote:<br>
            <br>
          </div>
          <blockquote type="cite">
            <div>
              
              <div>
                Just asking for what is the problem you are seeking
                advice on the governance list of the association? </div>
              <div><br>
              </div>
              <div>Has there been a complaint? Is there a issue that
                needs to be managed by a existing policy for such or is
                there a recommendation to create a more? Is it a
                question to a public archive to resolve done identified
                issue?</div>
              <div><br>
              </div>
              <div>I know I'm not the sharpest tool in the shed.. Just
                confused and hence the email asking for clarity. </div>
              <div><br>
              </div>
              <div>Btw I'm jealous that Yiannis is enjoying Casa Manico
                while I dig out of 11inches of snow </div>
              <div><br>
              </div>
              <div><br>
              </div>
              <div><br>
              </div>
              <div><br>
                <br>
                --
                <div>
                  <div style="font-family:UICTFontTextStyleBody">Sent
                    from my mobile autocorrect typos included call
                    <a href="tel:9732020122" value="+19732020122" target="_blank">9732020122</a> to discuss</div>
                </div>
              </div>
              <div><br>
                On Feb 7, 2014, at 9:08 AM, Jim Manico <<a href="mailto:jim.manico@owasp.org" target="_blank">jim.manico@owasp.org</a>>
                wrote:<br>
                <br>
              </div>
              <blockquote type="cite">
                <div>
                  
                  <div>Ad, Tom?</div>
                  <div><br>
                  </div>
                  <div>This is a small list of folks I mostly know well
                    who are especially interested in these issues. </div>
                  <div><br>
                  </div>
                  <div>So your answer is that my question itself on-list
                    is unethical?<br>
                    <br>
                    <div>--</div>
                    <div>Jim Manico</div>
                    <div>@Manicode</div>
                    <div><a href="tel:%28808%29%20652-3805" value="+18086523805" target="_blank">(808) 652-3805</a></div>
                  </div>
                  <div><br>
                    On Feb 7, 2014, at 2:58 PM, Tom Brennan - OWASP <<a href="mailto:tomb@owasp.org" target="_blank">tomb@owasp.org</a>>
                    wrote:<br>
                    <br>
                  </div>
                  <blockquote type="cite">
                    <div>
                      
                      <div>On the choochoo this morning to NYC to give
                        some training myself.. thought I would catch up
                        on some emails @owasp bucket.</div>
                      <div><br>
                      </div>
                      <div>In response to yours, members of the board
                        have jobs that pay bills that somehow are
                        involved in software industry that would likely
                        be true of everyone in the association
                        membership.</div>
                      <div><br>
                      </div>
                      <div>Even a few of them have books, papers,
                        projects, talks and involved in testimony to
                        congress or pet alligators etc...  So what's
                        your question? </div>
                      <div><br>
                      </div>
                      <div>As per the conflict of interest policy you
                        agreed to and signed if your in conflict with it
                        or can not meet the bylaw duties as written
                        everyone is free to step down or step up to meet
                        them or lobby to change them or abstain when
                        needed.</div>
                      <div><br>
                      </div>
                      <div>Perhaps I am confused but your email to this
                        governance list is asking for help on what
                        exactly -- or simply raising visibility via your
                        "ad" that your offering training and writing a
                        book? What is the defined problem? Is there a
                        complaint that requires "governance" as
                        defined: <a href="http://en.m.wikipedia.org/wiki/Governance" target="_blank">http://en.m.wikipedia.org/wiki/Governance</a></div>
                      <div><br>
                      </div>
                      <div>Your loved man just not clear what your
                        asking to provide suggestions... New business
                        for the upcoming board meeting perhaps to
                        clarify or discuss face to face on the 24th?</div>
                      <div><br>
                      </div>
                      <div>--
                        <div>
                          <div style="font-family:UICTFontTextStyleBody">Sent
                            from my mobile autocorrect typos included
                            call <a href="tel:9732020122" value="+19732020122" target="_blank">9732020122</a> to discuss</div>
                        </div>
                      </div>
                      <div><br>
                        On Feb 7, 2014, at 5:06 AM, Jim Manico <<a href="mailto:jim.manico@owasp.org" target="_blank">jim.manico@owasp.org</a>>
                        wrote:<br>
                        <br>
                      </div>
                      <blockquote type="cite">
                        <div><span>Folks,</span><br>
                          <span></span><br>
                          <span>I work as a freelancer now and make a
                            living delivering onsite</span><br>
                          <span>security training. I'm also working on a
                            book. These are both things</span><br>
                          <span>that OWASP monetizes as well.</span><br>
                          <span></span><br>
                          <span>I feel like my efforts at OWASP as a
                            board member and volunteer are in</span><br>
                          <span>conflict with my professional work. It's
                            a pretty clear conflict of</span><br>
                          <span>interest. Would you care to provide
                            guidance or suggestions over this</span><br>
                          <span>matter? I try to take the ethical path
                            but I'd like to check in with</span><br>
                          <span>governance.</span><br>
                          <span></span><br>
                          <span>Thank you,</span><br>
                          <span>--</span><br>
                          <span>Jim Manico</span><br>
                          <span>@Manicode</span><br>
                          <span><a href="tel:%28808%29%20652-3805" value="+18086523805" target="_blank">(808) 652-3805</a></span><br>
                          <span>_______________________________________________</span><br>
                          <span>Governance mailing list</span><br>
                          <span><a href="mailto:Governance@lists.owasp.org" target="_blank">Governance@lists.owasp.org</a></span><br>
                          <span><a href="https://lists.owasp.org/mailman/listinfo/governance" target="_blank">https://lists.owasp.org/mailman/listinfo/governance</a></span><br>
                        </div>
                      </blockquote>
                    </div>
                  </blockquote>
                </div>
              </blockquote>
            </div>
          </blockquote>
        </div>
      </blockquote>
    </blockquote>
    <br>
  

</div></blockquote><blockquote type="cite"><div><span>_______________________________________________</span><br><span>Governance mailing list</span><br><span><a href="mailto:Governance@lists.owasp.org" target="_blank">Governance@lists.owasp.org</a></span><br>
<span><a href="https://lists.owasp.org/mailman/listinfo/governance" target="_blank">https://lists.owasp.org/mailman/listinfo/governance</a></span><br></div></blockquote></div></div></div><br>_______________________________________________<br>

Governance mailing list<br>
<a href="mailto:Governance@lists.owasp.org">Governance@lists.owasp.org</a><br>
<a href="https://lists.owasp.org/mailman/listinfo/governance" target="_blank">https://lists.owasp.org/mailman/listinfo/governance</a><br>
<br></blockquote></div><br></div>